每个在新集群里,记得更改三个节点的IP即可。

第一步还是要执行那个root脚本,准备好系统环境,安装好软件。

先安装在每个节点上使用docker安装好etcd。(sh script domain etcd)

再在每个节点上安装master。(sh script domain master)

#!/bin/bash
# Version V0.09 2019-05-10-10:32

if [ `whoami` != "xxx" ];then echo "[error] You need to switch to docker user to execute this command" ; exit 1 ;fi

Domain_name=$1
Node_type=$2

K8S_VER=1.14.1
dir_path=$(cd `dirname $0`;cd ../;pwd)
cmd_path=$dir_path/cmd
cert_path=$dir_path/cert
rpm_path=$dir_path/rpm
software_path=$dir_path/software
yaml_path=$dir_path/yaml

# 每一个新集群,此处必须修改
HOST_1=1.1.1.1
HOST_2=1.1.1.2
HOST_3=1.1.1.3

Domain_name=$1
Node_type=$2
# 定义常量
THIS_HOST=$(hostname -i)
LOCAL_HOST=$(hostname)
LOCAL_HOST_L=${LOCAL_HOST,,}
pki_dir=/etc/kubernetes/pki
K8S_API_PORT=6443
K8S_JOIN_TOKEN=xxxxxx.xxxxxxxxxxxxxxxx
General_user=xxx
REGISTRY=harbor.xxx.cn/3rd_part/k8s.gcr.io
ETCD_VERSION=3.3.10
ETCD_CLI_PORT=2379
ETCD_CLU_PORT=2380
TOKEN=xxx-k8s-etcd-token
CLUSTER_STATE=new
CLUSTER=${HOST_1}=http://${HOST_1}:${ETCD_CLU_PORT},${HOST_2}=http://${HOST_2}:${ETCD_CLU_PORT},${HOST_3}=http://${HOST_3}:${ETCD_CLU_PORT}
etcd_data_dir=$HOME/etcd/etcd-data
cs=$software_path/cfssl
csj=$software_path/cfssljson

#判断本机IP是否在集群内
function ip_in_cluster() {
	if [[ ${THIS_HOST} != ${HOST_1} && ${THIS_HOST} != ${HOST_2} && ${THIS_HOST} != ${HOST_3} ]]; then
	  echo "Ip not in the k8s cluster host. please modify the HOST_1, HOST_2, HOST_3 at k8s_ha_master.sh file."
	  exit 110
	fi
}

function if_file_exist_del() {
  if [ -e $1 ]; then
    rm -f $1
  fi
}

function kubeadmConf() {
  kubeadm_conf=kubeadm-config.yaml
  if_file_exist_del $kubeadm_conf
  cat << EOF >$kubeadm_conf
apiVersion: kubeadm.k8s.io/v1beta1
kind: InitConfiguration
bootstrapTokens:
- token: ${K8S_JOIN_TOKEN}
  ttl: 24h
  usages:
  - signing
  - authentication
  groups:
  - system:bootstrappers:kubeadm:default-node-token
---
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
imageRepository: ${REGISTRY}
kubernetesVersion: ${K8S_VER}
controlPlaneEndpoint: ${Domain_name}:${K8S_API_PORT}
etcd:
  external:
    endpoints:
    - https://${HOST_1}:${ETCD_CLI_PORT}
    - https://${HOST_2}:${ETCD_CLI_PORT}
    - https://${HOST_3}:${ETCD_CLI_PORT}
    caFile: ${pki_dir}/etcd/ca.crt
    certFile: ${pki_dir}/apiserver-etcd-client.crt
    keyFile: ${pki_dir}/apiserver-etcd-client.key
apiServer:
  extraArgs:
    service-node-port-range: 30000-50000
networking:
  podSubnet: 10.244.0.0/16
  serviceSubnet: 10.96.0.0/12
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
mode: "ipvs"
EOF
}

