如何利用python脚本自动部署k8s
目录
- 一、准备
- 二、编辑脚本
- 1、k8s.sh
- 2、k8s_install.py
- 三、配置ssh免密
- 四、下载python3和git
- 五、执行脚本
- 六、成功
- 七、总结
一、准备
- 通过之前在Ubuntu18.04上手动部署过k8s之后,尝试用python脚本进行自动化部署
- 这次用的是三台centos7的虚拟机,一台作为master执行脚本,两台作为node节点
- 三台机器都配置好静态IP,可以参考之前的在centos 7中安装配置k8s集群的步骤详解
二、编辑脚本
1、k8s.sh
放在/root
下,用于从dockerhub拉取镜像。
set -o errexit set -o nounset set -o pipefail ##这里定义版本,按照上面得到的列表自己改一下版本号 KUBE_VERSION=v1.21.3 KUBE_PAUSE_VERSION=3.4.1 ETCD_VERSION=3.4.13-0 ##这是原始仓库名,最后需要改名成这个 GCR_URL=k8s.gcr.io ##这里就是写你要使用的仓库 DOCKERHUB_URL=gotok8s ##这里是镜像列表,新版本要把coredns改成coredns/coredns images=( kube-proxy:${KUBE_VERSION} kube-scheduler:${KUBE_VERSION} kube-controller-manager:${KUBE_VERSION} kube-apiserver:${KUBE_VERSION} pause:${KUBE_PAUSE_VERSION} etcd:${ETCD_VERSION} ) ##这里是拉取和改名的循环语句 for imageName in ${images[@]} ; do docker pull $DOCKERHUB_URL/$imageName docker tag $DOCKERHUB_URL/$imageName $GCR_URL/$imageName docker rmi $DOCKERHUB_URL/$imageName done docker pull coredns/coredns:1.8.0 docker tag coredns/coredns:1.8.0 k8s.gcr.io/coredns/coredns:v1.8.0 docker rmi coredns/coredns:1.8.0
2、k8s_install.py
#!/bin/python3 # -*- coding:utf-8 -*- # author: fanb # describe: K8S v1.21.2 一键脚本安装 import os import subprocess import time class k8s_install(object): def __init__(self,masterip,nodeip): self.masterip = masterip self.nodeip = nodeip def initialization_shell(self): #环境初始化shell # 关闭防火墙 setenforce = "setenforce 0" sed_selinux = "sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux" sed_selinux1 = "sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config" sed_selinux2 = "sed -i 's/^SELINUX=permissive/SELINUX=disabled/g' /etc/sysconfig/selinux" sed_selinux3 = "sed -i 's/^SELINUX=permissive/SELINUX=disabled/g' /etc/selinux/config" stop_firewalld = "systemctl stop firewalld" disable_firewalld = "systemctl disable firewalld" swapoff_a = "swapoff -a" sed_swapoff = "sed -i 's/.*swap.*/#&/' /etc/fstab" #在所有服务器配置国内yum源 yum_install = "yum install -y wget git chrony yum-utils device-mapper-persistent-data lvm2 ipset ipvsadm > /dev/null 2>&1" mkdir_repo = "mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak > /dev/null 2>&1" wget_centos = "wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo > /dev/null 2>&1" wget_epel = "wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo > /dev/null 2>&1" wget_docker = "wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo > /dev/null 2>&1" kubernetes_repo = """ cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF """ yum_clean = "yum -y makecache > /dev/null 2>&1" yum_makecahe = "yum -y makecache > /dev/null 2>&1" #修改内核参数,由于ipvs已经加入到了内核的主干,所以为kube-proxy开启ipvs的前提需要加载以下的内核模块 modprobe_netfilter = "modprobe br_netfilter" br_netfilter = "echo 'br_netfilter' > /etc/modules-load.d/br_netfilter.conf" k8s_conf = """ cat > /etc/sysctl.d/k8s.conf <<EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 vm.swappiness=0 EOF """ limits_conf = """ cat > /etc/security/limits.conf << EOF * soft nofile 65536 * hard nofile 65536 * soft nproc 65536 * hard nproc 65536 * soft memlock unlimited * hard memlock unlimited DefaultLimitNOFILE=102400 DefaultLimitNPROC=102400 EOF """ sysctl_k8s = "sysctl -p /etc/sysctl.d/k8s.conf > /dev/null 2>&1" #时间同步 enable_chronyd = "systemctl enable chronyd.service" start_chronyd = "systemctl start chronyd.service" set_timezone = "timedatectl set-timezone Asia/Shanghai" ntpdate = "ntpdate ntp1.aliyun.com > /dev/null 2>&1" chronyc_sources = "chronyc sources > /dev/null 2>&1" #安装docker,kubelet remove_docker = "yum remove -y docker docker-ce docker-common docker-selinux docker-engine > /dev/null 2>&1" install_docker = "yum install -y docker-ce > /dev/null 2>&1" start_docker = "systemctl start docker > /dev/null 2>&1" docker_reload = "systemctl daemon-reload > /dev/null 