我的编程空间,编程开发者的网络收藏夹
学习永远不晚

Ansible部署K8s集群的方法

短信预约 -IT技能 免费直播动态提醒
省份

北京

  • 北京
  • 上海
  • 天津
  • 重庆
  • 河北
  • 山东
  • 辽宁
  • 黑龙江
  • 吉林
  • 甘肃
  • 青海
  • 河南
  • 江苏
  • 湖北
  • 湖南
  • 江西
  • 浙江
  • 广东
  • 云南
  • 福建
  • 海南
  • 山西
  • 四川
  • 陕西
  • 贵州
  • 安徽
  • 广西
  • 内蒙
  • 西藏
  • 新疆
  • 宁夏
  • 兵团
手机号立即预约

请填写图片验证码后获取短信验证码

看不清楚,换张图片

免费获取短信验证码

Ansible部署K8s集群的方法

环境:

主机IP地址组件
ansible192.168.175.130ansible
master192.168.175.140docker,kubectl,kubeadm,kubelet
node192.168.175.141docker,kubectl,kubeadm,kubelet
node192.168.175.142docker,kubectl,kubeadm,kubelet

检查及调试相关命令:

$ ansible-playbook -v k8s-time-sync.yaml --syntax-check
$ ansible-playbook -v k8s-*.yaml -C 
$ ansible-playbook -v k8s-yum-cfg.yaml -C --start-at-task="Clean origin dir" --step
$ ansible-playbook -v k8s-kernel-cfg.yaml --step

主机inventory文件:

/root/ansible/hosts

[k8s_cluster]
master ansible_host=192.168.175.140
node1  ansible_host=192.168.175.141
node2  ansible_host=192.168.175.142

[k8s_cluster:vars]
ansible_port=22
ansible_user=root
ansible_password=hello123	

检查网络:k8s-check.yaml检查k8s各主机的网络是否可达;

检查k8s各主机操作系统版本是否达到要求;

- name: step01_check
  hosts: k8s_cluster
  gather_facts: no
  tasks:
    - name: check network
      shell:
        cmd: "ping -c 3 -m 2 {{ansible_host}}"
      delegate_to: localhost

    - name: get system version
      shell: cat /etc/system-release
      register: system_release

    - name: check system version
      vars:
        system_version: "{{ system_release.stdout | regex_search('([7-9].[0-9]+).*?') }}"
        suitable_version: 7.5
      debug:
        msg: "{{ 'The version of the operating system is '+ system_version +', suitable!' if (system_version | float >= suitable_version) else 'The version of the operating system is unsuitable' }}"

调试命令:

$ ansible-playbook --ssh-extra-args '-o StrictHostKeyChecking=no' -v -C k8s-check.yaml
$ ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -v -C k8s-check.yaml
$ ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -v k8s-check.yaml --start-at-task="get system version"
  • 连接配置:k8s-conn-cfg.yaml在ansible服务器的/etc/hosts文件中添加k8s主机名解析配置
  • 生成密钥对,配置ansible免密登录到k8s各主机
- name: step02_conn_cfg
  hosts: k8s_cluster
  gather_facts: no
  vars_prompt:
    - name: RSA
      prompt: Generate RSA or not(Yes/No)?
      default: "no"
      private: no

    - name: password
      prompt: input your login password?
      default: "hello123"
  tasks:
    - name: Add DNS of k8s to ansible
      delegate_to: localhost
      lineinfile:
        path: /etc/hosts
        line: "{{ansible_host}}  {{inventory_hostname}}"
        backup: yes
    - name: Generate RSA
      run_once: true
      shell:
        cmd: ssh-keygen -t rsa -f ~/.ssh/id_rsa -N ''
        creates: /root/.ssh/id_rsa
      when: RSA | bool
    - name: Configure password free login
      shell: |
          /usr/bin/ssh-keyscan {{ ansible_host }} >> /root/.ssh/known_hosts 2> /dev/null
          /usr/bin/ssh-keyscan {{ inventory_hostname }} >> /root/.ssh/known_hosts 2> /dev/null
          /usr/bin/sshpass -p'{{ password }}' ssh-copy-id root@{{ ansible_host }}
          #/usr/bin/sshpass -p'{{ password }}' ssh-copy-id root@{{ inventory_hostname }}
    - name: Test ssh
      shell: hostname

