搜索到
211
篇与
cby
的结果
-
升级二进制kubernetes集群 升级二进制kubernetes集群背景介绍最近由于时间不足,暂时无法对小版本更新第一时间出新的文档。若需要升级集群版本,可以参考此文档进行操作,每个节点一个一个的更新。大版本更新请各位持续关注我的Github项目仓库。后续更新会在仓库持续更新。感谢各位小伙伴一直以来的支持。此文档基于我的二进制安装仓库 https://github.com/cby-chen/Kubernetes基础操作查看当前版本信息[root@k8s-master01 ~]# kubectl get node NAME STATUS ROLES AGE VERSION k8s-master01 Ready <none> 57d v1.23.6 k8s-master02 Ready <none> 57d v1.23.6 k8s-master03 Ready <none> 57d v1.23.6 k8s-node01 Ready <none> 57d v1.23.6 k8s-node02 Ready <none> 57d v1.23.6 [root@k8s-master01 ~]#主机域名以及IP地址[root@k8s-master01 ~]# cat /etc/hosts | grep k8s 192.168.1.230 k8s-master01 192.168.1.231 k8s-master02 192.168.1.232 k8s-master03 192.168.1.233 k8s-node01 192.168.1.234 k8s-node02 [root@k8s-master01 ~]#下载二进制安装包[root@k8s-master01 ~]# wget https://dl.k8s.io/v1.23.9/kubernetes-server-linux-amd64.tar.gz [root@k8s-master01 ~]#解压二进制安装包[root@k8s-master01 ~]# tar xf kubernetes-server-linux-amd64.tar.gz [root@k8s-master01 ~]# 升级Maser升级三台主节点上的客户端[root@k8s-master01 ~]# scp kubernetes/server/bin/kubectl root@192.168.1.230:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kubectl root@192.168.1.231:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kubectl root@192.168.1.232:/usr/local/bin/ [root@k8s-master01 ~]#升级三台主节点api组件[root@k8s-master01 ~]# ssh root@192.168.1.230 "systemctl stop kube-apiserver" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-apiserver root@192.168.1.230:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.230 "systemctl start kube-apiserver" [root@k8s-master01 ~]# [root@k8s-master01 ~]# kube-apiserver --version Kubernetes v1.23.9 [root@k8s-master01 ~]#升级三台主节点控制器组件[root@k8s-master01 ~]# ssh root@192.168.1.230 "systemctl stop kube-controller-manager" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-controller-manager root@192.168.1.230:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.230 "systemctl start kube-controller-manager" [root@k8s-master01 ~]#升级三台主节点选择器组件[root@k8s-master01 ~]# ssh root@192.168.1.230 "systemctl stop kube-scheduler" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-scheduler root@192.168.1.230:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.230 "systemctl start kube-scheduler" [root@k8s-master01 ~]#升级Worker每一台机器都要升级kubelet[root@k8s-master01 ~]# ssh root@192.168.1.230 "systemctl stop kubelet" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kubelet root@192.168.1.230:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.230 "systemctl start kubelet" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.230 "kubelet --version" Kubernetes v1.23.9 [root@k8s-master01 ~]#每一台机器都要升级kube-proxy[root@k8s-master01 ~]# ssh root@192.168.1.230 "systemctl stop kube-proxy" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-proxy root@192.168.1.230:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.230 "systemctl start kube-proxy" [root@k8s-master01 ~]#验证[root@k8s-master01 ~]# kubectl get node NAME STATUS ROLES AGE VERSION k8s-master01 Ready <none> 57d v1.23.9 k8s-master02 Ready <none> 57d v1.23.9 k8s-master03 Ready <none> 57d v1.23.9 k8s-node01 Ready <none> 57d v1.23.9 k8s-node02 Ready <none> 57d v1.23.9 [root@k8s-master01 ~]# [root@k8s-master01 ~]# kubectl version Client Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.9", GitCommit:"c1de2d70269039fe55efb98e737d9a29f9155246", GitTreeState:"clean", BuildDate:"2022-07-13T14:26:51Z", GoVersion:"go1.17.11", Compiler:"gc", Platform:"linux/amd64"} Server Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.9", GitCommit:"c1de2d70269039fe55efb98e737d9a29f9155246", GitTreeState:"clean", BuildDate:"2022-07-13T14:19:57Z", GoVersion:"go1.17.11", Compiler:"gc", Platform:"linux/amd64"} [root@k8s-master01 ~]#关于https://www.oiox.cn/https://www.oiox.cn/index.php/start-page.htmlCSDN、GitHub、知乎、开源中国、思否、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客全网可搜《小陈运维》文章主要发布于微信公众号 -
