目录
1.环境规划
本脚本使用一主多从的场景,脚本创建在manager节点,是对k8s集群的远程操作
节点 | IP地址 | 操作系统 | 配置 |
---|---|---|---|
manager | 192.168.178.52 | centos7.9 | 1G1核 |
master | 192.168.178.102 | centos7.9 | 2G2核 |
node1 | 192.168.178.152 | centos7.9 | 2G2核 |
node2 | 192.168.178.202 | centos7.9 | 2G2核 |
2.my_ssh.sh脚本:
工作:完成域名的添加,公钥的创建,公钥的复制
脚本中的ssh_hosts和ssh_networkname数组的第一个元素是主服务器的IP地址或域名
1.修改/etc/hosts文件部分:
address_hosts(){
hosts_num=0
for name in ${ssh_networkname[*]};do
hosts_num=$(($hosts_num+`grep -c ''"${name}"'$' /etc/hosts`))
done
# 判断hosts文件中的域名行是否为ssh_hosts的长度
if [ ${hosts_num} -eq ${#ssh_networkname[*]} ];then
echo "/etc/hosts已经配置!"
return
fi
echo "本地开始修改地址映射"
cat << eof > /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
eof
for ((i=0;i<${#ssh_hosts[*]};i++));do
sed -i '$a\'"${ssh_hosts[$i]}"' '"${ssh_networkname[$i]}"'' /etc/hosts
done
}
address_hosts
2.生成本地ssh公钥部分:
create_ssh_pub(){
echo "生成本地ssh公钥"
/usr/bin/expect << eof
# 设置捕获字符串后,期待回复的超时时间
set timeout 30
spawn ssh-keygen -t rsa -b 1024
## 开始进连续捕获
expect {
".ssh/id_rsa)" { send "\n"; exp_continue }
"Overwrite (y/n)?" { send "y\n"; exp_continue }
"no passphrase):" { send "\n"; exp_continue }
"passphrase again:" { send "\n"; exp_continue }
}
eof
}
if [ ! -f /root/.ssh/id_rsa.pub ];then
create_ssh_pub
fi
3.复制ssh公钥部分:
copy_ssh(){
echo "复制公钥到对应的主机上"
/usr/bin/expect << eof
# 设置捕获字符串后,期待回复的超时时间
set timeout 30
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $1@$2
## 开始进连续捕获
expect {
"connecting (yes/no)?" { send "yes\n"; exp_continue }
"s password:" { send "${ssh_passwd}\n"; exp_continue }
}
eof
}
for ((j=0;j<${#ssh_networkname[*]};j++));do
timeout 5 ssh root@${ssh_networkname[$j]} "echo ${ssh_networkname[$j]}: 'This is success!'"
if [ $? -ne 0 ];then
echo "复制文件到: ${ssh_networkname[$j]}"
copy_ssh root ${ssh_networkname[$j]} > /dev/null
fi
done
4.复制本地的hosts文件部分:
scp /etc/hosts root@${ssh_networkname[$j]}:/etc
5.完整脚本:
#! /bin/bash
# 控制主机和被控主机的IP数组,第一个元素是控制主机的IP地址
ssh_hosts=(192.168.178.101 192.168.178.151 192.168.178.201)
# 控制主机和被控主机的IP数组,第一个元素是控制主机的域名地址
ssh_networkname=(master node1 node2)
ssh_passwd=110119
# 定义修改/etc/hosts文件的方法
address_hosts(){
hosts_num=0
for name in ${ssh_networkname[*]};do
hosts_num=$(($hosts_num+`grep -c ''"${name}"'$' /etc/hosts`))
done
# 判断hosts文件中的域名行是否为ssh_hosts的长度
if [ ${hosts_num} -eq ${#ssh_networkname[*]} ];then
echo "/etc/hosts已经配置!"
