diff --git a/README.md b/README.md index 0064cf8..6c2c646 100644 --- a/README.md +++ b/README.md @@ -11,14 +11,17 @@ curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/init-npm.sh | curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/init-pip.sh | bash # git curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/init-git.sh | bash -# k8s -curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/init-k8s.sh | bash # 初始化全部 curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/init-all.sh | bash ``` +### 清理磁盘 +```bash +curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/clean.sh | bash +``` + #### Python 镜像源配置测试 ```bash @@ -44,28 +47,102 @@ replace-with = 'mirrors' registry = "sparse+https://mirrors.martin98.com/repository/rust/" ``` -#### dockerfile +## k8s 快速部署 ```bash -COPY --from=docker.martin98.com/martin_farm/init:latest /scripts /scripts -RUN /scripts/init-apt.sh +# 网段配置 +export pod_subnet=10.101.0.0/16 +export service_subnet=10.100.0.0/16 +# 配置 高可用 VIP +export vip_ip=10.1.3.100 +export vip=$vip_ip/16 +export masters=10.1.3.101,10.1.3.102,10.1.3.103 +curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/init-k8s.sh | bash ``` -#### APT 镜像源配置测试 - +### 其他说明 ```bash -docker compose run debian ./init-all.sh +# 拉取镜像失败可能导致节点不正常 +systemctl restart kubelet +systemctl restart containerd # 或 docker + +# 当前默认值 +export K8S_VERSION=1.32 +export CONTAINERD_VERSION=2.0.2 +export CALICO_VERSION=3.29.1 +export MIRRORS=docker.martin98.com/k8s ``` +### 初始化 单 master 节点(不要配置 masters 只需要配置网段) ```bash -docker compose run ubuntu ./init-all.sh -``` +cat < kubeadm-config.yaml +apiVersion: kubeadm.k8s.io/v1beta4 +bootstrapTokens: +- groups: + - system:bootstrappers:kubeadm:default-node-token + token: $(openssl rand -hex 3).$(openssl rand -hex 8) + ttl: 24h0m0s + usages: + - signing + - authentication +kind: InitConfiguration +localAPIEndpoint: + advertiseAddress: $(hostname -I | awk '{print $1}') + bindPort: 6443 +nodeRegistration: + criSocket: unix:///var/run/containerd/containerd.sock + imagePullPolicy: IfNotPresent + imagePullSerial: true + name: $(hostname) + taints: null +timeouts: + controlPlaneComponentHealthCheck: 4m0s + discovery: 5m0s + etcdAPICall: 2m0s + kubeletHealthCheck: 4m0s + kubernetesAPICall: 1m0s + tlsBootstrap: 5m0s + upgradeManifests: 5m0s +--- +apiServer: {} +apiVersion: kubeadm.k8s.io/v1beta4 +caCertificateValidityPeriod: 87600h0m0s +certificateValidityPeriod: 8760h0m0s +certificatesDir: /etc/kubernetes/pki +clusterName: kubernetes +controllerManager: {} +dns: + imageRepository: $mirrors/coredns +encryptionAlgorithm: RSA-2048 +etcd: + local: + dataDir: /var/lib/etcd +imageRepository: $mirrors +kind: ClusterConfiguration +kubernetesVersion: $k8s_version +networking: + dnsDomain: cluster.local + podSubnet: $pod_subnet + serviceSubnet: $service_subnet +proxy: {} +scheduler: {} +EOF -```bash -docker compose run ubuntu-2204 ./init-all.sh -``` +# 开始安装 +kubeadm init --config=kubeadm-config.yaml --upload-certs --v=9 +# 配置 +mkdir -p $HOME/.kube +sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config +sudo chown $(id -u):$(id -g) $HOME/.kube/config +export KUBECONFIG=/etc/kubernetes/admin.conf -### 清理磁盘 -```bash -curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/clean.sh | bash -``` \ No newline at end of file +# 安装 operator +kubectl create -f https://mirrors.martin98.com/repository/proxy/raw.githubusercontent.com/projectcalico/calico/v$CALICO_VERSION/manifests/tigera-operator.yaml +kubectl wait --for=condition=Ready pods --all -n tigera-operator --timeout=300s +# 安装 calico +curl https://mirrors.martin98.com/repository/proxy/raw.githubusercontent.com/projectcalico/calico/v$CALICO_VERSION/manifests/custom-resources.yaml -O +sed -i "s|\(cidr: \).