zeaslity/ProjectOctopus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
25ce18638b24af17df2c2cc94028a5cbb42a614d
ProjectOctopus/agent-go/a_executor/script/1_node_important.sh
zeaslity d86bc43b28 [Agent][Deploy] - cmii update
2024-06-14 10:37:40 +08:00

2017 lines
78 KiB
Bash
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
# bashsupport disable=BP2001
# 本脚本可以一键初始化Linux服务器的环境
# 为rancher的自动部署k8s做准备
# 确定在哪个节点上运行此脚本,请按照如下的的顺序运行
# HarborServer
# WorkerServer
# MinioServer
# GlusterServer Storage-2上执行
# HeketiServer Storage-1上执行
### 需要修改以下的内容 ###
### 需要修改以下的内容 ###
### 需要修改以下的内容 ###
WhichNodeRun=main
DOCKER_VERSION=20.10.15 # docker的版本一般不修改
HarborHostName=192.168.0.8 # 需要确保此IP能够被内网服务器访问一般为公网服务器的外网IP
HarborHostPort=8033 # harbor服务器的端口一般不修改
HarborAdminPass=V2ryStr@ngPss # harbor服务器管理员密码一般不修改
PublicServerIPs=(192.168.0.8) # 需要修改为能够访问公网的服务器IP, 内网IP地址
PrivateServerIPs=(192.168.0.65 192.168.0.45 192.168.0.7) # 内网服务器的IP地址不包括可以访问公网IP的服务器
StorageServerIPs=(192.168.0.2) # 存储服务器的IP地址默认在第一台上安装heketi默认第一台作为NFS服务端
NfsPath=/nfsdata # nfs路径需要事先创建并进行文件夹赋权
MinioStorageType=volume # 选项volume 或者 pv Minio集群底层的存储方式使用4PV还是使用 1PV-4Volume的形式
OSSPublicURL=https://oss2.demo.uavcmlc.com:18000$()/wangdada/ # 可以不配置会从DockerHub拉取所有镜像3GB
### 需要修改以上的内容 ###
### 需要修改以上的内容 ###
### 需要修改以上的内容 ###
CMD_INSTALL=""
CMD_UPDATE=""
CMD_REMOVE=""
SOFTWARE_UPDATED=0
LinuxReleaseVersion=""
DockerRegisterDomain=${HarborHostName}:${HarborHostPort}
ProxyOfflineFile=${OSSPublicURL}"proxy-offline.tar.gz"
HarborOfflineFile=${OSSPublicURL}"harbor-offline-installer-v2.1.0.tgz" # 可以不配置会从GitHub拉取Harbor离线安装包550MB
DockerComposeFile=${OSSPublicURL}"docker-compose-Linux-x86_64"
HelmOfflineFile=${OSSPublicURL}"helm-v3.4.0-linux-amd64.tar.gz"
NginxOfflineFile=${OSSPublicURL}"nginx-1.20.1-1.el7.ngx.x86_64.rpm"
HeketiOfficeFile=${OSSPublicURL}"heketi-v9.0.0.linux.amd64.tar.gz"
HeketiConfigOfflineFile=${OSSPublicURL}"heketi-config.tar.gz"
RED="31m" ## 姨妈红
GREEN="32m" ## 水鸭青
YELLOW="33m" ## 鸭屎黄
PURPLE="35m" ## 基佬紫
BLUE="36m" ## 天依蓝
######## 颜色函数方法很精妙 ############
######## 颜色函数方法很精妙 ############
colorEcho() {
# shellcheck disable=SC2145
echo -e "\033[${1}${@:2}\033[0m" 1>&2
}
check_root() {
if [[ $EUID != 0 ]]; then
colorEcho ${RED} "当前非root账号(或没有root权限)无法继续操作请更换root账号!"
colorEcho ${YELLOW} "使用sudo -命令获取临时root权限执行后可能会提示输入root密码"
exit 1
fi
}
# 判断命令是否存在
command_exists() {
command -v "$@" >/dev/null 2>&1
}
####### 获取系统版本及64位或32位信息
check_sys() {
## 判定Linux的发行版本
if [ -f /etc/redhat-release ]; then
LinuxReleaseVersion="centos"
elif cat /etc/issue | grep -Eqi "debian"; then
LinuxReleaseVersion="debian"
elif cat /etc/issue | grep -Eqi "ubuntu"; then
LinuxReleaseVersion="ubuntu"
elif cat /etc/issue | grep -Eqi "centos|red hat|redhat"; then
LinuxReleaseVersion="centos"
elif cat /proc/version | grep -Eqi "debian"; then
LinuxReleaseVersion="debian"
elif cat /proc/version | grep -Eqi "ubuntu"; then
LinuxReleaseVersion="ubuntu"
elif cat /proc/version | grep -Eqi "centos|red hat|redhat"; then
LinuxReleaseVersion="centos"
else
LinuxReleaseVersion=""
fi
# 判断系统的包管理工具 apt, yum, or zypper
getPackageManageTool() {
if [[ -n $(command -v apt-get) ]]; then
CMD_INSTALL="apt-get -y -qq install"
CMD_UPDATE="apt-get -qq update"
CMD_REMOVE="apt-get -y remove"
elif [[ -n $(command -v yum) ]]; then
CMD_INSTALL="yum -y -q install"
CMD_UPDATE="yum -q makecache"
CMD_REMOVE="yum -y remove"
elif [[ -n $(command -v zypper) ]]; then
CMD_INSTALL="zypper -y install"
CMD_UPDATE="zypper ref"
CMD_REMOVE="zypper -y remove"
else
return 1
fi
return 0
}
# 检查系统包管理方式,更新包
getPackageManageTool
if [[ $? -eq 1 ]]; then
colorEcho ${RED} "系统的包管理不是 APT or YUM, 请手动安装所需要的软件."
return 1
fi
### 更新程序引索
if [[ $SOFTWARE_UPDATED -eq 0 ]]; then
colorEcho ${BLUE} "正在更新软件包管理..."
$CMD_UPDATE
SOFTWARE_UPDATED=1
fi
return 0
}
## 安装所需要的程序,及依赖程序
installDemandSoftwares() {
for software in "$@"; do
## 安装该软件
if [[ -n $(command -v "${software}") ]]; then
colorEcho ${GREEN} "${software}已经安装了...跳过..."
echo ""
else
colorEcho ${BLUE} "正在安装 ${software}..."
$CMD_INSTALL "${software}"
## 判断该软件是否安装成功
if [[ $? -ne 0 ]]; then
colorEcho ${RED} "安装 ${software} 失败。"
colorEcho ${RED} "如果是重要软件,本脚本会自动终止!!"
colorEcho ${PURPLE} "一般软件,本脚本会忽略错误并继续运行,请之后手动安装该程序。"
return 1
else
colorEcho ${GREEN} "已经成功安装 ${software}."
colorEcho ${GREEN} "-----------------------------------------------------------"
echo ""
fi
fi
done
return 0
}
shutdownFirewall() {
## 关闭防火墙、SElinux、Swap
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始关闭系统的防火墙…………"
systemctl stop firewalld
systemctl disable firewalld
echo ""
if [ "${LinuxReleaseVersion}" = "centos" ]; then
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
colorEcho ${GREEN} "--------------------------------------------------"
colorEcho ${BLUE} "开始关闭SELinux……"
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
colorEcho ${GREEN} " SELinux关闭完成 "
else
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
colorEcho ${GREEN} "无需关闭SELinux现在 跳过"
fi
echo ""
}
disableSwap() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始关闭系统的虚拟内存…………"
swapoff -a
colorEcho ${GREEN} " 关闭完成 "
echo ""
colorEcho ${BLUE} "正在备份系统的文件系统表……"
cp -f /etc/fstab /etc/fstab_bak
colorEcho ${GREEN} " 备份完成 "
echo ""
colorEcho ${BLUE} "正在修改文件系统表,去除虚拟内存的部分……"
cat /etc/fstab_bak | grep -v swap >/etc/fstab
colorEcho ${GREEN} " 修改完成 "
echo ""
colorEcho ${GREEN} "----------------------------------------------------------------------------------"
echo ""
}
## 安装docker时修改系统的配置文件
modifySystemConfig_Docker() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始修改系统内核参数…………"
## 配置内核参数
cat >/etc/sysctl.d/k8s.conf <<EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.all.forwarding = 1
EOF
## 执行命令以应用
sysctl -p /etc/sysctl.d/k8s.conf
colorEcho ${GREEN} "系统内核参数修改的结果如上所示…………"
colorEcho ${GREEN} "--------------------------------------------------------------------------------"
echo ""
colorEcho ${BLUE} "系统参数修改成功开始重启docker的服务"
systemctl daemon-reload
systemctl restart docker
}
generateSSHKey() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始配置内网环境服务器的免登录SSH Key…………"
echo ""
colorEcho ${BLUE} "开始生成SSH Key!!"
ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa
cat ~/.ssh/id_rsa.pub >>~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
colorEcho ${GREEN} "--------------------------------------------------------------"
colorEcho ${GREEN} "-----------本机配置完成!-------------"
echo ""
# bashsupport disable=BP2001
AllInnerServer=("${PrivateServerIPs[@]}" "${StorageServerIPs[@]}")
for ip in "${AllInnerServer[@]}"; do
colorEcho ${BLUE} "请手动将如下的命令,以 root 权限在主机 ${ip} 上运行"
colorEcho ${BLUE} "请手动将如下的命令,以 root 权限在主机 ${ip} 上运行"
colorEcho ${BLUE} "请手动将如下的命令,以 root 权限在主机 ${ip} 上运行"
colorEcho ${BLUE} "-----------------------------------------------"
echo ""
echo ""
colorEcho ${RED} " 请以 root 角色 运行!!! "
colorEcho ${RED} " 请以 root 角色 运行!!! "
colorEcho ${RED} " 请以 root 角色 运行!!! "
echo ""
colorEcho ${YELLOW} 'sed -i -e "/PermitRootLogin no/ d" -e "$ a PermitRootLogin yes" /etc/ssh/sshd_config && systemctl restart sshd'
echo ""
colorEcho ${YELLOW} "ssh-keygen -t rsa -P \"\" -f ~/.ssh/id_rsa && echo \"$(cat ~/.ssh/id_rsa.pub)\" >> ~/.ssh/authorized_keys && echo \"\" && cat ~/.ssh/authorized_keys"
echo ""
echo ""
while true; do
colorEcho ${RED} "请确保您已经将上述的命令在主机${ip}上执行了!!"
read -r -p "请输入yes进行确认脚本才可继续运行" input
case $input in
yes)
colorEcho ${GREEN} "您已确认在主机${ip}上添加了私有的ssh key"
echo ""
break
;;
*)
echo ""
colorEcho ${RED} "输入有误!!! 请输入 >> yes << 进行确认"
colorEcho ${RED} "请在主机${ip}上执行上述命令!!!"
colorEcho ${RED} "否则本脚本的功能会失效!!"
colorEcho ${RED} "-----------------------------------------------------"
echo ""
;;
esac
done
colorEcho ${GREEN} "----------------------------------------------------------"
done
echo ""
}
downloadDocker() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "准备下载Docker的离线安装包…………"
colorEcho ${GREEN} "--------------------------------------------------------------"
colorEcho ${BLUE} "您选择安装的docker版本为${DOCKER_VERSION}"
echo ""
## 清理docker环境
colorEcho ${BLUE} "开始清理docker环境卸载先前的相关安装内容"
$CMD_REMOVE docker docker-client docker-client-latest docker-ce-cli \
docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux \
docker-engine kubelet kubeadm kubectl
colorEcho ${GREEN} "----------------- docker环境清理完成 -----------------"
echo ""
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
echo ""
if [ "$LinuxReleaseVersion" = "centos" ]; then
## 安装docker的依赖
colorEcho ${BLUE} "正在下载安装docker的所需要的依赖"
yum install -y -q --downloadonly --downloaddir=/tmp/docker-${DOCKER_VERSION}/depends yum-utils device-mapper-persistent-data lvm2
colorEcho ${GREEN} " 下载完成 "
colorEcho ${GREEN} "查看已经下载的相关依赖安装包……"
ls /tmp/docker-${DOCKER_VERSION}/depends/
colorEcho ${GREEN} "--------------------------------------------------------------"
echo ""
## 添加docker的yum源
colorEcho ${BLUE} "正在添加docker的yum源…………"
yum-config-manager --add-repo https://mirrors.ustc.edu.cn/docker-ce/linux/centos/docker-ce.repo
if [[ -f /etc/yum.repos.d/docker-ce.repo ]]; then
sed -i 's/download.docker.com/mirrors.ustc.edu.cn\/docker-ce/g' /etc/yum.repos.d/docker-ce.repo
colorEcho ${BLUE} "已成功添加中科大的docker-ce的yum源"
echo ""
colorEcho ${BLUE} "可以安装的docker-ce的 $(echo ${DOCKER_VERSION} | cut -d"." -f1) 版本为:"
colorEcho ${GREEN} "--------------------------------------------------------------"
yum list docker-ce --showduplicates | grep $(echo ${DOCKER_VERSION} | cut -d"." -f1) | awk '{print$2}' | cut -d ":" -f2 | sort -n -t - -k 1.7
colorEcho ${GREEN} "--------------------------------------------------------------"
echo ""
yum install -y -q --downloadonly --downloaddir=/tmp/docker-${DOCKER_VERSION} docker-ce-${DOCKER_VERSION} docker-ce-cli-${DOCKER_VERSION}
colorEcho ${GREEN} " 下载完成 "
echo ""
colorEcho ${GREEN} "查看已经下载的Docker安装包……"
ls /tmp/docker-${DOCKER_VERSION}/
colorEcho ${GREEN} "--------------------------------------------------------------"
echo ""
else
colorEcho ${RED} "docker的yum源添加失败请手动添加"
exit 1
fi
else
colorEcho ${BLUE} "开始安装相关的Docker基础组件"
installDemandSoftwares apt-transport-https ca-certificates curl gnupg-agent software-properties-common
colorEcho ${BLUE} "开始添加中科大的docker源的apt-key"
curl -fsSL https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
colorEcho ${BLUE} "开始添加中科大的docker源的apt源"
add-apt-repository \
"deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu \
$(lsb_release -cs) \
stable"
# 国外的情况
# colorEcho ${BLUE} "开始添加中科大的docker源的apt-key"
# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
#
# colorEcho ${BLUE} "开始添加中科大的docker源的apt源"
# echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
# $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
colorEcho ${BLUE} "正在执行更新操作!!"
apt-get update
colorEcho ${BLUE} "查看特定版本的Docker镜像"
colorEcho ${BLUE} "可以安装的docker-ce的 $(echo ${DOCKER_VERSION} | cut -d"." -f1) 版本为:"
colorEcho ${GREEN} "--------------------------------------------------------------"
apt-cache madison docker-ce | grep $(echo ${DOCKER_VERSION} | cut -d"." -f1) | awk '{print$3}'
colorEcho ${BLUE} "开始下载 ${DOCKER_VERSION} 版本的离线安装包!"
dockerSpecific=$(apt-cache madison docker-ce | grep $(echo ${DOCKER_VERSION} | cut -d"." -f1) | awk '{print$3}' | grep ${DOCKER_VERSION})
# 需要获取其所依赖包的包
colorEcho $BLUE "开始解析依赖!"
export DOCKER_VERSION=20.10.15
export dockerSpecific=$(apt-cache madison docker-ce | grep $(echo ${DOCKER_VERSION} | cut -d"." -f1) | awk '{print$3}' | grep ${DOCKER_VERSION} | head -1)
apt-get install "docker-ce=${dockerSpecific}" "docker-ce-cli=${dockerSpecific}" "containerd.io" "docker-compose-plugin"
mkdir -p /tmp/docker-${DOCKER_VERSION}
cd /tmp/docker-${DOCKER_VERSION}
colorEcho $BLUE "开始下载所有的依赖!"
for staff in "${dockerStaff[@]}"; do
colorEcho ${BLUE} "开始下载 ${staff} 的依赖!"
apt download $(apt-rdepends ${staff} | grep -v "^ ")
colorEcho ${GREEN} "下载完成!"
done
# apt-get download $libs
colorEcho ${GREEN} " 下载完成 "
echo ""
colorEcho ${GREEN} "查看已经下载的Docker安装包……"
ls /tmp/docker-${DOCKER_VERSION}/
colorEcho ${GREEN} "--------------------------------------------------------------"
echo ""
fi
echo ""
}
distributeDocker() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始分发Docker的离线安装包…………"
echo ""
for ip in "${PrivateServerIPs[@]}"; do
colorEcho ${BLUE} "正在将Docker的离线安装包分发至主机 ${ip} 上……"
echo "yes
yes
" | scp -r /tmp/docker-${DOCKER_VERSION} root@${ip}:/tmp/docker-${DOCKER_VERSION}
if [[ $? -eq 0 ]]; then
colorEcho ${GREEN} "Docker离线安装包已经分发完成"
colorEcho ${GREEN} "----------------------------------------------------------"
else
colorEcho ${RED} "ERRORDocker离线安装包 没有正常分发!!"
colorEcho ${RED} "----------------------------------------------------------"
fi
done
echo ""
}
# 能够联网的机器上
downloadGlusterFSHeketi() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始下载存储服务器相关的组件…………"
colorEcho ${BLUE} "正在安装 gluster 源!"
yum install centos-release-gluster -y
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "glusterfs的源添加完成…………"
echo ""
GlusterFSVersion=$(yum list glusterfs | grep "gluster" | awk '{print$2}')
HeketiVersion=$(yum list heketi | grep "heketi" | awk '{print$2}')
colorEcho ${BLUE} "开始下载 glusterFS的离线安装包"
colorEcho ${BLUE} " glusterFS的版本为 ${GlusterFSVersion}!!"
colorEcho ${BLUE} " glusterFS的版本为 ${GlusterFSVersion}!!"
yum install -y -q --downloadonly --downloaddir=/tmp/storage/ glusterfs glusterfs-server glusterfs-fuse glusterfs-rdma glusterfs-geo-replication glusterfs-devel
colorEcho ${GREEN} " 下载完成 "
colorEcho ${BLUE} "开始下载 heketi 的离线安装包!"
colorEcho ${BLUE} " heketi 的版本为 ${HeketiVersion}!!"
colorEcho ${BLUE} " heketi 的版本为 ${HeketiVersion}!!"
