使用ansible部署docker,k8s
Kubernetes集群部署
vim /etc/hosts 添加(主节点,从节点)
修改ansible中的ansible.cfg文件
修改ansible中的hosts文件添加主机清单
这里的节点名称要与之后的playbook的哪些节点名称一样
ansbile建立免密连接发送公钥
使用ssh-keygen命令
vim 编辑一个send-pubkey的剧本
二、部署之前检查并设置环境
1 检查并设置环境
before-you-begin.yml
---
- name: 开始部署集群之前的检查和设置
hosts: k8s
gather_facts: no
tasks:
- name: 配置禁用 SELinux
shell: |
setenforce 0;
sed -ri '/^SELINUX=/ c SELINUX=disabled' /etc/selinux/config
tags:
- swap
- name: 关闭交互分区
shell:
cmd: swapoff -a; sed -ri 's/.*swap.*/#&/g' /etc/fstab
warn: no
tags:
- swap
- name: 创建模块配置文件 /etc/modules-load.d/k8s.conf
blockinfile:
path: /etc/modules-load.d/k8s.conf
create: yes
block: |
br_netfilter
- name: 确保节点上的 iptables 能够正确地查看桥接流量
blockinfile:
path: /etc/sysctl.d/k8s.conf
create: yes
block: |
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
- name: 执行加载模块的命令
shell: modprobe br_netfilter
- name: 检查 SELinux and Swap
shell: |
hostname > /tmp/host-info;
getenforce;free -m |grep 'Swap' >> /tmp/host-info;
lsmod | grep br_netfilter;sysctl --system |
grep 'k8s.conf' -A 2 >> /tmp/host-info;
- name: 获取 mac 信息并写入信息文件
shell: |
host=$(hostname);
ip link |
awk -v host=$host '/link\/ether/ {print $2, host}' >> /tmp/host-info ;
echo "---------------------------" >> /tmp/host-info
- name: 获取比对报告
fetch:
src: /tmp/host-info
dest: ./
...
三、部署 docker
vim docker/deploy-docker.yml
---
- name: deploy docker
hosts: k8s
gather_facts: no
vars:
pkg_dir: /yum-pkg
pkgs:
- device-mapper-persistent-data
- lvm2
- containerd.io-1.2.13
- docker-ce-19.03.11
- docker-ce-cli-19.03.11
download_host: "k8s-master"
local_pkg_dir: "{{ playbook_dir }}/{{ download_host }}"
tasks:
- name: 测试使用 -e 是否覆盖了变量
debug:
msg: "{{ local_pkg_dir }} {{ download_host }}"
tags:
- deploy
- test
- name: "只需要给 {{ download_host }}安装仓库文件"
when: inventory_hostname == download_host
get_url:
url: https://download.docker.com/linux/centos/docker-ce.repo
dest: /etc/yum.repos.d/docker-ce.repo
tags:
- deploy
- name: 创建存放 rmp 包的目录
when: inventory_hostname == download_host
file:
path: "{{ pkg_dir }}"
state: directory
tags:
- deploy
- name: 正在下载软件包
when: inventory_hostname == download_host
yum:
name: ["docker-ce", "docker-ce-cli", "containerd.io"]
download_only: yes
download_dir: "{{ pkg_dir }}"
tags:
- deploy
- name: 获取下载目录 "{{ pkg_dir }}" 中的文件列表
when: inventory_hostname == download_host
shell: ls -1 "{{ pkg_dir }}"
register: files
tags:
- deploy
- name: 把远程主机下载的软件包传输到 ansible 本地
when: inventory_hostname == download_host
fetch:
src: "{{ pkg_dir }}/{{ item }}"
dest: ./
loop: "{{files.stdout_lines}}"
tags:
- deploy
- name: 传输 rpm 包到远程节点
when: inventory_hostname != download_host
copy:
src: "{{ local_pkg_dir }}{{ pkg_dir }}"
dest: "/"
tags:
- deploy
- name: 正在执行从本地安装软件包
shell:
cmd: yum -y localinstall *
chdir: "{{ pkg_dir }}"
warn: no
async: 600
poll: 0
register: yum_info
tags:
- deploy
- name: 打印安装结果
debug: var=yum_info.ansible_job_id
tags:
- deploy
- name: 设置 /etc/docker/daemon.json
copy: src=file/daemon.json dest=/etc/docker/daemon.json
notify: restart docker
tags:
- starte
- update
- name: 启动 docker
systemd:
name: docker
enabled: yes
state: started
tags:
- start
handlers:
- name: restart docker
systemd:
name: docker
state: restarted
...
