目录
一、准备
- 通过之前在ubuntu18.04上手动部署过k8s之后,尝试用python脚本进行自动化部署
- 这次用的是三台centos7的虚拟机,一台作为master执行脚本,两台作为node节点
- 三台机器都配置好静态ip,可以参考之前的
二、编辑脚本
1、k8s.sh
放在/root下,用于从dockerhub拉取镜像。
set -o errexit
set -o nounset
set -o pipefail
##这里定义版本,按照上面得到的列表自己改一下版本号
kube_version=v1.21.3
kube_pause_version=3.4.1
etcd_version=3.4.13-0
##这是原始仓库名,最后需要改名成这个
gcr_url=k8s.gcr.io
##这里就是写你要使用的仓库
dockerhub_url=gotok8s
##这里是镜像列表,新版本要把coredns改成coredns/coredns
images=(
kube-proxy:${kube_version}
kube-scheduler:${kube_version}
kube-controller-manager:${kube_version}
kube-apiserver:${kube_version}
pause:${kube_pause_version}
etcd:${etcd_version}
)
##这里是拉取和改名的循环语句
for imagename in ${images[@]} ; do
docker pull $dockerhub_url/$imagename
docker tag $dockerhub_url/$imagename $gcr_url/$imagename
docker rmi $dockerhub_url/$imagename
done
docker pull coredns/coredns:1.8.0
docker tag coredns/coredns:1.8.0 k8s.gcr.io/coredns/coredns:v1.8.0
docker rmi coredns/coredns:1.8.0
2、k8s_install.py
#!/bin/python3
# -*- coding:utf-8 -*-
# author: fanb
# describe: k8s v1.21.2 一键脚本安装
import os
import subprocess
import time
class k8s_install(object):
def __init__(self,masterip,nodeip):
self.masterip = masterip
self.nodeip = nodeip
def initialization_shell(self): #环境初始化shell
# 关闭防火墙
setenforce = "setenforce 0"
sed_selinux = "sed -i 's/^selinux=enforcing/selinux=disabled/g' /etc/sysconfig/selinux"
sed_selinux1 = "sed -i 's/^selinux=enforcing/selinux=disabled/g' /etc/selinux/config"
sed_selinux2 = "sed -i 's/^selinux=permissive/selinux=disabled/g' /etc/sysconfig/selinux"
sed_selinux3 = "sed -i 's/^selinux=permissive/selinux=disabled/g' /etc/selinux/config"
stop_firewalld = "systemctl stop firewalld"
disable_firewalld = "systemctl disable firewalld"
swapoff_a = "swapoff -a"
sed_swapoff = "sed -i 's/.*swap.*/#&/' /etc/fstab"
#在所有服务器配置国内yum源
yum_install = "yum install -y wget git chrony yum-utils device-mapper-persistent-data lvm2 ipset ipvsadm > /dev/null 2>&1"
mkdir_repo = "mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak > /dev/null 2>&1"
wget_centos = "wget -o /etc/yum.repos.d/centos-base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo > /dev/null 2>&1"
wget_epel = "wget -o /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo > /dev/null 2>&1"
wget_docker = "wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo > /dev/null 2>&1"
kubernetes_repo = """
cat > /etc/yum.repos.d/kubernetes.repo << eof
[kubernetes]
name=kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
eof
"""
yum_clean = "yum -y makecache > /dev/null 2>&1"
yum_makecahe = "yum -y makecache > /dev/null 2>&1"
#修改内核参数,由于ipvs已经加入到了内核的主干,所以为kube-proxy开启ipvs的前提需要加载以下的内核模块
modprobe_netfilter = "modprobe br_netfilter"
br_netfilter = "echo 'br_netfilter' > /etc/modules-load.d/br_netfilter.conf"
k8s_conf = """
cat > /etc/sysctl.d/k8s.conf <<eof
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness=0
eof
"""
limits_conf = """
cat > /etc/security/limits.conf << eof
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
* hard nproc 65536
* soft memlock unlimited
* hard memlock unlimited
defaultlimitnofile=102400
defaultlimitnproc=102400
eof
"""
sysctl_k8s = "sysctl -p /etc/sysctl.d/k8s.conf > /dev/null 2>&1"
#时间同步
enable_chronyd = "systemctl enable chronyd.service"
start_chronyd = "systemctl start chronyd.service"
set_timezone = "timedatectl set-timezone asia/shanghai"
ntpdate = "ntpdate ntp1.aliyun.com > /dev/null 2>&1"
chronyc_sources = "chronyc sources > /dev/null 2>&1"
#安装docker,kubelet
remove_docker = "yum remove -y docker docker-ce docker-common docker-selinux docker-engine > /dev/null 2>&1"
install_docker = "yum install -y docker-ce > /dev/null 2>&1"
start_docker = "systemctl start docker > /dev/null 2>&1"
docker_reload = "systemctl daemon-reload > /dev/null 2>&1"
enable_docker = "systemctl enable docker > /dev/null 2>&1"
restart_docker = "systemctl restart docker > /dev/null 2>&1"
