目录
一、准备 二、编辑脚本1、k8s.sh2、k8s_install.py三、配置ssh免密四、下载python3和git五、执行脚本六、成功七、总结
一、准备
通过之前在Ubuntu18.04上手动部署过k8s之后,尝试用python脚本进行自动化部署
这次用的是三台centos7的虚拟机,一台作为master执行脚本,两台作为node节点
三台机器都配置好静态IP,可以参考之前的在centos 7中安装配置k8s集群的步骤详解
二、编辑脚本
1、k8s.sh
放在/root下,用于从dockerhub拉取镜像。
set -o errexit
set -o nounset
set -o pipefail
##这里定义版本,按照上面得到的列表自己改一下版本号
KUBE_VERSION=v1.21.3
KUBE_PAUSE_VERSION=3.4.1
ETCD_VERSION=3.4.13-0
##这是原始仓库名,最后需要改名成这个
GCR_URL=k8s.gcr.io
##这里就是写你要使用的仓库
DOCKERHUB_URL=gotok8s
##这里是镜像列表,新版本要把coredns改成coredns/coredns
images=(
kube-proxy:${KUBE_VERSION}
kube-scheduler:${KUBE_VERSION}
kube-controller-manager:${KUBE_VERSION}
kube-apiserver:${KUBE_VERSION}
pause:${KUBE_PAUSE_VERSION}
etcd:${ETCD_VERSION}
)
##这里是拉取和改名的循环语句
for imageName in ${images[@]} ; do
docker pull $DOCKERHUB_URL/$imageName
docker tag $DOCKERHUB_URL/$imageName $GCR_URL/$imageName
docker rmi $DOCKERHUB_URL/$imageName
done
docker pull coredns/coredns:1.8.0
docker tag coredns/coredns:1.8.0 k8s.gcr.io/coredns/coredns:v1.8.0
docker rmi coredns/coredns:1.8.0
2、k8s_install.py
#!/bin/python3
# -*- coding:utf-8 -*-
# author: fanb
# describe: K8S v1.21.2 一键脚本安装
import os
import subprocess
import time
class k8s_install(object):
def __init__(self,masterip,nodeip):
self.masterip = masterip
self.nodeip = nodeip
def initialization_shell(self): #环境初始化shell
# 关闭防火墙
setenforce = \"setenforce 0\"
sed_selinux = \"sed -i \'s/^SELINUX=enforcing/SELINUX=disabled/g\' /etc/sysconfig/selinux\"
sed_selinux1 = \"sed -i \'s/^SELINUX=enforcing/SELINUX=disabled/g\' /etc/selinux/config\"
sed_selinux2 = \"sed -i \'s/^SELINUX=permissive/SELINUX=disabled/g\' /etc/sysconfig/selinux\"
sed_selinux3 = \"sed -i \'s/^SELINUX=permissive/SELINUX=disabled/g\' /etc/selinux/config\"
stop_firewalld = \"systemctl stop firewalld\"
disable_firewalld = \"systemctl disable firewalld\"
swapoff_a = \"swapoff -a\"
sed_swapoff = \"sed -i \'s/.*swap.*/#&/\' /etc/fstab\"
#在所有服务器配置国内yum源
yum_install = \"yum install -y wget git chrony yum-utils device-mapper-persistent-data lvm2 ipset ipvsadm > /dev/null 2>&1\"
mkdir_repo = \"mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak > /dev/null 2>&1\"
wget_centos = \"wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo > /dev/null 2>&1\"
wget_epel = \"wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo > /dev/null 2>&1\"
wget_docker = \"wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo > /dev/null 2>&1\"
kubernetes_repo = \"\"\"
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
\"\"\"
yum_clean = \"yum -y makecache > /dev/null 2>&1\"
yum_makecahe = \"yum -y makecache > /dev/null 2>&1\"
#修改内核参数,由于ipvs已经加入到了内核的主干,所以为kube-proxy开启ipvs的前提需要加载以下的内核模块
modprobe_netfilter = \"modprobe br_netfilter\"
br_netfilter = \"echo \'br_netfilter\' > /etc/modules-load.d/br_netfilter.conf\"
k8s_conf = \"\"\"
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness=0
EOF
\"\"\"
limits_conf = \"\"\"
cat > /etc/security/limits.conf << EOF
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
* hard nproc 65536
* soft memlock unlimited
* hard memlock unlimited
DefaultLimitNOFILE=102400
DefaultLimitNPROC=102400
EOF
\"\"\"
sysctl_k8s = \"sysctl -p /etc/sysctl.d/k8s.conf > /dev/null 2>&1\"
#时间同步
enable_chronyd = \"systemctl enable chronyd.service\"
start_chronyd = \"systemctl start chronyd.service\"
set_timezone = \"timedatectl set-timezone Asia/Shanghai\"
ntpdate = \"ntpdate ntp1.aliyun.com > /dev/null 2>&1\"
chronyc_sources = \"chronyc sources > /dev/null 2>&1\"
#安装docker,kubelet
remove_docker = \"yum remove -y docker docker-ce docker-common docker-selinux docker-engine > /dev/null 2>&1\"
install_docker = \"yum install -y docker-ce > /dev/null 2>&1\"
start_docker = \"systemctl start docker > /dev/null 2>&1\"
docker_reload = \"systemctl daemon-reload > /dev/null 2>&1\"
enable_docker = \"systemctl enable docker > /dev/null 2>&1\"
restart_docker = \"systemctl restart docker > /dev/null 2>&1\"
install_kubelet = \"yum install -y kubelet-1.21.2 kubeadm-1.21.2 kubectl-1.21.2 --disableexcludes=kubernetes > /dev/null 2>&1\"
enable_kubelet = \"systemctl enable kubelet > /dev/null 2>&1\"
start_kubelet = \"systemctl start kubelet > /dev/null 2>&1\"
return setenforce,sed_selinux,sed_selinux1,sed_selinux2,sed_selinux3,stop_firewalld,disable_firewalld,swapoff_a,sed_swapoff,yum_install,\\
mkdir_repo,wget_centos,wget_epel,wget_docker,kubernetes_repo,yum_clean,yum_makecahe,modprobe_netfilter,br_netfilter,k8s_conf,limits_conf,\\
sysctl_k8s,enable_chronyd,start_chronyd,set_timezone,ntpdate,chronyc_sources,remove_docker,install_docker,start_docker,docker_reload,enable_docker,restart_docker,\\
install_kubelet,enable_kubelet,start_kubelet
def shell_command(self):
masterip_list = self.masterip.split(\',\')
nodeip_list = self.nodeip.split(\',\')
token_creat = ()
token_code = ()
name_num = 0
node_num = 0
dir0 = \'\'\'echo \'{
\"exec-opts\":[\"native.cgroupdriver=systemd\"]
}\' > /etc/docker/daemon.json\'\'\'
dir1 = \'\'\'echo \'export KUBECONFIG=/etc/kubernetes/admin.conf\' >> /etc/profile\'\'\'
dir2 = \'\'\'echo \'199.232.68.133 raw.githubusercontent.com\' >> /etc/hosts\'\'\'
dir3 = \'\'\'echo \'{
\"registry-mirrors\": [\"https://docker.mirrors.ustc.edu.cn\"]
}\' > /etc/docker/daemon.json\'\'\'
# #自动添加策略,保存服务器的主机名和密钥信息,如果不添加,那么不再本地know_hosts文件中记录的主机将无法连接
for masterip in masterip_list:
name_num += 1
hosts_name = \"\"
if masterip == masterip_list[0]: # 如果是当前单节点
print(\"*\"*20,\"进入Master节点操作,当前IP: %s\" %masterip)
master_name = \"master0%s\" % name_num
#设置名字
hostname = os.system(\"hostname %s\"%master_name)
etc_hostname = os.system(\"echo \'%s\' > /etc/hostname\" % master_name)
#设置hosts
master_host = masterip + \" \" + master_name
etc_hosts = os.system(\"echo \'%s\' >> /etc/hosts\" % master_host)
