一键部署高可用RancherServer

环境说明

      四台节点 

      123  nginx

      124  node1

      125  node2

      126  node3

nginx节点实现自动ssh免密登录

          建立免密登录连接不能使用root账号 必须在所有节点上创建一个相同名称的普通账号,同时给这个普通账号sudo权限同时设置执行sudo的时候不需要输入密码

          在编写脚本的时候用户的家目录最后不要~  最好指定为绝对路径 这样可以避免一些错误

centos用户建立ssh免密连接

    不能直接root用户创建公私钥,必须要创建一个普通用户

    一键部署高可用RancherServer

普通用户执行docker命令  

       sudo  groupadd  docker                        #添加docker用户组
       sudo  gpasswd -  a   $USER docker     #将当前用户添加至docker用户组

   一键部署高可用RancherServer

   一键部署高可用RancherServer

   执行 groupadd docker的时候提示已经存在,所以后面的两条指令都不会执行导致后面在执行docker指令的时候出现异常

    一键部署高可用RancherServer

普通用户没有sudo权限

    一键部署高可用RancherServer

      一键部署高可用RancherServer

通过rke部署k8s集群

#!/usr/bin/bash

echo "安装shell模块expect"
sudo yum -y install expect
echo "安装expect模块成功"

echo "安装ntpdate"
sudo yum install -y ntpdate

echo "开始安装yml配置读取模块"
function parse_yaml() {
    local yaml_file=$1
    local prefix=$2
    local s
    local w
    local fs
    s='[[:space:]]*'
    w='[a-zA-Z0-9_.-]*'
    fs="$(echo @|tr @ '\034')"
    (
        sed -ne '/^--/s|--||g; s|\"|\\\"|g; s/\s*$//g;' \
            -e "/#.*[\"\']/!s| #.*||g; /^#/s|#.*||g;" \
            -e  "s|^\($s\)\($w\)$s:$s\"\(.*\)\"$s\$|\1$fs\2$fs\3|p" \
            -e "s|^\($s\)\($w\)$s[:-]$s\(.*\)$s\$|\1$fs\2$fs\3|p" |
        awk -F"$fs" '{
            indent = length($1)/2;
            if (length($2) == 0) { conj[indent]="+";} else {conj[indent]="";}
            vname[indent] = $2;
            for (i in vname) {if (i > indent) {delete vname[i]}}
                if (length($3) > 0) {
                    vn=""; for (i=0; i<indent; i++) {vn=(vn)(vname[i])("_")}
                    printf("%s%s%s%s=(\"%s\")\n", "'"$prefix"'",vn, $2, conj[indent-1],$3);
                }
            }' |
        sed -e 's/_=/+=/g' \
            -e '/\..*=/s|\.|_|' \
            -e '/\-.*=/s|\-|_|'
    ) < "$yaml_file"
}
function create_variables() {
    local yaml_file="$1"
    eval "$(parse_yaml "$yaml_file")"
}

create_variables config/system-init.yml
echo "yml配置读取模块成功"


echo "获取yml的配置信息"
echo $fqdn
echo $nginxIp
echo $rancher1Ip
echo $rancher2Ip
echo $rancher3Ip
echo $userpasswd
echo $sshuser


#------------------------------------------#
# 建立ssh连接互信
#------------------------------------------#

echo '开始建立ssh互信连接'
if [ ! -f ~/.ssh/id_rsa ];then
 ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa
else
 echo "id_rsa has created ..."
fi

expect <<EOF
 set timeout 10 
 spawn ssh-copy-id -i /home/$sshuser/.ssh/id_rsa.pub $sshuser@$rancher1Ip
 expect {
                "yes/no" { send "yes\n";exp_continue}   
                "password" { send "$userpasswd\n"}
        }

 spawn ssh-copy-id -i /home/$sshuser/.ssh/id_rsa.pub $sshuser@$rancher2Ip
 expect {
                "yes/no" { send "yes\n";exp_continue}   
                "password" { send "$userpasswd\n"}
        }

 spawn ssh-copy-id -i /home/$sshuser/.ssh/id_rsa.pub $sshuser@$rancher3Ip
 expect {
                "yes/no" { send "yes\n";exp_continue}   
                "password" { send "$userpasswd\n"}
        }
 expect eof

