快速入门:使用 PowerShell 设置 Azure Stack HCI 上的 Azure Kubernetes 服务主机Quickstart: Set up an Azure Kubernetes Service host on Azure Stack HCI using PowerShell

适用于: Azure Stack HCI、Windows Server 2019 DatacenterApplies to: Azure Stack HCI, Windows Server 2019 Datacenter

在本快速入门中,你将了解如何使用 PowerShell 设置 Azure Kubernetes 服务主机。In this quickstart, you'll learn how to set up an Azure Kubernetes Service host using PowerShell. 若要改为使用 Windows Admin Center,请参阅使用 Windows Admin Center 进行设置To instead use Windows Admin Center, see Set up with Windows Admin Center.

准备阶段Before you begin

请确保具有以下各项之一:Make sure you have one of the following:

  • 2-4 节点 Azure Stack HCI 群集2-4 node Azure Stack HCI cluster
  • Windows Server 2019 Datacenter 故障转移群集Windows Server 2019 Datacenter failover cluster
  • 单节点 Windows Server 2019 DatacenterSingle node Windows Server 2019 Datacenter

在开始之前,请确保已满足系统要求页上的所有先决条件。Before getting started, make sure you have satisfied all the prerequisites on the system requirements page. 建议使用 2-4 节点的 Azure Stack HCI 群集。We recommend having a 2-4 node Azure Stack HCI cluster. 如果没有上述任何一种,请按照 AZURE STACK HCI 注册页上的说明进行操作。If you don't have any of the above, follow instructions on the Azure Stack HCI registration page.

重要

删除 Azure Stack HCI 上的 Azure Kubernetes 服务时,请参阅 在 AZURE STACK hci 上删除 Azure Kubernetes 服务 ,并仔细按照说明进行操作。When removing Azure Kubernetes Service on Azure Stack HCI, see Remove Azure Kubernetes Service on Azure Stack HCI and carefully follow the instructions.

步骤 1:下载并安装 AksHci PowerShell 模块Step 1: Download and install the AksHci PowerShell module

请从 Azure Stack HCI 上的 Azure Kubernetes 服务注册页下载 AKS-HCI-Public-Preview-Dec-2020Download the AKS-HCI-Public-Preview-Dec-2020 from the Azure Kubernetes Service on Azure Stack HCI registration page. zip 文件 AksHci.Powershell.zip 包含 PowerShell 模块。The zip file AksHci.Powershell.zip contains the PowerShell module.

如果以前使用 PowerShell 或 Windows 管理中心 Azure Stack HCI 上安装了 Azure Kubernetes 服务,则新的 PowerShell 模块有两个安装流程:If you have previously installed Azure Kubernetes Service on Azure Stack HCI using PowerShell or Windows Admin Center, there are two installation flows for the new PowerShell module:

  • 执行 PowerShell 模块的干净安装,以便从干净系统开始,并删除以前部署的工作负荷。Perform a clean installation of the PowerShell module, so you start with a clean system and your previously deployed workloads are removed. 若要执行全新安装,请执行步骤1.1。To perform a clean installation, go to Step 1.1.
  • 如果要使系统和工作负荷保持正确,请升级 PowerShell 模块。Upgrade the PowerShell module if you want to keep your system and workloads in place. 若要升级 PowerShell 模块,请跳到步骤1.2。To upgrade the PowerShell module, go to Step 1.2.

步骤1.1:清理安装 AksHci PowerShell 模块Step 1.1: Clean install of the AksHci PowerShell module

在继续操作之前,请运行以下命令。Run the following command before proceeding.

Uninstall-AksHci

关闭 PowerShell 窗口。Close all PowerShell windows. 删除位于路径中的 AksHci、AksHci、MOC 和 MSK8sDownloadAgent 的任何现有目录 %systemdrive%\program files\windowspowershell\modulesDelete any existing directories for AksHci, AksHci.UI, MOC, and MSK8sDownloadAgent located in the path %systemdrive%\program files\windowspowershell\modules. 删除现有目录后,可以提取新的 zip 文件的内容。Once the existing directories are deleted, you can extract the contents of the new zip file. 请确保在正确的位置 (%systemdrive%\program files\windowspowershell\modules) 提取 zip 文件。Make sure to extract the zip file in the correct location (%systemdrive%\program files\windowspowershell\modules). 然后,运行以下命令。Then, run the following commands.

Import-Module AksHci

再次关闭所有 PowerShell 窗口,然后重新打开管理会话,并继续执行步骤 1.3-验证升级的 PowerShell 模块。Close all PowerShell windows again and reopen an administrative session and proceed to Step 1.3 - Validate upgraded PowerShell module.

