如何利用python脚本自动部署k8s

时间:2021-09-09 01:45:38

一、准备

  • 通过之前在Ubuntu18.04上手动部署过k8s之后,尝试用python脚本进行自动化部署
  • 这次用的是三台centos7的虚拟机,一台作为master执行脚本,两台作为node节点
  • 三台机器都配置好静态IP,可以参考之前的在centos 7中安装配置k8s集群的步骤详解

 二、编辑脚本

1、k8s.sh

放在/root下,用于从dockerhub拉取镜像。

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
set -o errexit
set -o nounset
set -o pipefail
 
##这里定义版本,按照上面得到的列表自己改一下版本号
 
KUBE_VERSION=v1.21.3
KUBE_PAUSE_VERSION=3.4.1
ETCD_VERSION=3.4.13-0
 
##这是原始仓库名,最后需要改名成这个
GCR_URL=k8s.gcr.io
 
##这里就是写你要使用的仓库
DOCKERHUB_URL=gotok8s
 
##这里是镜像列表,新版本要把coredns改成coredns/coredns
images=(
kube-proxy:${KUBE_VERSION}
kube-scheduler:${KUBE_VERSION}
kube-controller-manager:${KUBE_VERSION}
kube-apiserver:${KUBE_VERSION}
pause:${KUBE_PAUSE_VERSION}
etcd:${ETCD_VERSION}
)
 
##这里是拉取和改名的循环语句
for imageName in ${images[@]} ; do
docker pull $DOCKERHUB_URL/$imageName
docker tag $DOCKERHUB_URL/$imageName $GCR_URL/$imageName
docker rmi $DOCKERHUB_URL/$imageName
done
docker pull coredns/coredns:1.8.0
docker tag coredns/coredns:1.8.0 k8s.gcr.io/coredns/coredns:v1.8.0
docker rmi coredns/coredns:1.8.0

2、k8s_install.py

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
#!/bin/python3
# -*- coding:utf-8 -*-
# author: fanb
# describe: K8S v1.21.2 一键脚本安装
import os
import subprocess
import time
 
 
class k8s_install(object):
    def __init__(self,masterip,nodeip):
        self.masterip = masterip
        self.nodeip = nodeip
 
    def initialization_shell(self): #环境初始化shell
        # 关闭防火墙
        setenforce = "setenforce  0"
        sed_selinux = "sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux"
        sed_selinux1 = "sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config"
        sed_selinux2 = "sed -i 's/^SELINUX=permissive/SELINUX=disabled/g' /etc/sysconfig/selinux"
        sed_selinux3 = "sed -i 's/^SELINUX=permissive/SELINUX=disabled/g' /etc/selinux/config"
        stop_firewalld = "systemctl stop firewalld"
        disable_firewalld = "systemctl disable firewalld"
        swapoff_a = "swapoff -a"
        sed_swapoff = "sed -i 's/.*swap.*/#&/' /etc/fstab"
 
        #在所有服务器配置国内yum源
        yum_install = "yum install -y wget  git chrony yum-utils device-mapper-persistent-data lvm2 ipset ipvsadm > /dev/null 2>&1"
        mkdir_repo = "mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak > /dev/null 2>&1"
        wget_centos = "wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo > /dev/null 2>&1"
        wget_epel = "wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo > /dev/null 2>&1"
        wget_docker = "wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo > /dev/null 2>&1"
 
 
        kubernetes_repo = """
cat /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
"""
 
        yum_clean = "yum -y makecache > /dev/null 2>&1"
        yum_makecahe = "yum -y makecache > /dev/null 2>&1"
        #修改内核参数,由于ipvs已经加入到了内核的主干,所以为kube-proxy开启ipvs的前提需要加载以下的内核模块
        modprobe_netfilter = "modprobe br_netfilter"
        br_netfilter = "echo 'br_netfilter' > /etc/modules-load.d/br_netfilter.conf"
 
        k8s_conf = """
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness=0
EOF
"""
 
        limits_conf = """
cat > /etc/security/limits.conf << EOF
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
* hard nproc 65536
* soft  memlock  unlimited
* hard memlock  unlimited
DefaultLimitNOFILE=102400
DefaultLimitNPROC=102400
EOF
"""
        sysctl_k8s = "sysctl -p /etc/sysctl.d/k8s.conf > /dev/null 2>&1"
 
