Commit 896e5757 by tingweiwang

Update add_node.sh

1 parent 2c93de0f
Showing with 11 additions and 18 deletions
......@@ -6,24 +6,26 @@ new_node=(
192.168.1.58
) #可以写多个node。每行一个。
interface=eno1
###############配置节点免密###########
###############配置节点免密###########################################################
port=22
password=seetatech
for ip in ${new_node[@]}
do
sshpass -p $password ssh-copy-id -i ~/.ssh/id_rsa.pub -p $port -o StrictHostKeyChecking=no root@$ip
done
##############根据new_node节点清单自动配置ansible hosts########
##############根据new_node节点清单自动配置ansible hosts################################
for ansible_new_node in ${new_node[@]}
do
if ! grep -qF "$ansible_new_node" /etc/hosts; then
cat >>./hosts<<EOF
$ip
EOF
else echo "您已配置该node:$ip 信息到ansible hosts文件,已跳过该步骤"
if ! grep -qF "$ansible_new_node" /etc/ansible/hosts; then
cat >>/etc/ansible/hosts<<EOF
$ansible_new_node
EOF
else echo "您已配置该node:$ansible_new_node 信息到ansible hosts文件,已跳过该步骤"
fi
done
########################################
echo "您有6s的时间,请确认当前ansible hosts为: "
cat /etc/ansible/hosts && sleep 6
########################执行初始化脚本以及配置##########################################
ansible new_node -m script -a "/root/k8s/script/k8s/backup/1-init.sh"
ansible new_node -m shell -a "mkdir /opt/kubernetes/{cfg,bin,ssl,log} -pv"
scp /opt/kubernetes/ssl/ca* $new_node:/opt/kubernetes/ssl/
......@@ -70,10 +72,6 @@ ansible new_node -m copy -a "src=/root/k8s/service/kubelet.service dest=/lib/sys
ansible new_node -m copy -a "src=/root/k8s/service/kubelet.service dest=/etc/systemd/system/ mode=777"
ansible new_node -m copy -a "src=/root/k8s/service/kube-proxy.service dest=/lib/systemd/system/ mode=777"
ansible new_node -m shell -a "systemctl daemon-reload"
#ansible new_node -m shell -a "systemctl enable kube-proxy.service"
#######################################anonyous权限#########################################
#kubectl create clusterrolebinding system:anonymous --clusterrole=cluster-admin --user=system:anonymous #如果不创建 执行Kubectl exec -it 没权限
#############################################################################################################
#根据你自己的token.csv中的token值进行设定,切记该文件中只有前面内容是token。
kubectl create clusterrolebinding kubelet-bootstrap --clusterrole=system:node-bootstrapper --user=kubelet-bootstrap
BOOTSTRAP_TOKEN=`cat /opt/kubernetes/cfg/token.csv |awk -F ',' '{print $1}'`
......@@ -140,11 +138,8 @@ scp /opt/kubernetes/cfg/kube-proxy.$new_node_ip $new_node_ip:/opt/kubernetes/cfg
done
##################################################################################
#ansible new_node -m shell -a "apt install -y ipvsadm ipset conntrack"
ansible new_node -m copy -a "src=/root/k8s/ssl/kube-proxy.pem dest=/opt/kubernetes/ssl/"
ansible new_node -m copy -a "src=/root/k8s/ssl/kube-proxy-key.pem dest=/opt/kubernetes/ssl/"
kubectl config set-cluster kubernetes \
--certificate-authority=/opt/kubernetes/ssl/ca.pem \
--embed-certs=true \
......@@ -161,9 +156,7 @@ kubectl config set-context default \
--cluster=kubernetes \
--user=kube-proxy \
--kubeconfig=kube-proxy.kubeconfig
kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig
ansible new_node -m copy -a "src=/root/k8s/script/k8s/kube-proxy.kubeconfig dest=/opt/kubernetes/cfg/"
ansible new_node -m shell -a "service kube-proxy restart"
ansible new_node -m shell -a "service kubelet restart"
......@@ -171,6 +164,6 @@ ansible new_node -m shell -a "service kubelet status"
sleep 5
kubectl get csr
kubectl get csr|grep 'Pending' | awk 'NR>0{print $1}'| xargs kubectl certificate approve
#######################开机启动################################
#######################开机启动#############################################################
ansible new_node -m shell -a "systemctl enable kubelet.service"
ansible new_node -m shell -a "systemctl enable kube-proxy.service"
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!