feat(autok3s): support containerd private registry file

Signed-off-by: Jason-ZW <zhenyang@rancher.com>
cnrancher · Dec 18, 2020 · c44727c · c44727c
1 parent 59124bb
commit c44727c
Show file tree

Hide file tree

Showing 958 changed files with 389,948 additions and 383 deletions.
diff --git a/README.md b/README.md
@@ -15,6 +15,7 @@ It can help users quickly complete the personalized configuration of the k3s clu
 - Automatically generate `kubeconfig` file for the cluster which you created
 - Integrate `kubectl` to provide access to the cluster
 - Bootstrap a HA Kubernetes with k3s cluster
+- Support `containerd` private registry with `--registry` flag
 - Provide additional option to enable Kubernetes Cloud-Controller-Manager with `--cloud-controller-manager`
 - Provide additional option to enable Kubernetes Dashboard UI with `--ui`
 - Provide additional option to enable cloud platform's CNI plugin, e.g `--terway 'eni'`

diff --git a/docs/i18n/en_us/alibaba/README.md b/docs/i18n/en_us/alibaba/README.md
@@ -223,7 +223,37 @@ autok3s ssh --provider alibaba --name myk3s
 ```
 
 ## Advanced Usage
-Autok3s integration some advanced components related to the current provider, e.g. terway/ccm/ui.
+We integrate some advanced components related to the current provider, e.g. terway/ccm/ui.
+
+### Setup Private Registry
+Below are examples showing how you may configure `/etc/autok3s/registries.yaml` on your current node when using TLS, and make it take effect on k3s cluster by `autok3s`.
+
+```bash
+mirrors:
+  docker.io:
+    endpoint:
+      - "https://mycustomreg.com:5000"
+configs:
+  "mycustomreg:5000":
+    auth:
+      username: xxxxxx # this is the registry username
+      password: xxxxxx # this is the registry password
+    tls:
+      cert_file: # path to the cert file used in the registry
+      key_file:  # path to the key file used in the registry
+      ca_file:   # path to the ca file used in the registry
+```
+
+When running `autok3s create` or `autok3s join` command, take effect with the`--registry /etc/autok3s/registries.yaml` flag, e.g:
+
+```bash
+autok3s -d create \
+    --provider alibaba \
+    --name myk3s \
+    --master 1 \
+    --worker 1 \
+    --registry /etc/autok3s/registries.yaml
+```
 
 ### Enable Alibaba Terway CNI Plugin
 The instance's type determines the number of EIPs that a K3S cluster can assign to a cluster POD, more detail see [here](https://www.alibabacloud.com/help/zh/doc-detail/97467.htm).

diff --git a/docs/i18n/en_us/native/README.md b/docs/i18n/en_us/native/README.md
@@ -122,7 +122,38 @@ Login to specified k3s cluster node via ssh, e.g myk3s.
 autok3s ssh --provider native --name myk3s
 ```
 ## Advanced Usage
-Autok3s integration some advanced components related to the current provider, e.g. ui.
+We integrate some advanced components related to the current provider, e.g. ui.
+
+### Setup Private Registry
+Below are examples showing how you may configure `/etc/autok3s/registries.yaml` on your current node when using TLS, and make it take effect on k3s cluster by `autok3s`.
+
+```bash
+mirrors:
+  docker.io:
+    endpoint:
+      - "https://mycustomreg.com:5000"
+configs:
+  "mycustomreg:5000":
+    auth:
+      username: xxxxxx # this is the registry username
+      password: xxxxxx # this is the registry password
+    tls:
+      cert_file: # path to the cert file used in the registry
+      key_file:  # path to the key file used in the registry
+      ca_file:   # path to the ca file used in the registry
+```
+
+When running `autok3s create` or `autok3s join` command, take effect with the`--registry /etc/autok3s/registries.yaml` flag, e.g:
+
+```bash
+autok3s -d create \
+    --provider native \
+    --name myk3s \
+    --ssh-key-path <ssh-key-path> \
+    --master-ips <master0-ip> \
+    --worker-ips <worker0-ip,worker1-ip> \
+    --registry /etc/autok3s/registries.yaml
+```
 
 ### Enable UI Component
 This flags will enable [kubernetes/dashboard](https://github.com/kubernetes/dashboard) UI component.