2>&1" enable_docker = "systemctl enable docker > /dev/null 2>&1" restart_docker = "systemctl restart docker > /dev/null 2>&1" install_kubelet = "yum install -y kubelet-1.21.2 kubeadm-1.21.2 kubectl-1.21.2 --disableexcludes=kubernetes > /dev/null 2>&1" enable_kubelet = "systemctl enable kubelet > /dev/null 2>&1" start_kubelet = "systemctl start kubelet > /dev/null 2>&1" return setenforce,sed_selinux,sed_selinux1,sed_selinux2,sed_selinux3,stop_firewalld,disable_firewalld,swapoff_a,sed_swapoff,yum_install,\ mkdir_repo,wget_centos,wget_epel,wget_docker,kubernetes_repo,yum_clean,yum_makecahe,modprobe_netfilter,br_netfilter,k8s_conf,limits_conf,\ sysctl_k8s,enable_chronyd,start_chronyd,set_timezone,ntpdate,chronyc_sources,remove_docker,install_docker,start_docker,docker_reload,enable_docker,restart_docker,\ install_kubelet,enable_kubelet,start_kubelet def shell_command(self): masterip_list = self.masterip.split(',') nodeip_list = self.nodeip.split(',') token_creat = () token_code = () name_num = 0 node_num = 0 dir0 = '''echo '{ "exec-opts":["native.cgroupdriver=systemd"] }' > /etc/docker/daemon.json''' dir1 = '''echo 'export KUBECONFIG=/etc/kubernetes/admin.conf' >> /etc/profile''' dir2 = '''echo '199.232.68.133 raw.githubusercontent.com' >> /etc/hosts''' dir3 = '''echo '{ "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"] }' > /etc/docker/daemon.json''' # #自动添加策略,保存服务器的主机名和密钥信息,如果不添加,那么不再本地know_hosts文件中记录的主机将无法连接 for masterip in masterip_list: name_num += 1 hosts_name = "" if masterip == masterip_list[0]: # 如果是当前单节点 print("*"*20,"进入Master节点操作,当前IP: %s" %masterip) master_name = "master0%s" % name_num #设置名字 hostname = os.system("hostname %s"%master_name) etc_hostname = os.system("echo '%s' > /etc/hostname" % master_name) #设置hosts master_host = masterip + " " + master_name etc_hosts = os.system("echo '%s' >> /etc/hosts" % master_host) for hosts in nodeip_list: name_num += 1 hosts_name += hosts + " node0%s" % (name_num - 1) + "\n" os.system("cat >> /etc/hosts <<EOF \n%sEOF\n" % hosts_name) print("*"*20,"进入环境初始化,请耐心等待....") for shell in self.initialization_shell(): time.sleep(1) env_init = os.system(shell) print("*"*20,"环境初始化完成,安装kubernetes...") #设置hosts #集群初始化 registry = os.system("%s" %dir3) restart_docker = os.system("systemctl restart docker") dockerpull = os.system("sh /root/k8s.sh") docker_problem = os.system("%s" %dir0) restart_docker = os.system("systemctl restart docker") status_docker = os.system("systemctl status docker") kubeadm_init = os.system("kubeadm init") export_root = os.system("export KUBECONFIG=/etc/kubernetes/admin.conf") config = os.system("%s" %dir1) source = os.system("source /etc/profile") mkdir_kube = os.system("mkdir -p /root/.kube") kube_config = os.system("cp -i /etc/kubernetes/admin.conf /root/.kube/config") kubelet_enable = os.system("systemctl enable kubelet") kubelet_start = os.system("systemctl start kubelet") manage_yaml = os.system("sed -i 's/.*- --port=0*/#&/' /etc/kubernetes/manifests/kube-controller-manager.yaml") scheduler_yaml = os.system("sed -i 's/.*- --port=0*/#&/' /etc/kubernetes/manifests/kube-scheduler.yaml") #配置flannel网络 print("*" * 20, "正在安装网络组件flannel....") flannel_before = os.system("%s" %dir2) flannel_wget = os.system("wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml") yum_flannel = os.system("yum install -y flannel") flannel_apply = os.system("kubectl apply -f /root/kube-flannel.yml") print("*" * 20, "网络组件flannel安装完成....") token_creat = subprocess.getstatusoutput("kubeadm token create") token_code = subprocess.getstatusoutput("openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'") token_creat = token_creat[1].split('\n')[-1] token_code = token_code[1] # 安装从节点 for nodeip in nodeip_list: os.system("scp -rp /etc/hosts %s:/etc/hosts" % nodeip) print("*" * 