执行:

$ ansible-playbook k8s-conn-cfg.yaml
Generate RSA or not(Yes/No)? [no]: yes
input your login password? [hello123]:

PLAY [step02_conn_cfg] **********************************************************************************************************
TASK [Add DNS of k8s to ansible] ************************************************************************************************
ok: [master -> localhost]
ok: [node1 -> localhost]
ok: [node2 -> localhost]
TASK [Generate RSA] *************************************************************************************************************
changed: [master -> localhost]
TASK [Configure password free login] ********************************************************************************************
changed: [node1 -> localhost]
changed: [node2 -> localhost]
TASK [Test ssh] *****************************************************************************************************************
changed: [master]
changed: [node1]
changed: [node2]
PLAY RECAP **********************************************************************************************************************
master                     : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
node1                      : ok=3    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
node2                      : ok=3    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

配置k8s集群dns解析: k8s-hosts-cfg.yaml

  • 设置主机名

  • /etc/hosts文件中互相添加dns解析

- name: step03_cfg_host
  hosts: k8s_cluster
  gather_facts: no
  tasks:
    - name: set hostname
      hostname:
        name: "{{ inventory_hostname }}"
        use: systemd
    - name: Add dns to each other
      lineinfile:
        path: /etc/hosts
        backup: yes
        line: "{{item.value.ansible_host}}  {{item.key}}"
      loop: "{{ hostvars | dict2items }}"
      loop_control:
        label: "{{ item.key }} {{ item.value.ansible_host }}"

执行:

$ ansible-playbook k8s-hosts-cfg.yaml

PLAY [step03_cfg_host] **********************************************************************************************************
TASK [set hostname] *************************************************************************************************************
ok: [master]
ok: [node1]
ok: [node2]
TASK [Add dns to each other] ****************************************************************************************************
ok: [node2] => (item=node1 192.168.175.141)
ok: [master] => (item=node1 192.168.175.141)
ok: [node1] => (item=node1 192.168.175.141)
ok: [node2] => (item=node2 192.168.175.142)
ok: [master] => (item=node2 192.168.175.142)
ok: [node1] => (item=node2 192.168.175.142)
ok: [node2] => (item=master 192.168.175.140)
ok: [master] => (item=master 192.168.175.140)
ok: [node1] => (item=master 192.168.175.140)
PLAY RECAP **********************************************************************************************************************
master                     : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
node1                      : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
node2                      : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

配置yum源:k8s-yum-cfg.yaml

- name: step04_yum_cfg
  hosts: k8s_cluster
  gather_facts: no
  tasks:

    - name: Create back-up directory
      file:
        path: /etc/yum.repos.d/org/
        state: directory
    - name: Back-up old Yum files
      shell:
        cmd: mv -f /etc/yum.repos.d/*.repo /etc/yum.repos.d/org/
        removes: /etc/yum.repos.d/org/
    - name: Add new Yum files
      copy:
        class="lazy" data-src: ./files_yum/
        dest: /etc/yum.repos.d/
    - name: Check yum.repos.d
        cmd: ls /etc/yum.repos.d/*

时钟同步:k8s-time-sync.yaml

- name: step05_time_sync
  hosts: k8s_cluster
  gather_facts: no
  tasks:

    - name: Start chronyd.service
      systemd:
        name: chronyd.service
        state: started
        enabled: yes
    - name: Modify time zone & clock
      shell: |
        cp -f /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
        clock -w
        hwclock -w
    - name: Check time now
      command: date

禁用iptable、firewalld、NetworkManager服务

- name: step06_net_service
  hosts: k8s_cluster
  gather_facts: no
  tasks:

    - name: Stop some services for net
      systemd:
        name: "{{ item }}"
        state: stopped
        enabled: no
      loop:
        - firewalld
        - iptables
        - NetworkManager

执行:

$ ansible-playbook -v k8s-net-service.yaml
... ...
failed: [master] (item=iptables) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": "iptables"
}

MSG:
Could not find the requested service iptables: host
PLAY RECAP **********************************************************************************************************************
master                     : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0
node1                      : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0
node2                      : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