        #时间同步
        enable_chronyd = "systemctl enable chronyd.service"
        start_chronyd = "systemctl start chronyd.service"
        set_timezone = "timedatectl set-timezone Asia/Shanghai"
        ntpdate = "ntpdate ntp1.aliyun.com > /dev/null 2>&1"
        chronyc_sources = "chronyc sources > /dev/null 2>&1"
 
        #安装docker,kubelet
        remove_docker = "yum remove -y docker docker-ce docker-common docker-selinux docker-engine > /dev/null 2>&1"
        install_docker = "yum install -y docker-ce > /dev/null 2>&1"
        start_docker = "systemctl start docker > /dev/null 2>&1"
 
        docker_reload = "systemctl daemon-reload > /dev/null 2>&1"
        enable_docker = "systemctl enable docker  > /dev/null 2>&1"
        restart_docker = "systemctl restart docker > /dev/null 2>&1"
 
        install_kubelet = "yum install -y kubelet-1.21.2 kubeadm-1.21.2 kubectl-1.21.2 --disableexcludes=kubernetes > /dev/null 2>&1"
        enable_kubelet = "systemctl enable kubelet > /dev/null 2>&1"
        start_kubelet = "systemctl start kubelet > /dev/null 2>&1"
        return setenforce,sed_selinux,sed_selinux1,sed_selinux2,sed_selinux3,stop_firewalld,disable_firewalld,swapoff_a,sed_swapoff,yum_install,\
               mkdir_repo,wget_centos,wget_epel,wget_docker,kubernetes_repo,yum_clean,yum_makecahe,modprobe_netfilter,br_netfilter,k8s_conf,limits_conf,\
               sysctl_k8s,enable_chronyd,start_chronyd,set_timezone,ntpdate,chronyc_sources,remove_docker,install_docker,start_docker,docker_reload,enable_docker,restart_docker,\
               install_kubelet,enable_kubelet,start_kubelet
 
    def shell_command(self):
        masterip_list = self.masterip.split(',')
        nodeip_list = self.nodeip.split(',')
        token_creat = ()
        token_code = ()
        name_num = 0
        node_num = 0
        dir0 = '''echo '{
 "exec-opts":["native.cgroupdriver=systemd"]
}' > /etc/docker/daemon.json'''
        dir1 = '''echo 'export KUBECONFIG=/etc/kubernetes/admin.conf' >> /etc/profile'''
        dir2 = '''echo '199.232.68.133 raw.githubusercontent.com' >> /etc/hosts'''
        dir3 = '''echo '{
  "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}' > /etc/docker/daemon.json'''
        # #自动添加策略,保存服务器的主机名和密钥信息,如果不添加,那么不再本地know_hosts文件中记录的主机将无法连接
 
        for masterip in masterip_list:
            name_num += 1
            hosts_name = ""
            if masterip == masterip_list[0]:  # 如果是当前单节点
                print("*"*20,"进入Master节点操作,当前IP: %s" %masterip)
                master_name = "master0%s" % name_num
                #设置名字
                hostname = os.system("hostname %s"%master_name)
                etc_hostname =  os.system("echo '%s' > /etc/hostname" % master_name)
                #设置hosts
                master_host = masterip + "  " + master_name
                etc_hosts = os.system("echo '%s' >> /etc/hosts" % master_host)
                for hosts in nodeip_list:
                    name_num += 1
                    hosts_name += hosts + "  node0%s" % (name_num - 1) + "\n"
                os.system("cat >> /etc/hosts <<EOF \n%sEOF\n" % hosts_name)
                    
