通过ansible部署k8s(ubuntu,docker)
准备条件
k8s所使用的主机如下,本次安装使用了ubuntu focal(20.04 lts)
| ip | hostname |
|---|
| 10.4.1.11 | master | | 10.4.1.21 | work1 | | 10.4.1.22 | work2 | | 10.4.1.23 | work3 |
本机为linux 且已安装ansible
ansible hosts
vim /etc/ansible/hosts
将下述配置写入/etc/ansible/hosts,[k8s]起到一个组名的作用,可以改成其他
[k8s]
10.4.1.11 hostname=master ansible_ssh_user=root ansible_ssh_pass=root
10.4.1.21 hostname=work1 ansible_ssh_user=root ansible_ssh_pass=root
10.4.1.22 hostname=work2 ansible_ssh_user=root ansible_ssh_pass=root
10.4.1.23 hostname=work3 ansible_ssh_user=root ansible_ssh_pass=root
k8sdocker.yml
在本机新建k8sdocker.yml
- hosts: k8s
remote_user: root
tasks:
- name: hosts
shell: echo 10.4.1.11 master >> /etc/hosts && echo 10.4.1.21 work1 >> /etc/hosts && echo 10.4.1.22 work2 >> /etc/hosts && echo 10.4.1.23 work3 >> /etc/hosts
- name: ntp time
shell: apt install ntpdate -y && ntpdate ntp.aliyun.com && apt update
- name: upgrade
shell: apt update && apt upgrade -y
- name: some tools
shell: apt-get install -y apt-transport-https
- name: add aliyun docker source gpg
shell: curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
- name: add aliyun docker source
shell: echo "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu focal stable\n" > /etc/apt/sources.list.d/docker.list
- name: swap off
shell: swapoff -a && sed -i '/ swap / s/^\(.*\)$/
- name: iptables
shell: echo "net.bridge.bridge-nf-call-ip6tables = 1\nnet.bridge.bridge-nf-call-iptables = 1\nnet.ipv4.ip_forward = 1" > /etc/sysctl.conf
- name: docker-ce
shell: apt update && apt install docker-ce -y
- name: docker mirror
shell: echo "{\n\t\"exec-opts\":[\"native.cgroupdriver=systemd\"],\n\t\"registry-mirrors\":[\"http://hub-mirror.c.163.com\"]\n}" > /etc/docker/daemon.json
- name: reload docker
shell: systemctl daemon-reload && systemctl restart docker
- name: add aliyun k8s source gpg
shell: curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
- name: add aliyun k8s source
shell: echo deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main >> /etc/apt/sources.list.d/kubernetes.list
- name: install kubeadm kubelet kubectl
shell: apt update && apt install -y kubeadm=1.21.2-00 kubelet=1.21.2-00 kubectl=1.21.2-00
- name: bridge on
shell: modprobe br_netfilter && modprobe overlay && echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables && echo 1 > /proc/sys/net/ipv4/ip_forward
- name: get coredns
shell: docker pull registry.aliyuncs.com/google_containers/coredns:1.8.0
- name: tag coredns
shell: docker tag registry.aliyuncs.com/google_containers/coredns:1.8.0 registry.aliyuncs.com/google_containers/coredns:v1.8.0
运行ansible剧本
ansible-playbook k8sdocker.yml
初始化 k8s master
在master节点运行如下命令
ver=`kubeadm version|awk '{print $5}'|sed "s/[^0-9|\.]//g"|awk 'NR==1{print}'`
kubeadm init --apiserver-advertise-address=10.4.1.11 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v${ver} --service-cidr=172.16.0.0/24 --pod-network-cidr=10.244.0.0/16
export KUBECONFIG=/etc/kubernetes/admin.conf
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
source ~/.bash_profile
在执行kubeadm init命令之后会输出加入节点的命令
在work(work1,work2,work3)节点运行加入命令,命令类似下面,以执行kubeadm init命令之后的输出为准
kubeadm join 10.4.1.11:6443 --token okqui2.rkxz477motrb3t4m --discovery-token-ca-cert-hash sha256:e2e614a703e998f2cb7c3b0996a29cf1a493e7ee688ccf97e9bdb1bc90987452
输出的命令中含有/,要把命令复制出来,删除/之后执行
kuboard等
编辑nginx-ingress.yaml的时候里面有两个v1beta1修改为v1
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f https://kuboard.cn/install-script/kuboard.yaml
kubectl apply -f https://addons.kuboard.cn/metrics-server/0.3.7/metrics-server.yaml
wget https://kuboard.cn/install-script/v1.16.3/nginx-ingress.yaml
vim nginx-ingress.yaml
kubectl apply -f nginx-ingress.yaml
通过下面的命令获得token
echo $(kubectl -n kube-system get secret $(kubectl -n kube-system get secret | grep kuboard-user | awk ‘{print $1}’) -o go-template=’{{.data.token}}’ | base64 -d)
浏览器打开10.4.1.11:32567(任一节点的32567端口都可),输入token即可
|