禁用SElinux、swap:k8s-SE-swap-disable.yaml

- name: step07_net_service
  hosts: k8s_cluster
  gather_facts: no
  tasks:

    - name: SElinux disabled
      lineinfile:
        path: /etc/selinux/config
        line: SELINUX=disabled
        regexp: ^SELINUX=
        state: present
        backup: yes
    - name: Swap disabled
        path: /etc/fstab
        line: '#\1'
        regexp: '(^/dev/mapper/centos-swap.*$)'
        backrefs: yes

修改内核:k8s-kernel-cfg.yaml

- name: step08_kernel_cfg
  hosts: k8s_cluster
  gather_facts: no
  tasks:

    - name: Create /etc/sysctl.d/kubernetes.conf
      copy:
        content: ''
        dest: /etc/sysctl.d/kubernetes.conf
        force: yes
    - name: Cfg bridge and ip_forward
      lineinfile:
        path: /etc/sysctl.d/kubernetes.conf
        line: "{{ item }}"
        state: present
      loop:
        - 'net.bridge.bridge-nf-call-ip6tables = 1'
        - 'net.bridge.bridge-nf-call-iptables = 1'
        - 'net.ipv4.ip_forward = 1'
    - name: Load cfg
      shell:
        cmd: |
          sysctl -p
          modprobe br_netfilter
        removes: /etc/sysctl.d/kubernetes.conf
    - name: Check cfg
        cmd: '[ $(lsmod | grep br_netfilter | wc -l) -ge 2 ] && exit 0 || exit 3'

执行:

$ ansible-playbook -v k8s-kernel-cfg.yaml --step

TASK [Check cfg] ****************************************************************************************************************
changed: [master] => {
    "changed": true,
    "cmd": "[ $(lsmod | grep br_netfilter | wc -l) -ge 2 ] && exit 0 || exit 3",
    "delta": "0:00:00.011574",
    "end": "2022-02-27 04:26:01.332896",
    "rc": 0,
    "start": "2022-02-27 04:26:01.321322"
}
changed: [node2] => {
    "delta": "0:00:00.016331",
    "end": "2022-02-27 04:26:01.351208",
    "start": "2022-02-27 04:26:01.334877"
changed: [node1] => {
    "delta": "0:00:00.016923",
    "end": "2022-02-27 04:26:01.355983",
    "start": "2022-02-27 04:26:01.339060"
PLAY RECAP **********************************************************************************************************************
master                     : ok=4    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
node1                      : ok=4    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
node2                      : ok=4    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

配置ipvs:k8s-ipvs-cfg.yaml

- name: step09_ipvs_cfg
  hosts: k8s_cluster
  gather_facts: no
  tasks:

    - name: Install ipset and ipvsadm
      yum:
        name: "{{ item }}"
        state: present
      loop:
        - ipset
        - ipvsadm
    - name: Load modules
      shell: |
        modprobe -- ip_vs
        modprobe -- ip_vs_rr
        modprobe -- ip_vs_wrr
        modprobe -- ip_vs_sh
        modprobe -- nf_conntrack_ipv4
    - name: Check cfg
      shell:
        cmd: '[ $(lsmod | grep -e -ip_vs -e nf_conntrack_ipv4 | wc -l) -ge 2 ] && exit 0 || exit 3'

安装docker:k8s-docker-install.yaml

- name: step10_docker_install
  hosts: k8s_cluster
  gather_facts: no
  tasks:

    - name: Install docker-ce
      yum:
        name: docker-ce-18.06.3.ce-3.el7
        state: present
    - name: Cfg docker
      copy:
        class="lazy" data-src: ./files_docker/daemon.json
        dest: /etc/docker/
    - name: Start docker
      systemd:
        name: docker.service
        state: started
        enabled: yes
        
    - name: Check docker version
      shell:
        cmd: docker --version

安装k8s组件[kubeadm\kubelet\kubectl]:k8s-install-kubepkgs.yaml

- name: step11_k8s_install_kubepkgs
  hosts: k8s_cluster
  gather_facts: no
  tasks:

