每个在新集群里,记得更改三个节点的IP即可。

第一步还是要执行那个root脚本,准备好系统环境,安装好软件。

先安装在每个节点上使用docker安装好etcd。(sh script domain etcd)

再在每个节点上安装master。(sh script domain master)

#!/bin/bash
# Version V0.09 2019-05-10-10:32

if [ `whoami` != "xxx" ];then echo "[error] You need to switch to docker user to execute this command" ; exit 1 ;fi

Domain_name=$1
Node_type=$2

K8S_VER=1.14.1
dir_path=$(cd `dirname $0`;cd ../;pwd)
cmd_path=$dir_path/cmd
cert_path=$dir_path/cert
rpm_path=$dir_path/rpm
software_path=$dir_path/software
yaml_path=$dir_path/yaml

# 每一个新集群,此处必须修改
HOST_1=1.1.1.1
HOST_2=1.1.1.2
HOST_3=1.1.1.3

Domain_name=$1
Node_type=$2
# 定义常量
THIS_HOST=$(hostname -i)
LOCAL_HOST=$(hostname)
LOCAL_HOST_L=${LOCAL_HOST,,}
pki_dir=/etc/kubernetes/pki
K8S_API_PORT=6443
K8S_JOIN_TOKEN=xxxxxx.xxxxxxxxxxxxxxxx
General_user=xxx
REGISTRY=harbor.xxx.cn/3rd_part/k8s.gcr.io
ETCD_VERSION=3.3.10
ETCD_CLI_PORT=2379
ETCD_CLU_PORT=2380
TOKEN=xxx-k8s-etcd-token
CLUSTER_STATE=new
CLUSTER=${HOST_1}=http://${HOST_1}:${ETCD_CLU_PORT},${HOST_2}=http://${HOST_2}:${ETCD_CLU_PORT},${HOST_3}=http://${HOST_3}:${ETCD_CLU_PORT}
etcd_data_dir=$HOME/etcd/etcd-data
cs=$software_path/cfssl
csj=$software_path/cfssljson

#判断本机IP是否在集群内
function ip_in_cluster() {
	if [[ ${THIS_HOST} != ${HOST_1} && ${THIS_HOST} != ${HOST_2} && ${THIS_HOST} != ${HOST_3} ]]; then
	  echo "Ip not in the k8s cluster host. please modify the HOST_1, HOST_2, HOST_3 at k8s_ha_master.sh file."
	  exit 110
	fi
}

function if_file_exist_del() {
  if [ -e $1 ]; then
    rm -f $1
  fi
}

function kubeadmConf() {
  kubeadm_conf=kubeadm-config.yaml
  if_file_exist_del $kubeadm_conf
  cat << EOF >$kubeadm_conf
apiVersion: kubeadm.k8s.io/v1beta1
kind: InitConfiguration
bootstrapTokens:
- token: ${K8S_JOIN_TOKEN}
  ttl: 24h
  usages:
  - signing
  - authentication
  groups:
  - system:bootstrappers:kubeadm:default-node-token
---
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
imageRepository: ${REGISTRY}
kubernetesVersion: ${K8S_VER}
controlPlaneEndpoint: ${Domain_name}:${K8S_API_PORT}
etcd:
  external:
    endpoints:
    - https://${HOST_1}:${ETCD_CLI_PORT}
    - https://${HOST_2}:${ETCD_CLI_PORT}
    - https://${HOST_3}:${ETCD_CLI_PORT}
    caFile: ${pki_dir}/etcd/ca.crt
    certFile: ${pki_dir}/apiserver-etcd-client.crt
    keyFile: ${pki_dir}/apiserver-etcd-client.key
apiServer:
  extraArgs:
    service-node-port-range: 30000-50000
networking:
  podSubnet: 10.244.0.0/16
  serviceSubnet: 10.96.0.0/12
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
mode: "ipvs"
EOF
}

