首页 > 其他分享 >k8s及其基本插件安装

k8s及其基本插件安装

时间:2023-10-30 18:33:18浏览次数:50  
标签:插件 name -- etc version file k8s 安装

k8s_install.sh

#!/bin/bash

set -e

master1="10.1.1.60"
master2="10.1.1.61"
master3="10.1.1.62"


containerd_version=v1.7.7
runc_version=v1.1.9
cni_version=v1.3.0
cri_tools_version=v1.27.1
kubernetes_version=v1.27.7
kubernetes_release_version=v0.15.1
calico_version=v3.26.3
lvscare_version=v4.3.4

base_path=$(realpath $(dirname "${BASH_SOURCE[0]}"))

# base_path=$(
#     cd "$(dirname "$0")" || exit 1
#     pwd
# )
HOST_IF=$(ip route|grep default|head -n1|cut -d' ' -f5);
HOST_IP=$(ip a|grep "$HOST_IF$"|head -n1|awk '{print $2}'|cut -d'/' -f1)
VIP="240.8.8.8"
kubeadm="${base_path}/resources/kubeadm"

function usage() {
  echo -e "\033[33mUsage: \033[0mbash $0 <command> [parameter]"
  cat <<EOF
------------------------------------------------------------------------------------
    bash $0 install_all                                           一键安装k8s到本机
    bash $0 install_containerd                                    安装containerd
    bash $0 install_runc                                          安装runc
    bash $0 install_cni                                           安装cni
    bash $0 install_cri_tools                                     安装cri_tools
    bash $0 init_system                                           初始化系统
    bash $0 install_k8s                                           安装k8s及其依赖,导入k8s镜像等
    bash $0 init_k8s                                              初始化k8s
    bash $0 install_calico                                        安装calico
    bash $0 join_master <token> <cert-hash> <certificate-key>     加入master节点
    bash $0 join_node   <token> <cert-hash>                       加入node节点
EOF
}

install_containerd() {
  file_name="cri-containerd-cni-${containerd_version:1}-linux-amd64.tar.gz"
  sha256sum --check "${file_name}.sha256sum"
  tar -xf ${file_name} -C /
  mkdir -p /etc/containerd
  containerd config default > /etc/containerd/config.toml
  sandbox_image=$(${kubeadm} config images list  --kubernetes-version=${kubernetes_version} | grep pause)
  sed -i 's#SystemdCgroup = false#SystemdCgroup = true#g' /etc/containerd/config.toml
  sed -i "s#sandbox_image = .*#sandbox_image = \"${sandbox_image}\"#g" /etc/containerd/config.toml
  systemctl enable --now containerd.service
}

install_runc() {
  file_name="runc.amd64"
  cat "runc.sha256sum" | grep "${file_name}" | sha256sum --check
  cp ${file_name} /usr/local/sbin/runc
  chmod +x /usr/local/sbin/runc
}

install_cni() {
  file_name="cni-plugins-linux-amd64-${cni_version}.tgz"
  sha256sum --check "${file_name}.sha256"
  cni_dir=/opt/cni/bin
  mkdir -p ${cni_dir}
  tar -xf ${file_name} -C ${cni_dir}
  chmod +x ${cni_dir}/*
}

install_cri_tools() {
  file_name="crictl-${cri_tools_version}-linux-amd64.tar.gz"
  echo "$(cat ${file_name}.sha256) ${file_name}" | sha256sum --check
  tar -xf ${file_name} -C /usr/local/bin
  file_name="critest-${cri_tools_version}-linux-amd64.tar.gz"
  echo "$(cat ${file_name}.sha256) ${file_name}" | sha256sum --check
  tar -xf ${file_name} -C /usr/local/bin
  chmod +x /usr/local/bin/{crictl,critest}
}


init_system() {
  cat /sys/fs/cgroup/cgroup.controllers >/dev/null 2>&1 || grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=1"
  cat <<EOF | tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
  modprobe overlay
  modprobe br_netfilter
  cat <<EOF | tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables  = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
  sysctl --system
}


install_k8s() {
  k8s_run_dir=/usr/local/bin
  mkdir -p ${k8s_run_dir}
  ls {kubeadm,kubelet,kubectl} && chmod +x {kubeadm,kubelet,kubectl}
  cp {kubeadm,kubelet,kubectl} ${k8s_run_dir}

  if [ -f /etc/debian_version ]; then
    swapoff -a && sysctl -w vm.swappiness=0
    sed -i 's/.*swap.*/# &/' /etc/fstab
    apt install -y conntrack ebtables iptables libip6tc2 libnetfilter-conntrack3 libnfnetlink0 socat bash-completion
  elif [ -f /etc/redhat-release ]; then
    swapoff -a && sysctl -w vm.swappiness=0
    sed -i 's/.*swap.*/# &/' /etc/fstab
    setenforce 0
    sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
    systemctl disable --now firewalld
    yum install socat conntrack-tools bash-completion iproute-tc ipvsadm -y
  else
    echo "ERROR: no deb or rpm."
    exit 1
  fi