return
fi
echo "本地开始修改地址映射"
cat << eof > /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
eof
for ((i=0;i<${#ssh_hosts[*]};i++));do
sed -i '$a\'"${ssh_hosts[$i]}"' '"${ssh_networkname[$i]}"'' /etc/hosts
done
}
address_hosts
expect -v &> /dev/null
if [ `echo $?` -ne 0 ];then
echo "没有expect,安装expect命令"
yum install -y expect
fi
create_ssh_pub(){
echo "生成本地ssh公钥"
/usr/bin/expect << eof
# 设置捕获字符串后,期待回复的超时时间
set timeout 30
spawn ssh-keygen -t rsa -b 1024
## 开始进连续捕获
expect {
".ssh/id_rsa)" { send "\n"; exp_continue }
"Overwrite (y/n)?" { send "y\n"; exp_continue }
"no passphrase):" { send "\n"; exp_continue }
"passphrase again:" { send "\n"; exp_continue }
}
eof
}
if [ ! -f /root/.ssh/id_rsa.pub ];then
create_ssh_pub
fi
# 定义复制ssh公钥方法
copy_ssh(){
echo "复制公钥到对应的主机上"
/usr/bin/expect << eof
# 设置捕获字符串后,期待回复的超时时间
set timeout 30
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $1@$2
## 开始进连续捕获
expect {
"connecting (yes/no)?" { send "yes\n"; exp_continue }
"s password:" { send "${ssh_passwd}\n"; exp_continue }
}
eof
}
for ((j=0;j<${#ssh_networkname[*]};j++));do
timeout 5 ssh root@${ssh_networkname[$j]} "echo ${ssh_networkname[$j]}: 'This is success!'"
if [ $? -ne 0 ];then
echo "复制文件到: ${ssh_networkname[$j]}"
copy_ssh root ${ssh_networkname[$j]} > /dev/null
fi
scp /etc/hosts root@${ssh_networkname[$j]}:/etc
done
3.my_env.sh脚本:
工作:完成k8s环境的初始化配置,最终重启主机
1.尝试连接主机部分:
# 尝试连接主机
for name in ${ssh_networkname[*]};do
echo "${name} 尝试连接中"
if [ "`ssh root@${name} 'pwd'`" != "/root" ];then
echo "${name}连接失败"
exit
fi
done
2.升级内核部分
# 升级内核
for name in ${ssh_networkname[*]};do
echo "${name} 升级内核"
ssh root@${name} "yum install -y wget &> /dev/null"
ssh root@${name} "cd /etc/yum.repos.d && rm -rf *"
ssh root@${name} "wget -O ~/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo &> /dev/null"
ssh root@${name} "yum clean all &> /dev/null && yum makecache &> /dev/null"
ssh root@${name} "yum upgrade -y &> /dev/null"
done
3.关闭防火墙,禁止使用selinux部分:
# 关闭防火墙,禁止使用selinux
for name in ${ssh_networkname[*]};do
echo "${name} 禁止防火墙,禁止使用selinux"
ssh root@${name} "sed -i 's/SELINUX=.*/SELINUX=disabled/' /etc/selinux/config"
ssh root@${name} "systemctl stop firewalld && systemctl disable firewalld &> /dev/null"
ssh root@${name} "systemctl stop iptables &> /dev/null && systemctl disable iptables &> /dev/null"
done
4.配置chrony服务器部分:
# 节点开始配置chrony
for name in ${ssh_networkname[*]};do
echo "开始配置 ${name}"
ssh root@${name} "systemctl restart chronyd"
if [ $? -ne 0 ];then
echo "${name} 安装chrony"
ssh root@${name} "yum install -y chrony &> /dev/null && systemctl restart chronyd"
if [ $? -ne 0 ];then
echo "安装失败,请排错!"
