# ansible etcd-m script -a "/root/etcd_config.sh"启动ETCD
# ansible etcd -m shell -a "systemctl daemon-reload"# ansible etcd -m service -a 'name=etcdstate=started'# ansible etcd -m shell -a "systemctl enableetcd"校验ETCD
注: ansible节点执行 , 需安装 etcdctl
# cat check_etcd.sh#!/bin/bashHOST1=192.168.3.21HOST2=192.168.3.22HOST3=192.168.3.23ENDPOINTS=$HOST1:2379,$HOST2:2379,$HOST3:2379#因为开启了证书验证,因此执行命令需加上证书KEY="--cacert=/root/ssl/ca.pem \--cert=/root/ssl/etcd.pem \--key=/root/ssl/etcd-key.pem"#etcd集群健康信息etcdctl --endpoints=$ENDPOINTS $KEY endpoint health#etcd集群状态信息etcdctl --endpoints=$ENDPOINTS $KEY --write-out=table endpoint status#etcd集群成员信息etcdctl --endpoints=$ENDPOINTS $KEY member list -w table# sh check_etcd.sh192.168.3.22:2379 is healthy: successfully committed proposal: took = 6.670434ms192.168.3.23:2379 is healthy: successfully committed proposal: took = 7.021894ms192.168.3.21:2379 is healthy: successfully committed proposal: took = 6.938656ms+-------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+|ENDPOINT|ID| VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS |+-------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+| 192.168.3.21:2379 | a30c90f91c6bc0bf |3.5.1 |20 kB |false |false |2 |23 |23 ||| 192.168.3.22:2379 | 877407b6419f0fed |3.5.1 |20 kB |true |false |2 |23 |23 ||| 192.168.3.23:2379 | 75b3a36457698e9a |3.5.1 |37 kB |false |false |2 |23 |23 ||+-------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------++------------------+---------+-------+---------------------------+---------------------------+------------+|ID| STATUS| NAME|PEER ADDRS|CLIENT ADDRS| IS LEARNER |+------------------+---------+-------+---------------------------+---------------------------+------------+| 75b3a36457698e9a | started | etcd3 | https://192.168.3.23:2380 | https://192.168.3.23:2379 |false || 877407b6419f0fed | started | etcd2 | https://192.168.3.22:2380 | https://192.168.3.22:2379 |false || a30c90f91c6bc0bf | started | etcd1 | https://192.168.3.21:2380 | https://192.168.3.21:2379 |false |+------------------+---------+-------+---------------------------+---------------------------+------------+安装配置 CRI-O安装CRI-O
# cat get_cri-o.sh#!/bin/bashVERSION=1.22sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/CentOS_7/devel:kubic:libcontainers:stable.reposudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:${VERSION}/CentOS_7/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repo# ansible k8s -myum -a "name=cri-o,cri-tools state=latest"# ansible k8s -mshell-a "sudo systemctl enable --now crio"修改cri-o 存储路径
# ansible k8s -m shell -a "sed -i -e's?^graphroot =.*?graphroot = "/export/Data/containers/storage"?g' /etc/containers/storage.conf"配置cgroup
# cat 02-cgroup-manager.conf[crio.runtime]conmon_cgroup = "pod"cgroup_manager = "systemd"# ansible k8s -m copy -a "src=https://www.huyubaike.com/biancheng/02-cgroup-manager.confdest=/etc/crio/crio.conf.d/"配置镜像加速
# cat images_mirr.sh#!/bin/bashcat >> /etc/containers/registries.conf << EOF[[registry]]prefix = "docker.io"location = "hub-mirror.c.163.com"[[registry.mirror]]prefix = "docker.io"location = "hub-mirror.c.163.com"EOF# ansible k8s-m script -a "/root/images_mirr.sh"# ansible k8s-m service -a 'name=criostate=restarted'配置LB公有云使用负载均衡代替
高可用LB后续更新,暂用nginx代替
以下操作LB节点执行
[root@lb ~]# yum -y install epel-release.noarch[root@lb ~]# yum -y install nginx nginx-mod-streamnginx 配置文件中加入以下配置
stream {log_formatmain'$remote_addr [$time_local]''$protocol $status $bytes_sent $bytes_received''$session_time';server {listen 16443;proxy_pass kubeapi;access_log/var/log/nginx/access.logmain;}upstream kubeapi {server 192.168.3.24:6443;server 192.168.3.25:6443;server 192.168.3.26:6443;}}部署k8s安装kubeadm、kubelet
# cat kube.sh#!/bin/bashcat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearchenabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpgexclude=kubelet kubeadm kubectlEOFyum install-y kubelet-1.22.3-0kubeadm-1.22.3-0kubectl-1.22.3-0 --disableexcludes=kubernetessudo systemctl enable --now kubelet# ansible k8s-m script -a "/root/kube.sh"
推荐阅读
- 云小课|MRS基础原理之MapReduce介绍
- 京东云开发者|关于“React 和 Vue 该用哪个”我真的栓Q
- 京东云开发者|ElasticSearch降本增效常见的方法
- 云原生之旅 - 6)不能错过的一款 Kubernetes 应用编排管理神器 Kustomize
- Windows下自动云备份思源笔记到Gitee
- 云原生之旅 - 5)Kubernetes时代的包管理工具 Helm
- 云顶之弈碧波法师阵容怎么玩
- 云上当空接龙规则(接龙规则口诀)
- 云上空当接龙怎么玩(空当接龙怎么玩教学说明)
- mqtt_simple例程 nrf9160做主控连接阿里云——