for hosts in nodeip_list:
name_num += 1
hosts_name += hosts + \" node0%s\" % (name_num - 1) + \"\\n\"
os.system(\"cat >> /etc/hosts <<EOF \\n%sEOF\\n\" % hosts_name)
print(\"*\"*20,\"进入环境初始化,请耐心等待....\")
for shell in self.initialization_shell():
time.sleep(1)
env_init = os.system(shell)
print(\"*\"*20,\"环境初始化完成,安装kubernetes...\")
#设置hosts
#集群初始化
registry = os.system(\"%s\" %dir3)
restart_docker = os.system(\"systemctl restart docker\")
dockerpull = os.system(\"sh /root/k8s.sh\")
docker_problem = os.system(\"%s\" %dir0)
restart_docker = os.system(\"systemctl restart docker\")
status_docker = os.system(\"systemctl status docker\")
kubeadm_init = os.system(\"kubeadm init\")
export_root = os.system(\"export KUBECONFIG=/etc/kubernetes/admin.conf\")
config = os.system(\"%s\" %dir1)
source = os.system(\"source /etc/profile\")
mkdir_kube = os.system(\"mkdir -p /root/.kube\")
kube_config = os.system(\"cp -i /etc/kubernetes/admin.conf /root/.kube/config\")
kubelet_enable = os.system(\"systemctl enable kubelet\")
kubelet_start = os.system(\"systemctl start kubelet\")
manage_yaml = os.system(\"sed -i \'s/.*- --port=0*/#&/\' /etc/kubernetes/manifests/kube-controller-manager.yaml\")
scheduler_yaml = os.system(\"sed -i \'s/.*- --port=0*/#&/\' /etc/kubernetes/manifests/kube-scheduler.yaml\")
#配置flannel网络
print(\"*\" * 20, \"正在安装网络组件flannel....\")
flannel_before = os.system(\"%s\" %dir2)
flannel_wget = os.system(\"wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml\")
yum_flannel = os.system(\"yum install -y flannel\")
flannel_apply = os.system(\"kubectl apply -f /root/kube-flannel.yml\")
print(\"*\" * 20, \"网络组件flannel安装完成....\")
token_creat = subprocess.getstatusoutput(\"kubeadm token create\")
token_code = subprocess.getstatusoutput(\"openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed \'s/^.* //\'\")
token_creat = token_creat[1].split(\'\\n\')[-1]
token_code = token_code[1]
# 安装从节点
for nodeip in nodeip_list:
os.system(\"scp -rp /etc/hosts %s:/etc/hosts\" % nodeip)
print(\"*\" * 20, \"进入Node节点操作,当前IP: %s\" % nodeip)
node_num += 1
node_name = \"node0%s\" % (node_num)
# 设置名字
os.system(\"ssh %s \\\"hostname %s\\\"\" % (nodeip,node_name))
os.system(\"ssh %s \\\"echo \'%s\' > /etc/hostname\\\"\" % (nodeip,node_name))
print(\"*\" * 20, \"进入环境初始化,请耐心等待....\")
for shell in self.initialization_shell():
time.sleep(1)
os.system(\"ssh %s \\\"%s\\\"\" %(nodeip,shell))
enable_node = os.system(\"ssh %s \\\"systemctl enable kubelet\\\"\" %nodeip)
start_node = os.system(\"ssh %s \\\"systemctl start kubelet\\\"\" %nodeip)
admin = os.system(\"scp /etc/kubernetes/admin.conf %s:/root\" %nodeip)
print(\"*\" * 20, \"正在加入集群....\")
print(\"token_creat : \",token_creat)
print(\"token_code : \",token_code)
docker_problem = os.system(\"scp -r /etc/docker/daemon.json %s:/etc/docker\" %nodeip)
