代码拉取完成,页面将自动刷新
同步操作将从 李晓辉/Kubernetes 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
#!/bin/bash
echo "######################################################################################################
# Author:Xiaohui Li
# Contact me via WeChat: Lxh_Chat
# Contact me via QQ: 939958092
# Version: 2022-03-01
#
# please make sure you have three node and have been done as below:
#
# 1. complete /etc/hosts file
#
# 192.168.30.130 cka-master
# 192.168.30.131 cka-worker1
# 192.168.30.132 cka-worker2
#
# 2. root password has been set to 1 on all of node
#
# tips:
# sudo echo root:1 | chpasswd
#
# 3. enable root ssh login on /etc/ssh/sshd_config
#
# tips:
# sudo sed -i 's/^#PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
# sudo systemctl restart sshd
#
# 4. this tools will only install kubernetes v1.25.4 for CKA Exam upgrade, if you want other version, please modify kubeadm kubelet kubectl version in script
#
######################################################################################################"
echo
echo
echo -n Have you done the above? yes or no:
read input
case $input in
yes)
echo
echo now starting deploy
;;
no)
echo please correct it && exit 1
;;
*)
echo please input yes or no
exit 1
;;
esac
# if [ $input = "yes" ];then
# sleep 1;
#else
# echo you enter a word without yes && exit 1;
#fi
cat > /etc/apt/sources.list <<EOF
deb https://mirror.nju.edu.cn/ubuntu focal main restricted
deb https://mirror.nju.edu.cn/ubuntu focal-updates main restricted
deb https://mirror.nju.edu.cn/ubuntu focal universe
deb https://mirror.nju.edu.cn/ubuntu focal-updates universe
deb https://mirror.nju.edu.cn/ubuntu focal multiverse
deb https://mirror.nju.edu.cn/ubuntu focal-updates multiverse
deb https://mirror.nju.edu.cn/ubuntu focal-backports main restricted universe multiverse
deb https://mirror.nju.edu.cn/ubuntu focal-security main restricted
deb https://mirror.nju.edu.cn/ubuntu focal-security universe
deb https://mirror.nju.edu.cn/ubuntu focal-security multiverse
EOF
apt update && apt install sshpass wget bash-completion ansible -y
sed -i 's/^#host_key_checking = False/host_key_checking = False/' /etc/ansible/ansible.cfg
ls /root/.ssh/*.pub
case $? in
0)
sleep 1
;;
*)
ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ''
;;
esac
sshpass -p 1 ssh-copy-id -o StrictHostKeyChecking=no root@cka-master
sshpass -p 1 ssh-copy-id -o StrictHostKeyChecking=no root@cka-worker1
sshpass -p 1 ssh-copy-id -o StrictHostKeyChecking=no root@cka-worker2
cat > /etc/ansible/hosts <<EOF
[master]
cka-master ansible_user=root ansible_password=1
[worker]
cka-worker1 ansible_user=root ansible_password=1
cka-worker2 ansible_user=root ansible_password=1
EOF
cat > create-k8s.yaml <<'EOF'
---
- name: Configure Kubernetes
hosts: all
remote_user: root
tasks:
- name: Modify Ubuntu Repository to Nanjing Edu
shell: |
cp /etc/apt/sources.list /etc/apt/sources.list.bak
sed -i 's/^deb.*archive.ubuntu.com/deb https:\/\/mirrors.nju.edu.cn/' /etc/apt/sources.list
- name: Deploy Nanjing Edu Docker Repository
shell: |
apt-get update
apt-get -y install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://mirror.nju.edu.cn/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=amd64] https://mirror.nju.edu.cn/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
apt-get -y update
- name: clean apt lock
shell: |
sudo rm /var/lib/apt/lists/lock
sudo rm /var/cache/apt/archives/lock
sudo rm /var/lib/dpkg/lock*
sudo dpkg --configure -a
sudo apt update
- name: Deploy chrony for make sure time on all node is same
apt:
pkg:
- chrony
- name: restart chronyd service for timesync
systemd:
state: restarted
daemon_reload: yes
name: chronyd
enabled: yes
- name: Deploy Docker on all node
apt:
pkg:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-compose-plugin
- name: ADD 163 docker mirror
shell: |
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["http://hub-mirror.c.163.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
- name: starting docker service
systemd:
state: restarted
daemon_reload: yes
name: docker
enabled: yes
- block:
- name: clean apt lock
shell: |
sudo rm /var/lib/apt/lists/lock
sudo rm /var/cache/apt/archives/lock
sudo rm /var/lib/dpkg/lock*
sudo dpkg --configure -a
sudo apt update
- name: Deploy CRI-Docker
apt:
deb: https://ghproxy.com/https://github.com/Mirantis/cri-dockerd/releases/download/v0.2.6/cri-dockerd_0.2.6.3-0.ubuntu-focal_amd64.deb
rescue:
- name: clean apt lock
shell: |
sudo rm /var/lib/apt/lists/lock
sudo rm /var/cache/apt/archives/lock
sudo rm /var/lib/dpkg/lock*
sudo dpkg --configure -a
sudo apt update
- name: Deploy CRI-Docker
apt:
deb: https://ghproxy.com/https://github.com/Mirantis/cri-dockerd/releases/download/v0.2.6/cri-dockerd_0.2.6.3-0.ubuntu-focal_amd64.deb
- name: modify sandbox image to aliyun