步骤1.2:升级 AksHci PowerShell 模块Step 1.2: Upgrade the AksHci PowerShell module

关闭 PowerShell 窗口。Close all PowerShell windows. 删除位于路径中的 AksHci、AksHci、MOC 和 MSK8sDownloadAgent 的任何现有目录 %systemdrive%\program files\windowspowershell\modulesDelete any existing directories for AksHci, AksHci.UI, MOC, and MSK8sDownloadAgent located in the path %systemdrive%\program files\windowspowershell\modules. 删除这些目录后,可以提取新 zip 文件的内容。Once these directories are removed, you can extract the contents of the new zip file. 请确保在正确的位置 (%systemdrive%\program files\windowspowershell\modules) 提取 zip 文件。Make sure to extract the zip file in the correct location (%systemdrive%\program files\windowspowershell\modules). 然后,运行以下命令。Then, run the following commands.

Import-Module AksHci

运行上述命令后,请关闭所有 PowerShell 窗口,然后重新打开管理会话以验证 PowerShell 模块升级,如下所述,然后运行该 Update-AksHci 命令,如本文档后面所述。After running the above commands, close all PowerShell windows and reopen an administrative session to validate PowerShell module upgrade as detailed below and then run the Update-AksHci command as instructed later in the document.

步骤1.3:验证升级的 PowerShell 模块Step 1.3: Validate upgraded PowerShell module

关闭所有 powershell 窗口 ,然后重新打开新的管理会话,以检查是否安装了最新版本的 powershell 模块。Close all PowerShell windows and reopen a new administrative session to check if you have the latest version of the PowerShell module.

Get-Command -Module AksHci

输出:Output:

CommandType     Name                                               Version    Source
-----------     ----                                               -------    ------
Alias           Initialize-AksHciNode                              0.2.12     AksHci
Function        Get-AksHciCluster                                  0.2.12     AksHci
Function        Get-AksHciConfig                                   0.2.12     AksHci
Function        Get-AksHciCredential                               0.2.12     AksHci
Function        Get-AksHciKubernetesVersion                        0.2.12     AksHci
Function        Get-AksHciLogs                                     0.2.12     AksHci
Function        Get-AksHciUpdates                                  0.2.12     AksHci
Function        Get-AksHciVersion                                  0.2.12     AksHci
Function        Get-AksHciVmSize                                   0.2.12     AksHci
Function        Install-AksHci                                     0.2.12     AksHci
Function        Install-AksHciAdAuth                               0.2.12     AksHci
Function        Install-AksHciArcOnboarding                        0.2.12     AksHci
Function        New-AksHciCluster                                  0.2.12     AksHci
Function        Remove-AksHciCluster                               0.2.12     AksHci
Function        Restart-AksHci                                     0.2.12     AksHci
Function        Set-AksHciClusterNodeCount                         0.2.12     AksHci
Function        Set-AksHciConfig                                   0.2.12     AksHci
Function        Uninstall-AksHci                                   0.2.12     AksHci
Function        Uninstall-AksHciAdAuth                             0.2.12     AksHci
Function        Uninstall-AksHciArcOnboarding                      0.2.12     AksHci
Function        Update-AksHci                                      0.2.12     AksHci
Function        Update-AksHciCluster                               0.2.12     AksHci

步骤 2:准备要部署的计算机Step 2: Prepare your machine(s) for deployment

在每个物理节点上运行检查,以查看所有要求是否都已得到满足,以便安装 Azure Stack HCI 上的 Azure Kubernetes 服务。Run checks on every physical node to see if all the requirements are satisfied to install Azure Kubernetes Service on Azure Stack HCI.

以管理员身份打开 PowerShell 并运行以下命令。Open PowerShell as an administrator and run the following command.

Initialize-AksHciNode

检查完以后,你会看到以绿色文本显示的“已完成”。When the checks are finished, you'll see "Done" displayed in green text.

步骤 3:配置部署Step 3: Configure your deployment

设置 Azure Kubernetes 服务主机的配置设置。Set the configuration settings for the Azure Kubernetes Service host. 如果要在2-4 节点 Azure Stack HCI 群集或 Windows Server 2019 Datacenter 故障转移群集,则必须指定 imageDircloudConfigLocation 参数。If you're deploying on a 2-4 node Azure Stack HCI cluster or a Windows Server 2019 Datacenter failover cluster, you must specify the imageDir and cloudConfigLocation parameters. 对于单节点 Windows Server 2019 Datacenter,所有参数都是可选的,并设置为其默认值。For a single node Windows Server 2019 Datacenter, all parameters are optional and set to their default values. 但是,为了获得最佳性能,建议使用 2-4 节点的 Azure Stack HCI 群集部署。However, for optimal performance, we recommend using a 2-4 node Azure Stack HCI cluster deployment.