    - name: Install k8s components
      yum:
        name: "{{ item }}"
        state: present
      loop:
        - kubeadm-1.17.4-0
        - kubelet-1.17.4-0
        - kubectl-1.17.4-0
    - name: Cfg k8s
      copy:
        class="lazy" data-src: ./files_k8s/kubelet
        dest: /etc/sysconfig/
        force: no
        backup: yes
    - name: Start kubelet
      systemd:
        name: kubelet.service
        state: started
        enabled: yes

安装集群镜像:k8s-apps-images.yaml

- name: step12_apps_images
  hosts: k8s_cluster
  gather_facts: no

  vars:
    apps:
      - kube-apiserver:v1.17.4
      - kube-controller-manager:v1.17.4
      - kube-scheduler:v1.17.4
      - kube-proxy:v1.17.4
      - pause:3.1
      - etcd:3.4.3-0
      - coredns:1.6.5
  vars_prompt:
      - name: cfg_python
        prompt: Do you need to install docker pkg for python(Yes/No)?
        default: "no"
        private: no
  tasks:
    - block:
        - name: Install python-pip
          yum:
            name: python-pip
            state: present
        - name: Install docker pkg for python
          shell:
            cmd: |
              pip install docker==4.4.4
              pip install websocket-client==0.32.0
            creates: /usr/lib/python2.7/site-packages/docker/
      when: cfg_python | bool
    - name: Pull images
      community.docker.docker_image:
        name: "registry.cn-hangzhou.aliyuncs.com/google_containers/{{ item }}"
        source: pull
      loop: "{{ apps }}"
    - name: Tag images
        repository: "k8s.gcr.io/{{ item }}"
        force_tag: yes
        source: local
    - name: Remove images for ali
        state: absent

执行:

$ ansible-playbook k8s-apps-images.yaml
Do you need to install docker pkg for python(Yes/No)? [no]:

PLAY [step12_apps_images] *******************************************************************************************************
TASK [Install python-pip] *******************************************************************************************************
skipping: [node1]
skipping: [master]
skipping: [node2]
TASK [Install docker pkg for python] ********************************************************************************************
TASK [Pull images] **************************************************************************************************************
changed: [node1] => (item=kube-apiserver:v1.17.4)
changed: [node2] => (item=kube-apiserver:v1.17.4)
changed: [master] => (item=kube-apiserver:v1.17.4)
changed: [node1] => (item=kube-controller-manager:v1.17.4)
changed: [master] => (item=kube-controller-manager:v1.17.4)
changed: [node1] => (item=kube-scheduler:v1.17.4)
changed: [master] => (item=kube-scheduler:v1.17.4)
changed: [node1] => (item=kube-proxy:v1.17.4)
changed: [node2] => (item=kube-controller-manager:v1.17.4)
changed: [master] => (item=kube-proxy:v1.17.4)
changed: [node1] => (item=pause:3.1)
changed: [master] => (item=pause:3.1)
changed: [node2] => (item=kube-scheduler:v1.17.4)
changed: [node1] => (item=etcd:3.4.3-0)
changed: [master] => (item=etcd:3.4.3-0)
changed: [node2] => (item=kube-proxy:v1.17.4)
changed: [node1] => (item=coredns:1.6.5)
changed: [master] => (item=coredns:1.6.5)
changed: [node2] => (item=pause:3.1)
changed: [node2] => (item=etcd:3.4.3-0)
changed: [node2] => (item=coredns:1.6.5)
TASK [Tag images] ***************************************************************************************************************
ok: [node1] => (item=kube-apiserver:v1.17.4)
ok: [master] => (item=kube-apiserver:v1.17.4)
ok: [node2] => (item=kube-apiserver:v1.17.4)
ok: [node1] => (item=kube-controller-manager:v1.17.4)
ok: [master] => (item=kube-controller-manager:v1.17.4)
ok: [node2] => (item=kube-controller-manager:v1.17.4)
ok: [master] => (item=kube-scheduler:v1.17.4)
ok: [node1] => (item=kube-scheduler:v1.17.4)
ok: [node2] => (item=kube-scheduler:v1.17.4)
ok: [master] => (item=kube-proxy:v1.17.4)
ok: [node1] => (item=kube-proxy:v1.17.4)
ok: [node2] => (item=kube-proxy:v1.17.4)
ok: [master] => (item=pause:3.1)
ok: [node1] => (item=pause:3.1)
ok: [node2] => (item=pause:3.1)
ok: [master] => (item=etcd:3.4.3-0)
ok: [node1] => (item=etcd:3.4.3-0)
ok: [node2] => (item=etcd:3.4.3-0)
ok: [master] => (item=coredns:1.6.5)
ok: [node1] => (item=coredns:1.6.5)
ok: [node2] => (item=coredns:1.6.5)
TASK [Remove images for ali] ****************************************************************************************************
PLAY RECAP **********************************************************************************************************************
master                     : ok=3    changed=2    unreachable=0    failed=0    skipped=2    rescued=0    ignored=0
node1                      : ok=3    changed=2    unreachable=0    failed=0    skipped=2    rescued=0    ignored=0
node2                      : ok=3    changed=2    unreachable=0    failed=0    skipped=2    rescued=0    ignored=0