fi
fi
if [ ${name} == ${ssh_networkname[0]} ];then
echo "${name}配置chrony"
ssh root@${name} "sed -i '/^server/d' /etc/chrony.conf"
ssh root@${name} "sed -i '2a\server ntp.aliyun.com iburst\' /etc/chrony.conf"
ssh root@${name} "sed -i 's/#allow 192.168.0.0\/16/allow '"${allows_hosts}"'\/'"${allows_mask}"'/' /etc/chrony.conf"
ssh root@${name} "sed -i 's/#local stratum 10/local stratum 10/' /etc/chrony.conf"
sleep 2
ssh root@${name} "systemctl restart chronyd && systemctl enable chronyd &> /dev/null"
sleep 5
ssh root@${name} "timedatectl set-ntp true && chronyc sources -v | sed -n '/^\^\*/p'"
else
echo "${name}配置chrony"
ssh root@${name} "sed -i '/^server/d' /etc/chrony.conf;sed -i '2a\server '"${ssh_networkname[0]}"' iburst\' /etc/chrony.conf"
ssh root@${name} "systemctl restart chronyd && systemctl enable chronyd &> /dev/null"
sleep 5
ssh root@${name} "timedatectl set-ntp true && chronyc sources -v | sed -n '/^\^\*/p'"
fi
done
5.禁用swap分区等部分:
echo "开始禁用swap分区,修改linux的内核参数"
for name in ${ssh_networkname[*]};do
# 开始禁用swap分区
ssh root@${name} "sed -i 's/\/dev\/mapper\/centos-swap/#\/dev\/mapper\/centos-swap/' /etc/fstab"
# 修改linux的内核参数
ssh root@${name} "cat <<eof > /etc/sysctl.d/kubernetes.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
eof"
ssh root@${name} "sysctl -p && modprobe br_netfilter"
done
echo "开始配置ipvs功能"
for name in ${ssh_networkname[*]};do
#配置ipvs功能
ssh root@${name} "yum install -y ipset ipvsadm &> /dev/null"
ssh root@${name} "cat <<eof > /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
eof"
ssh root@${name} "chmod +x /etc/sysconfig/modules/ipvs.modules && /bin/bash /etc/sysconfig/modules/ipvs.modules"
echo "${name} 重启主机"
ssh root@${name} "reboot"
done
6.完整脚本:
#! /bin/bash
allows_hosts=192.168.178.0
allows_mask=24
ssh_manager=192.168.178.52
ssh_networkname=(master node1 node2)
# 尝试连接主机
for name in ${ssh_networkname[*]};do
echo "${name} 尝试连接中"
if [ "`ssh root@${name} 'pwd'`" != "/root" ];then
echo "${name}连接失败"
exit
fi
done
# 升级内核
for name in ${ssh_networkname[*]};do
echo "${name} 升级内核"
ssh root@${name} "yum install -y wget &> /dev/null"
ssh root@${name} "cd /etc/yum.repos.d && rm -rf *"
ssh root@${name} "wget -O ~/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo &> /dev/null"
ssh root@${name} "yum clean all &> /dev/null && yum makecache &> /dev/null"
ssh root@${name} "yum upgrade -y &> /dev/null"
done
# 关闭防火墙,禁止使用selinux
for name in ${ssh_networkname[*]};do
echo "${name} 禁止防火墙,禁止使用selinux"
ssh root@${name} "sed -i 's/SELINUX=.*/SELINUX=disabled/' /etc/selinux/config"
ssh root@${name} "systemctl stop firewalld && systemctl disable firewalld &> /dev/null"
ssh root@${name} "systemctl stop iptables &> /dev/null && systemctl disable iptables &> /dev/null"
done
# 节点开始配置chrony
for name in ${ssh_networkname[*]};do
echo "开始配置 ${name}"
ssh root@${name} "systemctl restart chronyd"
if [ $? -ne 0 ];then
echo "${name} 安装chrony"
ssh root@${name} "yum install -y chrony &> /dev/null && systemctl restart chronyd"
if [ $? -ne 0 ];then
echo "安装失败,请排错!"
fi
fi
if [ ${name} == ${ssh_networkname[0]} ];then
echo "${name}配置chrony"
ssh root@${name} "sed -i '/^server/d' /etc/chrony.conf"
ssh root@${name} "sed -i '2a\server ntp.aliyun.com iburst\' /etc/chrony.conf"
ssh root@${name} "sed -i 's/#allow 192.168.0.0\/16/allow '"${allows_hosts}"'\/'"${allows_mask}"'/' /etc/chrony.conf"
ssh root@${name} "sed -i 's/#local stratum 10/local stratum 10/' /etc/chrony.conf"
sleep 2
ssh root@${name} "systemctl restart chronyd && systemctl enable chronyd &> /dev/null"
sleep 5
ssh root@${name} "timedatectl set-ntp true && chronyc sources -v | sed -n '/^\^\*/p'"
else
echo "${name}配置chrony"
ssh root@${name} "sed -i '/^server/d' /etc/chrony.conf;sed -i '2a\server '"${ssh_networkname[0]}"' iburst\' /etc/chrony.conf"
ssh root@${name} "systemctl restart chronyd && systemctl enable chronyd &> /dev/null"
sleep 5
ssh root@${name} "timedatectl set-ntp true && chronyc sources -v | sed -n '/^\^\*/p'"
fi
done
# 禁用swap分区,修改linux的内核参数,配置ipvs功能,重启linux服务
echo "开始禁用swap分区,修改linux的内核参数"
for name in ${ssh_networkname[*]};do
# 开始禁用swap分区
ssh root@${name} "sed -i 's/\/dev\/mapper\/centos-swap/#\/dev\/mapper\/centos-swap/' /etc/fstab"
# 修改linux的内核参数
ssh root@${name} "cat <<eof > /etc/sysctl.d/kubernetes.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
eof"
ssh root@${name} "sysctl -p && modprobe br_netfilter"
done
echo "开始配置ipvs功能"
for name in ${ssh_networkname[*]};do
#配置ipvs功能
ssh root@${name} "yum install -y ipset ipvsadm &> /dev/null"
ssh root@${name} "cat <<eof > /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
eof"
ssh root@${name} "chmod +x /etc/sysconfig/modules/ipvs.modules && /bin/bash /etc/sysconfig/modules/ipvs.modules"
echo "${name} 重启主机"
ssh root@${name} "reboot"
done
4.my_k8,.sh脚本:
工作:完成对应Docker的安装,kubeadm等工具的下载,集群镜像的下载,master节点的集群初始化,节点加入集群的操作,网络插件的安装
1.尝试连接主机部分:
for name in ${ssh_networkname[*]};do
echo "${name} 尝试连接中"
if [ "`ssh root@${name} 'pwd'`" != "/root" ];then
echo "${name}连接失败"
exit
fi
done
2.安装docker部分:
for name in ${ssh_networkname[*]};do
if [ ! -n `ssh root@master 'docker -v' | grep -o ''"${docker_version}"''` ];then
echo "${name} 卸载之前的docker"
ssh root@${name} "yum remove -y docker* &> /dev/null"
echo "${name} 安装docker"
ssh root@${name} "wget -O /etc/yum.repos.d/docker-ce.repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo &> /dev/null"
ssh root@${name} "yum install -y --setopt=obsoletes=0 docker-ce-${docker_version} &> /dev/null && docker -v"
ssh root@${name} "mkdir /etc/docker &> /dev/null"
ssh root@${name} 'cat <<eof > /etc/docker/daemon.json
{
"storage-driver": "devicemapper",
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://ja9e22yz.mirror.aliyuncs.com"]
}
eof'
ssh root@${name} "mkdir /etc/docker &> /dev/null"
ssh root@${name} "cat <<eof > /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
eof"
ssh root@${name} "systemctl restart docker;systemctl enable docker &> /dev/null"
fi
done
3.安装k8s组件部分:
for name in ${ssh_networkname[*]};do
ssh root@${name} "systemctl restart kubelet &> /dev/null"
if [ $? -ne 0 ];then
echo "${name} 安装k8s组件"
ssh root@${name} "cat <<eof > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
eof"
ssh root@${name} "yum install --setopt=obsoletes=0 kubeadm-${kubelet_vesion} kubelet-${kubelet_vesion} kubectl-${kubelet_vesion} -y &> /dev/null"
ssh root@${name} "cat <<eof > /etc/sysconfig/kubelet
KUBELET_CGROUP_ARGS="--cgroup-driver=systemd"
KUBE_PROXY_MODE="ipvs"
eof"
ssh root@${name} "systemctl enable kubelet &> /dev/null"
fi
done
4.准备集群镜像部分:
for name in ${ssh_networkname[*]};do
echo "$name准备集群镜像"
for imageName in ${images[*]};do
ssh root@${name} "docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName &> /dev/null"
ssh root@${name} "docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName &> /dev/null"
ssh root@${name} "docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName &> /dev/null"
done
done
5.集群初始化部分:
for ((i=0;i<${#ssh_networkname[*]};i++));do
echo "${ssh_networkname[$i]} 集群初始化"
if [ ${ssh_networkname[$i]} == ${ssh_networkname[0]} ];then
ssh root@${ssh_networkname[$i]} "kubeadm init \
--kubernetes-version=v${kubernetes_version} \
--pod-network-cidr=10.244.0.0/16 \
--service-cidr=10.96.0.0/12 \
--apiserver-advertise-address=${ssh_hosts[$i]}" &> /dev/null
token_arry=(`ssh root@${ssh_networkname[$i]} "kubeadm token create --ttl 0 --print-join-command"`)
k8s_token=`echo ${token_arry[*]} | awk '{print $(NF-2)}'`
k8s_hash=`echo ${token_arry[*]} | awk '{print $NF}'`
if [ ! -n "${k8s_hash}" ];then
echo "集群初始化有误,请注意内存和处理器核数!"