cert_ha_init() {
  mkdir  -p  k8s_cert_tmp
  cp $cert_path/* ./k8s_cert_tmp
  chmod +x $cs
  chmod +x $csj
  cd k8s_cert_tmp
  sed -i "s/LOCAL_HOST_L/${LOCAL_HOST_L}/g;s/HOST_1/${HOST_1}/g;s/HOST_2/${HOST_2}/g;s/HOST_3/${HOST_3}/g;s/Domain_name/${Domain_name}/g" ha-etcd-server.json
  sed -i "s/LOCAL_HOST_L/${LOCAL_HOST_L}/g;s/HOST_1/${HOST_1}/g;s/HOST_2/${HOST_2}/g;s/HOST_3/${HOST_3}/g;s/Domain_name/${Domain_name}/g" ha-etcd-peer.json
  sed -i "s/LOCAL_HOST_L/${LOCAL_HOST_L}/g;s/HOST_1/${HOST_1}/g;s/HOST_2/${HOST_2}/g;s/HOST_3/${HOST_3}/g;s/Domain_name/${Domain_name}/g" ha-apiserver.json

  $cs gencert -ca=ca.crt -ca-key=ca.key -config=ca-config.json -profile=server ha-etcd-server.json|$csj -bare server
  $cs gencert -ca=ca.crt -ca-key=ca.key -config=ca-config.json -profile=client etcd-client.json|$csj -bare client
  $cs gencert -ca=ca.crt -ca-key=ca.key -config=ca-config.json -profile=peer ha-etcd-peer.json|$csj -bare peer
  $cs gencert -ca=front-proxy-ca.crt -ca-key=front-proxy-ca.key -config=ca-config.json -profile=client front-proxy-client.json|$csj -bare front-proxy-client
  $cs gencert -ca=ca.crt -ca-key=ca.key -config=ca-config.json -profile=server ha-apiserver.json|$csj -bare apiserver
  $cs gencert -ca=ca.crt -ca-key=ca.key -config=ca-config.json -profile=client apiserver-kubelet-client.json|$csj -bare apiserver-kubelet-client

  mkdir -p $pki_dir/etcd

  cp server.pem $pki_dir/etcd/server.crt&&cp server-key.pem $pki_dir/etcd/server.key
  cp client.pem $pki_dir/etcd/healthcheck-client.crt&&cp client-key.pem $pki_dir/etcd/healthcheck-client.key
  cp client.pem $pki_dir/apiserver-etcd-client.crt&&cp client-key.pem $pki_dir/apiserver-etcd-client.key
  cp peer.pem $pki_dir/etcd/peer.crt&&cp peer-key.pem $pki_dir/etcd/peer.key
  cp ca.crt $pki_dir/etcd/ca.crt&&cp ca.key $pki_dir/etcd/ca.key

  cp front-proxy-ca.crt $pki_dir/front-proxy-ca.crt&&cp front-proxy-ca.key $pki_dir/front-proxy-ca.key
  cp front-proxy-client.pem $pki_dir/front-proxy-client.crt&&cp front-proxy-client-key.pem $pki_dir/front-proxy-client.key

  cp ca.crt $pki_dir/ca.crt&&cp ca.key $pki_dir/ca.key
  cp apiserver.pem $pki_dir/apiserver.crt&cp apiserver-key.pem $pki_dir/apiserver.key
  cp apiserver-kubelet-client.pem $pki_dir/apiserver-kubelet-client.crt&&cp apiserver-kubelet-client-key.pem $pki_dir/apiserver-kubelet-client.key

  cp sa.pub $pki_dir/sa.pub&&cp sa.key $pki_dir/sa.key
  cd ../
  rm -rf k8s_cert_tmp
}

function etcd_install() {
		# 如果有以前数据,先清除
		set +e
		sudo docker stop etcd &&sudo  docker rm etcd
		rm -rf ${etcd_data_dir}/*
		sudo systemctl restart docker
		set -e

