开发高可用集群

26-开发高可用集群/DEV批量命令.sh

@@ -0,0 +1,97 @@
+#!/bin/bash
+
+
+master_server_list=(192.168.35.105 192.168.35.114 192.168.35.115)
+worker_server_list=(192.168.35.55 192.168.35.86 192.168.35.89 192.168.35.93 192.168.35.95 192.168.35.96 192.168.35.101 192.168.35.103 192.168.35.104)
+
+all_server_list=(192.168.35.105 192.168.35.114 192.168.35.115 192.168.35.55 192.168.35.86 192.168.35.89 192.168.35.93 192.168.35.95 192.168.35.96 192.168.35.101 192.168.35.103 192.168.35.104)
+
+
+
+all_server_list=(192.168.40.53 192.168.40.54 192.168.40.55)
+
+all_server_list=(192.168.35.105 192.168.35.114 192.168.35.115 dev-worker-01 dev-worker-02 dev-worker-03 dev-worker-04 dev-worker-05 dev-worker-06 dev-worker-07 dev-worker-08 dev-worker-09 dev-worker-10 dev-worker-11 dev-worker-12)
+
+
+for server in "${all_server_list[@]}";do
+   echo "server is ${server}"
+   
+  scp /etc/docker/daemon.json root@"${server}":/etc/docker/daemon.json
+ssh root@"${server}" "systemctl reload docker"
+ssh root@"${server}" "docker info"
+  
+done
+
+
+count=1
+for server in "${all_server_list[@]}";do
+   echo "server is ${server}"
+
+
+#   sshpass -p "scyd@lab1234" ssh root@"${server}" "echo \"root:tY\$@Go7jS#h2\" | chpasswd"
+#
+sshpass -p "scyd@lab1234" 
+
+echo root:Len3#io7%2k | chpasswd
+
+echo root:V2ryStr@ngPss| chpasswd
+
+echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDPFSLFi0rzZSXf6laZ/s4AFCsgZBu8tyCx4bCmB3/k6x7xH1rjk/EZ8N2ZWV2CyTyjHCghu94ZmV0e6/FeC/KdBH96A69fGrq0HjsvAHTTvyEmmtrWmB7OAjhWloaovj1V8B1bTC9IZsZ4lN7agZ8u/uHzri2esXduTzXc186Q6h8lm1t5Gh7RGYGPdaXIjaFLxVSmdci+4eoS+EOEo/mspJB34TFuN8xEBzA3N06tmjAPtVpi0RFa6n/L9CUp2OQBJ8EQVgOYY6t5i3prLl29K9zSRX46ue+9jWbzfyKfKHk7jCfjnH6BG47/sbWoAyYPdkfSwvCZBroOjQh4gf3Ga4Gt4e7+rQ4sT3mrHUtXRd+g+0u9XOsYpHCTwwbtSiDJ+6DfdZYuJOeqgL82zeaJeFu0IXLhgn/q96aVbF15MLD1gGkXj/FFFGGWJfr5zrZJVWrm0NRCaxJftUHNpnK0MrMCqsHSxmkdypUzN6n020NkNGUE1UMUU4O48O4PsE= root@ops-01.ecs.io
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBO6IjOcco9eAvA/T7LDsylCgjKJlLrVXY1zxO1/mX/MTzVZGuAhbikFJT2ZN2Up8iED+pJwpcps3LlA1wOjQC3Q= root@ops-04.ecs.io" >> /root/.ssh/authorized_keys
+
+#    host_name="dev-worker-0"${count}
+#   ((count++))
+#   echo "${server} $host_name" >> /root/wdd/1.txt
+#   echo ""
+#   ssh root@"${server}" "hostnamectl set-hostname $host_name"
+#   ssh root@"${server}" "hostname"
+#   echo ""
+
+#    ssh root@"${server}" "echo yes"
+
+
+scp /usr/local/bin/octopus-agent root@${server}:/usr/local/bin/octopus-agent
+ssh root@${server} "mkdir /root/wdd && chmod +x /usr/local/bin/octopus-agent"
+ssh root@${server} "printf 'ssh\n' | octopus-agent --mode=bastion"
+
+
+scp /root/wdd/disk.sh root@${server}:/root/wdd/disk.sh
+ssh root@${server} "bash /root/wdd/disk.sh"
+
+nmcli connection modify "eth0" ipv4.dns "192.168.34.40,119.29.29.29"
+nmcli connection up "eth0"
+nmcli dev show | grep DNS
+
+scp /etc/ssh/sshd_config root@"${server}":/etc/ssh/sshd_config
+ssh root@"${server}" "systemctl restart sshd"
+
+
+ssh root@"${server}" "nmcli connection modify \"eth0\" ipv4.dns \"192.168.34.40,119.29.29.29\"
+nmcli connection up \"eth0\""
+ ssh root@"${server}" "nmcli dev show | grep DNS"
+
+ssh root@"${server}" "yum install -y net-tools iputils bind-utils lsof curl wget vim mtr htop"
+
+scp /root/wdd/docker-amd64-20.10.15.tgz root@${server}:/root/wdd/docker-amd64-20.10.15.tgz
+scp /root/wdd/docker-compose-linux-x86_64-v2.18.0  root@${server}:/root/wdd/
+
+ssh root@${server} "printf 'firewall\n' | octopus-agent --mode=bastion"
+ssh root@${server} "printf 'sysconfig\n' | octopus-agent --mode=bastion"
+ssh root@${server} "printf 'swap\n' | octopus-agent --mode=bastion"
+ssh root@${server} "printf 'selinux\n' | octopus-agent --mode=bastion"
+ssh root@${server} "printf 'docker\n' | octopus-agent --mode=bastion"
+ssh root@${server} "printf 'dockercompose\n' | octopus-agent --mode=bastion"
+ssh root@${server} "printf 'harbor\n' | octopus-agent --mode=bastion"
+
+
+scp /etc/docker/daemon.json root@"${server}":/etc/docker/daemon.json
+ssh root@"${server}" "systemctl restart docker"
+
+ssh root@"${server}" "docker login -u rad02_drone -p Drone@1234 harbor.cdcyy.com.cn"
+ssh root@"${server}" "yum install -y nfs-utils rpcbind"
+ssh root@"${server}" "yum install -y chrony && systemctl start chronyd && systemctl enable chronyd"
+ssh root@"${server}" "systemctl start nfs nfs-client nfs-common && systemctl enable nfs nfs-client nfs-common && systemctl status nfs nfs-client nfs-common -l | grep \"active (running)\""
+
+
+mv ctop-0.7.7-linux-amd64 /usr/local/bin/ctop
+chmod +x /usr/local/bin/ctop

