Delete 6-add_node.sh

script/k8s/6-add_node.sh

-#!/bin/bash
-etcd_ip=192.168.1.56
-master_ip=192.168.1.56
-harbor_host=192.168.1.56:5000
-new_node=192.168.1.58
-interface=eno1 
-#########################################################sshpass
-port=22
-password=seetatech
-for ip in $new_node
-do
-sshpass -p $password ssh-copy-id -i ~/.ssh/id_rsa.pub -p $port -o StrictHostKeyChecking=no root@$ip
-done
-########################################
-ansible new_node -m script -a "/root/k8s/script/k8s/1-init.sh"
-ansible new_node -m shell -a "mkdir /opt/kubernetes/{cfg,bin,ssl,log} -pv"
-scp /opt/kubernetes/ssl/ca* $new_node:/opt/kubernetes/ssl/
-#########################################flannel########################################
-ansible new_node -m copy -a "src=/opt/kubernetes/bin/mk-docker-opts.sh dest=/opt/kubernetes/bin/ mode=755"
-ansible new_node -m copy -a "src=/opt/kubernetes/bin/flanneld dest=/opt/kubernetes/bin/ mode=755"
-ansible new_node -m copy -a "src=/opt/kubernetes/ssl/etcd.pem dest=/opt/kubernetes/ssl/"
-ansible new_node -m copy -a "src=/opt/kubernetes/ssl/etcd-key.pem dest=/opt/kubernetes/ssl/"
-cat >>/opt/kubernetes/cfg/flanneld.$new_node<<EOF
-FLANNEL_OPTIONS="--etcd-endpoints=https://$etcd_ip:2379 \\
--etcd-cafile=/opt/kubernetes/ssl/ca.pem \\
--etcd-certfile=/opt/kubernetes/ssl/etcd.pem \\
---iface=$interface \\
--etcd-keyfile=/opt/kubernetes/ssl/etcd-key.pem"
-EOF
-ansible new_node -m copy -a "src=/opt/kubernetes/cfg/flanneld.$new_node dest=/opt/kubernetes/cfg/flanneld  mode=755"
-ansible new_node -m copy -a "src=/lib/systemd/system/flanneld.service dest=/lib/systemd/system/ mode=755"
-ansible new_node -m shell -a "systemctl daemon-reload"
-ansible new_node -m shell -a "service flanneld restart"
-ansible new_node -m shell -a "service flanneld status"
-ansible new_node -m shell -a "systemctl enable flanneld.service"
-#############################docker############################################
-echo "当前harbor仓库地址为$harbor_host,"
-sed -i s/harbor_host/$harbor_host/g /root/k8s/config/daemon.json
-echo "开始安装docker"
-ansible new_node -m shell -a "apt update --allow-insecure-repositories"
-ansible new_node -m shell -a "apt install docker-ce  -y --allow-unauthenticated"
-echo "拷贝docker.service到新node节点"
-ansible new_node -m copy -a "src=/root/k8s/service/docker.service dest=/lib/systemd/system/docker.service mode=755"
-ansible new_node -m shell -a "systemctl daemon-reload"
-echo "分发已修改的daemon.json文件"
-ansible new_node -m copy -a "src=/root/k8s/config/daemon.json dest=/etc/docker/"
-ansible new_node  -m shell -a "service docker restart"
-ansible new_node  -m shell -a "service docker status"
-ansible new_node -m shell -a "cat /etc/docker/daemon.json"
-echo "还原daemon.json模板文件"
-sed -i s/$harbor_host/harbor_host/g /root/k8s/config/daemon.json
-
-###########################################################################################
-ansible new_node -m copy -a "src=/root/k8s/bin/kube-proxy dest=/opt/kubernetes/bin/ mode=777"
-ansible new_node -m copy -a "src=/root/k8s/bin/kubelet dest=/opt/kubernetes/bin/ mode=777"
-ansible new_node -m copy -a "src=/root/k8s/service/kubelet.service dest=/lib/systemd/system/ mode=777"
-ansible new_node -m copy -a "src=/root/k8s/service/kubelet.service dest=/etc/systemd/system/ mode=777"
-ansible new_node -m copy -a "src=/root/k8s/service/kube-proxy.service dest=/lib/systemd/system/ mode=777"
-ansible new_node -m shell -a "systemctl daemon-reload"
-#ansible new_node -m shell -a "systemctl enable kube-proxy.service"
-#######################################anonyous权限#########################################
-#kubectl create clusterrolebinding system:anonymous   --clusterrole=cluster-admin   --user=system:anonymous  #如果不创建 执行Kubectl exec -it 没权限
-#############################################################################################################
-#根据你自己的token.csv中的token值进行设定,切记该文件中只有前面内容是token。