yum install -y -q --downloadonly --downloaddir=/tmp/storage/ hekeit heketi-client
colorEcho ${GREEN} " 下载完成 "
colorEcho ${GREEN} "查看已经下载的相关依赖安装包……"
ls /tmp/storage/
colorEcho ${GREEN} "--------------------------------------------------------------"
echo ""
else
colorEcho ${RED} "glusterfs的源添加失败 无法继续进行存储服务器的初始化"
colorEcho ${RED} "glusterfs的源添加失败 无法继续进行存储服务器的初始化"
colorEcho ${RED} "glusterfs的源添加失败 无法继续进行存储服务器的初始化"
return 1
fi
}
distributeGlusterFSHeketiRPMs() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始分发GlusterFSHeketi的离线安装包…………"
echo ""
for ip in "${StorageServerIPs[@]}"; do
colorEcho ${BLUE} "正在将GlusterFS-Heketi的离线安装包分发至主机 ${ip} 上……"
echo "yes
yes
" | scp -r /tmp/storage/ root@${ip}:/tmp/storage/
if [[ $? -eq 0 ]]; then
colorEcho ${GREEN} "GlusterFS-Heketi 的离线安装包已经分发完成!"
colorEcho ${GREEN} "----------------------------------------------------------"
else
colorEcho ${RED} "ERRORGlusterFS-Heketi 离线安装包 没有正常分发!!"
colorEcho ${RED} "----------------------------------------------------------"
fi
done
echo ""
}
installGlusterFS() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始安装 存储服务 GlusterFS 的基础组件 的相关服务…………"
echo ""
if [ -d /tmp/storage ]; then
ls /tmp/storage | grep -q gluster
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "检测到存储服务的离线安装包,开始执行安装过程!"
yum install -y -q /tmp/storage/*.rpm
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "GlusterFS安装完成开始启动服务"
systemctl start glusterd.service
colorEcho ${BLUE} "------------------------------------------------------------"
systemctl status glusterd.service
colorEcho ${BLUE} "------------------------------------------------------------"
systemctl enable glusterd.service
echo ""
echo ""
colorEcho ${BLUE} "开始配置 GlusterFS连接对方主机"
StorageNodeNum=$(echo ${WhichNodeRun} | cut -d"-" -f2)
if [ "${StorageNodeNum}" -eq "1" ]; then
colorEcho ${BLUE} "检测到当前主机为 Storage-1请确保是否正确"
colorEcho ${BLUE} "检测到当前主机为 Storage-1请确保是否正确"
colorEcho ${BLUE} "检测到当前主机为 Storage-1请确保是否正确"
gluster peer probe storage-2
echo ""
colorEcho ${BLUE} "glusterFS的节点状态为"
gluster peer status
elif [ "${StorageNodeNum}" -eq "2" ]; then
colorEcho ${BLUE} "检测到当前主机为 Storage-2请确保是否正确"
colorEcho ${BLUE} "检测到当前主机为 Storage-2请确保是否正确"
colorEcho ${BLUE} "检测到当前主机为 Storage-2请确保是否正确"
gluster peer probe storage-1
echo ""
colorEcho ${BLUE} "GlusterFS的节点状态为"
gluster peer status
fi
fi
else
colorEcho ${RED} "未检测到GlusterFS的基础安装包程序将终止"
colorEcho ${RED} "未检测到GlusterFS的基础安装包程序将终止"
colorEcho ${RED} "未检测到GlusterFS的基础安装包程序将终止"
return 1
fi
fi
}
installHeketi() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始安装 存储服务 Heketi 的相关服务…………"
echo ""
ls /tmp/storage | grep heketi | grep -v heketi-client
if [ "$?" -ne "0" ]; then
colorEcho ${RED} "未检测到heketi的离线安装rpm包"
colorEcho ${RED} "未检测到heketi的离线安装rpm包"
echo ""
colorEcho ${BLUE} "开始进行heketi的离线下载安装过程"
wget ${HeketiOfficeFile} -O heketi9-offline.tar.gz
tar -zvxf heketi9-offline.tar.gz
cd heketi
pwd
mv ./heketi /usr/bin/heketi
mv ./heketi-cli /usr/bin/heketi-cli
cd ..
pwd
echo ""
colorEcho ${BLUE} "请检查heketi的命令是否输出正常"
heketi --version
colorEcho ${BLUE} "----------------------------------------------------"
heketi-cli --version
echo ""
else
colorEcho ${BLUE} "检测到heketi-server的离线安装包"
echo ""
colorEcho ${BLUE} "按照道理目前的 heketi已经安装"
colorEcho ${BLUE} "开始检测…………"
echo ""
fi
if heketi --version &>/dev/null && heketi-cli --version &>/dev/null; then
colorEcho ${GREEN} "检查到heketi已经安装成功 开始进行相关的配置。"
echo ""
colorEcho ${BLUE} "开始为heketi-server添加系统用户 heketi"
sudo groupadd --system heketi
sudo useradd -s /sbin/nologin --system -g heketi heketi
echo ""
colorEcho ${BLUE} "开始创建 heketi-server 的配置、工作、日志目录"
sudo mkdir -p /var/lib/heketi /etc/heketi /var/log/heketi
echo ""
colorEcho ${BLUE} "开始下载heketi的配置文件压缩包heketi-config.tar.gz…"
wget "${HeketiConfigOfflineFile}" -O /etc/heketi/heketi-config.tar.gz
echo ""
if [ -s /etc/heketi/heketi-config.tar.gz ]; then
colorEcho ${GREEN} "heketi的配置文件压缩包下载成功"
tar -zxvf /etc/heketi/heketi-config.tar.gz
echo ""
fi
colorEcho ${BLUE} "开始创建heketi的ssh key文件使得heketi-server能够访问glusterfs的server"
echo "y
|" ssh-keygen -f /etc/heketi/heketi_key -t rsa -N ''
chown heketi:heketi /etc/heketi/heketi_key*
for ip in "${PrivateServerIPs[@]}"; do
colorEcho ${BLUE} "请手动将如下的命令,以 root 权限在主机 ${ip} 上运行"
colorEcho ${BLUE} "-----------------------------------------------"
echo ""
echo ""
colorEcho ${RED} " 请以 root 角色 运行!!! "
colorEcho ${RED} " 请以 root 角色 运行!!! "
colorEcho ${RED} " 请以 root 角色 运行!!! "
echo ""
colorEcho ${YELLOW} 'sed -i -e "/PermitRootLogin no/ d" -e "$ a PermitRootLogin yes" /etc/ssh/sshd_config && systemctl restart sshd'
echo ""
colorEcho ${YELLOW} "echo \"$(cat /etc/heketi/heketi_key.pub)\" >> ~/.ssh/authorized_keys && echo \"\" && cat ~/.ssh/authorized_keys"
echo ""
echo ""
while true; do
colorEcho ${RED} "请确保您已经将上述的命令在主机${ip}上执行了!!"
read -r -p "请输入yes进行确认脚本才可继续运行" input
case $input in
yes)
colorEcho ${GREEN} "您已确认在主机${ip}上添加了私有的ssh key"
echo ""
break
;;
*)
echo ""
colorEcho ${RED} "输入有误!!! 请输入 >> yes << 进行确认"
colorEcho ${RED} "请在主机${ip}上执行上述命令!!!"
colorEcho ${RED} "否则本脚本的功能会失效!!"
colorEcho ${RED} "-----------------------------------------------------"
echo ""
;;
esac
done
done
colorEcho ${GREEN} "heketi的密钥已经分发完毕"
echo ""
corlorEcho ${BLUE} "--------------------------------------------------------------"
corlorEcho ${BLUE} "请根据主机实际的物理磁盘信息,修改相应的 device"
corlorEcho ${BLUE} "请根据主机实际的物理磁盘信息,修改相应的 device"
corlorEcho ${BLUE} "请根据主机实际的物理磁盘信息,修改相应的 device"
corlorEcho ${BLUE} "--------------------------------------------------------------"
while true; do
colorEcho ${RED} "请确保您已经新开终端界面并修改了topology.json文件"
read -r -p "请输入yes进行确认脚本才可继续运行" input
case $input in
yes)
colorEcho ${GREEN} "您已确认新开终端界面并修改了topology.json文件"
echo ""
break
;;
*)
echo ""
colorEcho ${RED} "输入有误!!! 请输入 >> yes << 进行确认"
colorEcho ${RED} "请确保您已经新开终端界面并修改了topology.json文件"
colorEcho ${RED} "否则本脚本的功能会失效!!"
colorEcho ${RED} "-----------------------------------------------------"
echo ""
;;
esac
done
corlorEcho ${BLUE} "--------------------------------------------------------------"
colorEcho ${BLUE} "修改所有的heketi-server目录的权限"
chown -R heketi:heketi /var/lib/heketi /var/log/heketi /etc/heketi
echo ""
colorEcho ${BLUE} "重新加载Systemd并启动 Heketi service"
cp /etc/heketi/heketi.service /usr/lib/systemd/system/heketi.service
sudo systemctl daemon-reload
sudo systemctl enable --now heketi
echo ""
colorEcho ${BLUE} "输出heketi-server的状态"
systemctl status heketi -l
fi
}
# 能够联网的机器上
downloadNFS() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始下载NFS相关的组件…………"
echo ""
# NFSVersion=$(yum list nfs-utils | grep "nfs" | awk '{print$2}')
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
echo ""
if [ "$LinuxReleaseVersion" = "centos" ]; then
colorEcho ${BLUE} "开始下载 NFS的离线安装包"
# colorEcho ${BLUE} " NFS的版本为 ${NFSVersion}!!"
yum install -y -q --downloadonly --downloaddir=/tmp/storage/nfs/ nfs-utils
colorEcho ${GREEN} " 下载完成 "
colorEcho ${BLUE} "开始下载 NFS-rpcbind的离线安装包"
# colorEcho ${BLUE} " NFS的版本为 ${NFSVersion}!!"
yum install -y -q --downloadonly --downloaddir=/tmp/storage/rpc/ rpcbind
colorEcho ${GREEN} " 下载完成 "
else
colorEcho ${BLUE} "开始下载 NFS的离线安装包"
apt-cache madison nfs-common | awk '{print$3}'
# installDemandSoftwares nfs-kernel-server
mkdir -p /tmp/storage/nfs/
mkdir -p /tmp/storage/rpc/
echo
colorEcho ${BLUE} "需要下载的依赖为 ${libs}"
colorEcho ${BLUE} "开始下载 NFS的离线安装包"
cd /tmp/storage/nfs
colorEcho $BLUE "开始解析依赖!"
colorEcho ${BLUE} "开始下载 NFS-Client 的离线安装包!"