cert_ha_init() {
  mkdir  -p  k8s_cert_tmp
  cp $cert_path/* ./k8s_cert_tmp
  chmod +x $cs
  chmod +x $csj
  cd k8s_cert_tmp
  sed -i "s/LOCAL_HOST_L/${LOCAL_HOST_L}/g;s/HOST_1/${HOST_1}/g;s/HOST_2/${HOST_2}/g;s/HOST_3/${HOST_3}/g;s/Domain_name/${Domain_name}/g" ha-etcd-server.json
  sed -i "s/LOCAL_HOST_L/${LOCAL_HOST_L}/g;s/HOST_1/${HOST_1}/g;s/HOST_2/${HOST_2}/g;s/HOST_3/${HOST_3}/g;s/Domain_name/${Domain_name}/g" ha-etcd-peer.json
  sed -i "s/LOCAL_HOST_L/${LOCAL_HOST_L}/g;s/HOST_1/${HOST_1}/g;s/HOST_2/${HOST_2}/g;s/HOST_3/${HOST_3}/g;s/Domain_name/${Domain_name}/g" ha-apiserver.json

  $cs gencert -ca=ca.crt -ca-key=ca.key -config=ca-config.json -profile=server ha-etcd-server.json|$csj -bare server
  $cs gencert -ca=ca.crt -ca-key=ca.key -config=ca-config.json -profile=client etcd-client.json|$csj -bare client
  $cs gencert -ca=ca.crt -ca-key=ca.key -config=ca-config.json -profile=peer ha-etcd-peer.json|$csj -bare peer
  $cs gencert -ca=front-proxy-ca.crt -ca-key=front-proxy-ca.key -config=ca-config.json -profile=client front-proxy-client.json|$csj -bare front-proxy-client
  $cs gencert -ca=ca.crt -ca-key=ca.key -config=ca-config.json -profile=server ha-apiserver.json|$csj -bare apiserver
  $cs gencert -ca=ca.crt -ca-key=ca.key -config=ca-config.json -profile=client apiserver-kubelet-client.json|$csj -bare apiserver-kubelet-client

  mkdir -p $pki_dir/etcd

  cp server.pem $pki_dir/etcd/server.crt&&cp server-key.pem $pki_dir/etcd/server.key
  cp client.pem $pki_dir/etcd/healthcheck-client.crt&&cp client-key.pem $pki_dir/etcd/healthcheck-client.key
  cp client.pem $pki_dir/apiserver-etcd-client.crt&&cp client-key.pem $pki_dir/apiserver-etcd-client.key
  cp peer.pem $pki_dir/etcd/peer.crt&&cp peer-key.pem $pki_dir/etcd/peer.key
  cp ca.crt $pki_dir/etcd/ca.crt&&cp ca.key $pki_dir/etcd/ca.key

  cp front-proxy-ca.crt $pki_dir/front-proxy-ca.crt&&cp front-proxy-ca.key $pki_dir/front-proxy-ca.key
  cp front-proxy-client.pem $pki_dir/front-proxy-client.crt&&cp front-proxy-client-key.pem $pki_dir/front-proxy-client.key

  cp ca.crt $pki_dir/ca.crt&&cp ca.key $pki_dir/ca.key
  cp apiserver.pem $pki_dir/apiserver.crt&cp apiserver-key.pem $pki_dir/apiserver.key
  cp apiserver-kubelet-client.pem $pki_dir/apiserver-kubelet-client.crt&&cp apiserver-kubelet-client-key.pem $pki_dir/apiserver-kubelet-client.key

  cp sa.pub $pki_dir/sa.pub&&cp sa.key $pki_dir/sa.key
  cd ../
  rm -rf k8s_cert_tmp
}

function etcd_install() {
		# 如果有以前数据,先清除
		set +e
		sudo docker stop etcd &&sudo  docker rm etcd
		rm -rf ${etcd_data_dir}/*
		sudo systemctl restart docker
		set -e

