关于k8s安装脚本方面的草稿-白红宇

关于k8s安装脚本方面的草稿

阅读量：4983 次

发布时间：2019-06-12

本文共 3258 字，大约阅读时间需要 10 分钟。

周六作的，

慢慢完善。

#! /usr/bin/env bashset -eset -uset -x#让此脚本可以重复执行，所以加了一些判断#使用系统的PATH环境export PATH=$(echo $PATH)function iptables_clear() {    #重置iptables    iptables -P INPUT ACCEPT    iptables -P FORWARD ACCEPT    iptables -P OUTPUT ACCEPT    iptables -t nat -P PREROUTING ACCEPT    iptables -t nat -P POSTROUTING ACCEPT    iptables -t nat -P OUTPUT ACCEPT    iptables -t mangle -P PREROUTING ACCEPT    iptables -t mangle -P OUTPUT ACCEPT    iptables -F    iptables -t nat -F    iptables -t mangle -F    iptables -X    iptables -t nat -X    iptables -t mangle -X}function root_init() {    #停止firewall防火墙，并禁止开机自启动    systemctl stop firewalld.service    systemctl disable firewalld.service    iptables_clear        #禁止selinux安全    sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config    sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux    set +e    setenforce 0    set -e    #关闭swap交换内存，K8S强制的，不然安装会报错    swapoff -a    sed -i 's/.*swap.*/#&/' /etc/fstab    # 安装工具及加载br_netfilter, ipvs    yum install bridge-utils ipset ipvsadm -y    modprobe br_netfilter    modprobe -- ip_vs    modprobe -- ip_vs_rr    modprobe -- ip_vs_wrr    modprobe -- ip_vs_sh    modprobe -- nf_conntrack_ipv4    modprobe -- nf_conntrack_ipv6    ipvs_no=$(cat /etc/rc.local|grep ip_vs|wc -l)    if [ $ipvs_no -eq 0 ]; then        echo "modprobe br_netfilter" >> /etc/rc.local        echo "modprobe -- ip_vs" >> /etc/rc.local        echo "modprobe -- ip_vs_rr" >> /etc/rc.local        echo "modprobe -- ip_vs_wrr" >> /etc/rc.local        echo "modprobe -- ip_vs_sh" >> /etc/rc.local        echo "modprobe -- nf_conntrack_ipv4" >> /etc/rc.local        echo "modprobe -- nf_conntrack_ipv6" >> /etc/rc.local    fi        # 为k8s证书生成目录    mkdir -p /etc/kubernetes/pki/etcd    chown -R docker.docker /etc/kubernetes/pki    chmod -R 755 /etc/kubernetes/pki    #配置k8s内核参数    k8s_kernel_conf=/etc/sysctl.d/k8s.conf    if [ -e $k8s_kernel_conf ]; then        rm -f $k8s_kernel_conf    fi    cat<
     
      $k8s_kernel_conf    net.ipv4.ip_forward = 1    net.bridge.bridge-nf-call-ip6tables = 1    net.bridge.bridge-nf-call-iptables = 1    net.bridge.bridge-nf-call-arptables = 1    vm.swappiness=0EOF    #使配置生效    sysctl -p    sysctl --system    #安装必须软件，将其cp到指定运行目录    yum install conntrack-tools socat -y    yum localinstall /tmp/*.rpm -y    # tar xf cni-plugins-amd64-v0.7.5.tgz -C /opt/cni/bin    /bin/cp /usr/bin/kube* /usr/local/bin/    #所有服务都设置为开机自启动    systemctl enable kubelet    #配置docker用户可以命令行的相关命令    k8s_sudoers_conf=/etc/sudoers.d/k8s_sudoers    if [ -e $k8s_sudoers_conf ]    then        rm -f $k8s_sudoers_conf    fi    cat<
      
       $k8s_sudoers_conf    docker ALL=(ALL)NOPASSWD: /usr/local/bin/kubeadm, kubectl, kubelet, systemctl, service, iptables, ipvsadm, dockerEOF        cat<
       
        /etc/sysconfig/kubelet    KUBELET_EXTRA_ARGS="--cgroup-driver=$DOCKER_CGROUPS --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:3.1"EOF} function k8s_reset() {    kubeadm reset    ifconfig cni0 down    ip link delete cni0    ifconfig flannel.1 down    ip link delete flannel.1    rm -rf /var/lib/cni/    iptables_clear    ipvsadm -C}