install_kubelet = "yum install -y kubelet-1.21.2 kubeadm-1.21.2 kubectl-1.21.2 --disableexcludes=kubernetes > /dev/null 2>&1"
enable_kubelet = "systemctl enable kubelet > /dev/null 2>&1"
start_kubelet = "systemctl start kubelet > /dev/null 2>&1"
return setenforce,sed_selinux,sed_selinux1,sed_selinux2,sed_selinux3,stop_firewalld,disable_firewalld,swapoff_a,sed_swapoff,yum_install,\
mkdir_repo,wget_centos,wget_epel,wget_docker,kubernetes_repo,yum_clean,yum_makecahe,modprobe_netfilter,br_netfilter,k8s_conf,limits_conf,\
sysctl_k8s,enable_chronyd,start_chronyd,set_timezone,ntpdate,chronyc_sources,remove_docker,install_docker,start_docker,docker_reload,enable_docker,restart_docker,\
install_kubelet,enable_kubelet,start_kubelet
def shell_command(self):
masterip_list = self.masterip.split(',')
nodeip_list = self.nodeip.split(',')
token_creat = ()
token_code = ()
name_num = 0
node_num = 0
dir0 = '''echo '{
"exec-opts":["native.cgroupdriver=systemd"]
}' > /etc/docker/daemon.json'''
dir1 = '''echo 'export kubeconfig=/etc/kubernetes/admin.conf' >> /etc/profile'''
dir2 = '''echo '199.232.68.133 raw.githubusercontent.com' >> /etc/hosts'''
dir3 = '''echo '{
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}' > /etc/docker/daemon.json'''
# #自动添加策略,保存服务器的主机名和密钥信息,如果不添加,那么不再本地know_hosts文件中记录的主机将无法连接
for masterip in masterip_list:
name_num += 1
hosts_name = ""
if masterip == masterip_list[0]: # 如果是当前单节点
print("*"*20,"进入master节点操作,当前ip: %s" %masterip)
master_name = "master0%s" % name_num
#设置名字
hostname = os.system("hostname %s"%master_name)
etc_hostname = os.system("echo '%s' > /etc/hostname" % master_name)
#设置hosts
master_host = masterip + " " + master_name
etc_hosts = os.system("echo '%s' >> /etc/hosts" % master_host)
for hosts in nodeip_list:
name_num += 1
hosts_name += hosts + " node0%s" % (name_num - 1) + "\n"
os.system("cat >> /etc/hosts <<eof \n%seof\n" % hosts_name)
print("*"*20,"进入环境初始化,请耐心等待....")
for shell in self.initialization_shell():
time.sleep(1)
env_init = os.system(shell)
print("*"*20,"环境初始化完成,安装kubernetes...")
#设置hosts
#集群初始化
registry = os.system("%s" %dir3)
restart_docker = os.system("systemctl restart docker")
dockerpull = os.system("sh /root/k8s.sh")
docker_problem = os.system("%s" %dir0)
restart_docker = os.system("systemctl restart docker")
status_docker = os.system("systemctl status docker")
kubeadm_init = os.system("kubeadm init")
export_root = os.system("export kubeconfig=/etc/kubernetes/admin.conf")
config = os.system("%s" %dir1)
source = os.system("source /etc/profile")
mkdir_kube = os.system("mkdir -p /root/.kube")
kube_config = os.system("cp -i /etc/kubernetes/admin.conf /root/.kube/config")
kubelet_enable = os.system("systemctl enable kubelet")
kubelet_start = os.system("systemctl start kubelet")
manage_yaml = os.system("sed -i 's/.*- --port=0*/#&/' /etc/kubernetes/manifests/kube-controller-manager.yaml")
scheduler_yaml = os.system("sed -i 's/.*- --port=0*/#&/' /etc/kubernetes/manifests/kube-scheduler.yaml")
#配置flannel网络
print("*" * 20, "正在安装网络组件flannel....")
flannel_before = os.system("%s" %dir2)
flannel_wget = os.system("wget https://raw.githubusercontent.com/coreos/flannel/master/documentation/kube-flannel.yml")
yum_flannel = os.system("yum install -y flannel")
flannel_apply = os.system("kubectl apply -f /root/kube-flannel.yml")
print("*" * 20, "网络组件flannel安装完成....")
token_creat = subprocess.getstatusoutput("kubeadm token create")
token_code = subprocess.getstatusoutput("openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'")
token_creat = token_creat[1].split('\n')[-1]
token_code = token_code[1]
# 安装从节点
for nodeip in nodeip_list:
os.system("scp -rp /etc/hosts %s:/etc/hosts" % nodeip)
print("*" * 20, "进入node节点操作,当前ip: %s" % nodeip)
node_num += 1
node_name = "node0%s" % (node_num)
# 设置名字
os.system("ssh %s \"hostname %s\"" % (nodeip,node_name))
os.system("ssh %s \"echo '%s' > /etc/hostname\"" % (nodeip,node_name))
print("*" * 20, "进入环境初始化,请耐心等待....")