  sed "s:/usr/bin:${k8s_run_dir}:g" kubelet.service | tee /etc/systemd/system/kubelet.service
  mkdir -p /etc/systemd/system/kubelet.service.d
  sed "s:/usr/bin:${k8s_run_dir}:g" 10-kubeadm.conf | tee /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
  mkdir -p /etc/bash_completion.d
  kubectl completion bash > /etc/bash_completion.d/kubectl
  source /etc/bash_completion.d/kubectl
  systemctl enable kubelet.service
  export KUBE_PROXY_MODE=ipvs
  k8s_images="k8s-${kubernetes_version}.tar"
  ctr -n k8s.io images import $k8s_images
}

function init_k8s() {
  sed -i '/apiserver.cluster.local/d' /etc/hosts
  echo '127.0.0.1 apiserver.cluster.local' >> /etc/hosts
  ctr -n k8s.io images import "k8s-${kubernetes_version}.tar"
  ctr -n k8s.io images import "calico-${calico_version}.tar"
  kubeadm init --upload-certs \
  --node-name ${HOST_IP} \
  --config ${base_path}/kubeadm-config.yaml \
  | tee kubeadm-init.log
  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

  token=$(tail -n 2 kubeadm-init.log | grep "\--token" | awk '{print $(NF-1)}')
  hash=$(tail -n 2 kubeadm-init.log | grep "\--discovery-token-ca-cert-hash" | awk '{print $NF}')
  key=$(tail -n 10 kubeadm-init.log | grep "\--certificate-key" | awk '{print $NF}')
  echo -e "\e[38;5;46m\n\n使用提示 \e[0m"
  cat <<EOF
请在master2和master3节点上执行:

bash $0 join_master ${token} ${hash} ${key}

请在所有node节点上执行:

bash $0 join_node ${token} ${hash}

EOF
}

function install_calico() {
  kubectl apply -f "${base_path}/resources/calico-${calico_version}.yaml"
}

function join_master() {
  sed -i '/apiserver.cluster.local/d' /etc/hosts
  echo "$master1 apiserver.cluster.local" >> /etc/hosts
  ctr -n k8s.io images import "k8s-${kubernetes_version}.tar"
  ctr -n k8s.io images import "calico-${calico_version}.tar"
  kubeadm join apiserver.cluster.local:6443 --node-name ${HOST_IP} \
        --control-plane --apiserver-advertise-address ${HOST_IP} \
        --token $1 \
        --discovery-token-ca-cert-hash $2 \
        --certificate-key $3
  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config
  sed -i '/apiserver.cluster.local/d' /etc/hosts
  echo "127.0.0.1 apiserver.cluster.local" >> /etc/hosts
}

function join_node() {
  lvscare
  sed -i '/apiserver.cluster.local/d' /etc/hosts
  echo "$master1 apiserver.cluster.local" >> /etc/hosts
  ctr -n k8s.io images import "k8s-${kubernetes_version}.tar"
  ctr -n k8s.io images import "calico-${calico_version}.tar"
  kubeadm join apiserver.cluster.local:6443 --node-name ${HOST_IP} \
        --token $1 \
        --discovery-token-ca-cert-hash $2
  sed -i '/apiserver.cluster.local/d' /etc/hosts
  echo "$VIP apiserver.cluster.local" >> /etc/hosts
}
function lvscare() {
  ctr -n k8s.io images import "lvscare-${lvscare_version}.tar"
  mkdir -p /etc/kubernetes/manifests
  cat << EOF | tee /etc/kubernetes/manifests/lvscare.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    component: lvscare
    tier: control-plane
  name: lvscare
  namespace: kube-system
spec:
  containers:
  - args:
    - care
    - --vs
    - ${VIP}:6443
    - --health-path
    - /healthz
    - --health-schem
    - https
    - --rs
    - ${master1}:6443
    - --rs
    - ${master2}:6443
    - --rs
    - ${master3}:6443
    command:
    - /usr/bin/lvscare
    image: ghcr.io/labring/lvscare:${lvscare_version}
    imagePullPolicy: IfNotPresent
    name: lvscare
    resources: {}
    securityContext:
      privileged: true
    volumeMounts:
    - mountPath: /lib/modules
      name: lib-modules
      readOnly: true
  hostNetwork: true
  priorityClassName: system-cluster-critical
  volumes:
  - hostPath:
      path: /lib/modules
      type: ""
    name: lib-modules
status: {}
EOF
}


function install_all() {
  install_containerd
  install_runc
  install_cni
  install_cri_tools
  init_system
  install_k8s
  init_k8s
  kubectl taint node $HOST_IP node.kubernetes.io/not-ready:NoSchedule-
  install_calico
}