26-开发高可用集群/all-host.txt

@@ -0,0 +1,18 @@
+192.168.92.185 harbor.cdcyy.com.cn
+
+192.168.35.105 dev-master-01
+192.168.35.114 dev-master-02
+192.168.35.115 dev-master-03
+
+192.168.35.55 dev-worker-01
+192.168.35.86 dev-worker-02
+192.168.35.89 dev-worker-03
+192.168.35.93 dev-worker-04
+192.168.35.95 dev-worker-05
+192.168.35.96 dev-worker-06
+192.168.35.101 dev-worker-07
+192.168.35.103 dev-worker-08
+192.168.35.104 dev-worker-09
+192.168.40.53 dev-worker-10
+192.168.40.54 dev-worker-11
+192.168.40.55 dev-worker-12

26-开发高可用集群/docker-daemon.json

@@ -0,0 +1,22 @@
+{
+    "registry-mirrors": [
+      "https://docker.registry.cyou",
+      "https://docker-cf.registry.cyou",
+      "https://dockercf.jsdelivr.fyi",
+      "https://docker.jsdelivr.fyi",
+      "https://dockertest.jsdelivr.fyi",
+      "https://mirror.aliyuncs.com",
+      "https://dockerproxy.com",
+      "https://mirror.baidubce.com",
+      "https://docker.m.daocloud.io",
+      "https://docker.nju.edu.cn",
+      "https://docker.mirrors.sjtug.sjtu.edu.cn",
+      "https://docker.mirrors.ustc.edu.cn",
+      "https://mirror.iscas.ac.cn",
+      "https://docker.rainbond.cc"
+    ],
+    "insecure-registries": [
+      "harbor.wdd.io:8033",
+      "harbor.cdcyy.com.cn"
+    ]
+  }