# ubuntu 20.04 使用如下的几项内容即可
# apt-get download keyutils libnfsidmap2 libtirpc-common libtirpc3 nfs-common rpcbind
apt-get download $(apt-rdepends nfs-common | grep -v "^ ")
colorEcho ${GREEN} " 下载完成 "
colorEcho ${BLUE} "开始下载 NFS-Server 的离线安装包!"
cd /tmp/storage/rpc
# ubuntu 20.04 使用如下的几项内容即可
# apt-get download keyutils libnfsidmap2 libtirpc-common libtirpc3 nfs-common nfs-kernel-server rpcbind
apt-get download $(apt-rdepends nfs-kernel-server | grep -v "^ ")
colorEcho ${GREEN} " 下载完成 "
echo ""
fi
colorEcho ${GREEN} "查看已经下载的相关依赖安装包……"
ls /tmp/storage/nfs/
ls /tmp/storage/rpc/
colorEcho ${GREEN} "--------------------------------------------------------------"
echo ""
}
distributeNFS() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始分发NFS的离线安装包…………"
echo ""
for ip in "${StorageServerIPs[@]}"; do
colorEcho ${BLUE} "正在将NFS的离线安装包分发至主机 ${ip} 上……"
echo "yes
yes
" | scp -r /tmp/storage/ root@${ip}:/tmp/storage/
if [[ $? -eq 0 ]]; then
colorEcho ${GREEN} "NFS的离线安装包已经分发完成"
colorEcho ${GREEN} "----------------------------------------------------------"
else
colorEcho ${RED} "ERRORNFS 离线安装包 没有正常分发!!"
colorEcho ${RED} "----------------------------------------------------------"
fi
done
echo ""
}
installNFS() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始安装 存储服务 NFS 的基础组件 的相关服务…………"
echo ""
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
echo ""
if [ "$LinuxReleaseVersion" = "centos" ]; then
if [ -d /tmp/storage/nfs/ ]; then
ls /tmp/storage/nfs/ | grep -q nfs-utils
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "检测到存储服务的离线安装包,开始执行安装过程!"
yum install -y -q /tmp/storage/nfs/*.rpm
echo ""
else
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
return 1
fi
fi
else
ls /tmp/storage/nfs | grep -q "nfs-common"
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "检测到存储服务的离线安装包,开始执行安装过程!"
dpkg -i /tmp/storage/nfs/*.deb
echo ""
else
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
return 1
fi
fi
colorEcho ${GREEN} "NFS安装完成开始启动服务"
systemctl start nfs nfs-client nfs-common
systemctl enable nfs nfs-client nfs-common
colorEcho ${BLUE} "------------------------------------------------------------"
systemctl status nfs nfs-client nfs-common -l | grep "active (running)"
if [[ $? -eq 0 ]]; then
colorEcho ${GREEN} " NFS-Client 启动完成 "
fi
colorEcho ${BLUE} "------------------------------------------------------------"
echo ""
}
#nfs 服务端
installNFSServer() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始安装 存储服务 NFS 的基础组件 的相关服务…………"
echo ""
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
echo ""
if [ "$LinuxReleaseVersion" = "centos" ]; then
if [ -d /tmp/storage/nfs/ ]; then
ls /tmp/storage/nfs/ | grep -q nfs-utils
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "检测到存储服务的离线安装包,开始执行安装过程!"
yum install -y -q /tmp/storage/nfs/*.rpm
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "NFS安装完成开始启动服务"
systemctl enable nfs
systemctl start nfs
colorEcho ${BLUE} "------------------------------------------------------------"
systemctl status nfs -l | grep "active (running)"
if [[ $? -eq 0 ]]; then
colorEcho ${GREEN} " NFS-Client 启动完成 "
fi
colorEcho ${BLUE} "------------------------------------------------------------"
echo ""
fi
else
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
return 1
fi
fi
if [ -d /tmp/storage/rpc/ ]; then
ls /tmp/storage/rpc/ | grep -q rpcbind
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "检测到存储服务的离线安装包,开始执行安装过程!"
yum install -y -q /tmp/storage/rpc/*.rpm
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "NFS-RPCBIND 安装完成,开始启动服务!"
systemctl start rpcbind
systemctl enable rpcbind
colorEcho ${BLUE} "------------------------------------------------------------"
systemctl status rpcbind -l | grep "active (running)"
if [[ $? -eq 0 ]]; then
colorEcho ${GREEN} " NFS-Server 启动完成 "
fi
colorEcho ${BLUE} "------------------------------------------------------------"
echo ""
fi
else
colorEcho ${RED} "未检测到NFS-RPCBIND的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS-RPCBIND的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS-RPCBIND的基础安装包程序将终止"
return 1
fi
fi
else
colorEcho ${GREEN} "执行发行版为-- ${LinuxReleaseVersion} 的NFS-Server安装进程"
if [ -d /tmp/storage/nfs/ ]; then
ls /tmp/storage/nfs/ | grep -q nfs-common
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "检测到存储服务的离线安装包,开始执行安装过程!"
dpkg -i /tmp/storage/nfs/*.deb
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "NFS安装完成开始启动服务"
systemctl start nfs
systemctl enable nfs
colorEcho ${BLUE} "------------------------------------------------------------"
systemctl status nfs -l | grep "active (running)"
if [[ $? -eq 0 ]]; then
colorEcho ${GREEN} " NFS-Client 启动完成 "
fi
colorEcho ${BLUE} "------------------------------------------------------------"
echo ""
fi
else
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS的基础安装包程序将终止"
return 1
fi
fi
if [ -d /tmp/storage/rpc/ ]; then
ls /tmp/storage/rpc/ | grep -q server
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "检测到存储服务的离线安装包,开始执行安装过程!"
dpkg -i /tmp/storage/rpc/*.deb
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "NFS-Server 安装完成,开始启动服务!"
systemctl start nfs-server
systemctl enable nfs-server
colorEcho ${BLUE} "------------------------------------------------------------"
systemctl status nfs-server -l | grep "active (running)"
if [[ $? -eq 0 ]]; then
colorEcho ${GREEN} " NFS-Server 启动完成 "
fi
colorEcho ${BLUE} "------------------------------------------------------------"
echo ""
fi
else
colorEcho ${RED} "未检测到NFS-RPCBIND的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS-RPCBIND的基础安装包程序将终止"
colorEcho ${RED} "未检测到NFS-RPCBIND的基础安装包程序将终止"
return 1
fi
fi
fi
echo ""
colorEcho ${BLUE} "开始创建NFS共享目录"
export NfsPath=/nfsdata
mkdir -p ${NfsPath}
chmod 777 ${NfsPath}
cat /etc/exports | grep ${NfsPath} -q
if [[ $? -ne 0 ]]; then
# exports文件中没有相关的额配置才添加
echo "nfs config not exist !"
echo "${NfsPath} *(rw,no_root_squash,no_all_squash,sync)" >>/etc/exports
fi
echo ""
colorEcho ${BLUE} "开始重启nfs服务!"
if [ "$LinuxReleaseVersion" = "centos" ]; then
systemctl restart rpcbind && systemctl restart nfs
else
systemctl restart nfs-server && systemctl restart nfs
fi
echo ""
echo ""
colorEcho ${BLUE} "检查NFS的运行状况"
rpcinfo -p localhost
colorEcho ${YELLOW} "------------------------------------------------------------"
echo ""
}
installProxyServer() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始安装网络代理(v2ray)的相关服务…………"
echo ""
colorEcho ${BLUE} "开始从西云的对象存储下载离线安装包…………"
colorEcho ${BLUE} "当前目录为 $(pwd),创建代理服务器的临时安装目录:"
mkdir proxy_offline_install && cd ./proxy_offline_install
wget "${ProxyOfflineFile}" -O proxy-offline.tar.gz
if [ ! -s proxy-offline.tar.gz ]; then
echo ""
colorEcho ${RED} "代理服务器安装包下载失败!!!"
colorEcho ${RED} "代理服务器安装包下载失败!!!"
colorEcho ${RED} "代理服务器安装包下载失败!!!"
return 1
fi
colorEcho ${GREEN} " 下载完成 "
tar -zxvf proxy-offline.tar.gz
colorEcho ${GREEN} " 代理服务器离线安装包解压缩完成 "
pwd
chmod +x v2ray-install.sh
colorEcho ${BLUE} "开始离线安装 网络代理(v2ray)服务器……"
echo "
" | ./v2ray-install.sh --local v2ray-linux-64_v4.32.1.zip
echo ""
colorEcho ${GREEN} "网络代理(v2ray v4.32.1)服务器已经安装成功!"
colorEcho ${GREEN} "---------------------------------------------"
echo ""
colorEcho ${BLUE} "开始配置代理服务器的相关设置…………"
sed -i "s/User=nobody/User=root/g" /etc/systemd/system/v2ray.service
rm /usr/local/etc/v2ray/config.json
cp ./config.json /usr/local/etc/v2ray/config.json
colorEcho ${GREEN} " 配置完成 "
cd ..
pwd
echo ""
colorEcho ${BLUE} "正在开启代理服务器v2ray的服务程序……"
systemctl daemon-reload && systemctl start v2ray
colorEcho ${GREEN} " 服务启动配置完成 "
echo ""
colorEcho ${BLUE} "查看代理服务器v2ray的程序运行状态……"
systemctl status v2ray -l | grep "Active: active (running)"
if [ $? -ne 0 ]; then
echo ""
colorEcho ${RED} "代理服务器启动失败!!"
colorEcho ${RED} "代理服务器启动失败!!"
colorEcho ${RED} "代理服务器启动失败!!"
colorEcho ${RED} "代理服务器启动失败!!"
return 1
fi
colorEcho ${BLUE} "正在设置v2ray的开机自启动……"
systemctl enable v2ray
colorEcho ${GREEN} " 开机自启动配置完成 "
colorEcho ${GREEN} "--------------------------------------------------------------"
echo ""
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "------------下面是代理服务器的使用方法说明------------"
colorEcho ${BLUE} "------------下面是代理服务器的使用方法说明------------"
colorEcho ${YELLOW} "------------------------------------------------------------"
colorEcho ${BLUE} "请确保当前主机能够访问公网!!!!"
colorEcho ${BLUE} "在需要使用代理上网的服务器上输入如下的命令:"
echo ""
echo ""
colorEcho ${YELLOW} " export http_proxy=http://${PublicServerIPs}:12333 && export https_proxy=http://${PublicServerIPs}:12333 "
echo ""
echo ""
colorEcho ${YELLOW} "------------------------------------------------------------"
colorEcho ${BLUE} "------------上面是代理服务器的使用方法说明------------"
colorEcho ${BLUE} "------------上面是代理服务器的使用方法说明------------"
echo ""
echo ""
}
modifySystemNetworkProxy() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始配置系统网络代理…………"
colorEcho ${GREEN} "--------------------------------------------------------------"
echo ""
addYumProxy
addShellProxy
# addDockerProxy
}
addYumProxy() {
colorEcho ${BLUE} "开始配置yum包管理工具的网络代理…………"
cat /etc/yum.conf | grep "http_proxy="http://"${PublicServerIPs}":12333""
if [ $? -eq 0 ]; then
colorEcho ${BLUE} "检测到yum的代理已经添加跳过"
return 1
fi
sed -i "$ a http_proxy="http://"${PublicServerIPs}":12333"" /etc/yum.conf
sed -i "$ a https_proxy="http://"${PublicServerIPs}":12333"" /etc/yum.conf
if [ $? -eq 0 ]; then
colorEcho ${GREEN} "yum源代理配置修改完成 目前yum命令可以通过master 节点代理上网"
echo ""
fi
}
addShellProxy() {
colorEcho ${BLUE} "开始配置shell终端的网络代理…………"
export http_proxy=http://${PublicServerIPs}:12333 && export https_proxy=http://${PublicServerIPs}:12333
cat /etc/profile | grep "http_proxy="http://"${PublicServerIPs}":12333""
if [ $? -eq 0 ]; then
colorEcho ${BLUE} "检测到shell的代理已经添加跳过"
return 1
fi
sed -i "$ a export http_proxy="http://"${PublicServerIPs}":12333"" /etc/profile
sed -i "$ a export https_proxy="http://"${PublicServerIPs}":12333"" /etc/profile
if [ -a ~/.bashrc ]; then
colorEcho ${BLUE} "检测到bash shell存在开始配置其代理。。"
cat ~/.bashrc | grep "http_proxy="http://"${PublicServerIPs}":12333""
if [ $? -eq 0 ]; then
colorEcho ${BLUE} "检测到shell的代理已经添加跳过"
return 1
fi
sed -i "$ a export http_proxy="http://"${PublicServerIPs}":12333"" ~/.bashrc
sed -i "$ a export https_proxy="http://"${PublicServerIPs}":12333"" ~/.bashrc
fi
if [ -a ~/.profile ]; then
colorEcho ${BLUE} "检测到~/.profile存在开始配置其代理。。"
cat ~/.profile | grep "http_proxy="http://"${PublicServerIPs}":12333""
if [ $? -eq 0 ]; then
colorEcho ${BLUE} "检测到shell的代理已经添加跳过"
return 1
fi
sed -i "$ a export http_proxy="http://"${PublicServerIPs}":12333"" ~/.profile
sed -i "$ a export https_proxy="http://"${PublicServerIPs}":12333"" ~/.profile
fi
if [ -a ~/.zshrc ]; then
colorEcho ${BLUE} "检测到zsh shell存在开始配置其代理。。"
cat ~/.zshrc | grep "http_proxy="http://"${PublicServerIPs}":12333""
if [ $? -eq 0 ]; then
colorEcho ${BLUE} "检测到shell的代理已经添加跳过"
return 1
fi
sed -i "$ a export http_proxy="http://"${PublicServerIPs}":12333"" ~/.zshrc
sed -i "$ a export https_proxy="http://"${PublicServerIPs}":12333"" ~/.zshrc
fi
if [ $? -eq 0 ]; then
colorEcho ${GREEN} "shell的代理配置修改完成 目前curl wget等命令可以通过master节点代理上网"
echo ""
fi
}
installDocker() {
### 国内的环境 ###
### 依赖colorEcho
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始安装Docker的相关服务…………"
colorEcho ${GREEN} "--------------------------------------------------------------"
colorEcho ${BLUE} "您选择安装的docker版本为${DOCKER_VERSION}"
echo ""
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion}"
echo ""
if [ "$LinuxReleaseVersion" = "centos" ]; then
colorEcho ${BLUE} "正在安装安装docker的所需要的依赖…………"
colorEcho ${YELLOW} "----------------------------------------------------------------------"
ls /tmp/docker-${DOCKER_VERSION}/depends/
colorEcho ${YELLOW} "----------------------------------------------------------------------"
echo ""
yum install -y -q /tmp/docker-${DOCKER_VERSION}/depends/*.rpm
colorEcho ${GREEN} " 安装完成 "
colorEcho ${GREEN} "--------------------------------------------------------------"
echo ""
colorEcho ${GREEN} "开始安装docker-ce版本为${DOCKER_VERSION}"
colorEcho ${YELLOW} "----------------------------------------------------------------------"
ls /tmp/docker-${DOCKER_VERSION}/
colorEcho ${YELLOW} "----------------------------------------------------------------------"
echo ""
yum install -y -q /tmp/docker-${DOCKER_VERSION}/*.rpm
else
colorEcho ${GREEN} "开始安装docker-ce版本为${DOCKER_VERSION}"
colorEcho ${YELLOW} "----------------------------------------------------------------------"
ls /tmp/docker-${DOCKER_VERSION}/
colorEcho ${YELLOW} "----------------------------------------------------------------------"
echo ""
dpkg -i /tmp/docker-${DOCKER_VERSION}/*.deb
echo ""
fi
colorEcho ${GREEN} " Docker安装完成 "
colorEcho ${GREEN} " Docker安装完成 "
colorEcho ${GREEN} " Docker安装完成 "
colorEcho ${GREEN} "--------------------------------------------------------------"
echo ""
colorEcho ${BLUE} "正在启动docker的服务进程…………"
systemctl enable docker.service
systemctl start docker.service
colorEcho ${BLUE} "等待docker的服务进程启动…………"
sleep 3
colorEcho ${BLUE} "查看docker的服务进程运行状态…………"
systemctl status docker.service -l | grep "active (running)"
if [[ $? -eq 0 ]]; then
colorEcho ${GREEN} " Docker 启动完成 "
fi
echo ""
}
## 安装docker时修改系统的配置文件
modifySystemConfig() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始修改系统内核参数…………"
## 配置内核参数
cat >/etc/sysctl.d/k8s.conf <<EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.all.forwarding = 1
EOF
## 执行命令以应用
sysctl -p /etc/sysctl.d/k8s.conf
colorEcho ${GREEN} "系统内核参数修改的结果如上所示…………"
colorEcho ${GREEN} "--------------------------------------------------------------------------------"
echo ""
}
installDockerCompose() {
colorEcho ${PURPLE} "正在下载 +++++++++++++ docker-compose文件 ++++++++++++++"
if [[ $OSSPublicURL == "" ]]; then
colorEcho ${BLUE} "未指定 docker-compose 镜像仓库的离线安装包下载地址!!"
colorEcho ${BLUE} "开始从GitHub下载 docker-compose 的离线安装包!!"
echo ""
curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" \
-o /usr/local/bin/docker-compose
else
colorEcho ${BLUE} "已经指定 docker-compose 镜像仓库的离线安装包下载地址!!"
wget "${DockerComposeFile}" -O /usr/local/bin/docker-compose
fi
if [ -s /usr/local/bin/docker-compose ]; then
colorEcho ${BLUE} "docker-compose文件下载成功"
echo ""
chmod +x /usr/local/bin/docker-compose
docker-compose --version &>/dev/null
if [[ $? -eq 0 ]]; then
colorEcho ${GREEN} "docker-compose安装成功版本为$(docker-compose --version | cut -d" " -f3)尽情享用"
else
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
fi
else
colorEcho ${RED} "docker-compose文件下载失败 无法访问github的资源。。"
colorEcho ${RED} "请手动下载docker-compose的安装文件"
fi
}
downloadKubectlMinio() {
echo ""
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} " 本部分应该在master节点上执行………"
colorEcho ${BLUE} " 开始下载minio集群的安装初始化工具 ………"
sudo wget https://github.com/minio/operator/releases/download/v4.4.13/kubectl-minio_4.4.13_linux_amd64 \
-O /usr/bin/kubectl-minio
sudo chmod +x /usr/bin/kubectl-minio
colorEcho ${BLUE} "请确保在需要安装 minio的服务器上创建好了目录"
colorEcho ${BLUE} "请确保在需要安装 minio的服务器上创建好了目录"
# 2. 初始化 minio 部署工具
kubectl minio init
}
buildDirectoryForMinio() {
echo ""
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} " 本部分应该在 安装minio集群的 节点上执行!………"
colorEcho ${BLUE} "开始 为MINIO服务器创建目录…………"
while true; do
colorEcho ${BLUE} "运行到此处说明您选择了一个pv挂载4目录的形式"
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${RED} "请确保您已经 手动初始化磁盘pv并将其挂在至 /data 目录!"
read -r -p "请输入yes进行确认脚本才可继续运行" input
case $input in
yes)
colorEcho ${GREEN} "您已确认 手动初始化磁盘pv并将其挂在至 /data 目录!"
echo ""
break
;;
*)
echo ""
colorEcho ${RED} "输入有误!!! 请输入 >> yes << 进行确认"
colorEcho ${RED} "请确保您已经 手动初始化磁盘pv并将其挂在至 /data 目录!"
colorEcho ${RED} "否则本脚本的功能会失效!!"
colorEcho ${RED} "-----------------------------------------------------"
echo ""
;;
esac
done
# 向下兼容 适应8pod或者4pod的情况
for i in {1..8}; do
mkdir -p /data/minio-pv/pv${i}
if [ -d "/data/minio-pv/pv${i}" ]; then
echo "yes"
else
return 1
fi
echo ""
done
colorEcho ${GREEN} "Minio的目录均已创建完成"
}
buildPVForMinio() {
echo ""
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始 为MINIO服务器 初始化磁盘pv创建整PV的存储…………"
echo "此部分功能暂时掠过!"
}
installZSH() {
colorEcho ${PURPLE} "--------------------------------------------------------------"
colorEcho ${BLUE} "开始安装宇宙第一shell的相关服务…………"
installDemandSoftwares zsh git || return $?
# 脚本会自动更换默认的shell
# echo y | sh -c "$(curl -fsSL https://cdn.jsdelivr.net/gh/robbyrussell/oh-my-zsh@master/tools/install.sh)"
wget https://cdn.jsdelivr.net/gh/robbyrussell/oh-my-zsh@master/tools/install.sh -O zsh-install.sh
# sed -i "s/github.com/github.com.cnpmjs.org/g" zsh-install.sh
# if [ $? -eq 0 ]; then
# colorEcho ${GREEN} "zsh仓库地址替换完成已更换为国内的下载加速镜像"
# fi
chmod +x zsh-install.sh
colorEcho ${BLUE} "开始执行zsh的安装过程"
echo y | sh -c "./zsh-install.sh"
if [ "$(ls -A /root/.oh-my-zsh | wc -w)" -eq "0" ]; then
echo ""
colorEcho ${RED} "zsh下载失败跳过安装步骤"
echo ""
return 1
fi
echo ""
}
modifyZSH() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------"
colorEcho ${GREEN} "zsh应该已经安装成功"
colorEcho ${BLUE} "开始修改zsh的相关配置信息使其更加好用…………"
echo ""
cat >oh-my-zsh-plugins-list.txt <<EOF
https://cdn.jsdelivr.net/gh/ohmyzsh/ohmyzsh/plugins/command-not-found/command-not-found.plugin.zsh
https://cdn.jsdelivr.net/gh/ohmyzsh/ohmyzsh/plugins/autojump/autojump.plugin.zsh
https://cdn.jsdelivr.net/gh/ohmyzsh/ohmyzsh/plugins/themes/themes.plugin.zsh
EOF
colorEcho ${BLUE} "正在下载zsh的一些好用的插件"
echo ""
colorEcho ${BLUE} "开始从GitHub下载 >自动提示< 插件…………"
git clone https://github.com.cnpmjs.org/zsh-users/zsh-autosuggestions ~/.oh-my-zsh/plugins/zsh-autosuggestions
echo ""
colorEcho ${BLUE} "开始从GitHub下载 >命令高亮< 插件…………"
git clone https://github.com.cnpmjs.org/zsh-users/zsh-syntax-highlighting.git ~/.oh-my-zsh/plugins/zsh-syntax-highlighting
echo ""
colorEcho ${BLUE} "开始从JSDeliver下载另外一些插件…………"
wget -c -i ~/oh-my-zsh-plugins-list.txt -P ~/.oh-my-zsh/plugins/
echo ""
colorEcho ${PURPLE} "---------------------------------------------------------------------------"
colorEcho ${GREEN} "插件已经下载完毕现在开始修改zsh的配置文件…………"
echo ""
sed -i "s/robbyrussell/agnoster/g" ~/.zshrc
sed -i 's/^# DISABLE_AUTO_UPDATE="true"/DISABLE_AUTO_UPDATE="true"/g' ~/.zshrc
sed -i 's/plugins=(git)/plugins=(git zsh-autosuggestions zsh-syntax-highlighting command-not-found z themes)/g' ~/.zshrc
colorEcho ${GREEN} "请检查当前zsh的插件开启情况"
colorEcho ${GREEN} "------------------------------------------"
cat ~/.zshrc | grep "plugins=" | grep -v "\#"
cat ~/.zshrc | grep "plugins=" | grep -v "\#"
cat ~/.zshrc | grep "plugins=" | grep -v "\#"
colorEcho ${GREEN} "------------------------------------------"
echo ""
echo "----------------------------------------------------"
echo "这里的错误输出无需在意"
source /root/.zshrc
echo "这里的错误输出无需在意"
echo "----------------------------------------------------"
if [[ $? -eq 0 ]]; then
colorEcho ${BLUE} "开始修改默认shell为zsh……"
for i in {6..1..-1}; do
colorEcho ${BLUE} "倒计时开始 ->> $i 秒 <<-准备切换shell上文的日志输出将会消失"
sleep 2
done
chsh -s /bin/zsh
zsh
else
colorEcho ${RED} "zsh 安装失败大概率是已经安装小概率是无法连接GitHub服务器~~"
fi
colorEcho ${GREEN} "zsh 安装成功,已更换主题,禁止更新,尽情享用~~~"
colorEcho ${GREEN} "-----------------------------------------------------------------------------"
colorEcho ${PURPLE} "宇宙第一shell的zsh已经安装成功了"
colorEcho ${GREEN} "宇宙第一shell的zsh已经安装成功了"
colorEcho ${BLUE} "宇宙第一shell的zsh已经安装成功了"
colorEcho ${GREEN} "-----------------------------------------------------------------------------"
echo ""
}
# 修改docker的国内加速镜像
changeDockerRegisterMirror() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始配置docker的(加速+私有)镜像…………"
echo ""
if [[ -e /etc/docker/daemon.json ]]; then
colorEcho ${BLUE} "已经存在docker的daemon文件。。"
mv /etc/docker/daemon.json /etc/docker/daemon.backup.json
colorEcho ${GREEN} "已经将daemon文件备份"
fi
colorEcho ${BLUE} "正在写入docker的daemon配置文件……"
cat >>/etc/docker/daemon.json <<EOF
{
"insecure-registries" : ["$DockerRegisterDomain"]
}
EOF
echo ""
colorEcho ${GREEN} "配置文件写入完成开始重启docker的服务"
systemctl restart docker.service
colorEcho ${GREEN} " docker服务重启完成 "
colorEcho ${GREEN} "---------------------------------------------------------------------------------"
echo ""
colorEcho ${BLUE} "下面输出Docker加速镜像的相关信息"
echo "--------------------------------------------------------------------------------------"
docker info | grep "https://" | grep -v "Registry"
echo "--------------------------------------------------------------------------------------"
colorEcho ${GREEN} "请查看上文是否存在添加的国内的镜像!!!"
}
addDockerProxy() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始配置docker-server的外网访问代理…………"
echo ""
mkdir -p /etc/systemd/system/docker.service.d
cat >>/etc/systemd/system/docker.service.d/http-proxy.conf <<EOF
[Service]
Environment="HTTP_PROXY=http://${PublicServerIPs}:12333"
Environment="HTTPS_PROXY=http://${PublicServerIPs}:12333"
Environment="NO_PROXY=localhost,127.0.0.1,${HarborHostName},${HarborHostName}:${HarborHostPort}"
EOF
systemctl daemon-reload
echo ""
colorEcho ${BLUE} "开始配置docker启动的Pod中的网络代理…………"
echo ""
if [ ! -d ~/.docker ]; then
mkdir -p ~/.docker
fi
cat >>~/.docker/config.json <<EOF
{
"proxies":
{
"default":
{
"httpProxy": "http://${PublicServerIPs}:12333",
"httpsProxy": "http://${PublicServerIPs}:12333",
"noProxy": "localhost,127.0.0.1,${HarborHostName},${HarborHostName}:${HarborHostPort}"
}
}
}
EOF
colorEcho ${GREEN} " 相关的代理均配置完成 "
colorEcho ${GREEN} "------------------------------------------------------------------------"
echo ""
colorEcho ${BLUE} "开始重启docker的服务进程…………"
systemctl restart docker
colorEcho ${GREEN} " docker服务重启完成 "
colorEcho ${BLUE} "请查看下面的输入是否存在代理服务器的设置信息…………"
systemctl show --property=Environment docker -l
echo ""
}
installHelm() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始安装Helm包管理工具…………"
if [[ ${OSSPublicURL} == "" ]]; then
colorEcho ${BLUE} "未检测到helm离线仓库的地址开始聪rancher镜像下载helm"
wget http://rancher-mirror.cnrancher.com/helm/v3.4.0/helm-v3.4.0-linux-amd64.tar.gz -O helm-offline.tar.gz
else
wget ${HelmOfflineFile} -O helm-offline.tar.gz
fi
if [ ! -s helm-offline.tar.gz ]; then
colorEcho ${RED} "helm离线安装包下载失败 "
colorEcho ${RED} "helm离线安装包下载失败 "
colorEcho ${RED} "helm离线安装包下载失败 "
return 1
fi
tar -zvxf helm-offline.tar.gz
mv linux-amd64/helm /usr/local/bin/helm
chmod +x /usr/local/bin/helm
rm -rf linux-amd64
colorEcho ${BLUE} "下面输出helm的版本请查看helm是否安装成功"
helm version
echo " "
}
installNginx() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始安装Nginx作为对面暴露面…………"
echo ""
if [ "$LinuxReleaseVersion" = "centos" ]; then
if [ "${NginxOfflineFile}" -eq "" ]; then
colorEcho ${BLUE} "未检测到nginx离线包开始从官网下载"
wget https://nginx.org/packages/centos/7/x86_64/RPMS/nginx-1.20.1-1.el7.ngx.x86_64.rpm
else
wget ${NginxOfflineFile}
fi
if [ -s "nginx-1.20.1-1.el7.ngx.x86_64.rpm" ]; then
colorEcho ${BLUE} "nginx离线包下载完成开始安装"
rpm -ivh nginx-1.20.1-1.el7.ngx.x86_64.rpm
fi
else
colorEcho ${BLUE} "检测到Linux的版本为Ubuntu"
colorEcho ${BLUE} "开始安装前置依赖!"
installDemandSoftwares curl gnupg2 ca-certificates lsb-release ubuntu-keyring
colorEcho ${BLUE} "开始添加apt源的gpg的key文件"
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
| sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
colorEcho ${BLUE} "开始添加Nginx的apt源"
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/ubuntu $(lsb_release -cs) nginx" \
| sudo tee /etc/apt/sources.list.d/nginx.list
colorEcho ${BLUE} "开始更新apt源"
sudo apt update
echo ""
colorEcho ${BLUE} "查看所有可以安装的nginx版本"
apt-cache madison nginx | awk '{print$3}'
echo ""
echo ""
colorEcho ${BLUE} "开始安装最新版本的nginx"
sudo apt install "nginx=$(apt-cache madison nginx | awk '{print$3}' | head -1)"
fi
systemctl status nginx
systemctl start nginx
if [ "$?" -eq "0" ]; then
colorEcho ${GREEN} "nginx安装完成已成功运行"
fi
}
modifyNginx() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始安装Nginx作为对面暴露面…………"
echo ""
colorEcho ${BLUE} "开始配置nginx的总配置文件"
cat >/etc/nginx/nginx.conf <<EOF
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
use epoll;
worker_connections 65535;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
server_tokens off;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
send_timeout 1200;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 600;
types_hash_max_size 2048;
client_max_body_size 2048m;
client_body_buffer_size 2048m;
underscores_in_headers on;
proxy_send_timeout 600;
proxy_read_timeout 600;
proxy_connect_timeout 600;
proxy_buffer_size 128k;
proxy_buffers 8 256k;
include /etc/nginx/conf.d/*.conf;
}
stream {
include /etc/nginx/conf.d/stream/*.conf;
}
EOF
colorEcho ${GREEN} "nignx的默认配置文件修改完成"
echo ""
if [ -a /etc/nginx/conf.d/default.conf ]; then
colorEcho ${BLUE} "检测到默认配置存在,需要将其去除!"
mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.back
echo ""
colorEcho ${GREEN} "已经将默认80端口的配置去除"
fi
colorEcho ${BLUE} "开始配置实际的nginx反向代理文件"
echo ""
cat >/etc/nginx/conf.d/real-public-nginx.conf <<EOF
server {
listen PUBLIC-PORT;
server_name localhost;
location / {
proxy_pass http://localhost/;
client_max_body_size 5120m;
client_body_buffer_size 5120m;
client_body_timeout 6000s;
proxy_send_timeout 10000s;
proxy_read_timeout 10000s;
proxy_connect_timeout 600s;
proxy_max_temp_file_size 5120m;
proxy_request_buffering on;
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 4 12k;
proxy_set_header Host FAKE-DOMAIN;
proxy_set_header X-R eal-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /rtc/v1/ {
add_header Access-Control-Allow-Headers X-Requested-With;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
proxy_pass http://127.0.0.1:30985/rtc/v1/;
}
location ~ ^/\w*/actuator/ {
return 403;
}
}
EOF
colorEcho ${BLUE} "开始配置重启Nginx服务"
echo ""
systemctl stop nginx
systemctl start nginx
colorEcho ${BLUE} "查看Nginx服务的运行状态"
colorEcho ${YELLOW} "------------------------------------------------------------"
systemctl status nginx.service
colorEcho ${YELLOW} "------------------------------------------------------------"
}
installHarbor() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始安装harbor镜像仓库…………"
docker-compose --version &>/dev/null
if [[ $? -ne 0 ]]; then
colorEcho ${RED} "检测到docker-compose未安装 Harbor服务器的安装过程将中断"
colorEcho ${RED} "检测到docker-compose未安装 Harbor服务器的安装过程将中断"
colorEcho ${RED} "检测到docker-compose未安装 Harbor服务器的安装过程将中断"
return 1
fi
echo ""
if [[ $OSSPublicURL == "" ]]; then
colorEcho ${BLUE} "未指定harbor镜像仓库的离线安装包下载地址"
colorEcho ${BLUE} "开始从GitHub下载 harbor的离线安装包"
echo ""
wget --no-check-certificate https://github.com/goharbor/harbor/releases/download/v2.1.0/harbor-offline-installer-v2.1.0.tgz
else
colorEcho ${BLUE} "已经指定harbor镜像仓库的离线安装包下载地址"
wget --no-check-certificate "${HarborOfflineFile}" -O harbor-offline-installer-v2.1.0.tgz
fi
if [ ! -s harbor-offline-installer-v2.1.0.tgz ]; then
colorEcho ${RED} "harbor离线安装包下载失败 跳过Harbor安装过程"
return 1
fi
colorEcho ${GREEN} "---------------离线安装包下载完成!!----------------"
echo ""
colorEcho ${BLUE} "开始解压缩harbor的离线安装包"
tar xvf harbor-offline-installer-v2.1.0.tgz
colorEcho ${GREEN} "---------------解压缩完成!!---------------"
echo ""
colorEcho ${BLUE} "开始配置harbor仓库的相关设置"
rm ./harbor/harbor.yml
cat >>./harbor/harbor.yml <<EOF
hostname: $HarborHostName
http:
port: $HarborHostPort
harbor_admin_password: $HarborAdminPass
database:
password: $HarborAdminPass
max_idle_conns: 50
max_open_conns: 1000
data_volume: /var/lib/docker/harbor-data
clair:
updaters_interval: 12
jobservice:
max_job_workers: 10
notification:
webhook_job_max_retry: 10
chart:
absolute_url: disabled
log:
level: error
local:
rotate_count: 50
rotate_size: 200M
location: /var/log/harbor
_version: 2.0.0
proxy:
http_proxy:
https_proxy:
no_proxy:
components:
- core
- jobservice
- clair
- trivy
EOF
colorEcho ${GREEN} "---------------配置文件写入完成!!---------------"
echo ""
colorEcho ${BLUE} "开始安装harbor取决于机器的配置时间会比较久"
colorEcho ${BLUE} "开始安装harbor取决于机器的配置时间会比较久"
colorEcho ${PURPLE}
./harbor/install.sh --with-chartmuseum
echo ""
echo ""
colorEcho ${GREEN} "---------------harbor仓库安装完成---------------"
}
loadRKEImages() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始将所有RKE的系统镜像上传至私有的Harbor仓库中…………"
echo ""
if [[ ${RKESystemImages} == "" ]]; then
colorEcho ${BLUE} "未指定RKE系统镜像的离线安装包下载地址"
colorEcho ${BLUE} "开始从DockerHub上下载RKE系统镜像"
echo ""
else
colorEcho ${BLUE} "已经指定RKE系统镜像的离线安装包下载地址"
colorEcho ${BLUE} "开始从自定义网址> ${RKESystemImages} <上下载RKE系统镜像"
echo ""
fi
}
#downloadChrony(){
# colorEcho ${PURPLE} "--------------------------------------------------------------"
# colorEcho ${BLUE} "准备下载 Chrony 的离线安装包…………"
# colorEcho ${GREEN} "--------------------------------------------------------------"
# echo ""
#
#
# mkdir /tmp/chrony
# cd /tmp/chrony
#
# command_exists apt-rdepends
# if [ "$?" -eq "0" ]; then
# let staff=chrony
# colorEcho ${BLUE} "开始下载 ${staff} 的依赖!"
# apt download $(apt-rdepends ${staff} | grep -v "^ ")
# colorEcho ${GREEN} "下载完成!"
# else
# colorEcho ${RED} "依赖检测工具不存在!"
# apt-get download libnss-systemd libpam-systemd libsystemd0 systemd systemd-sysv chrony
# fi
#
#}
# 使用chrony进行NTP时间同步
TimeSyncToNTPByChrony() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始使用 chrony 工具进行时间同步…………"
colorEcho ${GREEN} "----------------------------------------------------------------------------------"
echo ""
colorEcho ${BLUE} "开始安装chrony工具……"
installDemandSoftwares chrony || return $?
