Centos7 使用脚本二进制安装k8s

admin

网上找到一个大佬写的shell脚本，用二进制方式安装k8s集群，做好了系统层面的优化，直接用于生产没问题，本人已测试，没问题
一、安装准备
1、部署网络架构图

2、下载shell脚本

1. <a href="https://github.com/bogeit/LearnK8s/blob/main/k8s_install_new.sh" target="_blank">https://github.com/bogeit/LearnK8s/blob/main/k8s_install_new.sh</a>
   
2. #!/bin/bash
   
3. # auther: boge
   
4. # descriptions:  the shell scripts will use ansible to deploy K8S at binary for siample
   
5. 
   
6. # 传参检测
   
7. [ $# -ne 6 ] && echo -e "Usage: $0 rootpasswd netnum nethosts cri cni k8s-cluster-name\nExample: bash $0 bogedevops 10.0.1 201\ 202\ 203\ 204 [containerd|docker] [calico|flannel] test\n" && exit 11
   
8. 
   
9. # 变量定义
   
10. export release=3.0.0
    
11. export k8s_ver=v1.19.7  # v1.20.2, v1.19.7, v1.18.15, v1.17.17
    
12. rootpasswd=$1
    
13. netnum=$2
    
14. nethosts=$3
    
15. cri=$4
    
16. cni=$5
    
17. clustername=$6
    
18. if ls -1v ./kubeasz*.tar.gz &>/dev/null;then software_packet="$(ls -1v ./kubeasz*.tar.gz )";else software_packet="";fi
    
19. pwd="/etc/kubeasz"
    
20. 
    
21. 
    
22. # deploy机器升级软件库
    
23. if cat /etc/redhat-release &>/dev/null;then
    
24.     yum update -y
    
25. else
    
26.     apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y
    
27.     [ $? -ne 0 ] && apt-get -yf install
    
28. fi
    
29. 
    
30. # deploy机器检测python环境
    
31. python2 -V &>/dev/null
    
32. if [ $? -ne 0 ];then
    
33.     if cat /etc/redhat-release &>/dev/null;then
    
34.         yum install gcc openssl-devel bzip2-devel
    
35.         wget <a href="https://www.python.org/ftp/python/2.7.16/Python-2.7.16.tgz" target="_blank">https://www.python.org/ftp/python/2.7.16/Python-2.7.16.tgz</a>
    
36.         tar xzf Python-2.7.16.tgz
    
37.         cd Python-2.7.16
    
38.         ./configure --enable-optimizations
    
39.         make altinstall
    
40.         ln -s /usr/bin/python2.7 /usr/bin/python
    
41.         cd -
    
42.     else
    
43.         apt-get install -y python2.7 && ln -s /usr/bin/python2.7 /usr/bin/python
    
44.     fi
    
45. fi
    
46. 
    
47. # deploy机器设置pip安装加速源
    
48. if [[ $clustername != 'aws' ]]; then
    
49. mkdir ~/.pip
    
50. cat > ~/.pip/pip.conf </dev/null;then
    
51.     yum install git python-pip sshpass -y
    
52.     [ -f ./get-pip.py ] && python ./get-pip.py || {
    
53.     wget <a href="https://bootstrap.pypa.io/2.7/get-pip.py" target="_blank">https://bootstrap.pypa.io/2.7/get-pip.py</a> && python get-pip.py
    
54.     }
    
55. else
    
56.     apt-get install git python-pip sshpass -y
    
57.     [ -f ./get-pip.py ] && python ./get-pip.py || {
    
58.     wget <a href="https://bootstrap.pypa.io/2.7/get-pip.py" target="_blank">https://bootstrap.pypa.io/2.7/get-pip.py</a> && python get-pip.py
    