26-开发高可用集群/rke-高可用.yaml

@@ -31,47 +31,86 @@ nodes:
     role:
       - worker
     internal_address: 192.168.35.55
+    labels:
+      uavcloud.env: mid
   - address: dev-worker-02
     user: root
     role:
       - worker
     internal_address: 192.168.35.86
+    labels:
+      uavcloud.env: mid
   - address: dev-worker-03
     user: root
     role:
       - worker
     internal_address: 192.168.35.89
+    labels:
+      mysql.deploy: true
+      uavcloud.env: mid
   - address: dev-worker-04
     user: root
     role:
       - worker
     internal_address: 192.168.35.93
+    labels:
+      uavcloud.env: dev
   - address: dev-worker-05
     user: root
     role:
       - worker
     internal_address: 192.168.35.95
+    labels:
+      uavcloud.env: dev
   - address: dev-worker-06
     user: root
     role:
       - worker
     internal_address: 192.168.35.96
+    labels:
+      uavcloud.env: devflight
   - address: dev-worker-07
     user: root
     role:
       - worker
     internal_address: 192.168.35.101
+    labels:
+      uavcloud.env: devflight
   - address: dev-worker-08
     user: root
     role:
       - worker
     internal_address: 192.168.35.103
+    labels:
+      uavcloud.env: devoperation
   - address: dev-worker-09
     user: root
     role:
       - worker
     internal_address: 192.168.35.104
-
+    labels:
+      uavcloud.env: devoperation
+  - address: dev-worker-10
+    user: root
+    role:
+      - worker
+    internal_address: 192.168.40.53
+    labels:
+      uavcloud.env: dev
+  - address: dev-worker-11
+    user: root
+    role:
+      - worker
+    internal_address: 192.168.40.54
+    labels:
+      uavcloud.env: dev
+  - address: dev-worker-12
+    user: root
+    role:
+      - worker
+    internal_address: 192.168.40.55
+    labels:
+      uavcloud.env: devflight
 
 authentication:
   strategy: x509
@@ -81,11 +120,11 @@ authentication:
     - "192.168.35.115"
     - "192.168.35.178"
 
-#private_registries:
-#  - url: A1C2IP:8033 # 私有镜像库地址
-#    user: admin
-#    password: "V2ryStr@ngPss"
-#    is_default: true
+private_registries:
+ - url: harbor.wdd.io:8033 # 私有镜像库地址
+   user: admin
+   password: "V2ryStr@ngPss"
+   is_default: true
 
 ##############################################################################
 
@@ -233,32 +272,3 @@ ingress:
     ingress-deploy: true
   options:
     use-forwarded-headers: "true"
-    access-log-path: /var/log/nginx/access.log
-    client-body-timeout: '6000'
-    compute-full-forwarded-for: 'true'
-    enable-underscores-in-headers: 'true'
-    log-format-escape-json: 'true'
-    log-format-upstream: >-
-      { "msec": "$msec", "connection": "$connection", "connection_requests":
-      "$connection_requests", "pid": "$pid", "request_id": "$request_id",
-      "request_length": "$request_length", "remote_addr": "$remote_addr",
-      "remote_user": "$remote_user", "remote_port": "$remote_port",
-      "http_x_forwarded_for": "$http_x_forwarded_for", "time_local":
-      "$time_local", "time_iso8601": "$time_iso8601", "request": "$request",
-      "request_uri": "$request_uri", "args": "$args", "status": "$status",
-      "body_bytes_sent": "$body_bytes_sent", "bytes_sent": "$bytes_sent",
-      "http_referer": "$http_referer", "http_user_agent": "$http_user_agent",
-      "http_host": "$http_host", "server_name": "$server_name", "request_time":
-      "$request_time", "upstream": "$upstream_addr", "upstream_connect_time":
-      "$upstream_connect_time", "upstream_header_time": "$upstream_header_time",
-      "upstream_response_time": "$upstream_response_time",
-      "upstream_response_length": "$upstream_response_length",
-      "upstream_cache_status": "$upstream_cache_status", "ssl_protocol":
-      "$ssl_protocol", "ssl_cipher": "$ssl_cipher", "scheme": "$scheme",
-      "request_method": "$request_method", "server_protocol": "$server_protocol",
-      "pipe": "$pipe", "gzip_ratio": "$gzip_ratio", "http_cf_ray": "$http_cf_ray",
-      "geoip_country_code": "$geoip_country_code" }
-    proxy-body-size: 5120m
-    proxy-read-timeout: '6000'
-    proxy-send-timeout: '6000'
-

