I Want to install Kubernetes using Kubespray
TASK [download : container_download | Download containers if pull is required or told to always pull (all nodes)] **********************************************************
Tuesday 03 July 2018 14:30:59 +0600 (0:00:00.042) 0:00:59.584 **********
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (4 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (4 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (3 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (3 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (2 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (2 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (1 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (1 retries left).
fatal: [kz-k8snd02]: FAILED! => {"attempts": 4, "changed": true, "cmd": ["/usr/bin/docker", "pull", "gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.10"], "delta": "0:00:32.324328", "end": "2018-07-03 14:34:03.278500", "msg": "non-zero return code", "rc": 1, "start": "2018-07-03 14:33:30.954172", "stderr": "error pulling image configuration: Get https://storage.googleapis.com/artifacts.google-containers.appspot.com/containers/images/sha256:8a7739f672b49db46e3a8d5cdf54df757b7559a00db9de210b4af1aa3397020f: dial tcp 74.125.205.128:443: i/o timeout", "stderr_lines": ["error pulling image configuration: Get https://storage.googleapis.com/artifacts.google-containers.appspot.com/containers/images/sha256:8a7739f672b49db46e3a8d5cdf54df757b7559a00db9de210b4af1aa3397020f: dial tcp 74.125.205.128:443: i/o timeout"], "stdout": "1.14.10: Pulling from google_containers/k8s-dns-sidecar-amd64\nff3a5c916c92: Already exists\n0bdda6b26fc8: Pulling fs layer", "stdout_lines": ["1.14.10: Pulling from google_containers/k8s-dns-sidecar-amd64", "ff3a5c916c92: Already exists", "0bdda6b26fc8: Pulling fs layer"]}
fatal: [kz-k8snd01]: FAILED! => {"attempts": 4, "changed": true, "cmd": ["/usr/bin/docker", "pull", "gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.10"], "delta": "0:00:32.528633", "end": "2018-07-03 14:34:11.672541", "msg": "non-zero return code", "rc": 1, "start": "2018-07-03 14:33:39.143908", "stderr": "error pulling image configuration: Get https://storage.googleapis.com/artifacts.google-containers.appspot.com/containers/images/sha256:8a7739f672b49db46e3a8d5cdf54df757b7559a00db9de210b4af1aa3397020f: dial tcp 74.125.205.128:443: i/o timeout", "stderr_lines": ["error pulling image configuration: Get https://storage.googleapis.com/artifacts.google-containers.appspot.com/containers/images/sha256:8a7739f672b49db46e3a8d5cdf54df757b7559a00db9de210b4af1aa3397020f: dial tcp 74.125.205.128:443: i/o timeout"], "stdout": "1.14.10: Pulling from google_containers/k8s-dns-sidecar-amd64\nff3a5c916c92: Already exists\n0bdda6b26fc8: Pulling fs layer", "stdout_lines": ["1.14.10: Pulling from google_containers/k8s-dns-sidecar-amd64", "ff3a5c916c92: Already exists", "0bdda6b26fc8: Pulling fs layer"]}
NO MORE HOSTS LEFT *********************************************************************************************************************************************************
to retry, use: --limit @/root/kubespray/cluster.retry
Kubespray version 2.5.0
How to solve a problem?
In your output, "dial tcp 74.125.205.128:443: i/o timeout"
, which means that you have a network problem connecting to this IP. Maybe you're in a private network that do not have Internet access or in some place that blocked the Google services(such as China).
Since the kubespray is an ansile project , there are two ways to solve this:
1. Download the images from other mirror sites
such as the Alibaba Cloud
(largest cloud provider in China). Docker images are all here: https://dev.aliyun.com/search.html
The image url of google_containers/k8s-dns-sidecar-amd64
:
https://dev.aliyun.com/detail.html?spm=5176.1972343.2.2.CvJhAO&repoId=44875
You can pull the image and retag it and then you can use it locally:
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-sidecar-amd64:1.14.10
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-sidecar-amd64:1.14.10 gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.10
But there are so many images, and you may have many k8s nodes, that's a great Job!
So, will have another method.
2. Take advantages of ansible roles
All variables defined in roles CAN BE OVERWIRTEN.
find all image_repo
of Google Cloud Registry in roles/download/defaults/main.yml
:
grep "image_repo:" ./roles/download/defaults/main.yml | grep "gcr.io"
then put them in a file vars.yaml
or some other name, replace gcr.io
with registry.cn-hangzhou.aliyuncs.com
:
mkdir -p inventory/mycluster/group_vars/k8s-cluster
mv inventory/mycluster/group_vars/k8s-cluster.yml inventory/mycluster/group_vars/
cat > inventory/mycluster/group_vars/k8s-cluster/vars.yml << EOF
hyperkube_image_repo: "registry.cn-hangzhou.aliyuncs.com/google-containers/hyperkube"
pod_infra_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64"
kubedns_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-kube-dns-amd64"
dnsmasq_nanny_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-dnsmasq-nanny-amd64"
dnsmasq_sidecar_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-sidecar-amd64"
dnsmasqautoscaler_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/cluster-proportional-autoscaler-amd64"
kubednsautoscaler_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/cluster-proportional-autoscaler-amd64"
elasticsearch_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/elasticsearch"
fluentd_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/fluentd-elasticsearch"
kibana_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/kibana"
tiller_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubernetes-helm/tiller"
registry_proxy_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-registry-proxy"
ingress_nginx_default_backend_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/defaultbackend"
EOF
Finally, run your playbook
ansible-playbook -i inventory/mycluster/hosts.ini cluster.yml
Similarly, if you can not download images from Docker Hub, you should change the image url of Docker Hub and add them to the vars.yaml
and rerun your playbook:
istio_statsd_image_repo: registry.docker-cn.com/prom/statsd-exporter
install_socat_image_repo: registry.docker-cn.com/"xueshanf/install-socat"
weave_kube_image_repo: registry.docker-cn.com/"weaveworks/weave-kube"
weave_npc_image_repo: registry.docker-cn.com/"weaveworks/weave-npc"
contiv_image_repo: registry.docker-cn.com/"contiv/netplugin"
contiv_auth_proxy_image_repo: registry.docker-cn.com/"contiv/auth_proxy"
nginx_image_repo: registry.docker-cn.com/nginx
dnsmasq_image_repo: registry.docker-cn.com/"andyshinn/dnsmasq"
test_image_repo: registry.docker-cn.com/busybox
helm_image_repo: registry.docker-cn.com/"lachlanevenson/k8s-helm"
vault_image_repo: registry.docker-cn.com/"vault"
registry_image_repo: registry.docker-cn.com/"registry"
The above methods aren't the best way to donwload images in network blocked areas. The best way is to have a VPS and set a proxy using docker registry
or neuxs 3.x
, and make it proxy all image repo of https://gcr.io
、https://quay.io
and https://registry-1.docker.io
.