20, "进入Node节点操作,当前IP: %s" % nodeip) node_num += 1 node_name = "node0%s" % (node_num) # 设置名字 os.system("ssh %s \"hostname %s\"" % (nodeip,node_name)) os.system("ssh %s \"echo '%s' > /etc/hostname\"" % (nodeip,node_name)) print("*" * 20, "进入环境初始化,请耐心等待....") for shell in self.initialization_shell(): time.sleep(1) os.system("ssh %s \"%s\"" %(nodeip,shell)) enable_node = os.system("ssh %s \"systemctl enable kubelet\"" %nodeip) start_node = os.system("ssh %s \"systemctl start kubelet\"" %nodeip) admin = os.system("scp /etc/kubernetes/admin.conf %s:/root" %nodeip) print("*" * 20, "正在加入集群....") print("token_creat : ",token_creat) print("token_code : ",token_code) docker_problem = os.system("scp -r /etc/docker/daemon.json %s:/etc/docker" %nodeip) restart_docker = os.system("ssh %s \"systemctl restart docker\"" %nodeip) status_docker = os.system("ssh %s \"systemctl status docker\"" %nodeip) kubeadm_join = os.system("ssh %s \"kubeadm join %s:6443 --token %s --discovery-token-ca-cert-hash sha256:%s\"" % (nodeip,masterip, str(token_creat), str(token_code))) cni = os.system("scp -r /etc/cni %s:/etc" %nodeip) print("*" * 20, "加入集群成功....") print("*" * 20 ,"执行以下命令,检查K8s集群\n") print("*" * 20,"kubectl get nodes") print("*" * 20, "kubectl get cs") print("*" * 20, "kubectl get pod -n kube-system") else: #否则就是集群模式 print("进入集群模式安装") print("暂无") exit() if __name__ == '__main__': # #用户输入IP: print("----------0、请先安装python3 并使用python3 执行此脚本------------") print("----------1、此脚本依赖网络,请连接好网络执行此脚本-----------") print("----------2、请将此脚本在主节点上执行,请在主节点上对其他所有节点做免密登录-----------") print("**********3、请确认主节点已对其他节点做好免密登录,再次确认后再执行此脚本**********") k8s_masterip = input("请输入K8S_Master IP, 多个IP以逗号分隔: ") k8s_nodeip = input("请输入K8S_node IP,多个IP以逗号分隔: ") ask_ent = input("********** 确认/取消 (Y/N) :") if ask_ent.upper() == "Y": k8s_install = k8s_install(k8s_masterip,k8s_nodeip) k8s_install.shell_command() else: exit()
三、配置ssh免密
[root@master ~]# ssh-keygen [root@master ~]# ssh-copy-id 192.168.139.132 [root@master ~]# ssh-copy-id 192.168.139.133
四、下载python3和git
root@master ~]# vim k8s_install.py
五、执行脚本
[root@master ~]# python3 k8s_install.py
六、成功
******************** 执行以下命令,检查K8s集群 ******************** kubectl get nodes ******************** kubectl get cs ******************** kubectl get pod -n kube-system [root@master ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION master01 Ready control-plane,master 7m2s v1.21.2 node01 Ready <none> 3m30s v1.21.2 node02 Ready <none> 25s v1.21.2 [root@master ~]# kubectl get cs Warning: v1 ComponentStatus is deprecated in v1.19+ NAME STATUS MESSAGE ERROR scheduler Healthy ok controller-manager Healthy ok etcd-0 Healthy {"health":"true"} [root@master ~]# kubectl get pod -n kube-system NAME READY STATUS RESTARTS AGE coredns-558bd4d5db-fkqcb 0/1 ContainerCreating 0 6m52s coredns-558bd4d5db-tvb7j 0/1 ContainerCreating 0 6m52s etcd-master01 1/1 Running 0 7m16s kube-apiserver-master01 1/1 Running 0 7m16s kube-controller-manager-master01 1/1 Running 0 7m12s kube-flannel-ds-9hx9s 0/1 Init:0/1 0 43s kube-flannel-ds-cl9r7 0/1 Init:0/1 0 3m49s kube-flannel-ds-gn4m4 0/1 CrashLoopBackOff 5 6m52s kube-proxy-cv5t8 0/1 ContainerCreating 0 43s kube-proxy-kjqm7 0/1 ContainerCreating 0 3m49s kube-proxy-plbgm 1/1 Running 0 6m52s kube-scheduler-master01 1/1 Running 0 7m13s
七、总结
参考:https://github.com/hxz5215/K8Sv1.18_install
根据GitHub上的python脚本源码结合之前在Ubuntu上配置k8s的经验,对脚本进行了一些改变。
安装了更新版本的k8s,我这里安装的是之前学习过程中安装过的 v1.21.2
添加了一个从dockerhub拉取k8s所需镜像的脚本将calico换成了flannel网络插件删除了dashboard,因为我这里没有这个需求针对 IsDockerSystemdCheck
问题加入了解决脚本对于 kubeadm get cs
的unhealthy问题和 kubectl get nodes
的notready问题都加入了解决脚本加入了通过ssh将admin.conf
和 /etc/cni
文件拷贝到node节点的脚本
到此这篇关于利用python脚本自动部署k8s的文章就介绍到这了,更多相关python自动部署k8s内容请搜索我们以前的文章或继续浏览下面的相关文章希望大家以后多多支持我们!
赞 (0)