exit
fi
is_join=`ssh root@${ssh_networkname[0]} 'kubectl get nodes' | awk '{print $1}' | grep -o ''"${ssh_networkname[$i]}"''`
if [ ! -n "${is_join}" ];then
echo "${ssh_networkname[$i]} 将加入到集群中"
ssh root@${ssh_networkname[$i]} "kubeadm join ${ssh_hosts[0]}:6443 --token ${k8s_token} --discovery-token-ca-cert-hash ${token_hash}" &> /dev/null
ssh root@${ssh_networkname[$i]} "mkdir -p $HOME/.kube"
/usr/bin/expect << eof
spawn ssh root@${ssh_networkname[$i]} "cp -i /etc/kubernetes/admin.conf $HOME/.kube/config"
expect {
".kube/config’?" { send "y\n"; exp_continue }
}
eof
ssh root@${ssh_networkname[$i]} "chown $(id -u):$(id -g) $HOME/.kube/config"
fi
else
if [ ! -n "${k8s_hash}" ];then
echo "集群初始化有误,请注意内存和处理器核数!"
exit
fi
is_join=`ssh root@${ssh_networkname[0]} 'kubectl get nodes' | awk '{print $1}' | grep -o ''"${ssh_networkname[$i]}"''`
if [ ! -n "${is_join}" ];then
echo "${ssh_networkname[$i]} 将加入到集群中"
ssh root@${ssh_networkname[$i]} "kubeadm join ${ssh_hosts[0]}:6443 --token ${k8s_token} --discovery-token-ca-cert-hash ${k8s_hash} &> /dev/null"
fi
fi
done
6.安装网络插件:
ssh root@${ssh_networkname[0]} "wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml &> /dev/null"
sleep 2
is_flannel=`ssh root@${ssh_networkname[0]} "find ./ -type f -name 'kube-flannel.yml'"`
if [ ! -n "${is_flannel}" ];then
echo "下载失败"
exit
fi
ssh root@${ssh_networkname[0]} "kubectl apply -f kube-flannel.yml &> /dev/null"
7.完整脚本:
#! /bin/bash
ssh_manager=192.168.178.52
ssh_hosts=(192.168.178.101 192.168.178.151 192.168.178.201)
ssh_networkname=(master node1 node2)
kubernetes_version=1.17.4
kubelet_vesion=${kubernetes_version}-0
docker_version=18.06.3.ce
dockerce_version=${docker_version}-3.el7
images=(kube-apiserver:v1.17.4 kube-controller-manager:v1.17.4 kube-scheduler:v1.17.4 kube-proxy:v1.17.4 pause:3.1 etcd:3.4.3-0 coredns:1.6.5)
# 尝试连接主机
for name in ${ssh_networkname[*]};do
echo "${name} 尝试连接中"
if [ "`ssh root@${name} 'pwd'`" != "/root" ];then
echo "${name}连接失败"
exit
fi
done
# 安装docker
for name in ${ssh_networkname[*]};do
if [ ! -n `ssh root@master 'docker -v' | grep -o ''"${docker_version}"''` ];then
echo "${name} 卸载之前的docker"
ssh root@${name} "yum remove -y docker* &> /dev/null"
echo "${name} 安装docker"
ssh root@${name} "wget -O /etc/yum.repos.d/docker-ce.repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo &> /dev/null"
ssh root@${name} "yum install -y --setopt=obsoletes=0 docker-ce-${docker_version} &> /dev/null && docker -v"
ssh root@${name} "mkdir /etc/docker &> /dev/null"
ssh root@${name} 'cat <<eof > /etc/docker/daemon.json
{
"storage-driver": "devicemapper",
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://ja9e22yz.mirror.aliyuncs.com"]
}
eof'
ssh root@${name} "mkdir /etc/docker &> /dev/null"
ssh root@${name} "cat <<eof > /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
eof"
ssh root@${name} "systemctl restart docker;systemctl enable docker &> /dev/null"
fi
done
# 安装k8s组件
for name in ${ssh_networkname[*]};do
ssh root@${name} "systemctl restart kubelet &> /dev/null"
if [ $? -ne 0 ];then
echo "${name} 安装k8s组件"
ssh root@${name} "cat <<eof > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
eof"
ssh root@${name} "yum install --setopt=obsoletes=0 kubeadm-${kubelet_vesion} kubelet-${kubelet_vesion} kubectl-${kubelet_vesion} -y &> /dev/null"
ssh root@${name} "cat <<eof > /etc/sysconfig/kubelet
KUBELET_CGROUP_ARGS="--cgroup-driver=systemd"
KUBE_PROXY_MODE="ipvs"
eof"
ssh root@${name} "systemctl enable kubelet &> /dev/null"
fi
done
# 判断集群是否已经完整配置
Ready_num=`ssh root@${ssh_networkname[0]} 'kubectl get nodes' | awk '{print $2}' | grep -o 'Ready' | wc -l`
if [ ${Ready_num} -eq ${#ssh_networkname[*]} ];then
echo "....集群已配置完毕!"