diff --git a/docs/i18n/en_us/tencent/README.md b/docs/i18n/en_us/tencent/README.md
@@ -178,7 +178,32 @@ autok3s ssh --provider tencent --name myk3s
 ```
 
 ## Advanced Usage
-Autok3s integration some advanced components related to the current provider, e.g. ccm/ui.
+We integrate some advanced components related to the current provider, e.g. ccm/ui.
+
+### Setup Private Registry
+Below are examples showing how you may configure `/etc/autok3s/registries.yaml` on your current node when using TLS, and make it take effect on k3s cluster by `autok3s`.
+
+```bash
+mirrors:
+  docker.io:
+    endpoint:
+      - "https://mycustomreg.com:5000"
+configs:
+  "mycustomreg:5000":
+    auth:
+      username: xxxxxx # this is the registry username
+      password: xxxxxx # this is the registry password
+    tls:
+      cert_file: # path to the cert file used in the registry
+      key_file:  # path to the key file used in the registry
+      ca_file:   # path to the ca file used in the registry
+```
+
+When running `autok3s create` or `autok3s join` command, take effect with the`--registry /etc/autok3s/registries.yaml` flag, e.g:
+
+```bash
+autok3s -d create -p tencent --name myk3s --master 3 --registry /etc/autok3s/registries.yaml
+```
 
 ### Enable Tencent Cloud Controller Manager
 You should create cluster route table if enabled CCM, and set `--router` with you router table name.

diff --git a/docs/i18n/zh_cn/README.md b/docs/i18n/zh_cn/README.md
@@ -14,6 +14,7 @@
 - 自动为创建的 Kubernetes (k3s) 集群生成可供访问的 `kubeconfig` 文件
 - 集成 `kubectl` 以提供访问集群的能力
 - 支持创建 Kubernetes k3s HA 集群
+- 使用`--registry`以支持配置`containerd`私有镜像仓库
 - 集成扩展参数 `--cloud-controller-manager` 以开启 Kubernetes Cloud-Controller-Manager 组件
 - 集成扩展参数 `--ui` 以开启 Kubernetes Dashboard UI 组件
 - 集成扩展参数 `例如 --terway 'eni'` 以开启公有云 CNI 网络插件

diff --git a/docs/i18n/zh_cn/alibaba/README.md b/docs/i18n/zh_cn/alibaba/README.md
@@ -222,7 +222,37 @@ autok3s ssh --provider alibaba --name myk3s
 ```
 
 ## 进阶使用
-Autok3s集成了一些与当前provider有关的高级组件，例如 terway、ccm、ui。
+我们集成了一些与当前provider有关的高级组件，例如 terway、ccm、ui。
+
+### Setup Private Registry
+下面是将本地的`/etc/autok3s/registries.yaml`启用TLS的`registry`配置文件，应用到通过`autok3s`命令应创建的k3s集群中。
+
+```bash
+mirrors:
+  docker.io:
+    endpoint:
+      - "https://mycustomreg.com:5000"
+configs:
+  "mycustomreg:5000":
+    auth:
+      username: xxxxxx # this is the registry username
+      password: xxxxxx # this is the registry password
+    tls:
+      cert_file: # path to the cert file used in the registry
+      key_file:  # path to the key file used in the registry
+      ca_file:   # path to the ca file used in the registry
+```
+
+在运行`autok3s create`或`autok3s join`时，通过传递`--registry /etc/autok3s/registries.yaml`参数使其生效，例如：
+
+```bash
+autok3s -d create \
+    --provider alibaba \
+    --name myk3s \
+    --master 1 \
+    --worker 1 \
+    --registry /etc/autok3s/registries.yaml
+```
 
 ### 启用阿里云Terway CNI插件
 实例的类型决定了K3S集群可以分配给集群POD的EIP数量，更多详细信息请参见[这里](https://www.alibabacloud.com/help/zh/doc-detail/97467.htm)。

diff --git a/docs/i18n/zh_cn/native/README.md b/docs/i18n/zh_cn/native/README.md
@@ -123,7 +123,38 @@ SSH连接到集群中的某个主机，这里选择的集群为myk3s。
 autok3s ssh --provider native --name myk3s
 ```
 ## 进阶使用
-Autok3s集成了一些与当前provider有关的高级组件，例如 ccm、ui。
+我们集成了一些与当前provider有关的高级组件，例如 ccm、ui。
+
+### Setup Private Registry
+下面是将本地的`/etc/autok3s/registries.yaml`启用TLS的`registry`配置文件，应用到通过`autok3s`命令应创建的k3s集群中。
+
+```bash
+mirrors:
+  docker.io:
+    endpoint:
+      - "https://mycustomreg.com:5000"
+configs:
+  "mycustomreg:5000":
+    auth:
+      username: xxxxxx # this is the registry username
+      password: xxxxxx # this is the registry password
+    tls:
+      cert_file: # path to the cert file used in the registry
+      key_file:  # path to the key file used in the registry
+      ca_file:   # path to the ca file used in the registry
+```
+
+在运行`autok3s create`或`autok3s join`时，通过传递`--registry /etc/autok3s/registries.yaml`参数使其生效，例如：
+
+```bash
+autok3s -d create \
+    --provider native \
+    --name myk3s \
+    --ssh-key-path <ssh-key-path> \
+    --master-ips <master0-ip> \
+    --worker-ips <worker0-ip,worker1-ip> \
+    --registry /etc/autok3s/registries.yaml
+```
 
 ### 启用UI组件
 该参数会启用 [kubernetes/dashboard](https://github.com/kubernetes/dashboard) 图形界面。

diff --git a/docs/i18n/zh_cn/tencent/README.md b/docs/i18n/zh_cn/tencent/README.md
@@ -177,7 +177,32 @@ autok3s ssh --provider tencent --name myk3s
 ```
 
