#!/bin/bash
# Bandian
# Date:2020/08/17
# kubeadm install kubenetes 1.18.6
check_network() {
printf "\e[1;32m###########正在检查网络######################################\e[0m\n"
ping -c1 www.baidu.com > /dev/null 2>&1
if [ $? -ne 0 ]
then
echo "网络链接失败,请检查网络"
exit
else
echo "网络链接成功,继续执行,请稍后"
fi
}
check_network
# 检查防火墙和selinux
check_firewalld() {
printf "\e[1;32m###########正在检查selinux&firewalld#########################\e[0m\n"
setenforce 0 &> /dev/null && systemctl disable firewalld --now > /dev/null 2>&1
for i in node1 node2
do
ssh root@$i setenforce 0 &> /dev/null && systemctl disable firewalld --now > /dev/null 2>&1
done
}
# 关闭swap分区
off_swap() {
printf "\e[1;32m###########正在关闭swap分区##################################\e[0m\n"
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
for j in node1 node2
do
ssh root@$j swapoff -a
ssh root@$j "sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab"
done
}
# 创建解析
read -p "请输入master的ip地址:" master
read -p "请输入node1的ip地址:" node1
read -p "请输入node2的ip地址:" node2
printf "\e[1;32m###########正在写入hosts解析#################################\e[0m\n"
cat >> /etc/hosts <<eof
$master master
$node1 node1
$node2 node2
eof
ping -c1 master > /dev/null 2>&1
if [ $? -ne 0 ]
then
echo "解析失败,正在退出"
exit 1
else
echo "解析成功,请稍后"
fi
nopasswd(){
printf "\e[1;32m###########正在创建master免密登录其他节点####################\e[0m\n"
yum -y install expect > /dev/null 2>&1
ssh-keygen -t rsa -P "" -f /root/.ssh/id_rsa
for k in master node1 node2
do
expect -c "
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@$k
expect {
\"*yes/no*\" {send \"yes\r\"; exp_continue}
\"*password*\" {send \"123.com\r\"; exp_continue}
\"*password*\" {send \"123.com\r\";}
}"
done > /dev/null 2>&1
if [ $? -ne 0 ]
then
echo "免密失败,正在退出"
exit
else
echo "免密成功,请稍后"
fi
}
nopasswd
printf "\e[1;32m###########正在发送hosts文件到其他节点#######################\e[0m\n"
for l in node1 node2
do
scp /etc/hosts $l:/etc/hosts
done
off_swap
check_firewalld
# 设置内核参数
printf "\e[1;32m###########正在设置内核参数##################################\e[0m\n"
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
modprobe -- br_netfilter
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules
for m in node1 node2
do
scp /etc/sysconfig/modules/ipvs.modules $m:/etc/sysconfig/modules/ipvs.modules
ssh root@$m chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules
done
# 设置内核转发
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0
vm.overcommit_memory=1
vm.panic_on_oom=0
fs.inotify.max_user_watches=89100
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720
EOF
sysctl -p /etc/sysctl.d/k8s.conf > /dev/null 2>&1
printf "\e[1;32m###########正在发送内核参数文件到其他节点####################\e[0m\n"
for n in node1 node2
do
scp /etc/sysctl.d/k8s.conf $n:/etc/sysctl.d/k8s.conf
ssh root@$n sysctl -p /etc/sysctl.d/k8s.conf > /dev/null 2>&1
done
printf "\e[1;32m###########正在安装所需软件##################################\e[0m\n"
yum -y install epel-release.noarch conntrack ipvsadm ipset jq sysstat curl iptables libseccomp > /dev/null 2>&1
printf "\e[1;32m###########正在清除旧docker##################################\e[0m\n"
yum -y remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine > /dev/null 2>&1
printf "\e[1;32m###########正在安装docker####################################\e[0m\n"
yum install -y yum-utils device-mapper-persistent-data lvm2 > /dev/null 2>&1
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo > /dev/null 2>&1
yum makecache fast > /dev/null 2>&1
yum -y install docker-ce-18.09.9-3.el7
systemctl enable docker --now > /dev/null 2>&1
printf "\e[1;32m###########正在配置docker镜像加速############################\e[0m\n"
sed -i "13i ExecStartPost=/usr/sbin/iptables -P FORWARD ACCEPT" /usr/lib/systemd/system/docker.service
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://bk6kzfqm.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
systemctl daemon-reload && systemctl restart docker
printf "\e[1;32m###########正在其他节点安装docker以及配置镜像加速############\e[0m\n"
for o in node1 node2
do
ssh root@$o yum -y remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine > /dev/null 2>&1
ssh root@$o yum install -y yum-utils device-mapper-persistent-data lvm2 > /dev/null 2>&1
ssh root@$o yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo > /dev/null 2>&1
ssh root@$o yum makecache fast > /dev/null 2>&1
ssh root@$o yum -y install docker-ce-18.09.9-3.el7
ssh root@$o systemctl enable docker --now > /dev/null 2>&1
ssh root@$o "sed -i '13i ExecStartPost=/usr/sbin/iptables -P FORWARD ACCEPT' /usr/lib/systemd/system/docker.service"
scp /etc/docker/daemon.json $o:/etc/docker/daemon.json
ssh root@$o systemctl daemon-reload && systemctl restart docker
done
printf "\e[1;32m###########正在部署kubeadm和kubelet##########################\e[0m\n"
cat > /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# 不加上版本号,会导致安装最新版的kubeadm、kubectl以及kubelet
yum -y install kubelet-1.18.6 kubeadm-1.18.6 kubectl-1.18.6 && systemctl enable kubelet.service --now > /dev/null 2>&1
printf "\e[1;32m###########正在部署其他节点kubeadm和kubelet##################\e[0m\n"
for p in node1 node2
do
scp /etc/yum.repos.d/kubernetes.repo $p:/etc/yum.repos.d/kubernetes.repo
ssh root@$p yum install -y yum -y install kubelet-1.18.6 kubeadm-1.18.6 kubectl-1.18.6 && systemctl enable kubelet.service --now > /dev/null 2>&1
done
printf "\e[1;32m###########正在配置自动补全##################################\e[0m\n"
yum -y install bash-completion > /dev/null 2>&1
kubectl completion bash > /etc/bash_completion.d/kubectl
kubeadm completion bash > /etc/bash_completion.d/kubeadm
for q in node1 node2
do
ssh root@$q yum -y install bash-completion > /dev/null 2>&1
ssh root@$q kubectl completion bash > /etc/bash_completion.d/kubectl
ssh root@$q kubeadm completion bash > /etc/bash_completion.d/kubeadm
done
# 导入镜像,注意路径,请q提前上传镜像
printf "\e[1;32m###########正在导入镜像######################################\e[0m\n"
docker load -i /root/k8s-1.18.6-images.tar
printf "\e[1;32m###########正在导入镜像到其他节点#############################\e[0m\n"
for s in node1 node2
do
scp /root/k8s-1.18.6-images.tar $s:/root/
ssh root@$s docker load -i /root/k8s-1.18.6-images.tar
done
printf "\e[1;32m###########kubernetes-1.18.6集群初始化环境准备完成###########\e[0m\n"
printf "\e[1;32m###########可以开始手动添加kubernetes集群####################\e[0m\n"