*|\1$pod_subnet|" custom-resources.yaml +kubectl create -f custom-resources.yaml +kubectl wait --for=condition=Ready pods --all -n calico-system --timeout=300s +kubectl wait --for=condition=Ready pods --all -n calico-apiserver --timeout=300s +``` diff --git a/k8s/README.md b/k8s/README.md deleted file mode 100644 index 8c27779..0000000 --- a/k8s/README.md +++ /dev/null @@ -1,98 +0,0 @@ -## 快速部署 -```bash -# 网段配置 -export pod_subnet=10.101.0.0/16 -export service_subnet=10.100.0.0/16 -# 配置 高可用 VIP -export vip_ip=10.1.3.100 -export vip=$vip_ip/16 -export masters=10.1.3.101,10.1.3.102,10.1.3.103 -curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/init-k8s.sh | bash -``` - -### 其他说明 -```bash -# 拉取镜像失败可能导致节点不正常 -systemctl restart kubelet -systemctl restart containerd # 或 docker - -# 当前默认值 -export K8S_VERSION=1.32 -export CONTAINERD_VERSION=2.0.2 -export CALICO_VERSION=3.29.1 -export MIRRORS=docker.martin98.com/k8s -``` - -### 初始化 单 master 节点(不要配置 masters 只需要配置网段) -```bash -cat < kubeadm-config.yaml -apiVersion: kubeadm.k8s.io/v1beta4 -bootstrapTokens: -- groups: - - system:bootstrappers:kubeadm:default-node-token - token: $(openssl rand -hex 3).$(openssl rand -hex 8) - ttl: 24h0m0s - usages: - - signing - - authentication -kind: InitConfiguration -localAPIEndpoint: - advertiseAddress: $(hostname -I | awk '{print $1}') - bindPort: 6443 -nodeRegistration: - criSocket: unix:///var/run/containerd/containerd.sock - imagePullPolicy: IfNotPresent - imagePullSerial: true - name: $(hostname) - taints: null -timeouts: - controlPlaneComponentHealthCheck: 4m0s - discovery: 5m0s - etcdAPICall: 2m0s - kubeletHealthCheck: 4m0s - kubernetesAPICall: 1m0s - tlsBootstrap: 5m0s - upgradeManifests: 5m0s ---- -apiServer: {} -apiVersion: kubeadm.k8s.io/v1beta4 -caCertificateValidityPeriod: 87600h0m0s -certificateValidityPeriod: 8760h0m0s -certificatesDir: /etc/kubernetes/pki -clusterName: kubernetes -controllerManager: {} -dns: - imageRepository: $mirrors/coredns -encryptionAlgorithm: RSA-2048 -etcd: - local: - dataDir: /var/lib/etcd -imageRepository: $mirrors -kind: ClusterConfiguration -kubernetesVersion: $k8s_version -networking: - dnsDomain: cluster.local - podSubnet: $pod_subnet - serviceSubnet: $service_subnet -proxy: {} -scheduler: {} -EOF - -# 开始安装 -kubeadm init --config=kubeadm-config.yaml --upload-certs --v=9 -# 配置 -mkdir -p $HOME/.kube -sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config -sudo chown $(id -u):$(id -g) $HOME/.kube/config -export KUBECONFIG=/etc/kubernetes/admin.conf - -# 安装 operator -kubectl create -f https://mirrors.martin98.com/repository/proxy/raw.githubusercontent.com/projectcalico/calico/v$CALICO_VERSION/manifests/tigera-operator.yaml -kubectl wait --for=condition=Ready pods --all -n tigera-operator --timeout=300s -# 安装 calico -curl https://mirrors.martin98.com/repository/proxy/raw.githubusercontent.com/projectcalico/calico/v$CALICO_VERSION/manifests/custom-resources.yaml -O -sed -i "s|\(cidr: \).*|\1$pod_subnet|" custom-resources.yaml -kubectl create -f custom-resources.yaml -kubectl wait --for=condition=Ready pods --all -n calico-system --timeout=300s -kubectl wait --for=condition=Ready pods --all -n calico-apiserver --timeout=300s -```