                print("*"*20,"进入环境初始化,请耐心等待....")
                for shell in self.initialization_shell():
                    time.sleep(1)
                    env_init = os.system(shell)
                print("*"*20,"环境初始化完成,安装kubernetes...")
                #设置hosts
                #集群初始化
                registry = os.system("%s" %dir3)
                restart_docker = os.system("systemctl restart docker")
                dockerpull = os.system("sh /root/k8s.sh")
                docker_problem = os.system("%s" %dir0)
                restart_docker = os.system("systemctl restart docker")
                status_docker = os.system("systemctl status docker")
                kubeadm_init = os.system("kubeadm init")
                
                export_root = os.system("export KUBECONFIG=/etc/kubernetes/admin.conf")
                config = os.system("%s" %dir1)
                source = os.system("source /etc/profile")
                
                mkdir_kube = os.system("mkdir -p /root/.kube")
                kube_config = os.system("cp -i /etc/kubernetes/admin.conf /root/.kube/config")
                
                kubelet_enable = os.system("systemctl enable kubelet")
                kubelet_start = os.system("systemctl start kubelet")
                
                manage_yaml = os.system("sed -i 's/.*- --port=0*/#&/' /etc/kubernetes/manifests/kube-controller-manager.yaml")
                scheduler_yaml = os.system("sed -i 's/.*- --port=0*/#&/' /etc/kubernetes/manifests/kube-scheduler.yaml")
               
                
                #配置flannel网络
                print("*" * 20, "正在安装网络组件flannel....")
                flannel_before = os.system("%s" %dir2)
                flannel_wget = os.system("wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml")
                yum_flannel = os.system("yum install -y flannel")
                flannel_apply = os.system("kubectl apply -f /root/kube-flannel.yml")
                print("*" * 20, "网络组件flannel安装完成....")
                
                token_creat = subprocess.getstatusoutput("kubeadm token create")
                token_code = subprocess.getstatusoutput("openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'")
                token_creat = token_creat[1].split('\n')[-1]
                token_code = token_code[1]
 
                # 安装从节点
                for nodeip in nodeip_list: 
                    os.system("scp -rp /etc/hosts %s:/etc/hosts" % nodeip)
                    print("*" * 20, "进入Node节点操作,当前IP: %s" % nodeip)
                    node_num += 1
                    node_name = "node0%s" % (node_num)
                    # 设置名字
                    os.system("ssh %s \"hostname %s\"" % (nodeip,node_name))
                    os.system("ssh %s \"echo '%s' > /etc/hostname\"" % (nodeip,node_name))
                    print("*" * 20, "进入环境初始化,请耐心等待....")
                    for shell in self.initialization_shell():
                        time.sleep(1)
                        os.system("ssh %s \"%s\"" %(nodeip,shell))
                    enable_node = os.system("ssh %s \"systemctl enable kubelet\"" %nodeip) 
                    start_node = os.system("ssh %s \"systemctl start kubelet\"" %nodeip)
                    admin = os.system("scp /etc/kubernetes/admin.conf %s:/root" %nodeip)
                    print("*" * 20, "正在加入集群....")
                    print("token_creat : ",token_creat)
                    print("token_code : ",token_code)
                    docker_problem = os.system("scp -r /etc/docker/daemon.json %s:/etc/docker" %nodeip)
                    restart_docker = os.system("ssh %s \"systemctl restart docker\"" %nodeip)
                    status_docker = os.system("ssh %s \"systemctl status docker\"" %nodeip)
                    kubeadm_join = os.system("ssh %s \"kubeadm join %s:6443 --token %s --discovery-token-ca-cert-hash sha256:%s\"" % (nodeip,masterip, str(token_creat), str(token_code)))
                    cni = os.system("scp -r /etc/cni %s:/etc" %nodeip)
                    print("*" * 20, "加入集群成功....")
                    