使用以下命令配置部署。Configure your deployment with the following command.

Set-AksHciConfig [-imageDir <String>]
                 [-cloudConfigLocation <String>]
                 [-nodeConfigLocation <String>]
                 [-vnetName <String>]
                 [-controlPlaneVmSize <VmSize>]
                 [-loadBalancerVmSize <VmSize>]
                 [-sshPublicKey <String>]
                 [-vipPoolStartIp <String>]
                 [-vipPoolEndIp <String>]
                 [-macPoolStart <String>]
                 [-macPoolEnd <String>]
                 [-vlanID <int>]
                 [-kvaLoadBalancerType {unstacked_haproxy, stacked_kube_vip}]
                 [-kvaControlPlaneEndpoint <String>]
                 [-proxyServerHTTP <String>]
                 [-proxyServerHTTPS <String>]
                 [-proxyServerNoProxy <String>]
                 [-proxyServerCredential <PSCredential>]
                 [-cloudServiceCidr <String>]
                 [-workingDir <String>]
                 [-version <String>]
                 [-vnetType <String>]
                 [-nodeAgentPort <int>]
                 [-nodeAgentAuthorizerPort <int>]
                 [-clusterRoleName <String>]
                 [-cloudLocation <String>]
                 [-skipHostLimitChecks]
                 [-insecure]
                 [-skipUpdates]
                 [-forceDnsReplication]

示例Example

若要在具有 DHCP 网络的2-4 节点群集上进行部署:To deploy on a 2-4 node cluster with DHCP networking:

Set-AksHciConfig -imageDir c:\clusterstorage\volume1\Images -cloudConfigLocation c:\clusterstorage\volume1\Config

使用虚拟 IP 池进行部署:To deploy with a virtual IP pool:

Set-AksHciConfig -imageDir c:\clusterstorage\volume1\Images -cloudConfigLocation c:\clusterstorage\volume1\Config -vipPoolStartIp 10.0.0.20 -vipPoolEndIp 10.0.0.80

若要部署 stacked_kube_vip 负载均衡器:To deploy with stacked_kube_vip load balancer:

Set-AksHciConfig -imageDir c:\clusterstorage\volume1\Images -cloudConfigLocation c:\clusterstorage\volume1\Config -kvaLoadBalancerType stacked_kube_vip -kvaControlPlaneEndpoint 10.0.1.10

使用代理服务器进行部署:To deploy with a proxy server:

Set-AksHciConfig -imageDir c:\clusterstorage\volume1\Images -cloudConfigLocation c:\clusterstorage\volume1\Config -proxyServerHttp "http://proxy.contoso.com:8888" -proxyServerHttps "http://proxy.contoso.com:8888" -proxyServerNoProxy "localhost,127.0.0.1,.svc,10.96.0.0/12,10.244.0.0/16,10.231.110.0/24,10.68.237.0/24" -proxyServerCredential $credential

可选参数Optional parameters

-imageDir

Azure Stack HCI 上的 Azure Kubernetes 服务将在其中存储 VHD 映像的目录的路径。The path to the directory where Azure Kubernetes Service on Azure Stack HCI will store its VHD images. 对于单节点部署,默认值为 %systemdrive%\AksHciImageStoreDefaults to %systemdrive%\AksHciImageStore for single node deployments. 对于多节点部署,必须指定此参数。For multi-node deployments, this parameter must be specified. 路径必须指向共享的存储路径(例如 C:\ClusterStorage\Volume2\ImageStore )或 SMB 共享(例如 \\FileShare\ImageStore)。The path must point to a shared storage path such as C:\ClusterStorage\Volume2\ImageStore or an SMB share such as \\FileShare\ImageStore.

-cloudConfigLocation

云代理将存储其配置的位置。The location where the cloud agent will store its configuration. 对于单节点部署,默认值为 %systemdrive%\wssdcloudagentDefaults to %systemdrive%\wssdcloudagent for single node deployments. 此位置可以与上面的 -imageDir 路径相同。The location can be the same as the path of -imageDir above. 对于多节点部署,必须指定此参数。 For *multi-node deployments, this parameter must be specified*. 路径必须指向共享的存储路径(例如 C:\ClusterStorage\Volume2\ImageStore )或 SMB 共享(例如 \\FileShare\ImageStore)。The path must point to a shared storage path such as C:\ClusterStorage\Volume2\ImageStore or an SMB share such as \\FileShare\ImageStore. 此位置需要在高度可用的共享上,以便始终可以访问该存储。The location needs to be on a highly available share so that the storage will always be accessible.