59.     }
    
60. fi
    
61. python -m pip install --upgrade "pip < 21.0" pip -V pip install --no-cache-dir ansible netaddr # 在deploy机器做其他node的ssh免密操作 for host in `echo "${nethosts}"` do echo "============ ${netnum}.${host} ==========="; if [[ ${USER} == 'root' ]];then [ ! -f /${USER}/.ssh/id_rsa ] &&\ ssh-keygen -t rsa -P '' -f /${USER}/.ssh/id_rsa else [ ! -f /home/${USER}/.ssh/id_rsa ] &&\ ssh-keygen -t rsa -P '' -f /home/${USER}/.ssh/id_rsa fi sshpass -p ${rootpasswd} ssh-copy-id -o StrictHostKeyChecking=no ${USER}@${netnum}.${host} if cat /etc/redhat-release &>/dev/null;then
    
62.         ssh -o StrictHostKeyChecking=no ${USER}@${netnum}.${host} "yum update -y"
    
63.     else
    
64.         ssh -o StrictHostKeyChecking=no ${USER}@${netnum}.${host} "apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y"
    
65.         [ $? -ne 0 ] && ssh -o StrictHostKeyChecking=no ${USER}@${netnum}.${host} "apt-get -yf install"
    
66.     fi
    
67. done
    
68. 
    
69. 
    
70. # deploy机器下载k8s二进制安装脚本
    
71. 
    
72. if [[ ${software_packet} == '' ]];then
    
73.     curl -C- -fLO --retry 3 <a href="https://github.com/easzlab/kubeasz/releases/download/" target="_blank">https://github.com/easzlab/kubeasz/releases/download/</a>${release}/ezdown
    
74.     sed -ri "s+^(K8S_BIN_VER=).*$+\1${k8s_ver}+g" ezdown
    
75.     chmod +x ./ezdown
    
76.     # 使用工具脚本下载
    
77.     ./ezdown -D && ./ezdown -P
    
78. else
    
79.     tar xvf ${software_packet} -C /etc/
    
80.     chmod +x ${pwd}/{ezctl,ezdown}
    
81. fi
    
82. 
    
83. # 初始化一个名为my的k8s集群配置
    
84. 
    
85. CLUSTER_NAME="$clustername"
    
86. ${pwd}/ezctl new ${CLUSTER_NAME}
    
87. if [[ $? -ne 0 ]];then
    
88.     echo "cluster name [${CLUSTER_NAME}] was exist in ${pwd}/clusters/${CLUSTER_NAME}."
    
89.     exit 1
    
90. fi
    
91. 
    
92. if [[ ${software_packet} != '' ]];then
    
93.     # 设置参数，启用离线安装
    
94.     sed -i 's/^INSTALL_SOURCE.*$/INSTALL_SOURCE: "offline"/g' ${pwd}/clusters/${CLUSTER_NAME}/config.yml
    
95. fi
    
96. 
    
97. 
    
98. # to check ansible service
    
99. ansible all -m ping
    
100. 
     
101. #---------------------------------------------------------------------------------------------------
     
102. 
     
103. 
     
104. 
     
105. 
     
106. #修改二进制安装脚本配置 config.yml
     
107. 
     
108. sed -ri "s+^(CLUSTER_NAME<img src="static/image/smiley/default/smile.gif" border="0" smilieid="1" alt=":)">.*$+\1 "${CLUSTER_NAME}"+g" ${pwd}/clusters/${CLUSTER_NAME}/config.yml
     
109. 
     
110. ## k8s上日志及容器数据存独立磁盘步骤（参考阿里云的）
     
111. 
     
112. [ ! -d /var/lib/container ] && mkdir -p /var/lib/container/{kubelet,docker}
     
113. 
     
114. ## cat /etc/fstab     
     
115. # UUID=105fa8ff-bacd-491f-a6d0-f99865afc3d6 /                       ext4    defaults        1 1
     
116. # /dev/vdb /var/lib/container/ ext4 defaults 0 0
     
117. # /var/lib/container/kubelet /var/lib/kubelet none defaults,bind 0 0
     
118. # /var/lib/container/docker /var/lib/docker none defaults,bind 0 0
     
119. 
     
120. ## tree -L 1 /var/lib/container
     
121. # /var/lib/container
     
122. # ├── docker
     
123. # ├── kubelet
     
124. # └── lost+found
     
125. 
     
