rke安装kubernetes集群1

fish_ly
169 阅读1分钟

xshell拖拽上传:lrzsz

一、安装前准备

  • 1、免密登陆各台主机,安装基础工具yum install -y sshpass
  • 2、免交互生产ssh密钥 ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa
  • 3、将生成的公钥粘贴在其他主机echo $id_rsa.pub >> ~/.ssh/authorized_keys文件内
  • 4、创建用户,并用此用户免密登陆各主机 
    10.172.24.15 muti1
10.172.24.16 muti2

    echo "create user"
for ip in $(cat hosts|awk '{print $1}');do
    echo "=================================================================="
    echo $ip
    ssh $ip useradd rancher
    ssh $ip usermod -aG docker rancher
    ssh $ip 'echo abc123 | passwd  --stdin  rancher'
    ssh $ip systemctl restart docker
done
echo "rancher用户免密登陆所有节点"
pwds="abc123"
for ip in $(cat hosts|awk '{print $1}');do
    echo "##$ip"
    sshpass -p $pwds ssh-copy-id -i ~/.ssh/id_rsa.pub rancher@$ip -o StrictHostKeyChecking=no
done
  • 5、安装过程 
    for ip in $(cat hosts|awk '{print $2}');do
echo "更换centos源"
echo "##$ip"
ssh $ip yum install -y wget
ssh $ip wget http://aliyunxxx/centos7.9.repo.tar
ssh $ip tar xf centos7.9.repo.tar
ssh $ip rm -rf /etc/yum.repos.d/*
ssh $ip cp centos7.9/* /etc/yum.repos.d/
ssh $ip rm -rf centos7.9*
echo "set hostname"
ssh $ip "hostnamectl set-hostname $ip"
echo "生成ssh keygen 免交互"
ssh $ip 'ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa'
done

    
for ip in $(cat hosts|awk '{print $1}');do
echo "##$ip"

ssh $ip  echo 'Asia/Shanghai' > /etc/timezone
echo "安装基础软件"
ssh $ip "yum install  jq psmisc vim net-tools yum-utils -y"
echo "基础配置"
ssh $ip "systemctl disable --now firewalld"
ssh $ip "systemctl disable --now dnsmasq"
ssh $ip "systemctl disable --now NetworkManager"
ssh $ip "swapoff -a && sysctl -w vm.swappiness=0"
ssh $ip "setenforce 0"
echo "修改内核参数 (配置iptables)"
ssh $ip  """cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF"""
ssh $ip  "vm.swappiness=0"
ssh $ip  "sysctl --system"
ssh $ip ulimit -SHn 65535
ssh $ip cat <<EOF >> /etc/security/limits.conf
soft nofile 655360
hard nofile 131072
soft ntproc 655350
hard ntproc 655350
soft memlock unlimited
hard memlock unlimited
EOF
echo "install docker "
ssh $ip yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
ssh $ip "yum install -y docker-ce-20.10.6" 
echo "##$ip"
ssh $ip "mkdir /etc/docker"
ssh $ip '''
cat <<EOF  > /etc/docker/daemon.json 
{ 
    "registry-mirrors": [ "https://registry.docker-cn.com"], 
    "insecure-registries": [ "10.172.24.15:5300"] 
}
EOF
''' 
ssh $ip "systemctl start docker"
ssh $ip "systemctl enable docker"
ssh $ip "systemctl daemon-reload"
ssh $ip "systemctl restart docker"

done

    echo "检查docker是否安装成功"
for ip in $(cat hosts|awk '{print $1}');do
    echo "###$ip"
    ssh $ip "systemctl status docker"
done

echo "kubectl"
for ip in $(cat hosts|awk '{print $1}');do
echo "##$ip" 
ssh $ip "wget http://xxx/kubectl-1.18.6-0.x86_64.rpm"
ssh $ip "rpm -ivh kubectl-1.18.6-0.x86_64.rpm"
ssh $ip "rm -rf kubectl-1.18.6-0.x86_64.rpm"
done

echo "rke"
for ip in $(cat hosts|awk '{print $1}');do
echo "##$ip"
ssh $ip "wget http://xxx/rke_linux-amd64-v1.3.2"
ssh $ip "cp  rke_linux-amd64-v1.3.2  rke_linux-amd64"
ssh $ip "chmod +x rke_linux-amd64 && sudo cp rke_linux-amd64 /usr/bin/rke"
ssh $ip "rm -rf rke_linux-amd64-v1.3.2 rke_linux-amd64"
done
for ip in $(cat hosts|awk '{print $1}');do
echo "##$ip"
ssh $ip "rke --version"
done

    echo "rke安装集群"
rke up --config /root/rke.yaml
# 移除
# rke remove --config /root/rke.yaml

echo "kubectl工具 命令配置"
mkdir -p /root/.kube 
cp kube_config_rke.yaml  /root/.kube/config

    nodes:

- address: 10.172.24.15
  user: rancher
  role: ["controlplane", "etcd" ]
  ssh_key_path: ~/.ssh/id_rsa
  port: 22
- address: 10.172.24.16
  user: rancher
  role: ["worker" ]
  ssh_key_path: ~/.ssh/id_rsa
  port: 22

private_registries:
- url: 10.172.24.15:5300
  user: admin
  password: "abc123"
  is_default: true

services:
  etcd:
    backup_config:
      enabled: true
      interval_hours: 1
      retention: 30
  kube-api:
    service_node_port_range: 30000-60000
  kubelet:
    extra_args:
      max-pods: 300
network:
  plugin: calico

    二、添加secret

    for ns in $(kubectl get ns|grep cattle|awk '{print $1}');do
echo kubectl delete secret  ali-secret  -n  $ns 
kubectl  delete   secret  ali-secret  -n  $namespace 
kubectl create secret docker-registry ali-secret --docker-server=10.172.24.15:5300 --docker-username=admin  --docker-password=abc123 --docker-email=ali@registry.com -n    $ns

done ```

avatar
文章
阅读
粉丝