From 088a29f5beaee47ae3ce153e3409ff587c95974e Mon Sep 17 00:00:00 2001 From: Martin <1403951401@qq.com> Date: Wed, 19 Mar 2025 17:45:08 +0800 Subject: [PATCH] =?UTF-8?q?[*]=20=E6=9B=B4=E6=96=B0=20init-k8s=20=E8=84=9A?= =?UTF-8?q?=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- init-k8s.sh | 193 +++++++++++++++++++++++++++++++++++++++++++++++++- k8s/README.md | 21 +++--- 2 files changed, 204 insertions(+), 10 deletions(-) diff --git a/init-k8s.sh b/init-k8s.sh index 379e897..2f995cd 100644 --- a/init-k8s.sh +++ b/init-k8s.sh @@ -115,4 +115,195 @@ apt install -y kubeadm kubelet kubectl && apt-mark hold kubeadm kubelet kubectl echo 'KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"' > kubeadm-config.yaml -echo "k8s 运行环境安装成功" \ No newline at end of file +echo "k8s 运行环境安装成功" + +# 检查是否 master 节点 +current_ip=$(hostname -I | awk '{print $1}') +if ! echo "$masters" | grep -qw "$current_ip"; then + echo "初始化 worker $current_ip 成功" + return 0 +fi +# 安装 keepalived haproxy +apt install -y keepalived haproxy +# 检查是否为 Master-01 +first_master=$(echo $masters | cut -d',' -f1) +if [ "$current_ip" == "$first_master" ]; then + state=MASTER + priority=200 +else + state=BACKUP + priority=100 +fi + +# 初始化 VIP +cat < kubeadm-config.yaml +apiVersion: kubeadm.k8s.io/v1beta4 +bootstrapTokens: +- groups: + - system:bootstrappers:kubeadm:default-node-token + token: $(openssl rand -hex 3).$(openssl rand -hex 8) + ttl: 24h0m0s + usages: + - signing + - authentication +kind: InitConfiguration +localAPIEndpoint: + advertiseAddress: $(hostname -I | awk '{print $1}') + bindPort: 6444 +nodeRegistration: + criSocket: unix:///var/run/containerd/containerd.sock + imagePullPolicy: IfNotPresent + imagePullSerial: true + name: $(hostname) + taints: null +timeouts: + controlPlaneComponentHealthCheck: 4m0s + discovery: 5m0s + etcdAPICall: 2m0s + kubeletHealthCheck: 4m0s + kubernetesAPICall: 1m0s + tlsBootstrap: 5m0s + upgradeManifests: 5m0s +--- +apiServer: {} +apiVersion: kubeadm.k8s.io/v1beta4 +caCertificateValidityPeriod: 87600h0m0s +certificateValidityPeriod: 8760h0m0s +certificatesDir: /etc/kubernetes/pki +clusterName: kubernetes +controlPlaneEndpoint: "$vip_ip:6443" +controllerManager: {} +dns: + imageRepository: $mirrors/coredns +encryptionAlgorithm: RSA-2048 +etcd: + local: + dataDir: /var/lib/etcd +imageRepository: $mirrors +kind: ClusterConfiguration +kubernetesVersion: $k8s_version +networking: + dnsDomain: cluster.local + podSubnet: $pod_subnet + serviceSubnet: $service_subnet +proxy: {} +scheduler: {} +EOF + +# 开始安装 +kubeadm init --config=kubeadm-config.yaml --upload-certs --v=9 +kubectl get nodes + +echo "初始化 master $current_ip 成功,开始配置网络" + +# 配置 +mkdir -p $HOME/.kube +sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config +sudo chown $(id -u):$(id -g) $HOME/.kube/config +export KUBECONFIG=/etc/kubernetes/admin.conf + +# 安装 operator +kubectl create -f https://mirrors.martin98.com/repository/proxy/raw.githubusercontent.com/projectcalico/calico/v$CALICO_VERSION/manifests/tigera-operator.yaml +kubectl wait --for=condition=Ready pods --all -n tigera-operator --timeout=300s +echo "初始化 master $current_ip operator 成功" +# 安装 calico +curl https://mirrors.martin98.com/repository/proxy/raw.githubusercontent.com/projectcalico/calico/v$CALICO_VERSION/manifests/custom-resources.yaml -O +sed -i "s|\(cidr: \).*|\1$pod_subnet|" custom-resources.yaml +kubectl create -f custom-resources.yaml +kubectl wait --for=condition=Ready pods --all -n calico-system --timeout=300s +kubectl wait --for=condition=Ready pods --all -n calico-apiserver --timeout=300s +echo "初始化 master $current_ip calico 成功" + +OUTPUT=$(kubeadm token create --print-join-command) + +# 提取 token 和 discovery-token-ca-cert-hash +TOKEN=$(echo "$OUTPUT" | grep -oP 'token \K[\w.]+') +TOKEN_HASH=$(echo "$OUTPUT" | grep -oP 'discovery-token-ca-cert-hash \K.*') + +cat <