-nodeConfigLocation

节点代理将存储其配置的位置。The location where the node agents will store their configuration. 每个节点都有一个节点代理,因此其配置在本地。Every node has a node agent, so its configuration is local to it. 此位置必须是本地路径。This location must be a local path. 对于所有部署,默认值为 %systemdrive%\programdata\wssdagentDefaults to %systemdrive%\programdata\wssdagent for all deployments.

-vnetName

要将虚拟机与之连接的虚拟交换机的名称。The name of the virtual switch to connect the virtual machines to. 如果主机上已有外部交换机,应在此处传递交换机的名称。If you already have an external switch on the host, you should pass the name of the switch here. 如果该交换机不存在,则会创建它。The switch will be created if it does not exist.默认为“外部”名称。 Defaults to “External” name.

-controlPlaneVmSize

要为控制平面创建的 VM 的大小。The size of the VM to create for the control plane. 若要获取可用 VM 大小的列表,请运行 Get-AksHciVmSizeTo get a list of available VM sizes, run Get-AksHciVmSize.

-loadBalancerVmSize

要为负载均衡器 VM 创建的 VM 的大小。The size of the VM to create for the Load Balancer VMs. 若要获取可用 VM 大小的列表,请运行 Get-AksHciVmSizeTo get a list of available VM sizes, run Get-AksHciVmSize.

-sshPublicKey

SSH 公钥文件的路径。Path to an SSH public key file. 使用此公钥,你将能够登录到 Azure Stack HCI 部署上的 Azure Kubernetes 服务创建的任何 VM。Using this public key, you will be able to log in to any of the VMs created by the Azure Kubernetes Service on Azure Stack HCI deployment. 如果你有自己的 SSH 公钥,你将在此处传递其位置。If you have your own SSH public key, you will pass its location here. 如果未提供任何密钥,我们将在下查找一个密钥 %systemdrive%\akshci\.ssh\akshci_rsa.pubIf no key is provided, we will look for one under %systemdrive%\akshci\.ssh\akshci_rsa.pub. 如果该文件不存在,将生成并使用上述位置的 SSH 密钥对。If the file does not exist, an SSH key pair in the above location will be generated and used.

-vipPoolStartIp

使用 VIP 池进行部署时,此参数将指定池的网络开始 IP。When using VIP pools for your deployment, this parameter specifies the network start of the pool. 应将 VIP 池用于长期部署,以保证 IP 地址池保持一致。You should use VIP pools for long-lived deployments to guarantee that a pool of IP addresses remain consistent. 当你拥有始终需要访问的工作负荷时,这非常有用。This is useful when you have workloads that always need to be reachable. 默认为无。Default is none.

-vipPoolEndIp

使用 VIP 池进行部署时,此参数将指定池的网络结束 IP。When using VIP pools for your deployment, this parameter specifies the network end of the pool. 应将 VIP 池用于长期部署,以保证 IP 地址池保持一致。You should use VIP pools for long-lived deployments to guarantee that a pool of IP addresses remain consistent. 当你拥有始终需要访问的工作负荷时,这非常有用。This is useful when you have workloads that always need to be reachable. 默认为无。Default is none.

-macPoolStart

这用于指定你希望用于 Azure Kubernetes 服务主机 VM 的 MAC 池的 MAC 地址开头。This is used to specify the start of the MAC address of the MAC pool that you wish to use for the Azure Kubernetes Service host VM. MAC 地址的语法要求第一个字节的最小有效位应始终为0,第一个字节应始终为偶数 (,即00,02,04,06 ... ) 。典型的 MAC 地址如下所示:02:1E:2B:78:00:00。The syntax for the MAC address requires that the least significant bit of the first byte should always be 0, and the first byte should always be an even number (that is, 00, 02, 04, 06...). A typical MAC address can look like: 02:1E:2B:78:00:00. 将 MAC 池用于长期部署,以便分配的 MAC 地址保持一致。Use MAC pools for long-lived deployments so that MAC addresses assigned are consistent. 如果要求 Vm 具有特定的 MAC 地址,这会很有用。This is useful if you have a requirement that the VMs have specific MAC addresses. 默认为无。Default is none.

-macPoolEnd

这用于指定你希望用于 Azure Kubernetes 服务主机 VM 的 MAC 池的 MAC 地址结尾。This is used to specify the end of the MAC address of the MAC pool that you wish to use for the Azure Kubernetes Service host VM. MAC 地址的语法要求第一个字节的最小有效位应始终为0,第一个字节应始终为偶数 (,即00,02,04,06 ... ) 。作为传递的地址的第一个字节 -macPoolEnd 应与作为传递的地址的第一个字节相同 -macPoolStartThe syntax for the MAC address requires that the least significant bit of the first byte should always be 0, and the first byte should always be an even number (that is, 00, 02, 04, 06...). The first byte of the address passed as the -macPoolEnd should be the same as the first byte of the address passed as the -macPoolStart. 将 MAC 池用于长期部署,以便分配的 MAC 地址保持一致。Use MAC pools for long-lived deployments so that MAC addresses assigned are consistent. 如果要求 Vm 具有特定的 MAC 地址,这会很有用。This is useful if you have a requirement that the VMs have specific MAC addresses. 默认为无。Default is none.