126. # docker data dir
     
127. DOCKER_STORAGE_DIR="/var/lib/container/docker"
     
128. sed -ri "s+^(STORAGE_DIR<img src="static/image/smiley/default/smile.gif" border="0" smilieid="1" alt=":)">.*$+STORAGE_DIR: "${DOCKER_STORAGE_DIR}"+g" ${pwd}/clusters/${CLUSTER_NAME}/config.yml
     
129. # containerd data dir
     
130. CONTAINERD_STORAGE_DIR="/var/lib/container/containerd"
     
131. sed -ri "s+^(STORAGE_DIR<img src="static/image/smiley/default/smile.gif" border="0" smilieid="1" alt=":)">.*$+STORAGE_DIR: "${CONTAINERD_STORAGE_DIR}"+g" ${pwd}/clusters/${CLUSTER_NAME}/config.yml
     
132. # kubelet logs dir
     
133. KUBELET_ROOT_DIR="/var/lib/container/kubelet"
     
134. sed -ri "s+^(KUBELET_ROOT_DIR<img src="static/image/smiley/default/smile.gif" border="0" smilieid="1" alt=":)">.*$+KUBELET_ROOT_DIR: "${KUBELET_ROOT_DIR}"+g" ${pwd}/clusters/${CLUSTER_NAME}/config.yml
     
135. if [[ $clustername != 'aws' ]]; then
     
136.     # docker aliyun repo
     
137.     REG_MIRRORS="https://pqbap4ya.mirror.aliyuncs.com"
     
138.     sed -ri "s+^REG_MIRRORS:.*$+REG_MIRRORS: \'["${REG_MIRRORS}"]\'+g" ${pwd}/clusters/${CLUSTER_NAME}/config.yml
     
139. fi
     
140. # [docker]信任的HTTP仓库
     
141. sed -ri "s+127.0.0.1/8+${netnum}.0/24+g" ${pwd}/clusters/${CLUSTER_NAME}/config.yml
     
142. # disable dashboard auto install
     
143. sed -ri "s+^(dashboard_install<img src="static/image/smiley/default/smile.gif" border="0" smilieid="1" alt=":)">.*$+\1 "no"+g" ${pwd}/clusters/${CLUSTER_NAME}/config.yml
     
144. 
     
145. 
     
146. # 融合配置准备
     
147. CLUSEER_WEBSITE="${CLUSTER_NAME}k8s.gtapp.xyz"
     
148. lb_num=$(grep -wn '^MASTER_CERT_HOSTS:' ${pwd}/clusters/${CLUSTER_NAME}/config.yml |awk -F: '{print $1}')
     
149. lb_num1=$(expr ${lb_num} + 1)
     
150. lb_num2=$(expr ${lb_num} + 2)
     
151. sed -ri "${lb_num1}s+.*$+  - "${CLUSEER_WEBSITE}"+g" ${pwd}/clusters/${CLUSTER_NAME}/config.yml
     
152. sed -ri "${lb_num2}s+(.*)$+#\1+g" ${pwd}/clusters/${CLUSTER_NAME}/config.yml
     
153. 
     
154. # node节点最大pod 数
     
155. MAX_PODS="120"
     
156. sed -ri "s+^(MAX_PODS<img src="static/image/smiley/default/smile.gif" border="0" smilieid="1" alt=":)">.*$+\1 ${MAX_PODS}+g" ${pwd}/clusters/${CLUSTER_NAME}/config.yml
     
157. 
     
158. 
     
159. 
     
160. # 修改二进制安装脚本配置 hosts
     
161. # clean old ip
     
162. sed -ri '/192.168.1.1/d' ${pwd}/clusters/${CLUSTER_NAME}/hosts
     
163. sed -ri '/192.168.1.2/d' ${pwd}/clusters/${CLUSTER_NAME}/hosts
     
164. sed -ri '/192.168.1.3/d' ${pwd}/clusters/${CLUSTER_NAME}/hosts
     
165. sed -ri '/192.168.1.4/d' ${pwd}/clusters/${CLUSTER_NAME}/hosts
     
166. 
     
167. # 输入准备创建ETCD集群的主机位
     
168. echo "enter etcd hosts here (example: 203 202 201) ↓"
     
169. read -p "" ipnums
     
170. for ipnum in `echo ${ipnums}`
     
171. do
     
172.     echo $netnum.$ipnum
     
173.     sed -i "/\[etcd/a $netnum.$ipnum"  ${pwd}/clusters/${CLUSTER_NAME}/hosts
     
174. done
     
175. 
     
176. # 输入准备创建KUBE-MASTER集群的主机位
     
177. echo "enter kube-master hosts here (example: 202 201) ↓"
     
178. read -p "" ipnums
     
179. for ipnum in `echo ${ipnums}`
     
180. do
     
181.     echo $netnum.$ipnum
     
182.     sed -i "/\[kube_master/a $netnum.$ipnum"  ${pwd}/clusters/${CLUSTER_NAME}/hosts
     
183. done
     
184. 
     
185. # 输入准备创建KUBE-NODE集群的主机位
     
186. echo "enter kube-node hosts here (example: 204 203) ↓"
     
187. read -p "" ipnums
     
188. for ipnum in `echo ${ipnums}`
     
189. do
     
190.     echo $netnum.$ipnum
     
191.     sed -i "/\[kube_node/a $netnum.$ipnum"  ${pwd}/clusters/${CLUSTER_NAME}/hosts
     
192. done
     
193. 
     
194. # 配置容器运行时CNI
     
195. case ${cni} in
     
196.     flannel)
     
197.     sed -ri "s+^CLUSTER_NETWORK=.*$+CLUSTER_NETWORK="${cni}"+g" ${pwd}/clusters/${CLUSTER_NAME}/hosts
     
198.     ;;
     
199.     calico)
     
200.     sed -ri "s+^CLUSTER_NETWORK=.*$+CLUSTER_NETWORK="${cni}"+g" ${pwd}/clusters/${CLUSTER_NAME}/hosts
     
201.     ;;
     
202.     *)
     
203.     echo "cni need be flannel or calico."
     
204.     exit 11
     
205. esac
     
206. 
     
207. # 配置K8S的ETCD数据备份的定时任务
     
208. if cat /etc/redhat-release &>/dev/null;then
     
209.     if ! grep -w '94.backup.yml' /var/spool/cron/root &>/dev/null;then echo "00 00 * * * `which ansible-playbook` ${pwd}/playbooks/94.backup.yml &> /dev/null" >> /var/spool/cron/root;else echo exists ;fi
     
210.     chown root.crontab /var/spool/cron/root
     
211.     chmod 600 /var/spool/cron/root
     
212. else
     
213.     if ! grep -w '94.backup.yml' /var/spool/cron/crontabs/root &>/dev/null;then echo "00 00 * * * `which ansible-playbook` ${pwd}/playbooks/94.backup.yml &> /dev/null" >> /var/spool/cron/crontabs/root;else echo exists ;fi
     
214.     chown root.crontab /var/spool/cron/crontabs/root
     
215.     chmod 600 /var/spool/cron/crontabs/root
     
216. fi
     
217. rm /var/run/cron.reboot
     
218. service crond restart
     
219. 
     
220. 
     
221. 
     
222. 
     
223. #---------------------------------------------------------------------------------------------------
     
224. # 准备开始安装了
     
225. rm -rf ${pwd}/{dockerfiles,docs,.gitignore,pics,dockerfiles} &&\
     
226. find ${pwd}/ -name '*.md'|xargs rm -f
     
227. read -p "Enter to continue deploy k8s to all nodes >>>" YesNobbb
     
228. 
     
229. # now start deploy k8s cluster
     
230. cd ${pwd}/
     
231. 
     