系统优化脚本支持Ubuntu和CentOS 系统优化脚本支持Ubuntu和CentOS安装系统后经常有一些基础的系统优化安装,本人比较懒,写了一个脚本,可以后期加入其他优化方面。仓库地址:https://github.com/cby-chen/OS后续可能会继续更新脚本shell脚本如下#!/bin/bash os=$(cat /etc/os-release 2>/dev/null | grep ^ID= | awk -F= '{print $2}') function selinuxset(){ selinux_status=$(grep -c "SELINUX=disabled" /etc/sysconfig/selinux) echo "========================禁用SELINUX========================" if [ "$selinux_status" -eq 0 ];then sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/sysconfig/selinux setenforce 0 grep SELINUX=disabled /etc/sysconfig/selinux getenforce else echo 'SELINUX已处于关闭状态' grep SELINUX=disabled /etc/sysconfig/selinux getenforce fi echo "完成禁用SELINUX" echo "===========================================================" sleep 3 } function firewalldset(){ echo "========================关闭firewalld=======================" echo '关闭防火墙' systemctl disable --now firewalld echo '验证如下' systemctl list-unit-files | grep firewalld echo '生产环境下建议启用' echo "===========================================================" sleep 3 } function ufwset(){ echo "========================关闭ufw============================" echo '关闭防火墙' systemctl disable --now ufw echo '验证如下' systemctl list-unit-files | grep ufw echo '生产环境下建议启用' echo "===========================================================" sleep 3 } function limitsset(){ echo "======================修改文件描述符========================" echo '加大系统文件描述符最大值' { echo '* soft nofile 65536' echo '* hard nofile 65536' echo '* soft nproc 65536' echo '* hard nproc 65536' } >> /etc/security/limits.conf echo '查看配置内容' cat /etc/security/limits.conf echo '设置软硬资源限制' ulimit -Sn ; ulimit -Hn echo "===========================================================" sleep 3 } function yumset(){ echo "======================开始修改YUM源========================" echo '开始修改YUM源' sudo sed -e 's|^mirrorlist=|#mirrorlist=|g' -e 's|^#baseurl=http://mirror.centos.org|baseurl=https://mirrors.tuna.tsinghua.edu.cn|g' -i.bak /etc/yum.repos.d/CentOS-*.repo echo '开始安装常规软件' yum update -y yum install curl git wget ntpdate lsof net-tools telnet vim lrzsz tree nmap nc sysstat epel* -y echo "===========================================================" sleep 3 } function aptset(){ echo "======================开始修改APT源========================" echo '开始修改APT源' apt_stat=$(cat /etc/apt/sources.list | grep -v ^\# | awk -F/ '{print $3}' | grep -v ^$ | awk 'NR==1{print}') sudo sed -i "s/$apt_stat/mirrors.ustc.edu.cn/g" /etc/apt/sources.list echo '开始安装常规软件' apt update -y apt upgrade -y apt install vim htop net-tools lrzsz nmap telnet ntpdate sysstat curl git wget -y echo "===========================================================" sleep 3 } function restartset(){ echo "===================禁用ctrl+alt+del重启====================" rm -rf /usr/lib/systemd/system/ctrl-alt-del.target echo "完成禁用ctrl+alt+del重启" echo "===========================================================" sleep 