-kubectl create clusterrolebinding kubelet-bootstrap --clusterrole=system:node-bootstrapper --user=kubelet-bootstrap
-BOOTSTRAP_TOKEN=`cat /opt/kubernetes/cfg/token.csv |awk -F ',' '{print $1}'`
-#设置集群参数
-kubectl config set-cluster kubernetes \
---certificate-authority=/opt/kubernetes/ssl/ca.pem \
---embed-certs=true \
---server=https://$master_ip:6443 \
---kubeconfig=bootstrap.kubeconfig
-#集群客户端认证参数
-kubectl config set-credentials kubelet-bootstrap \
---token=${BOOTSTRAP_TOKEN} \
---kubeconfig=bootstrap.kubeconfig
-#设置上下文参数
-kubectl config set-context default \
---cluster=kubernetes \
---user=kubelet-bootstrap \
---kubeconfig=bootstrap.kubeconfig
-#设置默认上下文
-kubectl config use-context default --kubeconfig=bootstrap.kubeconfig
-ansible new_node -m copy -a "src=/root/k8s/script/k8s/bootstrap.kubeconfig dest=/opt/kubernetes/cfg/ mode=644"
-ansible new_node -m copy -a "src=/opt/kubernetes/cfg/token.csv dest=/opt/kubernetes/cfg/"
-##############################################################################################
-for new_node_ip in $new_node
-do
-cat >>/opt/kubernetes/cfg/kubelet.$new_node_ip<<EOF
-KUBELET_OPTS="--logtostderr=false \
---v=4 \
---log-dir=/opt/kubernetes/log \
---kubeconfig=/opt/kubernetes/cfg/kubelet.kubeconfig \
---bootstrap-kubeconfig=/opt/kubernetes/cfg/bootstrap.kubeconfig \
---config=/opt/kubernetes/cfg/kubelet.config \
---cert-dir=/opt/kubernetes/ssl \
---allow-privileged=true \
---pod-infra-container-image=$harbor_host/k8s/pause-amd64:3.0"
-EOF
-scp /opt/kubernetes/cfg/kubelet.$new_node_ip $new_node_ip:/opt/kubernetes/cfg/kubelet 
-cat >>/opt/kubernetes/cfg/kubelet.config.$new_node_ip<<EOF
-kind: KubeletConfiguration
-apiVersion: kubelet.config.k8s.io/v1beta1
-address: $new_node_ip
-port: 10250
-cgroupDriver: cgroupfs
-clusterDNS:
-- 10.0.0.2
-clusterDomain: cluster.local.
-failSwapOn: false
-authentication:
-  anonymous:
-      enabled: false
-  x509:
-      clientCAFile: /opt/kubernetes/ssl/ca.pem
-EOF
-scp /opt/kubernetes/cfg/kubelet.config.$new_node_ip $new_node_ip:/opt/kubernetes/cfg/kubelet.config
-cat >>/opt/kubernetes/cfg/kube-proxy.$new_node_ip<<EOF
-
-KUBE_PROXY_OPTS="--logtostderr=false \
---v=4 \
---log-dir=/opt/kubernetes/log \
---cluster-cidr=10.0.0.0/24 \
---kubeconfig=/opt/kubernetes/cfg/kube-proxy.kubeconfig"
-EOF
-scp /opt/kubernetes/cfg/kube-proxy.$new_node_ip $new_node_ip:/opt/kubernetes/cfg/kube-proxy
-done
-
-##################################################################################
-#ansible new_node -m shell -a "apt install -y ipvsadm ipset conntrack"
-ansible new_node -m copy -a "src=/root/k8s/ssl/kube-proxy.pem dest=/opt/kubernetes/ssl/"
-ansible new_node -m copy -a "src=/root/k8s/ssl/kube-proxy-key.pem dest=/opt/kubernetes/ssl/"
-
-
-kubectl config set-cluster kubernetes \
---certificate-authority=/opt/kubernetes/ssl/ca.pem \
---embed-certs=true \
---server=https://$master_ip:6443 \
---kubeconfig=kube-proxy.kubeconfig
-
-kubectl config set-credentials kube-proxy \
---client-certificate=/root/k8s/ssl/kube-proxy.pem \
---client-key=/root/k8s/ssl/kube-proxy-key.pem \
---embed-certs=true \
---kubeconfig=kube-proxy.kubeconfig
-
-kubectl config set-context default \
---cluster=kubernetes \
---user=kube-proxy \
---kubeconfig=kube-proxy.kubeconfig
-
-kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig
-
-ansible new_node -m copy -a "src=/root/k8s/script/k8s/kube-proxy.kubeconfig dest=/opt/kubernetes/cfg/"
-ansible new_node -m shell -a "service kube-proxy restart"
-ansible new_node -m shell -a "service kubelet restart"
-ansible new_node -m shell -a "service kubelet status"
-sleep 5
-kubectl get csr 
-kubectl get csr|grep 'Pending' | awk 'NR>0{print $1}'| xargs kubectl certificate approve
-#######################开机启动################################
-ansible new_node -m shell -a "systemctl enable kubelet.service"
-ansible new_node -m shell -a "systemctl enable kube-proxy.service"