Ming-der Wang <ming@log4analytics.com>
$ docker-machine create --driver digitalocean --digitalocean-image centos-7-0-x64 --digitalocean-access-token $DOTOKEN centos-1
$ docker-machine create --driver digitalocean --digitalocean-image centos-7-0-x64 --digitalocean-access-token $DOTOKEN centos-2
$ docker-machine create --driver digitalocean --digitalocean-image centos-7-0-x64 --digitalocean-access-token $DOTOKEN centos-3
$ docker-machine create --driver digitalocean --digitalocean-image ubuntu-14-04-x64 --digitalocean-access-token $DOTOKEN centos-1
$ docker-machine create --driver digitalocean --digitalocean-image ubuntu-16-04-x64 --digitalocean-access-token $DOTOKEN centos-2
$ docker-machine create --driver digitalocean --digitalocean-image ubuntu-16-10-x64 --digitalocean-access-token $DOTOKEN centos-3
➜ curl -s -L -o ~/bin/cfssl https://pkg.cfssl.org/R1.1/cfssl_darwin-amd64
➜ curl -s -L -o ~/bin/cfssljson https://pkg.cfssl.org/R1.1/cfssljson_darwin-amd64
➜ curl -s -L -o ~/bin/cfssl https://pkg.cfssl.org/R1.1/cfssl_linux-amd64
➜ curl -s -L -o ~/bin/cfssljson https://pkg.cfssl.org/R1.1/cfssljson_linux-amd64
現做出 ca.pem, ca-key.pem, ca.csr
利用他們再做出 centos.pem, centos-key.pem, centos.csr
$ cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=client-server centos-1.json | cfssljson -bare centos
$ scp -i /Users/mingderwang/.docker/machine/machines/centos-1/id_rsa ca.pem centos-key.pem centos.pem root@centos-1:
$ docker-machine create --driver digitalocean --digitalocean-image centos-7-0-x64 --digitalocean-access-token $DOTOKEN --digitalocean-size 1gb centos-1
$ docker-machine create --driver digitalocean --digitalocean-image centos-7-0-x64 --digitalocean-access-token $DOTOKEN --digitalocean-size 1gb centos-2
cd ~/chef-repo/cookbook
git clone https://github.com/chenzhiwei/kubernetes-cookbook kubernetes
cd kubernetes
vi environments/kubernetes.json # 改你自己的 IPs
$ knife environment from file environments/kubernetes.json
$ docker-machine ssh centos-1 chef-client -r 'role[kubernetes-etcd],role[kubernetes-master]'
$ docker-machine ssh centos-2 chef-client -r 'role[kubernetes-minion]'
$ knife bootstrap 159.203.167.97 -E kubernetes -r 'role[kubernetes-minion]' -i /Users/mingderwang/.docker/machine/machines/centos-2/id_rsa
$ knife bootstrap 159.203.173.161 -E kubernetes -r 'role[kubernetes-etcd],role[kubernetes-master]' -i /Users/mingderwang/.docker/machine/machines/centos-1/id_rsa