shell: |
sed -i 's/ExecStart=.*/ExecStart=\/usr\/bin\/cri-dockerd --container-runtime-endpoint fd:\/\/ --network-plugin=cni --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com\/google_containers\/pause:3.8/' /lib/systemd/system/cri-docker.service
- name: starting cri-docker service
systemd:
state: restarted
daemon_reload: yes
name: cri-docker
enabled: yes
- name: disable swap on /etc/fstab
lineinfile:
path: /etc/fstab
regexp: '.*swap.*'
state: absent
- name: disable swap runtime
shell: swapoff -a
- name: configure iptables module
lineinfile:
path: /etc/modules-load.d/k8s.conf
line: br_netfilter
state: present
create: true
- name: configure iptables bridge
lineinfile:
path: /etc/sysctl.d/k8s.conf
line: |
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
create: true
- name: apply sysctl
shell: |
modprobe br_netfilter
sysctl --system
- name: add Nanjing Edu kubernetes repo on ubuntu
shell: |
cat > /etc/apt/sources.list.d/k8s.list <<EOF
deb https://mirror.nju.edu.cn/kubernetes/apt/ kubernetes-xenial main
EOF
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
apt update
when: ansible_facts.distribution == 'Ubuntu'
#- name: add kubernetes repo
# apt_repository:
# repo: deb https://mirrors.tuna.tsinghua.edu.cn/kubernetes/apt/ kubernetes-xenial main
# validate_certs: false
# state: present
# filename: k8s
# update_cache: true
# - name: add kubernetes repo on RHEL
# shell: |
# cat > /etc/yum.repos.d/kubernetes.repo <<EOF
# [kubernetes]
# name=Kubernetes
# baseurl=https://mirrors.tuna.tsinghua.edu.cn/kubernetes/yum/repos/kubernetes-el7-x86_64/
# enabled=1
# gpgcheck=0
# EOF
# when: ansible_facts.distribution == 'RedHat' or ansible_facts.distribution == 'CentOS'
- name: install kubeadm kubectl kubelet
package:
name:
- kubeadm=1.25.4-00
- kubelet=1.25.4-00
- kubectl=1.25.4-00
- sshpass
state: present
- name: clean apt lock
shell: |
sudo rm /var/lib/apt/lists/lock
sudo rm /var/cache/apt/archives/lock
sudo rm /var/lib/dpkg/lock*
sudo dpkg --configure -a
sudo apt update
- name: integrate with docker
shell: crictl config runtime-endpoint unix:///run/cri-dockerd.sock
- name: creating kubeadm.yaml
shell: kubeadm config print init-defaults > kubeadm.yaml
when: "'master' in group_names"
- name: modify api server address
lineinfile:
path: kubeadm.yaml
regexp: '.*advert.*'
line: ' advertiseAddress: 192.168.30.130'
state: present
when: "'master' in group_names"
- name: modify cluster name
lineinfile:
path: kubeadm.yaml
regexp: '.*name.*'
line: ' name: cka-master'
state: present
when: "'master' in group_names"
- name: modify image repository
lineinfile:
path: kubeadm.yaml
regexp: 'imageRepo.*'
line: 'imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers'
state: present
when: "'master' in group_names"
- name: modify crisock to cri-docker
lineinfile:
path: kubeadm.yaml
regexp: ' criSocket.*'
line: ' criSocket: unix:///run/cri-dockerd.sock'
state: present
when: "'master' in group_names"
- name: Deploy kubernetes on Master node
shell: kubeadm init --config kubeadm.yaml | tee /root/installdetails.log
when: "'master' in group_names"
- name: pause 30s after cluster init
shell: sleep 30s
when: "'master' in group_names"
- name: set up admin role
shell: |
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
sshpass -p 1 ssh -A -g -o StrictHostKeyChecking=no root@cka-worker1 mkdir /root/.kube
sshpass -p 1 ssh -A -g -o StrictHostKeyChecking=no root@cka-worker2 mkdir /root/.kube
scp /etc/kubernetes/admin.conf root@cka-worker1:/root/.kube/config
scp /etc/kubernetes/admin.conf root@cka-worker2:/root/.kube/config
sleep 30s
when: "'master' in group_names"
- name: Deploy Calico
shell: |
kubectl create -f https://gitee.com/cnlxh/Kubernetes/raw/master/cka-yaml/calico.yaml
sleep 30s
when: "'master' in group_names"
- name: join workers
shell: |
sleep 30
join=`sshpass -p 1 ssh -A -g -o StrictHostKeyChecking=no root@cka-master kubeadm token create --print-join-command`
echo $join --cri-socket=unix:///var/run/cri-dockerd.sock | bash
when: "'worker' in group_names"
- name: assign worker role label to workers
shell: |
sleep 30
kubectl label nodes cka-worker2 cka-worker1 node-role.kubernetes.io/worker=
when: "'master' in group_names"
- name: add TAB completion for kubernetes
shell: |
kubectl completion bash > /etc/bash_completion.d/kubectl
kubeadm completion bash > /etc/bash_completion.d/kubeadm
source /etc/bash_completion.d/kubectl
source /etc/bash_completion.d/kubeadm
rm -rf /root/installdetails.log
when: "'master' in group_names"
EOF
ansible-playbook create-k8s.yaml
rm -rf create-k8s.yaml
echo
echo
echo "Please wait one minute for nodes ready"
echo
echo
sleep 1m
kubectl get nodes
echo
echo
echo 'if you want use TAB for completion your command, please type sudo -i here'
echo
echo
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手