-vlanID

这可以用来指定网络 VLAN ID。This can be used to specify a network VLAN ID. Azure Kubernetes 服务主机和 Kubernetes 群集 VM 网络适配器将用提供的 VLAN ID 进行标记。Azure Kubernetes Service host and Kubernetes cluster VM network adapters will be tagged with the provided VLAN ID. 如果有需要标记为获得正确连接的特定 VLAN ID,则应使用此 ID。This should be used if there is a specific VLAN ID that needs to be tagged to get the right connectivity. 默认为无。Default is none.

-kvaLoadBalancerType

这将采用 unstacked_haproxystacked_kube_vipThis takes in either unstacked_haproxy or stacked_kube_vip. unstacked_haproxy 默认情况下,将使用 HAProxy 作为 Azure Kubernetes 服务主机的 API 服务器终结点部署单独的负载平衡器 VM。unstacked_haproxy is the default where a separate load balancer VM is deployed with HAProxy as the Azure Kubernetes Service host's API server endpoint. stacked_kube_vip是 Azure Kubernetes 服务主机的负载均衡器解决方案 Kubevipstacked_kube_vipis a load balancer solution, Kubevip, for the Azure Kubernetes Service host. 它允许你将主机中的静态 IP 地址指定为跨控制平面节点的浮动 IP,以使 API 服务器通过 IP 高度可用。It allows you to specify a static IP address in the host as a floating IP across the control plane nodes to keep the API server highly available through the IP. 如果选择此选项,则必须在参数中指定静态 IP 地址 kvaControlPlaneEndpoint ,并且不部署单独的负载均衡器 VM。If this option is chosen, you must specify the static IP address in the kvaControlPlaneEndpoint parameter, and no separate load balancer VM is deployed.

stacked_kube_vip 需要 IP 地址,并且通过节省内存、CPU 和部署时间来更好地了解资源。stacked_kube_vip requires an IP address and is more resource friendly by saving memory, CPU, and deployment time. 如果没有 IP 地址使用作为浮动 IP,则应使用 unstacked_haproxyIf you do not have an IP address to use as the floating IP, you should use unstacked_haproxy. 后一种方法需要负载均衡器 VM。The latter option requires a load balancer VM.

-kvaControlPlaneEndpoint

此参数设置为时,指定要用作 Azure Kubernetes Service 主机 API 服务器地址的静态 IP 地址 kvaLoadBalancerType stacked_kube_vipThis specifies the static IP address to use as the Azure Kubernetes Service Host API server address when the kvaLoadBalancerType parameter is set to stacked_kube_vip. 如果 stacked_kube_vip 使用,则必须指定此参数。If stacked_kube_vip is used, this parameter must be specified.

-proxyServerHTTP

这会提供一个代理服务器 URI,该 URI 应由需要访问 HTTP 终结点的所有组件使用。This provides a proxy server URI that should be used by all components that need to reach HTTP endpoints. URI 格式包括 URI 架构、服务器地址和端口 (,即 https://server.com:8888) 。The URI format includes the URI schema, server address, and port (that is, https://server.com:8888). 默认为无。Default is none.

-proxyServerHTTPS

这会提供一个代理服务器 URI,该 URI 应由需要访问 HTTPS 终结点的所有组件使用。This provides a proxy server URI that should be used by all components that need to reach HTTPS endpoints. URI 格式包括 URI 架构、服务器地址和端口 (,即 https://server.com:8888) 。The URI format includes the URI schema, server address, and port (that is, https://server.com:8888). 默认为无。Default is none.

-proxyServerNoProxy

这是将从代理中免除的地址的逗号分隔字符串。This is a comma-delimited string of addresses that will be exempt from the proxy. 默认值为 localhost,127.0.0.1,.svc,10.96.0.0/12,10.244.0.0/16Default value is localhost,127.0.0.1,.svc,10.96.0.0/12,10.244.0.0/16. 这不包括来自代理服务器的本地主机流量 (localhost、127.0.0.1) 、内部 Kubernetes 服务流量 ( .svc) 、Kubernetes Service CIDR (10.96.0.0/12) 和 Kubernetes POD CIDR (10.244.0.0/16) 。This excludes the localhost traffic (localhost, 127.0.0.1), internal Kubernetes service traffic (.svc), the Kubernetes Service CIDR (10.96.0.0/12), and the Kubernetes POD CIDR (10.244.0.0/16) from the proxy server. 可以使用此参数添加更多子网范围或名称免除。You can use this parameter to add more subnet ranges or name exemptions. 此参数的设置非常重要,因为如果未正确配置,则可能会意外地将内部 Kubernetes 群集流量路由到代理。这可能导致网络通信失败。The settings for this parameter are very important because, if it's not correctly configured, you may unexpectedly route internal Kubernetes cluster traffic to your proxy. This can cause various failures in network communication.

