I Want to install Kubernetes using Kubespray
TASK [download : container_download | Download containers if pull is required or told to always pull (all nodes)] **********************************************************
Tuesday 03 July 2018 14:30:59 +0600 (0:00:00.042) 0:00:59.584 **********
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (4 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (4 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (3 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (3 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (2 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (2 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (1 retries left).
FAILED - RETRYING: container_download | Download containers if pull is required or told to always pull (all nodes) (1 retries left).
fatal: [kz-k8snd02]: FAILED! => {"attempts": 4, "changed": true, "cmd": ["/usr/bin/docker", "pull", "gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.10"], "delta": "0:00:32.324328", "end": "2018-07-03 14:34:03.278500", "msg": "non-zero return code", "rc": 1, "start": "2018-07-03 14:33:30.954172", "stderr": "error pulling image configuration: Get https://storage.googleapis.com/artifacts.google-containers.appspot.com/containers/images/sha256:8a7739f672b49db46e3a8d5cdf54df757b7559a00db9de210b4af1aa3397020f: dial tcp 74.125.205.128:443: i/o timeout", "stderr_lines": ["error pulling image configuration: Get https://storage.googleapis.com/artifacts.google-containers.appspot.com/containers/images/sha256:8a7739f672b49db46e3a8d5cdf54df757b7559a00db9de210b4af1aa3397020f: dial tcp 74.125.205.128:443: i/o timeout"], "stdout": "1.14.10: Pulling from google_containers/k8s-dns-sidecar-amd64\nff3a5c916c92: Already exists\n0bdda6b26fc8: Pulling fs layer", "stdout_lines": ["1.14.10: Pulling from google_containers/k8s-dns-sidecar-amd64", "ff3a5c916c92: Already exists", "0bdda6b26fc8: Pulling fs layer"]}
fatal: [kz-k8snd01]: FAILED! => {"attempts": 4, "changed": true, "cmd": ["/usr/bin/docker", "pull", "gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.10"], "delta": "0:00:32.528633", "end": "2018-07-03 14:34:11.672541", "msg": "non-zero return code", "rc": 1, "start": "2018-07-03 14:33:39.143908", "stderr": "error pulling image configuration: Get https://storage.googleapis.com/artifacts.google-containers.appspot.com/containers/images/sha256:8a7739f672b49db46e3a8d5cdf54df757b7559a00db9de210b4af1aa3397020f: dial tcp 74.125.205.128:443: i/o timeout", "stderr_lines": ["error pulling image configuration: Get https://storage.googleapis.com/artifacts.google-containers.appspot.com/containers/images/sha256:8a7739f672b49db46e3a8d5cdf54df757b7559a00db9de210b4af1aa3397020f: dial tcp 74.125.205.128:443: i/o timeout"], "stdout": "1.14.10: Pulling from google_containers/k8s-dns-sidecar-amd64\nff3a5c916c92: Already exists\n0bdda6b26fc8: Pulling fs layer", "stdout_lines": ["1.14.10: Pulling from google_containers/k8s-dns-sidecar-amd64", "ff3a5c916c92: Already exists", "0bdda6b26fc8: Pulling fs layer"]}
NO MORE HOSTS LEFT *********************************************************************************************************************************************************
to retry, use: --limit @/root/kubespray/cluster.retry
Kubespray version 2.5.0
How to solve a problem?
In your output, "dial tcp 74.125.205.128:443: i/o timeout", which means that you have a network problem connecting to this IP. Maybe you're in a private network that do not have Internet access or in some place that blocked the Google services(such as China).
Since the kubespray is an ansile project , there are two ways to solve this:
1. Download the images from other mirror sites
such as the Alibaba Cloud(largest cloud provider in China). Docker images are all here: https://dev.aliyun.com/search.html
The image url of google_containers/k8s-dns-sidecar-amd64:
https://dev.aliyun.com/detail.html?spm=5176.1972343.2.2.CvJhAO&repoId=44875
You can pull the image and retag it and then you can use it locally:
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-sidecar-amd64:1.14.10
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-sidecar-amd64:1.14.10 gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.10But there are so many images, and you may have many k8s nodes, that's a great Job!
So, will have another method.
2. Take advantages of ansible roles
All variables defined in roles CAN BE OVERWIRTEN.
find all image_repo of Google Cloud Registry in roles/download/defaults/main.yml:
grep "image_repo:" ./roles/download/defaults/main.yml | grep "gcr.io" then put them in a file vars.yaml or some other name, replace gcr.io with registry.cn-hangzhou.aliyuncs.com:
mkdir -p inventory/mycluster/group_vars/k8s-cluster
mv inventory/mycluster/group_vars/k8s-cluster.yml inventory/mycluster/group_vars/
cat > inventory/mycluster/group_vars/k8s-cluster/vars.yml << EOF
hyperkube_image_repo: "registry.cn-hangzhou.aliyuncs.com/google-containers/hyperkube"
pod_infra_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64"
kubedns_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-kube-dns-amd64"
dnsmasq_nanny_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-dnsmasq-nanny-amd64"
dnsmasq_sidecar_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-sidecar-amd64"
dnsmasqautoscaler_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/cluster-proportional-autoscaler-amd64"
kubednsautoscaler_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/cluster-proportional-autoscaler-amd64"
elasticsearch_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/elasticsearch"
fluentd_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/fluentd-elasticsearch"
kibana_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/kibana"
tiller_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubernetes-helm/tiller"
registry_proxy_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-registry-proxy"
ingress_nginx_default_backend_image_repo: "registry.cn-hangzhou.aliyuncs.com/google_containers/defaultbackend"
EOFFinally, run your playbook
ansible-playbook -i inventory/mycluster/hosts.ini cluster.ymlSimilarly, if you can not download images from Docker Hub, you should change the image url of Docker Hub and add them to the vars.yaml and rerun your playbook:
istio_statsd_image_repo: registry.docker-cn.com/prom/statsd-exporter
install_socat_image_repo: registry.docker-cn.com/"xueshanf/install-socat"
weave_kube_image_repo: registry.docker-cn.com/"weaveworks/weave-kube"
weave_npc_image_repo: registry.docker-cn.com/"weaveworks/weave-npc"
contiv_image_repo: registry.docker-cn.com/"contiv/netplugin"
contiv_auth_proxy_image_repo: registry.docker-cn.com/"contiv/auth_proxy"
nginx_image_repo: registry.docker-cn.com/nginx
dnsmasq_image_repo: registry.docker-cn.com/"andyshinn/dnsmasq"
test_image_repo: registry.docker-cn.com/busybox
helm_image_repo: registry.docker-cn.com/"lachlanevenson/k8s-helm"
vault_image_repo: registry.docker-cn.com/"vault"
registry_image_repo: registry.docker-cn.com/"registry"The above methods aren't the best way to donwload images in network blocked areas. The best way is to have a VPS and set a proxy using docker registry or neuxs 3.x, and make it proxy all image repo of https://gcr.io、https://quay.io and https://registry-1.docker.io.