docker daemon 配置文件
docker/file/daemon.json
{
"registry-mirrors": ["https://自己的阿里云加速器.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
部署的时候执行:
ansible-playbook -i hosts docker/deploy-docker.yml -t deploy
启动 docker 服务 执行:
ansible-playbook -i hosts docker/deploy-docker.yml -t start
四、Ansible 进行部署环境检查
- deploy-kubeadm.yml
---
- name: Deploy kubeadm kubelet kubectl
hosts: k8s
gather_facts: no
vars:
pkg_dir: /kubeadm-pkg
pkg_names: ["kubelet", "kubeadm", "kubectl"]
download_host: "k8s-master"
local_pkg_dir: "{{ playbook_dir }}/{{ download_host }}"
tasks:
- name: 测试使用 -e 是否设置并覆盖了变量
debug:
msg: "{{ local_pkg_dir }} {{ download_host }}"
tags:
- deploy
- test
- name: "只需要给 {{ download_host }}安装仓库文件"
when: inventory_hostname == download_host
copy:
src: file/kubernetes.repo
dest: /etc/yum.repos.d/kubernetes.repo
tags:
- deploy
- name: 创建存放 rmp 包的目录
when: inventory_hostname == download_host
file:
path: "{{ pkg_dir }}"
state: directory
tags:
- deploy
- name: 下载软件包
when: inventory_hostname == download_host
yum:
name: "{{ pkg_names }}"
download_only: yes
download_dir: "{{ pkg_dir }}"
tags:
- deploy
- name: 获取下载目录 "{{ pkg_dir }}" 中的文件列表
when: inventory_hostname == download_host
shell: ls -1 "{{ pkg_dir }}"
register: files
tags:
- deploy
- name: 把远程主机下载的软件包传输到 ansible 本地
when: inventory_hostname == download_host
fetch:
src: "{{ pkg_dir }}/{{ item }}"
dest: ./
loop: "{{files.stdout_lines}}"
tags:
- deploy
- name: 传输 rpm 包到远程节点
when: inventory_hostname != download_host
copy:
src: "{{ local_pkg_dir }}{{ pkg_dir }}"
dest: "/"
tags:
- deploy
- name: 正在执行从本地安装软件包
shell:
cmd: yum -y localinstall *
chdir: "{{ pkg_dir }}"
warn: no
async: 600
poll: 0
register: yum_info
tags:
- deploy
- name: 打印安装结果
debug: var=yum_info.ansible_job_id
tags:
- deploy
...
- file/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
- 使用方法
ansible-playbook -i hosts deploy-kubeadm.yml
五、部署kubeadm集群
1
wget https://www.sharkyun.com:8043/2002/soft/kubeadm.tar.gz
2
docker load -i kubeadm.tar.gz
3
这里要要注意要关闭swap分区,firewalld,senlinxu
swapoff -a 用 free -h 来检查
4
systemctl daemon-reload
systemctl enable kubelet && systemctl start kubelet
5
kubeadm init --kubernetes-version=v1.20.4 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.66.132 --ignore-preflight-errors=Swap
kubeadm join 192.168.66.132:6443 --token vgeico.c6lf8q84h23kuas6
–discovery-token-ca-cert-hash sha256:f41db5c8cbeb85cb03987c88be2e4ca75dc2cda0dfad02cad9a86cce34ede82c
6
export KUBECONFIG=/etc/kubernetes/admin.conf
7
kubectl get nodes
cd ~ && mkdir flannel && cd flannel
wget https://github.com/flannel-io/flannel/blob/master/Documentation/kube-flannel.yml
修改配置文件kube-flannel.yml**
说明:默认的镜像是quay.io/coreos/flannel:v0.10.0-amd64,如果你能pull下来就不用修改镜像地址,否则,修改yml中镜像地址为阿里镜像源,要修改所有的镜像版本,里面有好几条flannel镜像地址
image: registry.cn-shanghai.aliyuncs.com/gcr-k8s/flannel:v0.10.0-amd64
指定启动网卡
flanneld启动参数加上--iface=<iface-name>
containers:
- name: kube-flannel
image: registry.cn-shanghai.aliyuncs.com/gcr-k8s/flannel:v0.10.0-amd64
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
- --iface=ens33
- --iface=eth0
⚠️⚠️⚠️--iface=ens33
的值,是你当前的网卡,或者可以指定多网卡
查看
1.kubectl get pods --namespace kube-system
NAME READY STATUS RESTARTS AGE
coredns-6955765f44-g767b 1/1 Running 0 14m
coredns-6955765f44-l8zzs 1/1 Running 0 14m
etcd-master 1/1 Running 0 14m
kube-apiserver-master 1/1 Running 0 14m
kube-controller-manager-master 1/1 Running 0 14m
kube-flannel-ds-amd64-qjpzg 1/1 Running 0 28s
kube-proxy-zklq2 1/1 Running 0 14m
kube-scheduler-master 1/1 Running 0 14m
2.kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 443/TCP 14m
3.kubectl get svc --namespace kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10 53/UDP,53/TCP,9153/TCP 15m
4.kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane,master 48m v1.20.4
配置所有node节点加入集群
这是最后的成品,新手上路