function main() {
  cd ${base_path}/resources
  case "$1" in
    (install_all)
        install_all
        ;;
    (install_containerd)
        install_containerd
        ;;
    (install_runc)
        install_runc
        ;;
    (install_cni)
        install_cni
        ;;
    (install_cri_tools)
        install_cri_tools
        ;;
    (init_system)
        init_system
        ;;
    (install_k8s)
        install_k8s
        ;;
    (init_k8s)
        init_k8s
        ;;
    (install_calico)
        install_calico
        ;;
    (join_master)
        shift
        join_master $@
        ;;
    (join_node)
        shift
        join_node $@
        ;;
    (help)
        usage
        exit 0
        ;;
    (*)
        usage
        exit 0
        ;;
  esac
}

main $@

标签:插件,name,--,etc,version,file,k8s,安装
From: https://www.cnblogs.com/xwjh/p/17798532.html

相关文章

  • K8s:Pod 中 command、args 与 Dockerfile 中 CMD、 ENTRYPOINT 的对应关系
    写在前面前几天被问到,这里整理笔记之前也没怎么注意这个问题理解不足小伙伴帮忙指正曾以为老去是很遥远的事,突然发现年轻是很久以前的事了。时光好不经用,抬眼已是半生,所谓的中年危机,真正让人焦虑的不是孤单、不是贫穷、更不是衰老,而是人到中年你才发现,你从来没有按照自己喜欢的方......
  • centos7:安装python3.6.8:安装uvicorn、fastapi、pymysql:指定国内的pypi镜像源
    yuminstallpython3python3-develgccmakelibaio-develpip3install-ihttp://mirrors.aliyun.com/pypi/simple--trusted-hostmirrors.aliyun.com"uvicorn[standard]"==0.16.0pymysqlfastapi 关键点:因为centos7的软件仓库中,python3的版本比较低:python3-3.6.8-1......
  • RabbitMQ安装——window10 64位
    一、下载并安装erlang环境  RabbitMQ是由erlang编程语言开发的消息队列,因此需要在电脑上安装erlang的环境。1、官网下载erlang环境在RabbitMQ的最新版本详情页面RabbitMQ Project Announcements — RabbitMQ查看最新版本支持的erlang环境,目前支持erlang的版本号为OTP25.x......
  • windows server 2012 R2 环境下安装 .NerCore
    windowsserver2012R2环境下安装.NerCore 安装步骤如下1,微软官网下载 .NetCore服务器运行环境  Core运行环境下载地址  https://dotnet.microsoft.com/download/dotnet-core   下载对应版本即可!2,安装成功后cmd运行命令dotnet--info如下图 出现版......
  • 页脚 ip地址显示插件
    <scripttype="application/javascript">functiongetgeoip(json){varfooterText="IP地址:"+json.ip+""+"["+json.country+"]";document.getElementById("ip-plugin").innerHTML=fo......
  • Ubuntu安装8188fu驱动
    ##https://github.com/kelebek333/rtl8188fuREADMERTL8188FUdriverforLinuxkernel4.15.x~6.5.x(LinuxMint,UbuntuorDebianDerivatives)info:rtl8188fusupportwillbeaddtortl8xxxumoduleofLinuxkernel. https://patchwork.kernel.org/project/linu......
  • k8s1.26.5 安装 flink1.17.1
    标签(空格分隔):kubernetes系列一:系统环境介绍系统:centos7.9x64k8s集群版本:k8s1.26.5采用kubesphere做页面caclico版本:calicov3.26.1containerd版本:containerd://1.6.24hadoop版本:hadoop3.3.6helm版本:helm3.9.0二:编译得到fl......
  • 数据集成实现以及平台安装部署入门
    ETLCloud是什么?ETLCloud提供了一套工具和服务,用于将数据从不同的来源抽取(Extract)、转换(Transform)和加载(Load)到目标系统中。ETL代表了这个过程的三个主要步骤。抽取(Extract):从不同的数据源中获取数据,可以是关系型数据库、文件、Web服务或其他数据存储系统。ETLCloud提供了各种连接器......
  • 命名虚拟机及设置安装路径怎么操作呢?
    设置“处理器数量”和“每个处理器的内核数量”,可以在网络上搜索一下自己的CPU处理器的型号信息,或者在Windows系统中打开任务管理器,然后访问性能选项卡,该选项卡右下侧的逻辑处理器数量就是您的CPU内核数量。设置CPU处理器信息设置内存分配量设置网络类型设置SCSI控制器的类型设置虚......
  • 企业网站安装SSL证书选哪个好?
    互联网的发展让企业越来越依托于线上业务,因此也意识到了网络安全的重要性,为了保护企业网站的数据安全,很多企业选择安装SSL证书。SSL证书是一种数字证书,通过在服务器和浏览器之间建立加密连接,确保数据在传输过程中的安全性。然而,在安装SSL证书之前,企业需要选择适合自己的证书。本文......