3 } function historyset(){ echo "========================history优化========================" chk_his=$(cat /etc/profile | grep HISTTIMEFORMAT |wc -l) if [ $chk_his -eq 0 ];then cat >> /etc/profile <<'EOF' #设置history格式 export HISTTIMEFORMAT="[%Y-%m-%d %H:%M:%S] [`whoami`] [`who am i|awk '{print $NF}'|sed -r 's#[()]##g'`]: " #记录shell执行的每一条命令 export PROMPT_COMMAND='\ if [ -z "$OLD_PWD" ];then export OLD_PWD=$PWD; fi; if [ ! -z "$LAST_CMD" ] && [ "$(history 1)" != "$LAST_CMD" ]; then logger -t `whoami`_shell_dir "[$OLD_PWD]$(history 1)"; fi; export LAST_CMD="$(history 1)"; export OLD_PWD=$PWD;' EOF source /etc/profile else echo "优化项已存在。" fi echo "完成history优化" echo "===========================================================" sleep 3 } function helloset(){ echo "========================欢迎界面优化========================" cat << EOF > /etc/profile.d/login-info.sh #!/bin/sh # # @Time : 2022-04-21 # @Author : chenby # @Desc : ssh login banner export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin shopt -q login_shell && : || return 0 echo -e "\033[0;32m # # ###### # # #### # # # # # # # ###### ##### # # # # # # # # # # # # # # # # # # # # ###### ###### ###### #### by chenby\033[0m" # os upSeconds="\$(cut -d. -f1 /proc/uptime)" secs=\$((\${upSeconds}%60)) mins=\$((\${upSeconds}/60%60)) hours=\$((\${upSeconds}/3600%24)) days=\$((\${upSeconds}/86400)) UPTIME_INFO=\$(printf "%d days, %02dh %02dm %02ds" "\$days" "\$hours" "\$mins" "\$secs") if [ -f /etc/redhat-release ] ; then PRETTY_NAME=\$(< /etc/redhat-release) elif [ -f /etc/debian_version ]; then DIST_VER=\$(</etc/debian_version) PRETTY_NAME="\$(grep PRETTY_NAME /etc/os-release | sed -e 's/PRETTY_NAME=//g' -e 's/"//g') (\$DIST_VER)" else PRETTY_NAME=\$(cat /etc/*-release | grep "PRETTY_NAME" | sed -e 's/PRETTY_NAME=//g' -e 's/"//g') fi if [[ -d "/system/app/" && -d "/system/priv-app" ]]; then model="\$(getprop ro.product.brand) \$(getprop ro.product.model)" elif [[ -f /sys/devices/virtual/dmi/id/product_name || -f /sys/devices/virtual/dmi/id/product_version ]]; then model="\$(< /sys/devices/virtual/dmi/id/product_name)" model+=" \$(< /sys/devices/virtual/dmi/id/product_version)" elif [[ -f /sys/firmware/devicetree/base/model ]]; then model="\$(< /sys/firmware/devicetree/base/model)" elif [[ -f /tmp/sysinfo/model ]]; then model="\$(< /tmp/sysinfo/model)" fi MODEL_INFO=\${model} KERNEL=\$(uname -srmo) USER_NUM=\$(who -u | wc -l) RUNNING=\$(ps ax | wc -l | tr -d " ") # disk totaldisk=\$(df -h -x devtmpfs -x tmpfs -x debugfs -x aufs -x overlay --total 2>/dev/null | tail -1) disktotal=\$(awk '{print \$2}' <<< "\${totaldisk}") diskused=\$(awk '{print \$3}' <<< "\${totaldisk}") diskusedper=\$(awk '{print \$5}' <<< "\${totaldisk}") DISK_INFO="\033[0;33m\${diskused}\033[0m of \033[1;34m\${disktotal}\033[0m disk space used (\033[0;33m\${diskusedper}\033[0m)" # cpu cpu=\$(awk -F':' '/^model name/ {print \$2}' /proc/cpuinfo | uniq | sed -e 's/^[ \t]*//') cpun=\$(grep -c '^processor' /proc/cpuinfo) cpuc=\$(grep '^cpu cores' /proc/cpuinfo | tail -1 | awk '{print \$4}') cpup=\$(grep '^physical id' /proc/cpuinfo | wc -l) CPU_INFO="\${cpu} \${cpup}P \${cpuc}C \${cpun}L" # get the load averages read one five fifteen rest < /proc/loadavg LOADAVG_INFO="\033[0;33m\${one}\033[0m / \${five} / \${fifteen} with \033[1;34m\$(( cpun*cpuc ))\033[0m core(s) at \033[1;34m\$(grep '^cpu MHz' /proc/cpuinfo | tail -1 | awk '{print \$4}')\033 MHz" # mem MEM_INFO="\$(cat /proc/meminfo | awk '/MemTotal:/{total=\$2/1024/1024;next} /MemAvailable:/{use=total-\$2/1024/1024; printf("\033[0;33m%.2fGiB\033[0m of \033[1;34m%.2fGiB\033[0m RAM used (\033[0;33m%.2f%%\033[0m)",use,total,(use/total)*100);}')" # network # extranet_ip=" and \$(curl -s ip.cip.cc)" IP_INFO="\$(ip a | grep glo | awk '{print \$2}' | head -1 | cut -f1 -d/)\${extranet_ip:-}" # Container info CONTAINER_INFO="\$(sudo /usr/bin/crictl ps -a -o yaml 2> /dev/null | awk '/^ state: /{gsub("CONTAINER_", "", \$NF) ++S[\$NF]}END{for(m in S) printf "%s%s:%s ",substr(m,1,1),tolower(substr(m,2)),S[m]}')Images:\$(sudo /usr/bin/crictl images -q 2> /dev/null | wc -l)" # info echo -e " Information as of: \033[1;34m\$(date +"%Y-%m-%d %T")\033[0m \033[0;1;31mProduct\033[0m............: \${MODEL_INFO} \033[0;1;31mOS\033[0m.................: \${PRETTY_NAME} \033[0;1;31mKernel\033[0m.............: \${KERNEL} \033[0;1;31mCPU\033[0m................: \${CPU_INFO} \033[0;1;31mHostname\033[0m...........: \033[1;34m\$(hostname)\033[0m \033[0;1;31mIP Addresses\033[0m.......: \033[1;34m\${IP_INFO}\033[0m \033[0;1;31mUptime\033[0m.............: \033[0;33m\${UPTIME_INFO}\033[0m \033[0;1;31mMemory\033[0m.............: \${MEM_INFO} \033[0;1;31mLoad Averages\033[0m......: \${LOADAVG_INFO} \033[0;1;31mDisk Usage\033[0m.........: \${DISK_INFO} \033[0;1;31mUsers online\033[0m.......: \033[1;34m\${USER_NUM}\033[0m \033[0;1;31mRunning Processes\033[0m..: \033[1;34m\${RUNNING}\033[0m \033[0;1;31mContainer Info\033[0m.....: \${CONTAINER_INFO} " EOF echo "===========================================================" sleep 3 } function sshset(){ echo "========================root登录优化========================" echo "生产环境不建议开启 设置root密码" read -p "输入root密码" rootpw echo "root:$rootpw" |chpasswd echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config systemctl restart sshd echo "root密码修改为$rootpw" echo "===========================================================" sleep 3 } function allin() { if [ "$os" = "\"centos\"" ]; then selinuxset firewalldset limitsset yumset restartset historyset helloset fi if [ "$os" = "ubuntu" ]; then sshset ufwset limitsset aptset restartset historyset helloset fi } function menu() { clear echo "#####################################################################" echo -e "# ${RED}一键基础优化脚本${PLAIN} #" echo -e "# ${GREEN}作者${PLAIN}: chenby #" echo -e "# ${GREEN}网址${PLAIN}: https://www.oiox.cn #" echo -e "# ${GREEN}版本${PLAIN}: V1.0 #" echo -e "# ${GREEN}说明${PLAIN}: #" echo -e "# #" echo "####################################################################" echo " -------------" echo -e " ${GREEN}1.${PLAIN} 一键优化" echo " -------------" echo -e " ${GREEN}2.${PLAIN} 自定义优化" echo " -------------" echo -e " ${GREEN}0.${PLAIN} 退出" echo " -------------" read -p " 请选择操作[0-2]:" chenby case $chenby in 0) exit 0 ;; 1) allin ;; 2) setun ;; *) colorEcho $RED " 请选择正确的操作!" exit 1 ;; esac } function setun() { echo " -------------" echo -e " ${GREEN}1.${PLAIN} 禁用SELINUX" echo " -------------" echo -e " ${GREEN}2.${PLAIN} 关闭firewalld" echo " -------------" echo -e " ${GREEN}3.${PLAIN} 关闭ufw" echo " -------------" echo -e " ${GREEN}4.${PLAIN} 修改文件描述符" echo " -------------" echo -e " ${GREEN}5.${PLAIN} 开始修改YUM源" echo " -------------" echo -e " ${GREEN}6.