exit
fi
# 准备集群镜像
for name in ${ssh_networkname[*]};do
echo "$name准备集群镜像"
for imageName in ${images[*]};do
ssh root@${name} "docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName &> /dev/null"
ssh root@${name} "docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName &> /dev/null"
ssh root@${name} "docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName &> /dev/null"
done
done
# 集群初始化
for ((i=0;i<${#ssh_networkname[*]};i++));do
echo "${ssh_networkname[$i]} 集群初始化"
if [ ${ssh_networkname[$i]} == ${ssh_networkname[0]} ];then
ssh root@${ssh_networkname[$i]} "kubeadm init \
--kubernetes-version=v${kubernetes_version} \
--pod-network-cidr=10.244.0.0/16 \
--service-cidr=10.96.0.0/12 \
--apiserver-advertise-address=${ssh_hosts[$i]}" &> /dev/null
token_arry=(`ssh root@${ssh_networkname[$i]} "kubeadm token create --ttl 0 --print-join-command"`)
k8s_token=`echo ${token_arry[*]} | awk '{print $(NF-2)}'`
k8s_hash=`echo ${token_arry[*]} | awk '{print $NF}'`
if [ ! -n "${k8s_hash}" ];then
echo "集群初始化有误,请注意内存和处理器核数!"
exit
fi
is_join=`ssh root@${ssh_networkname[0]} 'kubectl get nodes' | awk '{print $1}' | grep -o ''"${ssh_networkname[$i]}"''`
if [ ! -n "${is_join}" ];then
echo "${ssh_networkname[$i]} 将加入到集群中"
ssh root@${ssh_networkname[$i]} "kubeadm join ${ssh_hosts[0]}:6443 --token ${k8s_token} --discovery-token-ca-cert-hash ${token_hash}" &> /dev/null
ssh root@${ssh_networkname[$i]} "mkdir -p $HOME/.kube"
/usr/bin/expect << eof
spawn ssh root@${ssh_networkname[$i]} "cp -i /etc/kubernetes/admin.conf $HOME/.kube/config"
expect {
".kube/config’?" { send "y\n"; exp_continue }
}
eof
ssh root@${ssh_networkname[$i]} "chown $(id -u):$(id -g) $HOME/.kube/config"
fi
else
if [ ! -n "${k8s_hash}" ];then
echo "集群初始化有误,请注意内存和处理器核数!"
exit
fi
is_join=`ssh root@${ssh_networkname[0]} 'kubectl get nodes' | awk '{print $1}' | grep -o ''"${ssh_networkname[$i]}"''`
if [ ! -n "${is_join}" ];then
echo "${ssh_networkname[$i]} 将加入到集群中"
ssh root@${ssh_networkname[$i]} "kubeadm join ${ssh_hosts[0]}:6443 --token ${k8s_token} --discovery-token-ca-cert-hash ${k8s_hash} &> /dev/null"
fi
fi
done
sleep 2
ssh root@${ssh_networkname[0]} "kubectl get nodes"
# 安装网络插件
ssh root@${ssh_networkname[0]} "wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml &> /dev/null"
sleep 2
is_flannel=`ssh root@${ssh_networkname[0]} "find ./ -type f -name 'kube-flannel.yml'"`
if [ ! -n "${is_flannel}" ];then
echo "下载失败"
exit
fi
ssh root@${ssh_networkname[0]} "kubectl apply -f kube-flannel.yml &> /dev/null"
文章评论