-proxyServerCredential

这会提供用户名和密码以向 HTTP/HTTPS 代理服务器进行身份验证。This provides the username and password to authenticate to your HTTP/HTTPS proxy servers. 您可以使用 Get-Credential 生成要 PSCredential 传递给此参数的对象。You can use Get-Credential to generate a PSCredential object to pass to this parameter. 默认为无。Default is none.

-cloudServiceCidr

这可用于提供一个静态 IP/网络前缀来分配给 MOC CloudAgent 服务。This can be used to provide a static IP/network prefix to be assigned to the MOC CloudAgent service. 应使用 CIDR 格式提供此值。This value should be provided using the CIDR format. (示例:192.168.1.2/16)。(Example: 192.168.1.2/16). 你可能需要指定此项以确保始终可以访问网络上的任何重要内容,因为 IP 地址不会更改。You may want to specify this to ensure that anything important on the network is always accessible because the IP address will not change. 默认为无。Default is none.

-workingDir

这是用于存储小文件的模块的工作目录。This is a working directory for the module to use for storing small files. 默认为 %PROGRAMFILES%\AksHci ,大多数部署不应进行更改。Defaults to %PROGRAMFILES%\AksHci and should not be changed for most deployments.建议不要更改默认值。 We do not recommend changing the default.

-version

要部署的 Azure Stack HCI 上的 Azure Kubernetes 服务的版本。The version of Azure Kubernetes Service on Azure Stack HCI that you want to deploy. 默认值为最新版本。The default is the latest version. 建议不要更改默认值。We do not recommend changing the default.

-vnetType

要连接或创建的虚拟交换机的类型。The type of virtual switch to connect to or create. 此值默认为“外部”交换机类型。This defaults to “External” switch type. 建议不要更改默认值。We do not recommend changing the default.

-nodeAgentPort

节点代理应侦听的 TCP/IP 端口号。The TCP/IP port number that node agents should listen on. 默认为 45000。Defaults to 45000.建议不要更改默认值。 We do not recommend changing the default.

-nodeAgentAuthorizerPort

节点代理为授权端口使用的 TCP/IP 端口号。The TCP/IP port number that node agents should use for their authorization port. 默认为 45001。Defaults to 45001. 建议不要更改默认值。We do not recommend changing the default.

-clusterRoleName

此名称指定在将云代理创建为群集内的通用服务时要使用的名称。This specifies the name to use when creating cloud agent as a generic service within the cluster. 此名称默认为具有 ca 前缀的唯一名称和 guid 后缀 (例如: "9e6eb299-bc0b-4f00-9fd7-942843820c26" ) 。This defaults to a unique name with a prefix of ca- and a guid suffix (for example: “ca-9e6eb299-bc0b-4f00-9fd7-942843820c26”). 建议不要更改默认值。We do not recommend changing the default.

-cloudLocation

此参数提供自定义的 Microsoft 操作云位置名称。This parameter provides a custom Microsoft Operated Cloud location name. 默认名称为 "MocLocation"。The default name is "MocLocation". 建议不要更改默认值。We do not recommend changing the default.

-skipHostLimitChecks

在允许部署继续进行之前,请求脚本跳过它用于确认内存和磁盘空间是否可用的所有检查。Requests the script to skip any checks it does to confirm memory and disk space is available before allowing the deployment to proceed. 不建议使用此设置。We do not recommend using this setting.

-insecure

在 Azure Stack HCI 组件(例如云代理和节点代理)上部署 Azure Kubernetes 服务,) 在不安全模式下 (s, (不会) TLS 安全连接。Deploys Azure Kubernetes Service on Azure Stack HCI components such as cloud agent and node agent(s) in insecure mode (no TLS secured connections).不建议在生产环境中使用不安全模式。  We do not recommend using insecure mode in production environments.

-skipUpdates

如果要跳过任何可用的更新,请使用此标志。Use this flag if you want to skip any updates available. 不建议使用此设置。We do not recommend using this setting.