		# 运行docker
		docker run \
		   -d \
		   -p ${ETCD_CLI_PORT}:${ETCD_CLI_PORT} \
		   -p ${ETCD_CLU_PORT}:${ETCD_CLU_PORT} \
		   --volume=${etcd_data_dir}:${etcd_data_dir} \
		   --volume=${pki_dir}:${pki_dir} \
		   --name etcd ${REGISTRY}/etcd:${ETCD_VERSION} \
		   /usr/local/bin/etcd \
		   --data-dir=${etcd_data_dir} --name ${THIS_HOST} \
		   --initial-advertise-peer-urls http://${THIS_HOST}:${ETCD_CLU_PORT} \
		   --listen-peer-urls http://0.0.0.0:${ETCD_CLU_PORT} \
		   --advertise-client-urls https://${THIS_HOST}:${ETCD_CLI_PORT} \
		   --listen-client-urls https://0.0.0.0:${ETCD_CLI_PORT} \
		   --initial-cluster ${CLUSTER} \
		   --initial-cluster-state ${CLUSTER_STATE} \
		   --initial-cluster-token ${TOKEN} \
		   --cert-file=${pki_dir}/etcd/server.crt \
		   --key-file=${pki_dir}/etcd/server.key \
		   --trusted-ca-file=${pki_dir}/etcd/ca.crt

    echo "================================="
		echo "etcd start success"
}

function etcd_reset() {
	set +e
	docker stop etcd
	rm -rf ${etcd_data_dir}/*
	docker rm etcd
	set -e

}

function master_install(){
  sudo /usr/local/bin/kubeadm  init --config $kubeadm_conf
  sudo chown -R docker /etc/kubernetes/
  mkdir -p $HOME/.kube
  \cp -f /etc/kubernetes/admin.conf $HOME/.kube/config
  chown $(id -u):$(id -g) $HOME/.kube/config
  General_user_HOME=`cat /etc/passwd |grep  -e ^${General_user} |awk -F: '{print $6}'`
  mkdir -p ${General_user_HOME}/.kube
  \cp -f /etc/kubernetes/admin.conf ${General_user_HOME}/.kube/config
  chown -R $(id -u ${General_user}):$(id -g ${General_user}) ${General_user_HOME}/.kube

  kubectl apply -f $yaml_path/secret
  kubectl apply -f $yaml_path/auto_cert_server
  kubectl apply -f $yaml_path/flannel
}

function node_join(){
		system_init
		kubeadm join ${Domain_name}:${K8S_API_PORT} --token ${K8S_JOIN_TOKEN} --discovery-token-unsafe-skip-ca-verification
		echo "================================="
		echo "node join success"
}

case ${Node_type} in
  "etcd")
    ip_in_cluster
    cert_ha_init
    etcd_install
    ;;
  "cert")
    cert_ha_init
    ;;
  "etcd_install")
    etcd_install
  ;;
  "master")
    ip_in_cluster
    kubeadmConf
    master_install
  ;;
  "node")
    node_join
  ;;
  *)
  echo "usage `basename $0` [Domain] [etcd|master|node]"
  ;;
esac

  

安装k8s,高可用3 master安装脚本的更多相关文章

  1. 一、k8s介绍(第一章、k8s高可用集群安装)

    作者:北京小远 出处:http://www.cnblogs.com/bj-xy/ 参考课程:Kubernetes全栈架构师(电脑端购买优惠) 文档禁止转载,转载需标明出处,否则保留追究法律责任的权利! ...

  2. 三、k8s集群可用性验证与调参(第一章、k8s高可用集群安装)

    作者:北京小远 出处:http://www.cnblogs.com/bj-xy/ 参考课程:Kubernetes全栈架构师(电脑端购买优惠) 文档禁止转载,转载需标明出处,否则保留追究法律责任的权利! ...

  3. 安装ORACLE高可用RAC集群11g执行root脚本的输出信息

    安装ORACLE高可用RAC集群11g执行root脚本的输出信息 作者:Eric 微信:loveoracle11g [root@node1 ~]# /u01/app/oraInventory/orai ...