restart_docker = os.system(\"ssh %s \\\"systemctl restart docker\\\"\" %nodeip)
status_docker = os.system(\"ssh %s \\\"systemctl status docker\\\"\" %nodeip)
kubeadm_join = os.system(\"ssh %s \\\"kubeadm join %s:6443 --token %s --discovery-token-ca-cert-hash sha256:%s\\\"\" % (nodeip,masterip, str(token_creat), str(token_code)))
cni = os.system(\"scp -r /etc/cni %s:/etc\" %nodeip)
print(\"*\" * 20, \"加入集群成功....\")
print(\"*\" * 20 ,\"执行以下命令,检查K8s集群\\n\")
print(\"*\" * 20,\"kubectl get nodes\")
print(\"*\" * 20, \"kubectl get cs\")
print(\"*\" * 20, \"kubectl get pod -n kube-system\")
else: #否则就是集群模式
print(\"进入集群模式安装\")
print(\"暂无\")
exit()
if __name__ == \'__main__\':
# #用户输入IP:
print(\"----------0、请先安装python3 并使用python3 执行此脚本------------\")
print(\"----------1、此脚本依赖网络,请连接好网络执行此脚本-----------\")
print(\"----------2、请将此脚本在主节点上执行,请在主节点上对其他所有节点做免密登录-----------\")
print(\"**********3、请确认主节点已对其他节点做好免密登录,再次确认后再执行此脚本**********\")
k8s_masterip = input(\"请输入K8S_Master IP, 多个IP以逗号分隔: \")
k8s_nodeip = input(\"请输入K8S_node IP,多个IP以逗号分隔: \")
ask_ent = input(\"********** 确认/取消 (Y/N) :\")
if ask_ent.upper() == \"Y\":
k8s_install = k8s_install(k8s_masterip,k8s_nodeip)
k8s_install.shell_command()
else:
exit()
三、配置ssh免密
[root@master ~]# ssh-keygen [root@master ~]# ssh-copy-id 192.168.139.132 [root@master ~]# ssh-copy-id 192.168.139.133
四、下载python3和git
root@master ~]# vim k8s_install.py
五、执行脚本
[root@master ~]# python3 k8s_install.py
六、成功
******************** 执行以下命令,检查K8s集群
******************** kubectl get nodes
******************** kubectl get cs
******************** kubectl get pod -n kube-system
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master01 Ready control-plane,master 7m2s v1.21.2
node01 Ready <none> 3m30s v1.21.2
node02 Ready <none> 25s v1.21.2
[root@master ~]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {\"health\":\"true\"}
[root@master ~]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-558bd4d5db-fkqcb 0/1 ContainerCreating 0 6m52s
coredns-558bd4d5db-tvb7j 0/1 ContainerCreating 0 6m52s
etcd-master01 1/1 Running 0 7m16s
kube-apiserver-master01 1/1 Running 0 7m16s
kube-controller-manager-master01 1/1 Running 0 7m12s
kube-flannel-ds-9hx9s 0/1 Init:0/1 0 43s
kube-flannel-ds-cl9r7 0/1 Init:0/1 0 3m49s
kube-flannel-ds-gn4m4 0/1 CrashLoopBackOff 5 6m52s
kube-proxy-cv5t8 0/1 ContainerCreating 0 43s
kube-proxy-kjqm7 0/1 ContainerCreating 0 3m49s
kube-proxy-plbgm 1/1 Running 0 6m52s
kube-scheduler-master01 1/1 Running 0 7m13s
七、总结
参考:https://github.com/hxz5215/K8Sv1.18_install
根据GitHub上的python脚本源码结合之前在Ubuntu上配置k8s的经验,对脚本进行了一些改变。
安装了更新版本的k8s,我这里安装的是之前学习过程中安装过的 v1.21.2添加了一个从dockerhub拉取k8s所需镜像的脚本将calico换成了flannel网络插件删除了dashboard,因为我这里没有这个需求针对 IsDockerSystemdCheck 问题加入了解决脚本对于 kubeadm get cs 的unhealthy问题和 kubectl get nodes的notready问题都加入了解决脚本加入了通过ssh将admin.conf和 /etc/cni文件拷贝到node节点的脚本
© 版权声明
THE END
暂无评论内容