232. # to prepare CA/certs & kubeconfig & other system settings
     
233. ${pwd}/ezctl setup ${CLUSTER_NAME} 01
     
234. sleep 1
     
235. # to setup the etcd cluster
     
236. ${pwd}/ezctl setup ${CLUSTER_NAME} 02
     
237. sleep 1
     
238. # to setup the container runtime(docker or containerd)
     
239. case ${cri} in
     
240.     containerd)
     
241.     sed -ri "s+^CONTAINER_RUNTIME=.*$+CONTAINER_RUNTIME="${cri}"+g" ${pwd}/clusters/${CLUSTER_NAME}/hosts
     
242.     ${pwd}/ezctl setup ${CLUSTER_NAME} 03
     
243.     ;;
     
244.     docker)
     
245.     sed -ri "s+^CONTAINER_RUNTIME=.*$+CONTAINER_RUNTIME="${cri}"+g" ${pwd}/clusters/${CLUSTER_NAME}/hosts
     
246.     ${pwd}/ezctl setup ${CLUSTER_NAME} 03
     
247.     ;;
     
248.     *)
     
249.     echo "cri need be containerd or docker."
     
250.     exit 11
     
251. esac
     
252. sleep 1
     
253. # to setup the master nodes
     
254. ${pwd}/ezctl setup ${CLUSTER_NAME} 04
     
255. sleep 1
     
256. # to setup the worker nodes
     
257. ${pwd}/ezctl setup ${CLUSTER_NAME} 05
     
258. sleep 1
     
259. # to setup the network plugin(flannel、calico...)
     
260. ${pwd}/ezctl setup ${CLUSTER_NAME} 06
     
261. sleep 1
     
262. # to setup other useful plugins(metrics-server、coredns...)
     
263. ${pwd}/ezctl setup ${CLUSTER_NAME} 07
     
264. sleep 1
     
265. # [可选]对集群所有节点进行操作系统层面的安全加固  <a href="https://github.com/dev-sec/ansible-os-hardening" target="_blank">https://github.com/dev-sec/ansible-os-hardening</a>
     
266. #ansible-playbook roles/os-harden/os-harden.yml
     
267. #sleep 1
     
268. cd `dirname ${software_packet:-/tmp}`
     
269. 
     
270. 
     
271. k8s_bin_path='/opt/kube/bin'
     
272. 
     
273. 
     
274. echo "-------------------------  k8s version list  ---------------------------"
     
275. ${k8s_bin_path}/kubectl version
     
276. echo
     
277. echo "-------------------------  All Healthy status check  -------------------"
     
278. ${k8s_bin_path}/kubectl get componentstatus
     
279. echo
     
280. echo "-------------------------  k8s cluster info list  ----------------------"
     
281. ${k8s_bin_path}/kubectl cluster-info
     
282. echo
     
283. echo "-------------------------  k8s all nodes list  -------------------------"
     
284. ${k8s_bin_path}/kubectl get node -o wide
     
285. echo
     
286. echo "-------------------------  k8s all-namespaces's pods list   ------------"
     
287. ${k8s_bin_path}/kubectl get pod --all-namespaces
     
288. echo
     
289. echo "-------------------------  k8s all-namespaces's service network   ------"
     
290. ${k8s_bin_path}/kubectl get svc --all-namespaces
     
291. echo
     
292. echo "-------------------------  k8s welcome for you   -----------------------"
     
293. echo
     
294. 
     
295. # you can use k alias kubectl to siample
     
296. echo "alias k=kubectl && complete -F __start_kubectl k" >> ~/.bashrc
     
297. 
     
298. # get dashboard url
     
299. ${k8s_bin_path}/kubectl cluster-info|grep dashboard|awk '{print $NF}'|tee -a /root/k8s_results
     
300. 
     