  4. 使用kubeadm安装kubernetes高可用集群

    kubeadm安装kubernetes高可用集群搭建  第一步:首先搭建etcd集群 yum install -y etcd 配置文件 /etc/etcd/etcd.confETCD_NAME=inf ...

  5. ActiveMQ 高可用集群安装、配置(ZooKeeper + LevelDB)

    ActiveMQ 高可用集群安装.配置(ZooKeeper + LevelDB) 1.ActiveMQ 集群部署规划: 环境: JDK7 版本:ActiveMQ 5.11.1 ZooKeeper 集群 ...

  6. Neo4j 高可用集群安装

    安装neo4j高可用集群,抓图安装过程 http://www.ibm.com/developerworks/cn/java/j-lo-neo4j/ Step1.下载neo4j商业版并解压,复制为neo ...

  7. 安装ORACLE高可用RAC集群11g校验集群安装的可行性输出信息

    安装ORACLE高可用RAC集群11g校验集群安装的可行性输出信息 作者:Eric 微信:loveoracle11g [grid@node1 grid]$ ./runcluvfy.sh stage - ...

  8. kubeadm实现k8s高可用集群环境部署与配置

    高可用架构 k8s集群的高可用实际是k8s各核心组件的高可用,这里使用主备模式,架构如下: 主备模式高可用架构说明: 核心组件 高可用模式 高可用实现方式 apiserver 主备 keepalive ...

  9. kubernetes高可用设计-master节点和kubectl

    部署master 节点 上一遍是CA证书和etcd的部署,这一篇继续搭建k8s,废话不多说.开始部署. kubernetes master 节点包含的组件有: kube-apiserver kube- ...

随机推荐

  1. Android中的数据结构

    数据结构在Android中也有着大量的运用,这里采用数据结构与源代码分析相结合,来认识Android的数据结构 线性表 线性表可分为顺序存储结构和链式存储结构 顺序存储结构-ArrayList 通过对 ...

  2. Django文档阅读之执行原始SQL查询

    Django提供了两种执行原始SQL查询的方法:可以使用Manager.raw()来执行原始查询并返回模型实例,或者可以完全避免模型层直接执行自定义SQL. 每次编写原始SQL时都要关注防止SQL注入 ...

  3. STL源码剖析——Iterators与Traits编程#5 __type_traits

    上节给出了iterator_traits以及用到traits机制的部分函数的完整代码,可以看到traits机制能够提取迭代器的特性从而调用不同的函数,实现效率的最大化.显然这么好的机制不应该仅局限于在 ...

  4. STM32F030C8T6低功耗笔记

    2018年5月8日 这个芯片的低功耗搞了好久了,刚开始是7mA降不下去,然后是降到了1mA,到现在的200uA,还是有地方没有弄好,目标是降到50uA左右,目前遇到了问题,进入STOP模式的时候降到了 ...

  5. python线程(转)

    转自:https://www.cnblogs.com/huxi/archive/2010/06/26/1765808.html

  6. Unity的学习笔记(鼠标移动控制视角移动)

    using UnityEngine; public class MouseLook : MonoBehaviour { , MouseX = , MouseY = } //定义一个枚举,移动xy,或者 ...

  7. IdentityServer4之Jwt身份验证方案分析

    一,准备内容 在之前讲过的asp.net core 实现OAuth2.0四种模式系列中的IdentityApi客户端用到了以下配置代码 public void ConfigureServices(IS ...

  8. win10 idea启动Tomcat后控制台中文乱码

    idea 配置文件新增如下配置 -Dfile.encoding=UTF-8 -Dconsole.encoding=UTF-8

  9. CarbonCopyCloner 硬盘对拷

    CarbonCopyCloner 硬盘对拷 建议使用 5.1.14-b1以上的版本. 安装文件包 CarbonCopyCloner-5.1.14-b1.dmg ================== E ...

  10. 详解iOS的presentViewController(转)

    一.用途和相关概念iOS中显示ViewController的方式有两种push和modal,modal也叫模态,模态显示VC是iOS的重要特性之一,其主要用于有以下场景: - 收集用户输入信息- 临时 ...