for shell in self.initialization_shell():
time.sleep(1)
os.system("ssh %s \"%s\"" %(nodeip,shell))
enable_node = os.system("ssh %s \"systemctl enable kubelet\"" %nodeip)
start_node = os.system("ssh %s \"systemctl start kubelet\"" %nodeip)
admin = os.system("scp /etc/kubernetes/admin.conf %s:/root" %nodeip)
print("*" * 20, "正在加入集群....")
print("token_creat : ",token_creat)
print("token_code : ",token_code)
docker_problem = os.system("scp -r /etc/docker/daemon.json %s:/etc/docker" %nodeip)
restart_docker = os.system("ssh %s \"systemctl restart docker\"" %nodeip)
status_docker = os.system("ssh %s \"systemctl status docker\"" %nodeip)
kubeadm_join = os.system("ssh %s \"kubeadm join %s:6443 --token %s --discovery-token-ca-cert-hash sha256:%s\"" % (nodeip,masterip, str(token_creat), str(token_code)))
cni = os.system("scp -r /etc/cni %s:/etc" %nodeip)
print("*" * 20, "加入集群成功....")
print("*" * 20 ,"执行以下命令,检查k8s集群\n")
print("*" * 20,"kubectl get nodes")
print("*" * 20, "kubectl get cs")
print("*" * 20, "kubectl get pod -n kube-system")
else: #否则就是集群模式
print("进入集群模式安装")
print("暂无")
exit()
if __name__ == '__main__':
# #用户输入ip:
print("----------0、请先安装python3 并使用python3 执行此脚本------------")
print("----------1、此脚本依赖网络,请连接好网络执行此脚本-----------")
print("----------2、请将此脚本在主节点上执行,请在主节点上对其他所有节点做免密登录-----------")
print("**********3、请确认主节点已对其他节点做好免密登录,再次确认后再执行此脚本**********")
k8s_masterip = input("请输入k8s_master ip, 多个ip以逗号分隔: ")
k8s_nodeip = input("请输入k8s_node ip,多个ip以逗号分隔: ")
ask_ent = input("********** 确认/取消 (y/n) :")
if ask_ent.upper() == "y":
k8s_install = k8s_install(k8s_masterip,k8s_nodeip)
k8s_install.shell_command()
else:
exit()
三、配置ssh免密
[root@master ~]# ssh-keygen [root@master ~]# ssh-copy-id 192.168.139.132 [root@master ~]# ssh-copy-id 192.168.139.133
四、下载python3和git
root@master ~]# vim k8s_install.py
五、执行脚本
[root@master ~]# python3 k8s_install.py
六、成功
******************** 执行以下命令,检查k8s集群
******************** kubectl get nodes
******************** kubectl get cs
******************** kubectl get pod -n kube-system
[root@master ~]# kubectl get nodes
name status roles age version
master01 ready control-plane,master 7m2s v1.21.2
node01 ready <none> 3m30s v1.21.2
node02 ready <none> 25s v1.21.2
[root@master ~]# kubectl get cs
warning: v1 componentstatus is deprecated in v1.19+
name status message error
scheduler healthy ok
controller-manager healthy ok
etcd-0 healthy {"health":"true"}
[root@master ~]# kubectl get pod -n kube-system
name ready status restarts age
coredns-558bd4d5db-fkqcb 0/1 containercreating 0 6m52s
coredns-558bd4d5db-tvb7j 0/1 containercreating 0 6m52s
etcd-master01 1/1 running 0 7m16s
kube-apiserver-master01 1/1 running 0 7m16s
kube-controller-manager-master01 1/1 running 0 7m12s
kube-flannel-ds-9hx9s 0/1 init:0/1 0 43s
kube-flannel-ds-cl9r7 0/1 init:0/1 0 3m49s
kube-flannel-ds-gn4m4 0/1 crashloopbackoff 5 6m52s
kube-proxy-cv5t8 0/1 containercreating 0 43s
kube-proxy-kjqm7 0/1 containercreating 0 3m49s
kube-proxy-plbgm 1/1 running 0 6m52s
kube-scheduler-master01 1/1 running 0 7m13s
七、总结
参考:https://github.com/hxz5215/k8sv1.18_install
根据github上的python脚本源码结合之前在ubuntu上配置k8s的经验,对脚本进行了一些改变。
安装了更新版本的k8s,我这里安装的是之前学习过程中安装过的 v1.21.2添加了一个从dockerhub拉取k8s所需镜像的脚本将calico换成了flannel网络插件删除了dashboard,因为我这里没有这个需求针对 isdockersystemdcheck 问题加入了解决脚本对于 kubeadm get cs 的unhealthy问题和 kubectl get nodes的notready问题都加入了解决脚本加入了通过ssh将admin.conf和 /etc/cni文件拷贝到node节点的脚本
到此这篇关于利用python脚本自动部署k8s的文章就介绍到这了,更多相关python自动部署k8s内容请搜索www.887551.com以前的文章或继续浏览下面的相关文章希望大家以后多多支持www.887551.com!
黄山市民网:https://www.huangshanshimin.com/