-forceDnsReplication

在某些系统上,DNS 复制最多可能需要一小时。DNS replication can take up to an hour on some systems. 这会导致部署速度缓慢。This will cause the deployment to be slow. 如果遇到此问题,你会看到 Install-AksHci 停滞在循环中。If you hit this issue, you'll see that the Install-AksHci will be stuck in a loop. 若要解决此问题,请尝试使用此标志。To get past this issue, try to use this flag. -forceDnsReplication 标志不是有保证的修补方法。The -forceDnsReplication flag is not a guaranteed fix. 如果该标志背后的逻辑失败,则会隐藏该错误,并且命令将继续执行,如同未提供该标志一样。If the logic behind the flag fails, the error will be hidden, and the command will carry on as if the flag was not provided.

重置 Azure Stack HCI 上的 Azure Kubernetes 服务的配置Reset the Azure Kubernetes Service on Azure Stack HCI configuration

若要重置 Azure Stack HCI 配置上的 Azure Kubernetes 服务,请运行以下命令。To reset the Azure Kubernetes Service on Azure Stack HCI configuration, run the following commands. 单独运行此命令会将配置重置为默认值。Running this command on its own will reset the configuration to default values.

Set-AksHciConfig

步骤 4:启动新部署Step 4: Start a new deployment

配置你的部署后,你必须启动部署。After you've configured your deployment, you must start deployment. 这会在 Azure Stack HCI 代理/服务和 Azure Kubernetes 服务主机上安装 Azure Kubernetes 服务。This will install the Azure Kubernetes Service on Azure Stack HCI agents/services and the Azure Kubernetes Service host.

若要开始部署,请运行以下命令。To begin deployment, run the following command.

Install-AksHci

验证已部署的 Azure Kubernetes 服务主机Verify your deployed Azure Kubernetes Service host

若要确保 Azure Kubernetes 服务主机已部署,请运行以下命令。To ensure that your Azure Kubernetes Service host was deployed, run the following command. 部署 Kubernetes 群集后,还可以使用相同的命令获取这些群集。You will also be able to get Kubernetes clusters using the same command after deploying them.

Get-AksHciCluster

输出:Output:


Name            : clustergroup-management
Version         : v1.18.8
Control Planes  : 1
Linux Workers   : 0
Windows Workers : 0
Phase           : provisioned
Ready           : True

步骤 5:使用 kubectl 访问群集Step 5: Access your clusters using kubectl

若要使用 kubectl 访问 Azure Kubernetes 服务主机或 Kubernetes 群集,请运行以下命令。To access your Azure Kubernetes Service host or Kubernetes cluster using kubectl, run the following command. 这将使用指定群集的 kubeconfig 文件作为 kubectl 的默认 kubeconfig 文件。This will use the specified cluster's kubeconfig file as the default kubeconfig file for kubectl.

Get-AksHciCredential -clusterName <String>
                     [-outputLocation <String>]

示例Example

Get-AksHciCredential -clusterName clustergroup-management

必需参数Required Parameters

clusterName

群集的名称。The name of the cluster.

可选参数Optional Parameters

outputLocation

要将 kubeconfig 下载到的位置。The location where you want the kubeconfig downloaded. 默认值为 %USERPROFILE%\.kubeDefault is %USERPROFILE%\.kube.

获取日志Get logs

若要从所有 Pod 获取日志,请运行以下命令。To get logs from your all your pods, run the following command. 此命令将在路径 C:\wssd\akshcilogs 中创建名为 akshcilogs 的输出压缩文件夹。This command will create an output zipped folder called akshcilogs in the path C:\wssd\akshcilogs.

Get-AksHciLogs

在 Azure Stack HCI 上更新到最新版本的 Azure Kubernetes 服务Update to the latest version of Azure Kubernetes Service on Azure Stack HCI

若要在 Azure Stack HCI 上更新到最新版本的 Azure Kubernetes 服务,请运行以下命令。To update to the latest version of Azure Kubernetes Service on Azure Stack HCI, run the following command. 仅当安装了 Oct 版本后,update 命令才起作用。The update command only works if you have installed the Oct release. 对于早于10月版本的版本,它将不起作用。It will not work for releases older than the October release. 此更新命令将更新 Azure Kubernetes 服务主机和本地 Microsoft 运行的云平台。This update command updates the Azure Kubernetes Service host and the on-premise Microsoft operated cloud platform. 对于此预览版本,Kubernetes 版本和 AKS 主机操作系统版本仍保持不变。For this preview release, the Kubernetes version and AKS host OS version still remain the same. 此命令不会升级任何现有的工作负荷群集。This command does not upgrade any existing workload clusters. 更新 AKS 主机后创建的新工作负载群集将不同于 Windows 节点 OS 版本和 Kubernetes 版本中的现有工作负荷群集。New workload clusters created after updating the AKS host will differ from existing workload clusters in terms of Windows node OS version and Kubernetes version.