		# 运行docker
		docker run \
		   -d \
		   -p ${ETCD_CLI_PORT}:${ETCD_CLI_PORT} \
		   -p ${ETCD_CLU_PORT}:${ETCD_CLU_PORT} \
		   --volume=${etcd_data_dir}:${etcd_data_dir} \
		   --volume=${pki_dir}:${pki_dir} \
		   --name etcd ${REGISTRY}/etcd:${ETCD_VERSION} \
		   /usr/local/bin/etcd \
		   --data-dir=${etcd_data_dir} --name ${THIS_HOST} \
		   --initial-advertise-peer-urls http://${THIS_HOST}:${ETCD_CLU_PORT} \
		   --listen-peer-urls http://0.0.0.0:${ETCD_CLU_PORT} \
		   --advertise-client-urls https://${THIS_HOST}:${ETCD_CLI_PORT} \
		   --listen-client-urls https://0.0.0.0:${ETCD_CLI_PORT} \
		   --initial-cluster ${CLUSTER} \
		   --initial-cluster-state ${CLUSTER_STATE} \
		   --initial-cluster-token ${TOKEN} \
		   --cert-file=${pki_dir}/etcd/server.crt \
		   --key-file=${pki_dir}/etcd/server.key \
		   --trusted-ca-file=${pki_dir}/etcd/ca.crt

    echo "================================="
		echo "etcd start success"
}

function etcd_reset() {
	set +e
	docker stop etcd
	rm -rf ${etcd_data_dir}/*
	docker rm etcd
	set -e

}

function master_install(){
  sudo /usr/local/bin/kubeadm  init --config $kubeadm_conf
  sudo chown -R docker /etc/kubernetes/
  mkdir -p $HOME/.kube
  \cp -f /etc/kubernetes/admin.conf $HOME/.kube/config
  chown $(id -u):$(id -g) $HOME/.kube/config
  General_user_HOME=`cat /etc/passwd |grep  -e ^${General_user} |awk -F: '{print $6}'`
  mkdir -p ${General_user_HOME}/.kube
  \cp -f /etc/kubernetes/admin.conf ${General_user_HOME}/.kube/config
  chown -R $(id -u ${General_user}):$(id -g ${General_user}) ${General_user_HOME}/.kube

  kubectl apply -f $yaml_path/secret
  kubectl apply -f $yaml_path/auto_cert_server
  kubectl apply -f $yaml_path/flannel
}

function node_join(){
		system_init
		kubeadm join ${Domain_name}:${K8S_API_PORT} --token ${K8S_JOIN_TOKEN} --discovery-token-unsafe-skip-ca-verification
		echo "================================="
		echo "node join success"
}

case ${Node_type} in
  "etcd")
    ip_in_cluster
    cert_ha_init
    etcd_install
    ;;
  "cert")
    cert_ha_init
    ;;
  "etcd_install")
    etcd_install
  ;;
  "master")
    ip_in_cluster
    kubeadmConf
    master_install
  ;;
  "node")
    node_join
  ;;
  *)
  echo "usage `basename $0` [Domain] [etcd|master|node]"
  ;;
esac

  

安装k8s,高可用3 master安装脚本的更多相关文章

  1. 一、k8s介绍(第一章、k8s高可用集群安装)

    作者:北京小远 出处:http://www.cnblogs.com/bj-xy/ 参考课程:Kubernetes全栈架构师(电脑端购买优惠) 文档禁止转载,转载需标明出处,否则保留追究法律责任的权利! ...

  2. 三、k8s集群可用性验证与调参(第一章、k8s高可用集群安装)

    作者:北京小远 出处:http://www.cnblogs.com/bj-xy/ 参考课程:Kubernetes全栈架构师(电脑端购买优惠) 文档禁止转载,转载需标明出处,否则保留追究法律责任的权利! ...

  3. 安装ORACLE高可用RAC集群11g执行root脚本的输出信息

    安装ORACLE高可用RAC集群11g执行root脚本的输出信息 作者:Eric 微信:loveoracle11g [root@node1 ~]# /u01/app/oraInventory/orai ...

  4. 使用kubeadm安装kubernetes高可用集群

    kubeadm安装kubernetes高可用集群搭建  第一步:首先搭建etcd集群 yum install -y etcd 配置文件 /etc/etcd/etcd.confETCD_NAME=inf ...