EOF
 echo '建立ssh互信连接成功'

hosts=("$rancher1Ip" "$rancher2Ip" "$rancher3Ip")
echo '同步节点时间'
sudo  ntpdate time1.aliyun.com
for ip in ${hosts[@]};do
      ssh  $sshuser@$ip "yum install -y ntpdate"
      ssh  $sshuser@$ip "sudo ntpdate time1.aliyun.com"
done
echo '同步节点时间成功'

echo '配置nameserver'
cp -r config/resolv.conf /etc/resolv.conf
for ip in ${hosts[@]};do
    scp -r config/resolv.conf $sshuser@$ip:~/resolv.conf
    ssh $sshuser@$ip "sudo cp ~/resolv.conf /etc/resolv.conf"
done
echo '配置nameserver成功'


echo "设置开放端口"
    sudo firewall-cmd --permanent --add-port=80/tcp
    sudo firewall-cmd --permanent --add-port=443/tcp
    sudo firewall-cmd --reload
for ip in ${hosts[@]};do
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=22/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=80/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=443/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=2376/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=2379/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=2380/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=6443/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=8472/udp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=8472/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=9099/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=10250/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=10254/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=30000-32767/tcp"
   ssh  $sshuser@$ip "sudo firewall-cmd --permanent --add-port=30000-32767/udp"
   ssh  $sshuser@$ip "sudo firewall-cmd --reload"
done
echo "设置端口结束"

echo "禁用swap"
for ip in ${hosts[@]};do
    ssh  $sshuser@$ip "sudo  swapoff -a"
done
echo "禁用swap结束"
   
echo '开始给集群节点安装docker'
for ip in ${hosts[@]};do
   scp -r pkg/docker/docker-ce.repo $sshuser@$ip:~/
   ssh  $sshuser@$ip "sudo cp ~/docker-ce.repo /etc/yum.repos.d/docker-ce.repo && sudo yum install -y docker-ce-18.09.3-3.el7"
   scp -r pkg/docker/daemon.json $sshuser@$ip:~/
   ssh  $sshuser@$ip "sudo groupadd docker && sudo gpasswd -a $sshuser docker"
   ssh  $sshuser@$ip "sudo mkdir -p /etc/docker/ && sudo cp ~/daemon.json /etc/docker/daemon.json && sudo systemctl start docker"
done
echo '安装docker结束'


echo '开始给集群节点加载镜像'
for ip in ${hosts[@]};do
  scp -r images/ $sshuser@$ip:~/
  ssh  $sshuser@$ip "sudo docker load -i ~/images/autoscaler.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/calico-node.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/cni.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/coredns.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/defaultbackend.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/etcd.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/flannel.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/flexvol.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/hyperkube.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/ingress-controller.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/metrics.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/metrics-server.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/nginx.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/pause.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/rancher.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/rancher-agent.tar"
  ssh  $sshuser@$ip "sudo docker load -i ~/images/tools.tar"
done
echo '加载镜像结束'


echo "安装kubectl"
  sudo cp pkg/kubectl/kubernets.repo /etc/yum.repos.d/kubernets.repo
  sudo yum install -y kubectl
echo "kubectl安装结束"

echo "安装rke"
  cp pkg/rke/rke ~/rke && sudo chmod +x ~/rke
  cp config/rancher-cluster.yml ~/rancher-cluster.yml
  sed -i "s/node1/$rancher1Ip/" ~/rancher-cluster.yml
  sed -i "s/node2/$rancher2Ip/" ~/rancher-cluster.yml
  sed -i "s/node3/$rancher3Ip/" ~/rancher-cluster.yml
echo "rke安装结束"

echo "安装k8s集群"
  ~/rke up --config=/home/admin/rancher-cluster.yml
  mkdir ~/.kube
  cp ~/kube_config_rancher-cluster.yml  /home/admin/.kube/config
echo "安装k8s集群成功"
k8s.sh

相关文章:

  • 2021-12-02
  • 2021-06-03
  • 2022-01-01
  • 2022-02-14
  • 2022-12-23
  • 2021-10-20
  • 2021-12-09
  • 2021-07-13
猜你喜欢
  • 2022-01-27
  • 2022-12-23
  • 2021-11-26
  • 2022-12-23
  • 2022-12-23
  • 2022-03-07
  • 2022-01-07
相关资源
相似解决方案
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode