Skip to content

Instantly share code, notes, and snippets.

@xiaoping378

xiaoping378/k8s-deploy.sh

Last active December 21, 2016 06:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save xiaoping378/3a129aa6c81eaecae199a50236ad8bf7 to your computer and use it in GitHub Desktop.
Save xiaoping378/3a129aa6c81eaecae199a50236ad8bf7 to your computer and use it in GitHub Desktop.
Download ZIP
k8s-1.5-deploy.sh
Raw
k8s-deploy.sh
#!/bin/bash
set -x
set -e
HTTP_SERVER=192.168.56.1:8000
KUBE_REPO_PREFIX=gcr.io/google_containers
root=$(id -u)
if [ "$root" -ne 0 ] ;then
echo must run as root
exit 1
fi
kube::install_docker()
{
set +e
which docker > /dev/null 2>&1
i=$?
set -e
if [ $i -ne 0 ]; then
curl -L http://$HTTP_SERVER/rpms/docker.tar.gz > /tmp/docker.tar.gz
tar zxf /tmp/docker.tar.gz -C /tmp
yum localinstall -y /tmp/docker/*.rpm
kube::config_docker
fi
systemctl enable docker.service && systemctl start docker.service
echo docker has been installed
rm -rf /tmp/docker /tmp/docker.tar.gz
}
kube::config_docker()
{
setenforce 0
sed -i -e 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
sysctl -w net.bridge.bridge-nf-call-iptables=1
sysctl -w net.bridge.bridge-nf-call-ip6tables=1
# /etc/sysctl.conf
# net.bridge.bridge-nf-call-ip6tables = 1
# net.bridge.bridge-nf-call-iptables = 1
echo DOCKER_STORAGE_OPTIONS=\" -s overlay --selinux-enabled=false\" > /etc/sysconfig/docker-storage
systemctl daemon-reload && systemctl restart docker.service
}
kube::load_images()
{
mkdir -p /tmp/k8s
master_images=(
kube-apiserver-amd64_v1.5.1
kube-controller-manager-amd64_v1.5.1
kube-scheduler-amd64_v1.5.1
kube-proxy-amd64_v1.5.1
pause-amd64_3.0
kube-discovery-amd64_1.0
kubedns-amd64_1.9
exechealthz-amd64_1.2
kube-dnsmasq-amd64_1.4
dnsmasq-metrics-amd64_1.0
etcd_v3.0.15
flannel-git_latest
)
node_images=(
pause-amd64_3.0
kube-proxy-amd64_v1.5.1
flannel-git_latest
)
if [ $1 == "master" ]; then
# 判断镜像是否存在,不存在才会去load, etcd会错误判断,不影响安装k8s, 懒的改了。
for i in "${!master_images[@]}"; do
ret=$(docker images | awk 'NR!=1{print $1"_"$2}'| grep $KUBE_REPO_PREFIX/${master_images[$i]} | wc -l)
if [ $ret -lt 1 ];then
curl -L http://$HTTP_SERVER/images/${master_images[$i]}.tar > /tmp/k8s/${master_images[$i]}.tar
docker load < /tmp/k8s/${master_images[$i]}.tar
fi
done
else
for i in "${!node_images[@]}"; do
ret=$(docker images | awk 'NR!=1{print $1"_"$2}' | grep $KUBE_REPO_PREFIX/${node_images[$i]} | wc -l)
if [ $ret -lt 1 ];then
curl -L http://$HTTP_SERVER/images/${node_images[$i]}.tar > /tmp/k8s/${node_images[$i]}.tar
docker load < /tmp/k8s/${node_images[$i]}.tar
fi
done
fi
rm /tmp/k8s* -rf
}
kube::install_bin()
{
set +e
which kubeadm > /dev/null 2>&1
i=$?
set -e
if [ $i -ne 0 ]; then
curl -L http://$HTTP_SERVER/rpms/k8s.tar.gz > /tmp/k8s.tar.gz
tar zxf /tmp/k8s.tar.gz -C /tmp
yum localinstall -y /tmp/k8s/*.rpm
rm -rf /tmp/k8s*
systemctl enable kubelet.service && systemctl start kubelet.service && rm -rf /etc/kubernetes
fi
}
kube::config_firewalld()
{
systemctl disable firewalld && systemctl stop firewalld
# iptables -A IN_public_allow -p tcp -m tcp --dport 9898 -m conntrack --ctstate NEW -j ACCEPT
# iptables -A IN_public_allow -p tcp -m tcp --dport 6443 -m conntrack --ctstate NEW -j ACCEPT
# iptables -A IN_public_allow -p tcp -m tcp --dport 10250 -m conntrack --ctstate NEW -j ACCEPT
}
kube::wati_manifests(){
while [[ ! -f /etc/kubernetes/manifests/kube-scheduler.json ]]; do
sleep 2
done
}
kube::config_manifests()
{
cd /etc/kubernetes/manifests
for file in `ls`
do
sed -i '/image/a\ \"imagePullPolicy\": \"IfNotPresent\",' $file
done
}
kube::wait_apiserver()
{
ret=1
while [[ $ret != 0 ]]; do
sleep 2
curl -k https://127.0.0.1:6443 2>&1>/dev/null
ret=$?
done
}
kube::master_up()
{
kube::install_docker
kube::load_images master
kube::install_bin
kube::config_firewalld
# 这里一定要带上--pod-network-cidr参数,不然后面的flannel网络会出问题
export KUBE_ETCD_IMAGE=quay.io/coreos/etcd:v3.0.15
kubeadm init --use-kubernetes-version=v1.5.1 --pod-network-cidr=10.244.0.0/16
# 改image pull 策略, 1.50之后不需要更改策略了, 默认就是 IfNotPresent
# kube::wati_manifests && kube::config_manifests
# kube::wait_apiserver
# 使能master,可以被调度到
# kubectl taint nodes --all dedicated-
# install flannel network
kubectl apply -f http://$HTTP_SERVER/network/kube-flannel.yaml
# show pods
kubectl --namespace=kube-system get po
}
kube::node_up()
{
kube::install_docker
kube::load_images minion
kube::install_bin
kube::config_firewalld
kubeadm join $@
}
kube::tear_down()
{
systemctl stop kubelet.service
docker ps -aq|xargs -I '{}' docker stop {}
docker ps -aq|xargs -I '{}' docker rm {}
df |grep /var/lib/kubelet|awk '{ print $6 }'|xargs -I '{}' umount {}
rm -rf /var/lib/kubelet && rm -rf /etc/kubernetes/ && rm -rf /var/lib/etcd
yum remove -y kubectl kubeadm kubelet kubernetes-cni
rm -rf /var/lib/cni
ip link del cni0
}
main()
{
case $1 in
"m" | "master" )
kube::master_up
;;
"j" | "join" )
shift
kube::node_up $@
;;
"d" | "down" )
kube::tear_down
;;
*)
echo "usage: $0 m[master] | j[join] token | d[down] "
echo " $0 master to setup master "
echo " $0 join to join master with token "
echo " $0 down to tear all down ,inlude all data! so becarefull"
echo " unkown command $0 $@"
;;
esac
}
main $@
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment