199 lines
4.7 KiB
Bash
199 lines
4.7 KiB
Bash
#!/bin/bash
|
||
|
||
|
||
echo "n
|
||
p
|
||
|
||
|
||
+5G
|
||
t
|
||
|
||
8e
|
||
w
|
||
" | fdisk /dev/sdc
|
||
|
||
|
||
|
||
partprobe
|
||
pvcreate /dev/sdc2
|
||
vgextend rootvg /dev/sdc2
|
||
export selfpesize=$(vgdisplay rootvg | grep 'Free' | awk '{print $5}')
|
||
lvextend -l+${selfpesize} /dev/mapper/rootvg-lvusr
|
||
xfs_growfs /dev/mapper/rootvg-lvusr
|
||
|
||
|
||
<h3>k8s节点扩容</h3>
|
||
|
||
<h5>1、设置时间同步及时区</h5>
|
||
|
||
```shell
|
||
yum makecache fast
|
||
yum install ntp -y
|
||
ntpdate ntp.ubuntu.com
|
||
systemctl start ntpd
|
||
systemctl enable ntpd
|
||
cp -f /usr/share/zoneinfo/Asia/Shanghai /etc/localtim
|
||
```
|
||
|
||
<h5>2、设置hostname、selinux等</h5>
|
||
|
||
```shell
|
||
hostnamectl set-hostname dmz-k8s1-n8
|
||
systemctl stop NetworkManager
|
||
systemctl disable NetworkManager
|
||
systemctl stop firewalld
|
||
systemctl disable firewalld
|
||
firewall-cmd --state
|
||
setenforce 0
|
||
getenforce
|
||
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
|
||
cat /etc/selinux/config
|
||
swapoff -a
|
||
free
|
||
sed -i 's/\(.*swap.*\)/#\1/' /etc/fstab
|
||
cat /etc/fstab
|
||
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
|
||
modprobe br_netfilter
|
||
lsmod | grep br_netfilter
|
||
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
|
||
br_netfilter
|
||
EOF
|
||
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
|
||
net.bridge.bridge-nf-call-ip6tables = 1
|
||
net.bridge.bridge-nf-call-iptables = 1
|
||
EOF
|
||
sysctl --system
|
||
sysctl -p
|
||
```
|
||
|
||
<h5>3、安装docker-ce</h5>
|
||
|
||
```shell
|
||
yum install -y yum-utils device-mapper-persistent-data lvm2
|
||
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
|
||
yum makecache fast
|
||
yum install -y containerd.io
|
||
yum install -y docker-ce-cli-19.03.13-3.el7.x86_64
|
||
yum install -y docker-ce-19.03.13-3.el7.x86_64
|
||
rpm -qa |grep docker
|
||
mkdir /etc/docker
|
||
cat <<EOF | sudo tee /etc/docker/daemon.json
|
||
{
|
||
"exec-opts": ["native.cgroupdriver=systemd"],
|
||
"log-driver": "json-file",
|
||
"log-opts": {
|
||
"max-size": "100m"
|
||
},
|
||
"storage-driver": "overlay2",
|
||
"storage-opts": [
|
||
"overlay2.override_kernel_check=true"
|
||
],
|
||
"insecure-registries": [
|
||
"harbor-qa.sre.cdcyy.cn",
|
||
"harbor-manager.sre.cdcyy.cn",
|
||
"harbor-prod.sre.cdcyy.cn",
|
||
"harbor.sre.cdcyy.cn"
|
||
],
|
||
"registry-mirrors": ["https://qbbxbykw.mirror.aliyuncs.com","https://docker.mirrors.ustc.edu.cn"]
|
||
}
|
||
EOF
|
||
mkdir -p /etc/systemd/system/docker.service.d
|
||
systemctl daemon-reload
|
||
systemctl start docker
|
||
systemctl enable docker
|
||
|
||
|
||
# Generated by NetworkManager
|
||
search ecs.io
|
||
nameserver 192.168.34.40
|
||
nameserver 223.5.5.5
|
||
|
||
```
|
||
|
||
<h5>4.添加ipvs支持</h5>
|
||
|
||
```shell
|
||
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
|
||
#!/bin/bash
|
||
modprobe -- ip_vs
|
||
modprobe -- ip_vs_rr
|
||
modprobe -- ip_vs_wrr
|
||
modprobe -- ip_vs_sh
|
||
modprobe -- nf_conntrack_ipv4
|
||
EOF
|
||
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
|
||
yum install -y ipset ipvsadm
|
||
|
||
|
||
cat >/etc/sysctl.d/k8s.conf <<EOF
|
||
net.ipv4.ip_forward = 1
|
||
net.bridge.bridge-nf-call-ip6tables = 1
|
||
net.bridge.bridge-nf-call-iptables = 1
|
||
net.ipv6.conf.all.disable_ipv6 = 1
|
||
net.ipv6.conf.default.disable_ipv6 = 1
|
||
net.ipv6.conf.lo.disable_ipv6 = 1
|
||
net.ipv6.conf.all.forwarding = 1
|
||
EOF
|
||
|
||
## 执行命令以应用
|
||
sysctl -p /etc/sysctl.d/k8s.conf
|
||
|
||
```
|
||
|
||
<h5>5.安装kubelet组件</h5>
|
||
|
||
```shell
|
||
vi /etc/yum.repos.d/kubernetes.repo
|
||
[kubernetes]
|
||
name=Kubernetes
|
||
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-$basearch
|
||
enabled=1
|
||
gpgcheck=0
|
||
repo_gpgcheck=0
|
||
exclude=kubelet kubeadm kubectl
|
||
|
||
|
||
cat > /etc/yum.repos.d/kubernetes.repo << EOF
|
||
[kubernetes]
|
||
name=Kubernetes
|
||
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
|
||
enabled=1
|
||
gpgcheck=0
|
||
repo_gpgcheck=0
|
||
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
|
||
EOF
|
||
|
||
yum install -y kubelet-1.18.0-0.x86_64 --disableexcludes=kubernetes
|
||
yum install -y kubeadm-1.18.0-0.x86_64 --disableexcludes=kubernetes
|
||
yum downgrade -y kubectl-1.18.0-0.x86_64 --disableexcludes=kubernetes
|
||
rpm -qa |grep kube
|
||
systemctl enable --now kubelet
|
||
|
||
|
||
yum install -y kubelet-1.20.4-0.x86_64 --disableexcludes=kubernetes
|
||
yum install -y kubeadm-1.20.4-0.x86_64 --disableexcludes=kubernetes
|
||
yum downgrade -y kubectl-1.20.4-0.x86_64 --disableexcludes=kubernetes
|
||
rpm -qa |grep kube
|
||
systemctl enable --now kubelet (这里kubelet会一直报错重启,这是正常的,因为需要等待kubeadmin)
|
||
|
||
|
||
```
|
||
|
||
<h5>6.加入集群</h5>
|
||
|
||
```shell
|
||
kubeadm token create --print-join-command
|
||
|
||
kubeadm join 192.168.148.131:6443 --token 1btqa0.r7xinh9gq81qcftx --discovery-token-ca-cert-hash sha256:938924402f317621bdafc937184db37643335f1065db9ba6d5846f021e224ea0
|
||
```
|
||
|
||
<h5>7.打标签加污点</h5>
|
||
|
||
```shell
|
||
kubectl label nodes dmz-k8s1-n8 prolab=xczx
|
||
kubectl taint nodes dmz-k8s1-n8 project=countryup:NoSchedule
|
||
```
|
||
|
||
kubeadm token create --print-join-command
|
||
|
||
yum install -y glusterfs glusterfs-fuse glusterfs-rdma glusterfs-geo-replication glusterfs-devel |