master

分支 (1)

管理

管理

master

script-file
/
k8s_install.sh

#!/bin/bash
<<comment
注意！！！
    配置yum源、关闭SELINUX、防火墙，关闭swap，设置ssh免密
comment
clear all
master=192.168.99.10
node1=192.168.99.11
node2=192.168.99.12
node3=192.168.99.13
harbor=192.168.99.14
path_ha=/root/5/project3/harbor
path_ha_usr=/usr/local/harbor
path_ku_init=/root/5/kubernetes
#  配置本地DNS解析
cat >> /etc/hosts <<EOF
$master master
$node1 node1
$node2 node2
$node3 node3
$harbor harbor
EOF
for i in node{1..3}  harbor
do
scp /etc/hosts $harbor:/etc/hosts
done &> /dev/null
#  配置远仓harbor
echo "--------------------------正在设置远仓harbor-----------------------------"
scp -r $path_ha  $harbor: &> /dev/null
cat > ins_har.sh <<EOF
             echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf && sysctl -p
             yum -y install docker-ce && systemctl enable --now docker
             mv /root/harbor/docker-compose /usr/sbin/ && chmod +x /usr/sbin/docker-compose && tar -xf /root/harbor/harbor-offline-installer-v2.4.2.tgz  -C /usr/local/
             if cp ${path_ha_usr}/harbor.yml.tmpl ${path_ha_usr}/harbor.yml; then
             sed -ri '5s/(.*: ).*/\1harbor/' ${path_ha_usr}/harbor.yml
             sed -ri '13,18s/^/#/' ${path_ha_usr}/harbor.yml
             $path_ha_usr/install.sh > /dev/null
             fi
EOF
chmod +x ins_har.sh
ssh $harbor < ins_har.sh &> /dev/null
ssh $harbor "ss -antpu | grep 80" > port.txt
test=`cat port.txt | tail -1 | cut -d ":" -f 4 | cut -d " " -f 1`
if [ ! -z $test ];then
echo "harbor配置成功！！！"
else
echo "harbor配置失败！！！"
exit
fi
rm -rf port.txt
rm -rf ins_har.sh
# k8s集群安装
# 1 . 安装软件包
yum install -y kubeadm kubelet kubectl docker-ce &> /dev/null
mkdir -p /etc/docker
# 2 . 编写daemon文件
cat > /etc/docker/daemon.json <<EOF
{
    "exec-opts":["native.cgroupdriver=systemd"],
    "registry-mirrors":["http://harbor:80"],
    "insecure-registries":["harbor:80"]
}
EOF
systemctl enable --now docker kubelet &> /dev/null
mkdir init
scp -r $path_ku_init/v1.22.5.tar.xz init/ &> /dev/null
echo "正在导入镜像----"
docker load -i init/v1.22.5.tar.xz &> /dev/null && echo "正在上传镜像到仓库----"   # 导入k8s镜像
if docker login -u admin -p Harbor12345 harbor:80 &> /dev/null;then
docker images|while read i t _;do
    [[ "${t}" == "TAG" ]] && continue
    docker tag ${i}:${t} harbor:80/library/${i##*/}:${t}
    docker push harbor:80/library/${i##*/}:${t}
    docker rmi ${i}:${t} harbor:80/library/${i##*/}:${t}
done &> /dev/null
else
echo "上传镜像失败！！"
exit
fi
# 设置Tab键
source <(kubeadm completion bash|tee /etc/bash_completion.d/kubeadm)
source <(kubectl completion bash|tee /etc/bash_completion.d/kubectl)
yum install -y ipvsadm ipset &> /dev/null  #  安装代理软件
for i in overlay br_netfilter;  #  配置内核参数
do
modprobe ${i}
echo "${i}" >>/etc/modules-load.d/containerd.conf
done  &> /dev/null
cat >/etc/sysctl.d/99-kubernetes-cri.conf<<EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sysctl --system &> /dev/null
echo "---------------------------k8s master部署--------------------------------"
echo "集群初始化中----"
cp  -r $path_ku_init/config/kubeadm-init.yaml ./init/ &> /dev/null
sed -ri "13s/(.+advertiseAddress: ).+/\1$master/" init/kubeadm-init.yaml
sed -ri "31s/(imageRepository: ).+/\1harbor:80\/library/" init/kubeadm-init.yaml
#sed -ri "7s/(.+ttl: ).+/\10/" init/kubeadm-init.yaml
if kubeadm init --config=init/kubeadm-init.yaml --dry-run &> /dev/null;then
rm -rf /etc/kubernetes/tmp
kubeadm init --config=init/kubeadm-init.yaml |tee init/init.log
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf  $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
else
echo "初始化失败！！！" && exit
fi
kubectl cluster-info &> /dev/null || echo "没有获取到集群信息！！！"
echo "node 节点部署中----"
cp -a $path_ku_init/nodejoin  ./
token=`sed -n '6p' init/kubeadm-init.yaml | cut -d " " -f 4`
kubeadm token delete $token  # 删除默认token
kubeadm token create --ttl=0 --print-join-command &> /dev/null # 创建token
newtoken=`kubeadm token list | tail -1 | cut -d " " -f 1`
sha256=`openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt |openssl rsa -pubin -outform der |openssl dgst -sha256 -hex | tail -1 | cut -d " " -f 2`
sed -ri "3s/(.+master: \").+(:6443\")/\1$master\2/" nodejoin/nodeinit.yaml
sed -ri "4s/(.+token: \").+/\1$newtoken\"/" nodejoin/nodeinit.yaml
sed -ri "5s/(.+token_hash: \").+/\1sha256:$sha256\"/" nodejoin/nodeinit.yaml
sed -ri '27s/(.+registry.*:\[\").*(\"\],)/\1http:\/\/harbor:80\2/' nodejoin/nodeinit.yaml
sed -ri '28s/(.+insecure.*:\[\").*(\"\])/\1harbor:80\2/' nodejoin/nodeinit.yaml
sed -ri "65s/(.+)192.*/\1$harbor harbor/" nodejoin/nodeinit.yaml
sed -ri "66s/(.+)192.*/\1$master master/" nodejoin/nodeinit.yaml
yum -y install ansible &> /dev/null
cd nodejoin
cat > hostlist <<EOF
[nodes]
$node1
$node2
$node3
EOF
if ansible -m ping all &> /dev/null;then
ansible-playbook nodeinit.yaml &> /dev/null || echo "node节点部署失败！！请检查环境----"
else
echo "node节点部署失败！！,请检测主机间的连通性----"
exit
fi
echo "网络插件安装配置----"
cd -  #  返回上层目录
cp -r $path_ku_init/plugins  ./
cd plugins/flannel
echo "导入网络插件镜像中-----"
if docker load -i flannel.tar.xz &> /dev/null;then
echo "上传网络插件镜像到远仓-----"
docker images|while read i t _;do
    [[ "${t}" == "TAG" ]] && continue
    [[ "${i}" =~ ^"harbor:80/".+ ]] && continue
    docker tag ${i}:${t} harbor:80/library/${i##*/}:${t}
    docker push harbor:80/library/${i##*/}:${t}
    docker rmi ${i}:${t} harbor:80/library/${i##*/}:${t}
done
else
echo "网络插件镜像上传失败！！"
exit
fi
echo "正在安装网络插件----"
sed -ri 's,^(\s+image: ).+/(.+),\1harbor:80/library/\2,' kube-flannel.yml
if kubectl apply -f kube-flannel.yml &> /dev/null;then
echo "k8s配置完成！！！"
fi