 ## 进阶使用
-Autok3s集成了一些与当前provider有关的高级组件，例如 ccm、ui。
+我们集成了一些与当前provider有关的高级组件，例如 ccm、ui。
+
+### Setup Private Registry
+下面是将本地的`/etc/autok3s/registries.yaml`启用TLS的`registry`配置文件，应用到通过`autok3s`命令应创建的k3s集群中。
+
+```bash
+mirrors:
+  docker.io:
+    endpoint:
+      - "https://mycustomreg.com:5000"
+configs:
+  "mycustomreg:5000":
+    auth:
+      username: xxxxxx # this is the registry username
+      password: xxxxxx # this is the registry password
+    tls:
+      cert_file: # path to the cert file used in the registry
+      key_file:  # path to the key file used in the registry
+      ca_file:   # path to the ca file used in the registry
+```
+
+在运行`autok3s create`或`autok3s join`时，通过传递`--registry /etc/autok3s/registries.yaml`参数使其生效，例如：
+
+```bash
+autok3s -d create -p tencent --name myk3s --master 3 --registry /etc/autok3s/registries.yaml
+```
 
 ### 启用腾讯云CCM(Cloud Controller Manager)
 

diff --git a/go.mod b/go.mod
@@ -3,6 +3,7 @@ module github.com/cnrancher/autok3s
 go 1.13
 
 replace (
+	github.com/kubernetes-sigs/cri-tools => github.com/k3s-io/cri-tools v1.19.0-k3s1
 	k8s.io/api => github.com/rancher/kubernetes/staging/src/k8s.io/api v1.19.4-k3s1
 	k8s.io/apiextensions-apiserver => github.com/rancher/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.19.4-k3s1
 	k8s.io/apimachinery => github.com/rancher/kubernetes/staging/src/k8s.io/apimachinery v1.19.4-k3s1
@@ -33,24 +34,32 @@ replace (
 require (
 	github.com/alexellis/go-execute v0.0.0-20200124154445-8697e4e28c5e
 	github.com/aliyun/alibaba-cloud-sdk-go v1.61.381
+	github.com/benmoss/go-powershell v0.0.0-20190925205200-09527df358ca // indirect
 	github.com/briandowns/spinner v1.11.1
-	github.com/docker/docker v1.4.2-0.20200309214505-aa6a9891b09c
+	github.com/docker/docker v17.12.0-ce-rc1.0.20200821074627-7ae5222c72cc+incompatible
+	github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect
 	github.com/ghodss/yaml v1.0.0
+	github.com/gogo/googleapis v1.4.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.0 // indirect
+	github.com/juju/errors v0.0.0-20200330140219-3fe23663418f // indirect
 	github.com/morikuni/aec v1.0.0
 	github.com/olekukonko/tablewriter v0.0.4
 	github.com/onsi/ginkgo v1.14.0
 	github.com/onsi/gomega v1.10.1
+	github.com/rakelkar/gonetsh v0.0.0-20190930180311-e5c5ffe4bdf0 // indirect
+	github.com/rancher/k3s v1.19.5-0.20201117235738-2532c10faad4
 	github.com/sirupsen/logrus v1.6.0
 	github.com/spf13/cobra v1.0.0
 	github.com/spf13/pflag v1.0.5
 	github.com/spf13/viper v1.4.0
 	github.com/tencentcloud/tencentcloud-sdk-go v1.0.34
 	golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
 	golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e
-	k8s.io/apimachinery v0.0.0
+	gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776
+	k8s.io/apimachinery v0.19.0
 	k8s.io/cli-runtime v0.0.0
-	k8s.io/client-go v0.0.0
-	k8s.io/component-base v0.0.0
+	k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible
+	k8s.io/component-base v0.19.0
 	k8s.io/kubectl v0.0.0
-	k8s.io/kubernetes v0.0.0-00010101000000-000000000000
+	k8s.io/kubernetes v1.19.4
 )