kubernetes ansible

ansible安装k8s节点并加入集群

Posted by ZMY on January 29, 2021

ansible安装k8s节点并加入集群

环境描述

主机名 ip地址 操作系统 K8S版本 备注
master 192.168.140.210 CentOS Linux release 7.4.1708 v1.20.2 已加入集群
node1 192.168.140.211 CentOS Linux release 7.4.1708 v1.20.2 已加入集群
node2 192.168.140.212 CentOS Linux release 7.4.1708 v1.20.2 已加入集群
node3 192.168.140.213 CentOS Linux release 7.4.1708 v1.20.2 待加入集群

没有安装k8s环境的请查看这篇进行安装kubernetes安装及部署过程

master节点上操作

  • 在master节点上安装ansible,其他节点不需要安装

    [root@master ~]#  yum install epel-release -y
               #  yum install ansible -y

  • 无密码访问

    生成密钥对,执行命令后,连续按回车键即可

    # ssh-keygen -r rsa

    将本机的公钥复制到远程机器的authorized_keys文件中,连接时输入node3的密码即可,并且验证是否可以无密码登陆,首次登陆需要输入yes

    # ssh-copy-id -i root@node3
# ssh root@node3

  • 修改/etc/hosts文件内容,添加一条192.168.140.213 node3(之后需要同步到所有集群节点上)

    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.140.210 master
192.168.140.211 node1
192.168.140.212 node2
192.168.140.213 node3
199.232.28.133 raw.githubusercontent.com

  • 将已经加入到集群中的节点和即将加入到集群中的节点进行分组

    [root@master roles]# cat /etc/ansible/hosts 
[old_node]
node1
node2
[new_node]
node3

  • 编辑deploy_node.yml文件如下

    # What the node need to be done before join the k8s cluster
# 
---
- hosts: new_node
  tasks:
    - name: Create /etc/docker directory
      file:
        path: /etc/docker
        state: directory
  
    - name: Copy master files to the node
      copy:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
      loop:
        - {src: '/etc/yum.repos.d/epel.repo', dest: '/etc/yum.repos.d/epel.repo'}
        - {src: '/etc/yum.repos.d/docker-ce.repo', dest: '/etc/yum.repos.d/docker-ce.repo'}
        - {src: '/etc/yum.repos.d/k8s.repo', dest: '/etc/yum.repos.d/k8s.repo'}
        - {src: '/etc/docker/daemon.json', dest: '/etc/docker/daemon.json'}
        - {src: '/etc/hosts', dest: '/etc/hosts'}
          
    - name: Get the hostname of localhost
      delegate_to: localhost
      shell: hostname
      register: hn
  
    - name: Get the version of docker
      delegate_to: localhost
      shell: 'rpm -q docker-ce'
      register: dv
  
    - name: Get the version of k8s-kubelet
      delegate_to: localhost
      shell: 'rpm -q kubelet'
      register: klet
  
    - name: Get the version of k8s-kubectl
      delegate_to: localhost
      shell: 'rpm -q kubectl'
      register: kctl
  
    - name: Get the version of k8s-kubeadm
      delegate_to: localhost
      shell: 'rpm -q kubeadm'
      register: kadm
  
    - name: Install docker-ce
      yum:
        name: "{{ dv.stdout }}"
        state: present
  
    - name: Restart docker daemon
      service:
        name: docker
        state: restarted
        daemon_reload: yes
        enabled: yes
  
    - name: Disabled selinux
      selinux:
        state: disabled
  
    - name: Disable SWAP since kubernetes can't work with swap enabled (1/2)
      shell: swapoff -a
    - name: Disable SWAP in fstab since kubernetes can't work with swap enabled (2/2)
      replace:
        path: /etc/fstab
        regexp: '^(\s*)([^#\n]+\s+)(\w+\s+)swap(\s+.*)$'
        replace: '#\1\2\3swap\4'
  
    - name: Disabled firewalld service
      service:
        name: firewalld
        state: stopped
        enabled: no
  
    - name: Modify sysctl parameters to 1
      sysctl:
        name: "{{ item }}"
        value: 1
        reload: yes
      loop:
        - net.bridge.bridge-nf-call-iptables
        - net.bridge.bridge-nf-call-ip6tables
        - net.ipv4.ip_forward
  
    - name: Modify hostname
      hostname:
        name: "{{ inventory_hostname }}"
  
    - name: Install kubelet && kubectl && kubeadm
      yum:
        name: "{{  item }}"
        state: present
      loop:
        - '{{ klet.stdout }}'
        - '{{ kctl.stdout }}'
        - '{{ kadm.stdout }}'
  
    - name: Start kubelet service
      service:
        name: kubelet
        state: started
        enabled: yes
    - name: Copy admin.conf
      copy:
        src: /etc/kubernetes/admin.conf
        dest: /etc/kubernetes/admin.conf
  
    - name: LOAD KUBECONFIG ENV
      shell: |
        echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
        source ~/.bash_profile
  
    - name: Create k8s token
      shell: kubeadm token create
      register: token
  
    - name: Get value of sha256
      delegate_to: localhost
      shell: openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
      register: sha_num
    - name: show master name
      debug: msg="{{ hn.stdout }}"
    - name: Join cluster
      shell: kubeadm join "{{ hn.stdout }}":6443 --token "{{ token.stdout}}" --discovery-token-ca-cert-hash sha256:"{{ sha_num.stdout }}" 
      ignore_errors: yes
  
    - name: Install network plugin
      shell: |
        source ~/.bash_profile 
        kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
#

  • 使用ansible-playbook命令将node3加入k8s集群

    # ansible-playbook deploy_node.yml

  • 验证node3节点是否成功加入集群

    # kubectl get node

    可以看到node3成功加入集群

    [root@master ~]# kubectl get node
NAME     STATUS   ROLES                  AGE    VERSION
master   Ready    control-plane,master   10d    v1.20.2
node1    Ready    <none>                 10d    v1.20.2
node2    Ready    <none>                 10d    v1.20.2
node3    Ready    <none>                 127m   v1.20.2

声明:本博客的原创文章,都是本人平时学习所做的笔记,转载请标注出处,谢谢合作。

CATALOG
    FEATURED TAGS
    github freegate zabbix routeos python recursion 字符编码分析 tesseract python coding pages sitemap 百度站长自动推送 tkinter 计算器 phpmyfaq docker vcenter6.7监控 grafana telegraf influxdb requests kubernetes ansible gitlab jenkins harbor prepare psutil helm charts prometheus elfk