Update-AksHci

建议在更新管理群集后立即更新工作负荷群集,以防止在 Kubernetes 群集中运行 Windows 节点不受支持的 Windows Server 操作系统版本。We recommend updating workload clusters immediately after updating the management cluster to prevent running unsupported Windows Server OS versions in your Kubernetes clusters with Windows nodes. 若要更新工作负荷群集,请访问 更新工作负荷群集To update your workload cluster, visit update your workload cluster.

Azure Stack HCI 上重新启动 Azure Kubernetes 服务Restart Azure Kubernetes Service on Azure Stack HCI

如果在 Azure Stack HCI 上重新启动 Azure Kubernetes 服务,则将删除所有 Kubernetes 群集(如果有)以及 Azure Kubernetes 服务主机。Restarting Azure Kubernetes Service on Azure Stack HCI will remove all of your Kubernetes clusters if any, and the Azure Kubernetes Service host. 它还会从节点中卸载 Azure Stack HCI 代理和服务上的 Azure Kubernetes 服务。It will also uninstall the Azure Kubernetes Service on Azure Stack HCI agents and services from the nodes. 然后,它会重复原始安装过程步骤,直到重新创建主机。It will then go back through the original install process steps until the host is recreated. 你通过 Set-AksHciConfig 配置的 Azure Stack HCI 上的 Azure Kubernetes 服务配置和下载的 VHDX 映像将保留。The Azure Kubernetes Service on Azure Stack HCI configuration that you configured via Set-AksHciConfig and the downloaded VHDX images are preserved.

若要在具有相同配置设置的 Azure Stack HCI 上重新启动 Azure Kubernetes 服务,请运行以下命令。To restart Azure Kubernetes Service on Azure Stack HCI with the same configuration settings, run the following command.

Restart-AksHci

在 Azure Stack HCI 上重置配置设置并重新安装 Azure Kubernetes 服务Reset configuration settings and reinstall Azure Kubernetes Service on Azure Stack HCI

若要在具有不同配置设置的 Azure Stack HCI 上重新安装 Azure Kubernetes Service,请首先运行以下命令。To reinstall Azure Kubernetes Service on Azure Stack HCI with different configuration settings, run the following command first.

Uninstall-AksHci

运行上述命令后,可以通过以下命令更改配置设置。After running the above command, you can change the configuration settings with the following command. 参数将保持不变,如步骤3中所述。The parameters remain the same as described in Step 3. 如果在未指定参数的情况下运行此命令,则参数将重置为其默认值。If you run this command with no specified parameters, the parameters will be reset to their default values.

Set-AksHciConfig

将配置更改为所需的设置后,运行以下命令,在 Azure Stack HCI 上重新安装 Azure Stack Kubernetes。After changing the configuration to your desired settings, run the following command to reinstall Azure Stack Kubernetes on Azure Stack HCI.

Install-AksHci

删除 Azure Stack HCI 上的 Azure Kubernetes 服务Remove Azure Kubernetes Service on Azure Stack HCI

若要删除 Azure Stack HCI 上的 Azure Kubernetes 服务,请运行以下命令。To remove Azure Kubernetes Service on Azure Stack HCI, run the following command. 如果使用 PowerShell 卸载 Windows 管理中心部署,则必须使用标志运行命令 -ForceIf you are using PowerShell to uninstall a Windows Admin Center deployment, you must run the command with the -Force flag.

Uninstall-AksHci

运行上述命令后,可以运行 Install-AksHci 命令来安装 Azure Kubernetes 服务主机,使其配置与以前相同。After running the above command, you can run the Install-AksHci command to install the Azure Kubernetes Service host with the same configuration as before. 如果要更改配置,请在 Set-AksHciConfig 运行安装命令之前,以要进行的更改运行。If you want to change the configuration, run Set-AksHciConfig with the changes you want to make before running the install command.

如果不想保留旧配置,请运行以下命令。If you don't want to retain the old configuration, run the following command.

Uninstall-AksHci -Force

如果 PowerShell 命令在以前用于部署 Windows 管理中心的群集上运行,则 PowerShell 模块会检查 Windows 管理中心配置文件是否存在。If PowerShell commands are run on a cluster where Windows Admin Center was previously used to deploy, the PowerShell module checks the existence of the Windows Admin Center configuration file. Windows 管理中心将 Windows 管理中心配置文件放在所有节点上。Windows Admin Center places the Windows Admin Center configuration file across all nodes. 如果使用卸载命令并返回到 Windows 管理中心,请使用标志运行上述 uninstall 命令 -Force 。如果未执行此操作,则 PowerShell 和 Windows 管理中心将不同步。If you use the uninstall command and go back to Windows Admin Center, run the above uninstall command with the -Force flag. If this is not done, PowerShell and Windows Admin Center will be out of sync.

后续步骤Next steps