${PLAIN} 开始修改APT源" echo " -------------" echo -e " ${GREEN}7.${PLAIN} 禁用ctrl+alt+del重启" echo " -------------" echo -e " ${GREEN}8.${PLAIN} history优化" echo " -------------" echo -e " ${GREEN}9.${PLAIN} 欢迎界面优化" echo " -------------" echo -e " ${GREEN}10.${PLAIN} 设置root密码" echo " -------------" echo -e " ${GREEN}0.${PLAIN} 退出" echo " -------------" read -p " 请选择操作[0-2]:" cby case $cby in 0) exit 0 ;; 1) if [ "$os" = "\"centos\"" ]; then selinuxset fi if [ "$os" = "ubuntu" ]; then echo 'Ubuntu无需设置' fi ;; 2) if [ "$os" = "\"centos\"" ]; then firewalldset fi if [ "$os" = "ubuntu" ]; then echo 'Ubuntu无需设置' fi ;; 3) if [ "$os" = "\"centos\"" ]; then echo 'CentOS无需设置' fi if [ "$os" = "ubuntu" ]; then ufwset fi ;; 4) limitsset ;; 5) if [ "$os" = "\"centos\"" ]; then yumset fi if [ "$os" = "ubuntu" ]; then echo 'Ubuntu无需设置' fi ;; 6) if [ "$os" = "\"centos\"" ]; then echo 'CentOS无需设置' fi if [ "$os" = "ubuntu" ]; then aptset fi ;; 7) restartset ;; 8) historyset ;; 9) helloset ;; 10) if [ "$os" = "\"centos\"" ]; then echo 'CentOS无需设置' fi if [ "$os" = "ubuntu" ]; then sshset fi ;; *) colorEcho $RED " 请选择正确的操作!" exit 1 ;; esac } if [ $(id -u) -eq 0 ];then menu else echo "非root用户!请使用root用户!!!" exit 1 fi 技术交流作者: 加群: 关于https://www.oiox.cn/https://www.oiox.cn/index.php/start-page.htmlCSDN、GitHub、知乎、开源中国、思否、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客全网可搜《小陈运维》文章主要发布于微信公众号
-
安装KubeOperator并导入现有集群进行管理 安装KubeOperator并导入现有集群进行管理介绍KubeOperator 是一个开源的轻量级 Kubernetes 发行版,专注于帮助企业规划、部署和运营生产级别的 Kubernetes 集群。KubeOperator 提供可视化的 Web UI,支持离线环境,支持物理机、VMware、OpenStack 和 FusionCompute 等 IaaS 平台,支持 x86 和 ARM64 架构,支持 GPU,内置应用商店,已通过 CNCF 的 Kubernetes 软件一致性认证。KubeOperator 使用 Terraform 在 IaaS 平台上自动创建主机(用户也可以自行准备主机,比如物理机或者虚机),通过 Ansible 完成自动化部署和变更操作,支持 Kubernetes 集群 从 Day 0 规划,到 Day 1 部署,到 Day 2 运营的全生命周期管理。安装root@hello:~# curl -sSL https://github.com/KubeOperator/KubeOperator/releases/latest/download/quick_start.sh | sh ...略... ======================= KubeOperator 安装完成 ======================= 请开放防火墙或安全组的80,8081-8083端口,通过以下方式访问: URL: http://$LOCAL_IP:80 用户名: admin 初始密码: kubeoperator@admin123 root@hello:~# root@hello:~# koctl status Name Command State Ports ----------------------------------------------------------------------------------------------------------------------------------------------- kubeoperator_kobe sh /root/entrypoint.sh Up (healthy) 8080/tcp kubeoperator_kotf kotf-server Up (healthy) 8080/tcp kubeoperator_kubepi kubepi-server Up (healthy) 80/tcp kubeoperator_mysql /entrypoint.sh mysqld Up (healthy) 3306/tcp, 33060/tcp kubeoperator_nexus sh -c ${SONATYPE_DIR}/star ... Up (healthy) 0.0.0.0:8081->8081/tcp,:::8081->8081/tcp, 0.0.0.0:8082->8082/tcp,:::8082->8082/tcp, 0.0.0.0:8083->8083/tcp,:::8083->8083/tcp kubeoperator_nginx /docker-entrypoint.sh /bin ... Up (healthy) 0.0.0.0:80->80/tcp,:::80->80/tcp kubeoperator_server ko-server Up (healthy) 8080/tcp kubeoperator_ui /docker-entrypoint.sh ngin ... Up (healthy) 80/tcp kubeoperator_webkubectl sh /opt/webkubectl/start-w ... Up (healthy) root@hello:~# 登陆地址: http://<ko服务器_ip>:80 用户名: admin 密码: kubeoperator@admin123导入集群# 获取 Api Server [root@k8s-master01 ~]# cat ~/.kube/config | grep server: | awk '{print $2}' https://192.168.1.69:8443 # 获取 Router # 若使用kubeadm安装可以使用如下命令进行查看 ,若二进制安装使用节点IP即可 [root@k8s-master01 ~]# kubectl -n kube-system get pod -o wide | grep kube-proxy [root@k8s-master01 ~]# # 获取 Token [root@k8s-master01 ~]# vim 123.yaml [root@k8s-master01 ~]# cat 123.yaml apiVersion: v1 kind: ServiceAccount metadata: name: kubeoperator-user namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: kubeoperator-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: kubeoperator-user namespace: kube-system [root@k8s-master01 ~]# [root@k8s-master01 ~]# kubectl apply -f 123.yaml serviceaccount/kubeoperator-user created clusterrolebinding.rbac.authorization.k8s.io/kubeoperator-user created [root@k8s-master01 ~]# [root@k8s-master01 ~]# # 1.23 以及以下可以使用如下命令查看 [root@k8s-master01 ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kubeoperator-user | awk '{print $1}') | grep token: | awk '{print $2}' [root@k8s-master01 ~]# [root@k8s-master01 ~]# # 1.24 版本使用如下命令创建token [root@k8s-master01 ~]# kubectl -n kube-system create token kubeoperator-user eyJhbGciOiJSUzI1NiIsImtpZCI6Ik9fdmIzY3ZjU2w0V3ZuUXl2bExBN2tZYlh3bFV2MTliZElSd0hvMnN6SXMifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNjU4ODk4MTE5LCJpYXQiOjE2NTg4OTQ1MTksImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJrdWJlb3BlcmF0b3ItdXNlciIsInVpZCI6ImZhOGJmZjJjLWIyYjYtNDAxMS1iODAzLTY4MDVmZDYwZjMxOSJ9fSwibmJmIjoxNjU4ODk0NTE5LCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06a3ViZW9wZXJhdG9yLXVzZXIifQ.HvLQlMW_aJ2TDlyE-aM9UiDKl3QHAod9oUQZaHBI97-nLc3aoUdKsGrhICD42ud_Qcn_vFhUvJkPvBi_5esqKCB9LPF-cUhyyj0TxRIH_rTfUdzmDeYUVn3rfg0jlGkXRhzpJMLIRpsK_RB0StbDR4WxfhdnpRkFz-7YgtsRUfRZXG4AF6HNzt1ZWEA3ZVv779TqJemBUTmwJGB9OdyYkKTnGNy4tDGfryZsfW7zN-FhdVugd_7-_lNlFrLZWwrN3fUYPSZLGqulvy7BBpIBO16pBtIA0Qi0bkNdkSpu5a2RNjpMtXKVRYy7M--mQ4EaEod4aCZDuDhMz2S-75VwDA [root@k8s-master01 ~]# 关于https://www.oiox.cn/https://www.oiox.cn/index.php/start-page.htmlCSDN、GitHub、知乎、开源中国、思否、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客全网可搜《小陈运维》文章主要发布于微信公众号
-
kubernetes (k8s) 二进制高可用安装 kubernetes (k8s) 二进制高可用安装https://github.com/cby-chen/Kubernetes 开源不易,帮忙点个star,谢谢了GitHub访问不通畅可以访问国内GitEE https://gitee.com/cby-inc/Kubernetes常见异常安装会出现kubelet异常,无法识别 --node-labels 字段问题,原因如下。将 --node-labels=node.kubernetes.io/node='' 替换为 --node-labels=node.kubernetes.io/node= 将 '' 删除即可。注意hosts配置文件中主机名和IP地址对应在文档7.2,却记别忘记执行kubectl create -f bootstrap.secret.yaml命令介绍kubernetes(k8s)二进制高可用安装部署,支持IPv4+IPv6双栈。我使用IPV6的目的是在公网进行访问,所以我配置了IPV6静态地址。若您没有IPV6环境,或者不想使用IPv6,不对主机进行配置IPv6地址即可。不配置IPV6,不影响后续,不过集群依旧是支持IPv6的。为后期留有扩展可能性。若不要IPv6 ,不给网卡配置IPv6即可,不要对IPv6相关配置删除或操作,否则会出问题。强烈建议在Github上查看文档。Github出问题会更新文档,并且后续尽可能第一时间更新新版本文档。当前文档版本1.21.13 和 1.22.10 和 1.23.3 和 1.23.4 和 1.23.5 和 1.23.6 和 1.23.7 和 1.24.0 和 1.24.1 和 1.24.2 和 1.24.3 ...陆续更新。访问地址https://github.com/cby-chen/Kubernetes/手动项目地址:https://github.com/cby-chen/Kubernetes脚本项目地址:https://github.com/cby-chen/Binary_installation_of_Kubernetes文档二进制安装每个版本文档1.23版本v1.23.3-CentOS-binary-installv1.23.4-CentOS-binary-installv1.23.5-CentOS-binary-installv1.23.6-CentOS-binary-install1.24版本v1.24.0-CentOS-binary-install-IPv6-IPv4.mdv1.24.1-CentOS-binary-install-IPv6-IPv4.mdv1.24.2-CentOS-binary-install-IPv6-IPv4.mdv1.24.3-CentOS-binary-install-IPv6-IPv4.md三主俩从版本v1.21.13-CentOS-binary-install-IPv6-IPv4-Three-Masters-Two-Slaves.mdv1.22.10-CentOS-binary-install-IPv6-IPv4-Three-Masters-Two-Slaves.mdv1.23.7-CentOS-binary-install-IPv6-IPv4-Three-Masters-Two-Slaves.mdv1.24.0-CentOS-binary-install-IPv6-IPv4-Three-Masters-Two-Slaves.mdv1.24.1-CentOS-binary-install-IPv6-IPv4-Three-Masters-Two-Slaves.mdv1.24.1-Ubuntu-binary-install-IPv6-IPv4-Three-Masters-Two-Slaves.md修复kube-proxy证书权限过大问题kube-proxy_permissions.md使用kubeadm初始化IPV4/IPV6集群kubeadm-install-IPV6-IPV4.mdIPv4集群启用IPv6功能,关闭IPv6则反之Enable-implement-IPv4-IPv6.md安装包(下载更快)我自己的网盘:https://pan.oiox.cn/s/PetV(下载更快)123网盘:https://www.123pan.com/s/Z8ArVv-PG60d每个初始版本会打上releases,安装包在releases页面https://github.com/cby-chen/Kubernetes/releases注意:1.23.3 版本当时没想到会后续更新,所以当时命名不太规范。