diff --git a/builds/k3s-inside-dind/.env.example b/builds/k3s-inside-dind/.env.example index 5be3dc3..bc2d599 100644 --- a/builds/k3s-inside-dind/.env.example +++ b/builds/k3s-inside-dind/.env.example @@ -7,8 +7,11 @@ K3S_VERSION=v1.28.2+k3s1 # K3s DinD Image Version # Built image version tag -K3S_DIND_VERSION=0.1.0 - +K3S_DIND_VERSION=0.2.0 +# Preload Images +# Whether to pre-download common images during build (true/false) +# Set to false to speed up build time if you have good internet connectivity +PRELOAD_IMAGES=true # Timezone # Set the timezone for the container TZ=UTC diff --git a/builds/k3s-inside-dind/Dockerfile b/builds/k3s-inside-dind/Dockerfile index 040f187..a7868e0 100644 --- a/builds/k3s-inside-dind/Dockerfile +++ b/builds/k3s-inside-dind/Dockerfile @@ -2,8 +2,9 @@ FROM docker:29-dind ARG TARGETARCH=amd64 ARG K3S_VERSION=v1.28.2+k3s1 +ARG PRELOAD_IMAGES="true" -RUN apk add --no-cache bash iptables curl fuse-overlayfs +RUN apk add --no-cache bash iptables curl fuse-overlayfs jq RUN if [ "$TARGETARCH" = "amd64" ]; then \ export SUFFIX=""; \ @@ -13,6 +14,10 @@ RUN if [ "$TARGETARCH" = "amd64" ]; then \ curl -L -o /usr/local/bin/k3s https://github.com/k3s-io/k3s/releases/download/${K3S_VERSION}/k3s${SUFFIX} && \ chmod +x /usr/local/bin/k3s +RUN mkdir -p /var/lib/rancher/k3s/agent/images/ && \ + curl -sfL https://github.com/k3s-io/k3s/releases/download/${K3S_VERSION}/k3s-airgap-images-${TARGETARCH}.tar.zst \ + -o /var/lib/rancher/k3s/agent/images/k3s-airgap-images.tar.zst + EXPOSE 6443 COPY entrypoint.sh /usr/local/bin/entrypoint.sh diff --git a/builds/k3s-inside-dind/README.md b/builds/k3s-inside-dind/README.md index 634a9d1..ecb4d05 100644 --- a/builds/k3s-inside-dind/README.md +++ b/builds/k3s-inside-dind/README.md @@ -13,6 +13,7 @@ A lightweight Kubernetes distribution (K3s) running inside a Docker-in-Docker (D - ✅ Resource limits to prevent system exhaustion - ✅ Health checks for cluster readiness - ✅ Persistent storage for K3s and Docker data +- ✅ Pre-loaded common images for offline use ## Prerequisites @@ -61,7 +62,8 @@ A lightweight Kubernetes distribution (K3s) running inside a Docker-in-Docker (D | Variable | Default | Description | | ----------------------------- | -------------- | ------------------------------------- | | `K3S_VERSION` | `v1.28.2+k3s1` | K3s version to install | -| `K3S_DIND_VERSION` | `0.1.0` | Built image version tag | +| `K3S_DIND_VERSION` | `0.2.0` | Built image version tag | +| `PRELOAD_IMAGES` | `true` | Pre-download images during build | | `TZ` | `UTC` | Container timezone | | `K3S_API_PORT_OVERRIDE` | `6443` | Kubernetes API server port | | `DOCKER_TLS_PORT_OVERRIDE` | `2376` | Docker daemon TLS port | @@ -186,6 +188,24 @@ Update the `K3S_VERSION` in `.env` and rebuild: docker compose up -d --build ``` +### Offline/Air-Gapped Environments + +By default, common container images are pre-downloaded during the build process: + +- K3s system images (pause, coredns, local-path-provisioner, metrics-server) +- Common base images (nginx, busybox, alpine) + +These images are stored in the Docker data volume, so no internet access is required when starting containers. + +To disable pre-loading (faster builds if you have good internet): + +```bash +# In .env file +PRELOAD_IMAGES=false +``` + +To add more images to pre-load, edit the Dockerfile and add `docker pull` commands in the pre-load section. + ## Cleanup Remove the cluster and all data: diff --git a/builds/k3s-inside-dind/README.zh.md b/builds/k3s-inside-dind/README.zh.md index 668a1f5..094824e 100644 --- a/builds/k3s-inside-dind/README.zh.md +++ b/builds/k3s-inside-dind/README.zh.md @@ -13,6 +13,7 @@ - ✅ 资源限制防止系统资源耗尽 - ✅ 健康检查确保集群就绪 - ✅ 持久化存储 K3s 和 Docker 数据 +- ✅ 预装常用镜像支持离线使用 ## 前置要求 @@ -61,7 +62,8 @@ | 变量 | 默认值 | 说明 | | ----------------------------- | -------------- | ------------------------- | | `K3S_VERSION` | `v1.28.2+k3s1` | 要安装的 K3s 版本 | -| `K3S_DIND_VERSION` | `0.1.0` | 构建的镜像版本标签 | +| `K3S_DIND_VERSION` | `0.2.0` | 构建的镜像版本标签 | +| `PRELOAD_IMAGES` | `true` | 构建时预下载镜像 | | `TZ` | `UTC` | 容器时区 | | `K3S_API_PORT_OVERRIDE` | `6443` | Kubernetes API 服务器端口 | | `DOCKER_TLS_PORT_OVERRIDE` | `2376` | Docker 守护进程 TLS 端口 | @@ -186,6 +188,24 @@ K3S_DISABLE_SERVICES= docker compose up -d --build ``` +### 离线/隔离网络环境 + +默认情况下,在构建过程中会预先下载常用的容器镜像: + +- K3s 系统镜像(pause、coredns、local-path-provisioner、metrics-server) +- 常用基础镜像(nginx、busybox、alpine) + +这些镜像存储在 Docker 数据卷中,因此启动容器时无需访问互联网。 + +如需禁用预加载(如果网络良好可加快构建速度): + +```bash +# 在 .env 文件中 +PRELOAD_IMAGES=false +``` + +如需添加更多预加载镜像,编辑 Dockerfile 并在预加载部分添加 `docker pull` 命令。 + ## 清理 删除集群和所有数据: diff --git a/builds/k3s-inside-dind/docker-compose.yaml b/builds/k3s-inside-dind/docker-compose.yaml index 72bae36..1459b6d 100644 --- a/builds/k3s-inside-dind/docker-compose.yaml +++ b/builds/k3s-inside-dind/docker-compose.yaml @@ -13,12 +13,13 @@ x-defaults: &defaults services: k3s: <<: *defaults - image: ${GLOBAL_REGISTRY:-}alexsuntop/k3s-inside-dind:${K3S_DIND_VERSION:-0.1.0} + image: ${GLOBAL_REGISTRY:-}alexsuntop/k3s-inside-dind:${K3S_DIND_VERSION:-0.2.0} build: context: . dockerfile: Dockerfile args: K3S_VERSION: ${K3S_VERSION:-v1.28.2+k3s1} + PRELOAD_IMAGES: ${PRELOAD_IMAGES:-true} privileged: true volumes: - k3s_data:/var/lib/rancher/k3s diff --git a/builds/k3s-inside-dind/entrypoint.sh b/builds/k3s-inside-dind/entrypoint.sh index 93574e8..79243b3 100644 --- a/builds/k3s-inside-dind/entrypoint.sh +++ b/builds/k3s-inside-dind/entrypoint.sh @@ -17,9 +17,19 @@ done echo "Docker is ready." echo "Starting K3s..." -exec k3s server \ - --snapshotter=native \ - --disable=traefik \ - --write-kubeconfig-mode=644 \ - --https-listen-port=6443 \ - "$@" + +# Build K3s server arguments +K3S_ARGS="--snapshotter=native --write-kubeconfig-mode=644 --https-listen-port=6443" + +# Add disable services if specified +if [ -n "$K3S_DISABLE_SERVICES" ]; then + K3S_ARGS="$K3S_ARGS --disable=$K3S_DISABLE_SERVICES" +fi + +# Add token if specified +if [ -n "$K3S_TOKEN" ]; then + export K3S_TOKEN +fi + +# Execute K3s server with all arguments +exec k3s server $K3S_ARGS "$@"