colorEcho ${GREEN} " 安装完成 "
# 这里使用的是 默认的NTP源又不是不能用为啥要换啊。
colorEcho ${BLUE} "开始启动并开启开机启动chrony……"
systemctl enable chronyd && systemctl start chronyd
colorEcho ${BLUE} "开始配置chrony……"
suffixIP=$(echo ${PublicServerIPs[0]} | cut -d "." -f1-2)
internalCIDR=$(echo "${suffixIP}.0.0/16")
if [[ ${LinuxReleaseVersion} == "centos" ]]; then
local chronyFile=/etc/chrony.conf
else
local chronyFile=/etc/chrony/chrony.conf
fi
# sed -i "/^#allow 192.168.0.0\/16/ a allow ${internalCIDR}" ${chronyFile}
sed -i "$ a allow ${internalCIDR}" ${chronyFile}
sed -i "s/server 0.centos.pool.ntp.org iburst/server ntp2.aliyun.com iburst/g" ${chronyFile}
colorEcho ${BLUE} "开始重启chrony server服务"
systemctl restart chronyd
echo ""
systemctl status chronyd -l | grep "active (running)" -q
if [[ $? -eq 0 ]]; then
chronyc -n sources -v
chronyc tracking
colorEcho ${GREEN} "时间同步配置完成,已与阿里云进行时间同步!!"
colorEcho ${GREEN} "NTP同步时间完成。现在时间为"
colorEcho ${GREEN} "--------------------------------------------------"
colorEcho ${PURPLE} "$(date -R)"
colorEcho ${GREEN} "--------------------------------------------------"
else
colorEcho ${RED} "时间同步服务器启动失败!!"
colorEcho ${RED} "时间同步服务器启动失败!!"
colorEcho ${RED} "时间同步服务器启动失败!!"
return 1
fi
changeTimeZoneAndNTP
}
modifyChronySyncToMaster() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始配置 chrony 时间同步至master节点…………"
colorEcho ${GREEN} "----------------------------------------------------------------------------------"
echo ""
colorEcho ${BLUE} "开始安装chrony工具……"
installDemandSoftwares chrony || return $?
colorEcho ${GREEN} " 安装完成 "
colorEcho ${BLUE} "开始启动并开启开机启动chrony……"
systemctl enable chronyd && systemctl start chronyd
colorEcho ${BLUE} "开始配置chrony……"
sed -i "s/server 0.centos.pool.ntp.org iburst/server ${PublicServerIPs} minpoll 4 maxpoll 10 iburst/g" /etc/chrony.conf
systemctl restart chronyd
systemctl status chronyd -l | grep "active (running)"
if [[ $? -eq 0 ]]; then
chronyc -n sources -v
chronyc tracking
colorEcho ${GREEN} "时间同步配置完成已与Master节点 ${PublicServerIPs} 进行时间同步!!"
colorEcho ${GREEN} "NTP同步时间完成。现在时间为"
colorEcho ${GREEN} "--------------------------------------------------"
colorEcho ${PURPLE} "$(date -R)"
colorEcho ${GREEN} "--------------------------------------------------"
else
colorEcho ${RED} "时间同步服务器启动失败!!"
colorEcho ${RED} "时间同步服务器启动失败!!"
colorEcho ${RED} "时间同步服务器启动失败!!"
return 1
fi
changeTimeZoneAndNTP
}
modifyTimeSyncdToMasterUbuntu() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始配置 timesyncd 时间同步至master节点…………"
colorEcho ${GREEN} "----------------------------------------------------------------------------------"
echo ""
colorEcho ${BLUE} "开始修改配置文件,时间同步到 Master节点"
sed -i "$ a NTP=${PublicServerIPs}" /etc/systemd/timesyncd.conf
systemctl daemon-reload
systemctl restart systemd-timesyncd.service
systemctl status systemd-timesyncd.service -l | grep "active (running)"
if [[ $? -eq 0 ]]; then
colorEcho $GREEN "时间同步客户端正在正常运行!"
colorEcho ${YELLOW} "------------------------------------------------"
timedatectl show-timesync --all
echo ""
colorEcho ${YELLOW} "------------------------------------------------"
timedatectl status
echo ""
colorEcho ${YELLOW} "------------------------------------------------"
else
colorEcho ${RED} "时间同步服务器安装失败! 请检查原因"
return 23
fi
}
changeTimeZoneAndNTP() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始使用 timedatectl 工具进行时间同步…………"
colorEcho ${GREEN} "----------------------------------------------------------------------------------"
echo ""
if [[ -n $(command -v timedatectl) ]]; then
colorEcho ${BLUE} "检测到工具存在,正在设置时间和时区为 上海(UTC+8)时间"
timedatectl set-timezone Asia/Shanghai && timedatectl set-ntp true
colorEcho ${GREEN} "同步时间完成。现在时间为:"
colorEcho ${GREEN} "--------------------------------------------------"
colorEcho ${PURPLE} "$(date -R)"
colorEcho ${GREEN} "--------------------------------------------------"
colorEcho ${BLUE} "开始重启系统日志服务,使得系统日志的时间戳也立即生效"
systemctl restart rsyslog
colorEcho ${GREEN} " 重启完成 "
else
colorEcho ${RED} "timedatectl 工具不存在,时间同步失败!! 请手动更换时间!"
fi
colorEcho ${GREEN} "----------------------------------------------------------------------------------"
echo ""
}
## 为了本脚本能够满足Ubuntu系统做出设当的更改
commonToolInstall() {
colorEcho ${PURPLE} "---------------------------------------------------------------------------------"
colorEcho ${BLUE} "开始进行Linux常用工具的安装过程…………"
colorEcho ${GREEN} "--------------------------------------------------"
echo ""
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion} "
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion} "
colorEcho ${GREEN} "当前系统的发行版为-- ${LinuxReleaseVersion} "
echo ""
if [[ ${LinuxReleaseVersion} == "centos" ]]; then
centosCommonTool=(deltarpm net-tools iputils bind-utils lsof curl wget vim mtr htop screen unzip git openssl iftop)
installDemandSoftwares "${centosCommonTool[@]}"
elif [[ ${LinuxReleaseVersion} == "ubuntu" ]] || [[ ${LinuxReleaseVersion} == "debian" ]]; then
ubuntuCommonTool=(iputils-ping net-tools dnsutils lsof curl wget mtr-tiny vim htop screen git apt-rdepends nethogs iftop)
installDemandSoftwares "${ubuntuCommonTool[@]}"
fi
}
main() {
installHarbor || return $?
installNginx
modifyNginx
installZSH || return $?
modifyZSH || return $?
}
HarborServer() {
# 当harbor位于k8s-master节点相同时
check_root
check_sys
disableSwap
shutdownFirewall
modifySystemConfig
commonToolInstall
installHelm
TimeSyncToNTPByChrony || return $?
changeTimeZoneAndNTP || return $?
# installProxyServer || return $?
generateSSHKey || return $?
downloadDocker || return $?
distributeDocker || return $?
installDocker || return $?
installDockerCompose || return $?
downloadNFS || return $?
distributeNFS || return $?
installNFSServer || return $?
installHarbor || return $?
installNginx
modifyNginx
installZSH || return $?
modifyZSH || return $?
}
WorkerServer() {
# check_root
#
# check_sys
# disableSwap
# shutdownFirewall
# modifySystemConfig
#
# modifyTimeSyncdToMasterUbuntu
## changeTimeZoneAndNTP || return $?
# installDocker || return $?
changeDockerRegisterMirror
}
MinioServer() {
check_root
addYumProxy
addShellProxy
check_sys
disableSwap
shutdownFirewall
modifySystemConfig
# changeTimeZoneAndNTP || return $?
modifyChronySyncToMaster
installDocker || return $?
changeDockerRegisterMirror
addDockerProxy
if [[ ${MinioStorageType} -eq "pv" ]]; then
buildPVForMinio
else
buildDirectoryForMinio
fi
}
HeketiServer() {
check_root
addYumProxy
addShellProxy
check_sys
disableSwap
shutdownFirewall
modifySystemConfig
modifyChronySyncToMaster || return $?
installGlusterFS || return $?
installHeketi || return $?
}
GlusterServer() {
check_root
addYumProxy
addShellProxy
check_sys
disableSwap
shutdownFirewall
modifySystemConfig
modifyChronySyncToMaster || return $?
installGlusterFS || return $?
}
${WhichNodeRun}
Reference in New Issue View Git Blame Copy Permalink