wget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/cby/Kubernetes.tarwget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.23.4/kubernetes-v1.23.4.tarwget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.23.5/kubernetes-v1.24.5.tarwget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.23.6/kubernetes-v1.23.6.tarwget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.23.7/kubernetes-v1.23.7.tarwget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.24.0/kubernetes-v1.24.0.tarwget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.24.1/kubernetes-v1.24.1.tarwget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.24.2/kubernetes-v1.24.2.tarwget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.24.3/kubernetes-v1.24.3.tarwget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.22.10/kubernetes-v1.22.10.tarwget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.21.13/kubernetes-v1.21.13.tar旧版本地址建议查看main版本中的文档。https://github.com/cby-chen/Kubernetes/若找对应版本文档中的安装包,可以在上方下载安装包,可以在在下方地址中查找。https://github.com/cby-chen/Kubernetes/tree/cbyhttps://github.com/cby-chen/Kubernetes/tree/v1.23.4https://github.com/cby-chen/Kubernetes/tree/v1.23.5https://github.com/cby-chen/Kubernetes/tree/v1.23.6https://github.com/cby-chen/Kubernetes/tree/v1.23.7https://github.com/cby-chen/Kubernetes/tree/v1.24.0https://github.com/cby-chen/Kubernetes/tree/v1.24.1https://github.com/cby-chen/Kubernetes/tree/v1.24.2https://github.com/cby-chen/Kubernetes/tree/v1.24.3https://github.com/cby-chen/Kubernetes/tree/v1.22.10https://github.com/cby-chen/Kubernetes/tree/v1.21.13其他建议在 Kubernetes 查看文档,后续会陆续更新文档小陈网站:https://blog.oiox.cn/https://www.oiox.cn/https://www.chenby.cn/https://cby-chen.github.io/关于小陈:https://www.oiox.cn/index.php/start-page.html技术交流作者: 加群: 其他文档请查看如下,欢迎关注微信公众号:https://www.oiox.cn/https://www.oiox.cn/index.php/start-page.htmlCSDN、GitHub、知乎、开源中国、思否、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客全网可搜《小陈运维》文章主要发布于微信公众号
-
二进制安装高可用k8s脚本 手动部署:https://github.com/cby-chen/Kubernetes声明,该脚本不及互联网上其他大佬的一件脚本,该脚本仅仅是突发奇想编写的,希望大佬不喜勿喷。这个脚本执行环境比较苛刻,我写的这个脚本比较垃圾,还未能达到各种环境下都可以执行。 当前脚本Kubernetes集群,以及lb负载均衡,需要在CentOS系统,执行脚本节点可以选择Ubuntu或者CentOS系统。 当前脚本中引用的Kubernetes二进制包是v1.23.3 v1.23.4 v1.23.5 v1.23.6. v1.24.0 v1.24.1 v1.24.2主机名称IP地址说明软件Master01192.168.1.81master节点kube-apiserver、kube-controller-manager、kube-scheduler、etcd、kubelet、kube-proxy、nfs-clientMaster02192.168.1.82master节点kube-apiserver、kube-controller-manager、kube-scheduler、etcd、kubelet、kube-proxy、nfs-clientMaster03192.168.1.83master节点kube-apiserver、kube-controller-manager、kube-scheduler、etcd、kubelet、kube-proxy、nfs-clientNode01192.168.1.84node节点kubelet、kube-proxy、nfs-clientNode02192.168.1.85node节点kubelet、kube-proxy、nfs-clientNode03192.168.1.86node节点kubelet、kube-proxy、nfs-clientNode04192.168.1.87node节点kubelet、kube-proxy、nfs-clientNode05192.168.1.88node节点kubelet、kube-proxy、nfs-clientLb01192.168.1.80node节点kubelet、kube-proxy、nfs-clientLb02192.168.1.90node节点kubelet、kube-proxy、nfs-client 192.168.1.89vip cby192.168.1.60执行脚本节点bash作者:陈步云 微信:15648907522脚本项目地址:https://github.com/cby-chen/Binary_installation_of_Kubernetes手动项目地址:https://github.com/cby-chen/Kubernetes使用说明:该脚本示例需要八台服务器,在八台服务器中有一台是用于执行该脚本的, 另外有六台k8s服务器,其他俩台作为lb负载均衡服务器。 