26-开发高可用集群/批量命令.sh

@@ -7,10 +7,16 @@ worker_server_list=(192.168.35.55 192.168.35.86 192.168.35.89 192.168.35.93 192.
 all_server_list=(192.168.35.105 192.168.35.114 192.168.35.115 192.168.35.55 192.168.35.86 192.168.35.89 192.168.35.93 192.168.35.95 192.168.35.96 192.168.35.101 192.168.35.103 192.168.35.104)
 
 
+
+
+
+
 all_server_list=(dev-worker-01 dev-worker-02 dev-worker-03 dev-worker-05 dev-worker-06 dev-worker-07 dev-worker-08 dev-worker-09)
+
+all_server_list=(192.168.35.105 192.168.35.114 192.168.35.115 192.168.35.55 192.168.35.86 192.168.35.89 192.168.35.93 192.168.35.95 192.168.35.96 192.168.35.101 192.168.35.103 192.168.35.104)
 for server in "${all_server_list[@]}";do
    echo "server is ${server}"
-   ssh root@"${server}" "systemctl restart docker"
+   ssh root@"${server}" "echo root:V2ryStr@ngPss | sudo chpasswd"
 done
 
 

26-开发高可用集群/磁盘创建挂载.sh

@@ -1,12 +1,16 @@
 #!/usr/bin/env bash
 
+# 关闭虚拟缓存
+swapoff -a
+cp -f /etc/fstab /etc/fstab_bak
+cat /etc/fstab_bak | grep -v swap >/etc/fstab
 
-systemctl stop docker
-
-
-rm -rf /var/lib/docker
-rm -rf /var/lib/kubelet
+umount /dev/mapper/openeuler-swap
+lvremove /dev/openeuler/swap
 
+freepesize=$(vgdisplay openeuler | grep 'Free  PE' | awk '{print $5}')
+lvextend  -l+${freepesize} /dev/openeuler/root
+resize2fs /dev/openeuler/root
 
 echo ""
 echo ""
@@ -28,12 +32,12 @@ t
 
 8e
 w
-" | fdisk /dev/vdb
+" | fdisk /dev/sdb
 partprobe
 
 # 如果已经存在卷组，直接进行添加
 export VG_NAME=datavg
-vgcreate ${VG_NAME} /dev/vdb1
+vgcreate ${VG_NAME} /dev/sdb1
 export selfpesize=$(vgdisplay ${VG_NAME} | grep 'Total PE' | awk '{print $3}')
 # 大小根据实际情况调整
 lvcreate -l ${selfpesize} -n lvdata ${VG_NAME}
@@ -44,11 +48,10 @@ mkdir -p /var/lib/docker
 export selffstab="/dev/mapper/${VG_NAME}-lvdata       /var/lib/docker         xfs    defaults        0 0"
 echo "${selffstab}" >> /etc/fstab
 mount -a
-
-df -TH | grep /var/lib/docker
-
+echo ""
 sleep 3
 
-systemctl restart docker
+df -Th
 
-docker info
+echo ""
+lsblk