301. # get login token
     
302. ${k8s_bin_path}/kubectl -n kube-system describe secret $(${k8s_bin_path}/kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')|grep 'token:'|awk '{print $NF}'|tee -a /root/k8s_results
     
303. echo
     
304. echo "you can look again dashboard and token info at  >>> /root/k8s_results <<<" #echo ">>>>>>>>>>>>>>>>> You can excute command [ source ~/.bashrc ] <<<<<<<<<<<<<<<<<<<<" echo ">>>>>>>>>>>>>>>>> You need to excute command [ reboot ] to restart all nodes <<<<<<<<<<<<<<<<<<<<"
     
305. rm -f $0
     
306. [ -f ${software_packet} ] && rm -f ${software_packet}
     
307. #rm -f ${pwd}/roles/deploy/templates/${USER_NAME}-csr.json.j2
     
308. #sed -ri "s+${USER_NAME}+admin+g" ${pwd}/roles/prepare/tasks/main.yml

复制代码

3、下载安装包，和脚本放在同一个目录下

1. https://github.com/bogeit/LearnK8s/blob/main/download_url

复制代码

4、添加阿里云yum源

1. wget -O /etc/yum.repos.d/CentOS-Base.repo <a href="https://mirrors.aliyun.com/repo/Centos-7.repo" target="_blank">https://mirrors.aliyun.com/repo/Centos-7.repo</a>
   
2. wget -O /etc/yum.repos.d/epel.repo <a href="http://mirrors.aliyun.com/repo/epel-7.repo" target="_blank">http://mirrors.aliyun.com/repo/epel-7.repo</a>

复制代码

二、开始安装
1、执行脚本

1. bash k8s_install_new.sh admin123 10.0.1 201\ 202\ 203\ 204 docker calico k8s-cluster

复制代码

参数说明：
admin123：节点root的账号密码
10.0.1：节点的网络位
201\..:节点IP的主机位
docker：指定容器运行时是docker
calico：CNI为calico
k8s-cluster：K8S集群名称为k8s-cluster
2、执行过程中输入参数说明

1. # 脚本基本是自动化的，除了下面几处提示按要求复制粘贴下，再回车即可
   
2. # 输入准备创建ETCD集群的主机位，复制  203 202 201 粘贴并回车
   
3. echo "enter etcd hosts here (example: 203 202 201) ↓"
   
4. 
   
5. # 输入准备创建KUBE-MASTER集群的主机位，复制  202 201 粘贴并回车
   
6. echo "enter kube-master hosts here (example: 202 201) ↓"
   
7. 
   
8. # 输入准备创建KUBE-NODE集群的主机位，复制  204 203 粘贴并回车
   
9. echo "enter kube-node hosts here (example: 204 203) ↓"
   
10. 
    
11. # 这里会提示你是否继续安装，没问题的话直接回车即可
    
12. Enter to continue deploy k8s to all nodes >>>
    
13. 
    
14. # 安装完成后重新加载下环境变量以实现kubectl命令补齐
    
15. . ~/.bashrc

复制代码

三、k8s添加插件
1、下载插件kubecolor、kubens

1. mv kubecolor、kubens /usr/local/bin
   
2. chmod +x /usr/local/bin/*

复制代码

2、添加环境变量

1. source <(kubectl completion bash)
   
2. command -v kubecolor >/dev/null 2>&1 && alias kubectl="kubecolor"

复制代码

3、标记节点不可部署

1. kubectl get nodes
   
2. NAME           STATUS                     ROLES    AGE   VERSION
   
3. 192.168.1.10   Ready,SchedulingDisabled   master   22m   v1.20.2
   
4. 192.168.1.11   Ready,SchedulingDisabled   master   22m   v1.20.2
   
5. 192.168.1.12   Ready                      node     18m   v1.20.2

复制代码

4、标记节点可部署

1. [root@k8s-master ~]# kubectl uncordon 192.168.1.10
   
2. node/192.168.1.10 uncordoned
   
3. [root@k8s-master ~]# kubectl uncordon 192.168.1.11
   
4. node/192.168.1.11 uncordoned
   
5. [root@k8s-master ~]# kubectl get nodes
   
6. NAME           STATUS   ROLES    AGE   VERSION
   
7. 192.168.1.10   Ready    master   76m   v1.20.2
   
8. 192.168.1.11   Ready    master   76m   v1.20.2
   
9. 192.168.1.12   Ready    node     72m   v1.20.2

复制代码

5、安装k8s tab命令补全

1. yum install -y bash-completion
   
2. source /usr/share/bash-completion/bash_completion
   
3. source <(kubectl completion bash)

复制代码