               
                print("*" * 20 ,"执行以下命令,检查K8s集群\n")
                print("*" * 20,"kubectl get nodes")
                print("*" * 20, "kubectl get cs")
                print("*" * 20, "kubectl get pod -n kube-system")
               
 
            else:   #否则就是集群模式
                print("进入集群模式安装")
                print("暂无")
                exit()
 
if __name__ == '__main__':
    # #用户输入IP:
    print("----------0、请先安装python3 并使用python3 执行此脚本------------")
    print("----------1、此脚本依赖网络,请连接好网络执行此脚本-----------")
    print("----------2、请将此脚本在主节点上执行,请在主节点上对其他所有节点做免密登录-----------")
    print("**********3、请确认主节点已对其他节点做好免密登录,再次确认后再执行此脚本**********")
    k8s_masterip = input("请输入K8S_Master IP, 多个IP以逗号分隔: ")
    k8s_nodeip = input("请输入K8S_node IP,多个IP以逗号分隔: ")
    ask_ent = input("**********   确认/取消 (Y/N) :")
    if ask_ent.upper() == "Y":
        k8s_install = k8s_install(k8s_masterip,k8s_nodeip)
        k8s_install.shell_command()
    else:
        exit()

三、配置ssh免密

?
1
2
3
[root@master ~]# ssh-keygen
[root@master ~]# ssh-copy-id 192.168.139.132
[root@master ~]# ssh-copy-id 192.168.139.133

四、下载python3和git

?
1
root@master ~]# vim k8s_install.py

五、执行脚本

?
1
[root@master ~]# python3 k8s_install.py

六、成功

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
******************** 执行以下命令,检查K8s集群
 
******************** kubectl get nodes
******************** kubectl get cs
******************** kubectl get pod -n kube-system
[root@master ~]# kubectl get nodes
NAME       STATUS   ROLES                  AGE     VERSION
master01   Ready    control-plane,master   7m2s    v1.21.2
node01     Ready    <none>                 3m30s   v1.21.2
node02     Ready    <none>                 25s     v1.21.2
[root@master ~]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME                 STATUS    MESSAGE             ERROR
scheduler            Healthy   ok                 
controller-manager   Healthy   ok                 
etcd-0               Healthy   {"health":"true"}  
[root@master ~]# kubectl get pod -n kube-system
NAME                               READY   STATUS              RESTARTS   AGE
coredns-558bd4d5db-fkqcb           0/1     ContainerCreating   0          6m52s
coredns-558bd4d5db-tvb7j           0/1     ContainerCreating   0          6m52s
etcd-master01                      1/1     Running             0          7m16s
kube-apiserver-master01            1/1     Running             0          7m16s
kube-controller-manager-master01   1/1     Running             0          7m12s
kube-flannel-ds-9hx9s              0/1     Init:0/1            0          43s
kube-flannel-ds-cl9r7              0/1     Init:0/1            0          3m49s
kube-flannel-ds-gn4m4              0/1     CrashLoopBackOff    5          6m52s
kube-proxy-cv5t8                   0/1     ContainerCreating   0          43s
kube-proxy-kjqm7                   0/1     ContainerCreating   0          3m49s
kube-proxy-plbgm                   1/1     Running             0          6m52s
kube-scheduler-master01            1/1     Running             0          7m13s

七、总结

参考:https://github.com/hxz5215/K8Sv1.18_install

根据GitHub上的python脚本源码结合之前在Ubuntu上配置k8s的经验,对脚本进行了一些改变。

安装了更新版本的k8s,我这里安装的是之前学习过程中安装过的 v1.21.2添加了一个从dockerhub拉取k8s所需镜像的脚本将calico换成了flannel网络插件删除了dashboard,因为我这里没有这个需求针对 IsDockerSystemdCheck 问题加入了解决脚本对于 kubeadm get cs 的unhealthy问题和 kubectl get nodes的notready问题都加入了解决脚本加入了通过ssh将admin.conf/etc/cni文件拷贝到node节点的脚本

到此这篇关于利用python脚本自动部署k8s的文章就介绍到这了,更多相关python自动部署k8s内容请搜索服务器之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持服务器之家!

原文链接:https://blog.csdn.net/qq_51287641/article/details/119549217