将其中服务器配置好静态IP,修改如下变量中的IP即可。 同时查看服务器中的网卡名,并将其修改。 执行脚本可使用bash -x 即可显示执行中详细信息。 该脚本已适配centos7和centos8。 脚本中hosts有俩处,记得修改。 在执行过程中,新开窗口输入 tail -f *.txt 可以查看到具体信息脚本中是需要在GitHub上下载软件包 手动提前下载好 wget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/cby/Kubernetes.tar wget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.23.4/kubernetes-v1.23.4.tar wget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.23.5/kubernetes-v1.23.5.tar wget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.23.6/kubernetes-v1.23.6.tar wget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.24.0/kubernetes-v1.24.0.tar wget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.24.1/kubernetes-v1.24.1.tar wget https://ghproxy.com/https://github.com/cby-chen/Kubernetes/releases/download/v1.24.2/kubernetes-v1.24.2.tar 下载脚本 备用1 wget https://raw.githubusercontent.com/cby-chen/Binary_installation_of_Kubernetes/main/Binary_installation_of_Kubernetes_v1.23.sh wget https://raw.githubusercontent.com/cby-chen/Binary_installation_of_Kubernetes/main/Binary_installation_of_Kubernetes_v1.24.sh 备用2 wget "https://cdn.jsdelivr.net/gh/cby-chen/Binary_installation_of_Kubernetes@master/Binary_installation_of_Kubernetes_v1.23.sh" wget "https://cdn.jsdelivr.net/gh/cby-chen/Binary_installation_of_Kubernetes@master/Binary_installation_of_Kubernetes_v1.24.sh" 备用3 wget https://www.oiox.cn/Binary_installation_of_Kubernetes_v1.23.sh wget https://www.oiox.cn/Binary_installation_of_Kubernetes_v1.24.sh 修改参数 vim Binary_installation_of_Kubernetes.sh 如下: #每个节点的IP,以及vip export k8s_master01="192.168.1.61" export k8s_master02="192.168.1.61" export k8s_master03="192.168.1.63" export k8s_node01="192.168.1.64" export k8s_node02="192.168.1.65" export k8s_node03="192.168.1.66" export k8s_node04="192.168.1.67" export k8s_node05="192.168.1.68" export lb_01="192.168.1.57" export lb_02="192.168.1.58" export lb_vip="192.168.1.59" #物理网络ip地址段,注意反斜杠转译 export ip_segment="192.168.1.0\/24" #k8s自定义域名 export domain="x.oiox.cn" #服务器网卡名 export eth="ens18" 修改hosts(有俩处) cat > /etc/hosts <<EOF 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 $k8s_master01 k8s-master01 $k8s_master02 k8s-master02 $k8s_master03 k8s-master03 $k8s_node01 k8s-node01 $k8s_node02 k8s-node02 $k8s_node03 k8s-node03 $k8s_node04 k8s-node04 $k8s_node05 k8s-node05 $lb_01 lb01 $lb_02 lb02 $lb_vip lb-vip EOF 执行脚本 bash -x Binary_installation_of_Kubernetes.sh dashboard查看端口号 kubectl get svc kubernetes-dashboard -n kubernetes-dashboard 查看token 1.23: kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}') 1.24: kubectl -n kubernetes-dashboard create token admin-user 更新2022-03更新 现已支持centos7 和centos8 自动适配 同时支持自定义k8s node节点结构 在变量中需要几台节点就写几台节点即可 注意的是,新增节点,要在脚本中的hosts中也要修改 不建议乱改。2022-04更新 优化执行结构 更新版本选择 适配多版本 修复BUG2022-04-06更新 修复 selinux 关闭异常2022-04-21更新 新增v1.23.6 并修复BUG2022-04-25更新 为了节省按安装,优化安装结构,并修复BUG2022-7-14更新: 修复升级内核问题 新增1.24版本关于https://www.oiox.cn/https://www.oiox.cn/index.php/start-page.htmlCSDN、GitHub、知乎、开源中国、思否、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客全网可搜《小陈运维》文章主要发布于微信公众号