  5. ActiveMQ 高可用集群安装、配置(ZooKeeper + LevelDB)

    ActiveMQ 高可用集群安装.配置(ZooKeeper + LevelDB) 1.ActiveMQ 集群部署规划: 环境: JDK7 版本:ActiveMQ 5.11.1 ZooKeeper 集群 ...

  6. Neo4j 高可用集群安装

    安装neo4j高可用集群,抓图安装过程 http://www.ibm.com/developerworks/cn/java/j-lo-neo4j/ Step1.下载neo4j商业版并解压,复制为neo ...

  7. 安装ORACLE高可用RAC集群11g校验集群安装的可行性输出信息

    安装ORACLE高可用RAC集群11g校验集群安装的可行性输出信息 作者:Eric 微信:loveoracle11g [grid@node1 grid]$ ./runcluvfy.sh stage - ...

  8. kubeadm实现k8s高可用集群环境部署与配置

    高可用架构 k8s集群的高可用实际是k8s各核心组件的高可用,这里使用主备模式,架构如下: 主备模式高可用架构说明: 核心组件 高可用模式 高可用实现方式 apiserver 主备 keepalive ...

  9. kubernetes高可用设计-master节点和kubectl

    部署master 节点 上一遍是CA证书和etcd的部署,这一篇继续搭建k8s,废话不多说.开始部署. kubernetes master 节点包含的组件有: kube-apiserver kube- ...

随机推荐

  1. [LeetCode] 264. Ugly Number II 丑陋数 II

    Write a program to find the n-th ugly number. Ugly numbers are positive numbers whose prime factors ...

  2. 用Vue2.0实现简单的分页及跳转

    用Vue2.0实现简单的分页及跳转 2018年07月26日 20:29:51 Freya_yyy 阅读数 3369    版权声明:本文为博主原创文章,未经博主允许不得转载. https://blog ...

  3. mysql查询之分数排名

    编写一个 SQL 查询来实现分数排名.如果两个分数相同,则两个分数排名(Rank)相同 +----+-------+ | Id | Score | +----+-------+ | 1 | 3.50 ...

  4. LeetCode 506. 相对名次(Relative Ranks) 39

    506. 相对名次 506. Relative Ranks 题目描述 给出 N 名运动员的成绩,找出他们的相对名次并授予前三名对应的奖牌.前三名运动员将会被分别授予"金牌",&qu ...

  5. TCP/IP协议的工作流程

    1.在源主机上,应用层将一串应用数据流向下传输给传输层 2.传输层将应用数据截流成分组,并加上TCP报头形成TCP段,向下递交给网络层 3.在网络层给TCP段加上包括源主机,目的主机IP地址的IP报头 ...

  6. Java开发笔记(一百零九)XML报文的定义和解析

    前面介绍了JSON格式的报文解析,虽然json串短小精悍,也能有效表达层次结构,但是每个元素只能找到对应的元素值,不能体现更丰富的样式特征.比如某个元素除了要传输它的字符串文本,还想传输该文本的类型. ...

  7. Centos下Redis集群的搭建实现读写分离

    Centos下Redis一主多从架构搭建 搭建目标:因为自己笔记本电脑配置较低的原因,模拟两台机器之间搭建一主一从的架构,主节点Redis主要用来写数据,数据写入到主节点的Redis,然后从节点就可以 ...

  8. poj 1095 题解(卡特兰数+递归

    题目 题意:给出一个二叉树的编号,问形态. 编号依据 1:如果二叉树为空,则编号为0: 2:如果二叉树只有一个节点,则编号为1: 3:所有含有m个节点的二叉树的编号小于所有含有m+1个节点的二叉树的编 ...

  9. 跨域和CORS

    一 跨域 同源策略(Same origin policy)是一种约定,它是浏览器最核心也最基本的安全功能,如果缺少了同源策略,则浏览器的正常功能可能都会受到影响.可以说Web是构建在同源策略基础之上的 ...

  10. 不一样的go语言-go缺少的语言特性

      相信很多从其他语言转向go语言的人,或者是几乎所有初学go语言的人(我相信目前还没有学校将go作为教学语言,所以未来的IT工程师的第一语言都不会是go),都会在学习的过程中将go与自己的第一语言. ...