shell自动化安装k8s-1.21集群

!/bin/bash

Cenos7 k8s安装部署####

version 1.0.0

author jacker 20240702

执行脚本前最好master节点已经将公钥上传到node节点实现免密登录

1.定义环境变量

host

OS_VER=$(cat /etc/centos-release | awk '{print $4}'|awk -F '.' '{print $1}')
nodes=(
"192.168.230.15 master"
"192.168.230.16 node1"
"192.168.230.17 node2"
)
MASTER_IP=$(echo ${nodes[0]} | awk '{print $1}')

KS8 version

DOCKER_VERSION="20.10.24-3"
k8S_VERSION="1.21.13"
k8S_RPM_VERSION="1.21.13-0"
images=(
kube-apiserver:v$k8S_VERSION
kube-controller-manager:v$k8S_VERSION
kube-scheduler:v$k8S_VERSION
kube-proxy:v$k8S_VERSION
pause:3.4.1
etcd:3.4.13-0
coredns:v1.8.0
)
POD_NETWORK="10.244.0.0/16"
SERVICE_CIDR="10.96.0.0/12"
CALICO_VERSION="3.25.0"

2.集群环境初始化

common_init(){
IF_YUM_SOURCE=$(grep -E 'huaweicloud.com|aliyun.com' /etc/yum.repos.d/CentOS-Base.repo |wc -l)
if [ $IF_YUM_SOURCE -eq 0 ]; then
if [ $OS_VER -eq 7 ]; then
sudo cp -f /etc/yum.repos.d/{CentOS-Base.repo,CentOS-Base.repo.bakdate +%F}
sudo curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.huaweicloud.com/repository/conf/CentOS-7-anon.repo
elif [$OS_VER -eq 8 ]; then
sudo cp -f /etc/yum.repos.d/{CentOS-Linux-BaseOS.repo,CentOS-Linux-BaseOS.repo.backupdate +%F}
sudo cp -f /etc/yum.repos .d/{CentOS-Linux-AppStream.repo,CentOS-Linux-AppStream.repo.backupdate +%F}
sudo curl -o /etc/yum.repos.d/CentOS-Linux-BaseOS.repo http://mirrors.aliyun.com/repo/Centos-8.repo
sudo curl -o /etc/yum.repos.d/CentOS-Linux-AppStream.repo http://mirrors.aliyun.com/repo/Centos-8.repo
else
echo "system is not Cenos7 or Cenos8"
exec 1
fi
if [[ ! $? -eq 0 ]]; then
echo "network disconnect"
exec 1
fi
fi
yum clean all && yum makecache
rpm -qa | grep net-tools &>/dev/null || yum install -y net-tools
HOST_IP=$(ifconfig ens33 | grep -w inet | awk '{print $2}')
for node in "${nodes[@]}";do
echo $node >>/etc/hosts
NODE_IP=$(echo $node | awk '{print $1}')
HOST_NAME=$(echo $node | awk '{print $2}')
if [[ "$NODE_IP" = "$HOST_IP" ]];then
hostnamectl set-hostname $HOST_NAME
fi
done

systemctl stop firewalld && systemctl disable firewalld &>/dev/null
systemctl status iptables &>/dev/null && systemctl stop iptables &>/dev/null && systemctl disable iptables &>/dev/null
setenforce=0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
swapoff -a
sed -i '/^{/dev/mapper/centos-swap/s/}/#/' /etc/fstab
cat >> /etc/sysctl.d/kubernetes.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl -p && modprobe br_netfilter && lsmod | grep br_netfilter &>/dev/null
yum install -y epel-release &>/dev/null
yum install -y ipset ipvsadm &>/dev/null
cat >> /etc/sysconfig/modules/ipvs.modules << EOF

!/bin/bash

modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
chmod +x /etc/sysconfig/modules/ipvs.modules &&/bin/bash /etc/syslsmod | grep -e ip_vs -e nf_conntrack_ipv4config/modules/ipvs.modules
curl https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
mkdir /etc/docker
DAEMON_JSON='
{\n
\t"exec-opts":["native.cgroupdriver=systemd"],\n
\t"registry-mirrors":["https://docker.m.daocloud.io",\n
\t\t"https://docker.1panel.live",\n
\t\t"http://hub-mirror.c.163.com",\n
\t\t"https://docker.mirrors.ustc.edu.cn",\n
\t\t"https://registry.docker-cn.com"]\n
}
'
echo -e $DAEMON_JSON > /etc/docker/daemon.json
yum install --setopt=obsoletes=0 docker-ce-cli-$DOCKER_VERSION.el7 docker-ce-$DOCKER_VERSION.el7 docker-ce-rootless-extras-$DOCKER_VERSION-3.el7 -y
systemctl start docker && systemctl enable docker
if [ $? -eq 0 ];then
echo "docker install successful"
else
echo "docker install failed"
fi
cat >> /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install --setopt=obsoletes=0 kubeadm-$k8S_RPM_VERSION kubelet-$k8S_RPM_VERSION kubectl-$k8S_RPM_VERSION -y
cat > /etc/sysconfig/kubelet <<EOF
KUBELF_CGROUP_ARGS="--cgroup-driver=systemd"
KUBE_PROXY_MODE="ipvs"
EOF
systemctl enable kubelet

拉取集群镜像

for imageName in "${images[@]}"; do
if [[ "$imageName" != "coredns:v1.8.0" ]]; then
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
else
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/coredns/$imageName
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
fi
done
docker images | grep kube-apiserver &>/dev/null && echo "download kubernetes images successful" || echo "download kubernetes images failed"

}

3.时间同步阿里云

time_syrc(){
rmp -qa | grep ntpdate
if [ ! $? -eq 0 ];then
sudo yum install -y ntpdate
fi
ntpdate 0.asia.pool.ntp.org
clock -w
echo "/usr/sbin/ntpdate 0.asia.pool.ntp.org" >>/opt/time_syrc.sh
sudo chmod +x /opt/time_syrc.sh

定时任务的内容

JOB="*/30 * * * * /opt/time_syrc.sh"

添加定时任务

(crontab -l ; echo "$JOB") | crontab -
}

3.拉取网络插件calico镜像

pull_calico(){
docker pull docker.io/calico/cni:v$CALICO_VERSION && docker pull docker.io/calico/node:v$CALICO_VERSION && docker pull docker.io/calico/kube-controllers:v$CALICO_VERSION
calico_num =$(docker images | grep calico | wc -l)
if [[ $calico_num -eq 3 ]];then
echo "pull calico image successful"
else
echo "pull calico image failed,please connect to the network first!"
fi
}

4.master节点初始化

master_init(){
kubeadm init
--kubernetes-version=v$k8S_VERSION
--pod-network-cidr=$POD_NETWORK
--service-cidr=$SERVICE_CIDR
--apiserver-advertise-address=$MASTER_IP
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u)😒(id -g) $HOME/.kube/config
kubeadm token create --print-join-command >/opt/kubuadm_init_comd
HOST_IP=$(ifconfig ens33 | grep -w inet | awk '{print $2}')
for node in "${nodes[@]}";do
NODE_IP=$(echo $node | awk '{print $1}')
ping -c 4 $NODE_IP &>/dev/null
if [[ $? -eq 0 ]] && [[ "$NODE_IP" != "$MASTER_IP" ]];then
scp /etc/kubernetes/admin.conf $NODE_IP:/opt
scp /opt/kubuadm_init_comd $NODE_IP:/opt
scp /opt/k8s_install.sh $NODE_IP:/opt

fi

done

sudo scp /etc/kubernetes/admin.conf 192.168.72.101:/etc/kubernetes/

install calico

pull_calico
curl https://raw.githubusercontent.com/projectcalico/calico/v$CALICO_VERSION/manifests/calico.yaml -o /opt/calico.yaml
kubectl apply -f /opt/calico.yaml
sleep 20
}

4.worker节点初始化

Worker_init(){

kubeadm join 192.168.230.15:6443 --token l01xe6.oo4zmtf14nw96kp8 \

--discovery-token-ca-cert-hash sha256:121bc1b7dda211b68137788823d9ebda7bd6f318ab24a34192ed72702d1b8950

HOST_IP=$(ifconfig ens33 | grep -w inet | awk '{print $2}')
if [[ -e /opt/kubuadm_init_comd ]]; then
source /opt/kubuadm_init_comd
else
echo "please runing follow command on master node"
echo 'kubeadm token create --print-join-command >>/opt/kubuadm_init_comd'
echo 'scp /opt/kubuadm_init_comd $NODE_IP:/opt'
exec 1
fi
if [[ $? -eq 0 ]];then
echo "Worker node join Master node successful!"
cp -a /opt/admin.conf /etc/kubernetes/
if [[ -e /etc/kubernetes/admin.conf ]];then
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u)😒(id -g) $HOME/.kube/config
else

	echo "Please upload the master node/etc/kubernetes/admin. conf file to the/etc/kubernetes/directory of the working node"
	echo "you can runing follow command on master node,Afterwards, execute the installation script"
	echo 'sudo scp /etc/kubernetes/admin.conf $HOST_IP:/opt'
fi

else
echo "Worker node join Master node failed!"
exec 1
fi
}

main(){
echo -e '\033[32m------------------------------------------------------\033[0m'
echo -e "\033[36m Please Select Install Node:\033[0m"
echo
echo "1)Master node"
echo "2)Worker node)"
echo -e '\033[32m------------------------------------------------------\033[0m'
read NODE
if [[ $NODE -eq 1 ]];then
common_init
time_syrc
install_calico
master_init
elif [[ $NODE -eq 2 ]];then
ping -c 4 $MASTER_IP
if [[ ! $? -eq 0 ]];then
echo "Worker node cannot ping master node, please connect to the network first"
exec 1
fi
common_init
time_syrc
pull_calico
Worker_init
else
echo " input error,pls input 1 or 2:"
fi
}

main && bash