k8s集群初始化:k8s-cluster-init.yaml

- name: step13_cluster_init
  hosts: master
  gather_facts: no
  tasks:
    - block:
        - name: Kubeadm init
          shell:
            cmd:
              kubeadm init
              --apiserver-advertise-address={{ ansible_host }}
              --kubernetes-version=v1.17.4
              --service-cidr=10.96.0.0/12
              --pod-network-cidr=10.244.0.0/16
              --image-repository registry.aliyuncs.com/google_containers

        - name: Create /root/.kube
          file:
            path: /root/.kube/
            state: directory
            owner: root
            group: root
        - name: Copy /root/.kube/config
          copy:
            class="lazy" data-src: /etc/kubernetes/admin.conf
            dest: /root/.kube/config
            remote_class="lazy" data-src: yes
            backup: yes
        - name: Copy kube-flannel
            class="lazy" data-src: ./files_k8s/kube-flannel.yml
            dest: /root/
        - name: Apply kube-flannel
            cmd: kubectl apply -f /root/kube-flannel.yml
        - name: Get token
            cmd: kubeadm token create --print-join-command
          register: join_token
        - name: debug join_token
          debug:
            var: join_token.stdout

到此这篇关于Ansible部署K8s集群的文章就介绍到这了,更多相关Ansible部署K8s集群内容请搜索编程网以前的文章或继续浏览下面的相关文章希望大家以后多多支持编程网!

免责声明:

① 本站未注明“稿件来源”的信息均来自网络整理。其文字、图片和音视频稿件的所属权归原作者所有。本站收集整理出于非商业性的教育和科研之目的,并不意味着本站赞同其观点或证实其内容的真实性。仅作为临时的测试数据,供内部测试之用。本站并未授权任何人以任何方式主动获取本站任何信息。

② 本站未注明“稿件来源”的临时测试数据将在测试完成后最终做删除处理。有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341

Ansible部署K8s集群的方法

下载Word文档到电脑,方便收藏和打印~

下载Word文档

猜你喜欢

k8s集群部署eureka的方法

这篇文章主要介绍“k8s集群部署eureka的方法”,在日常操作中,相信很多人在k8s集群部署eureka的方法问题上存在疑惑,小编查阅了各式资料,整理出简单好用的操作方法,希望对大家解答”k8s集群部署eureka的方法”的疑惑有所帮助!
2023-06-19

k8s集群部署的方法是什么

Kubernetes(简称为k8s)集群的部署方法有多种,可以根据实际需求选择适合的部署方法。以下是一些常见的部署方法:1. 手动部署:使用kubeadm、kubespray等工具手动部署Kubernetes集群。这种方法需要手动配置各个节
2023-10-24

k8s部署redis集群实现的方法是什么

这篇文章主要介绍“k8s部署redis集群实现的方法是什么”,在日常操作中,相信很多人在k8s部署redis集群实现的方法是什么问题上存在疑惑,小编查阅了各式资料,整理出简单好用的操作方法,希望对大家解答”k8s部署redis集群实现的方法
2023-07-05

最简单的k8s集群部署方法是什么

最简单的Kubernetes集群部署方法是使用工具如kubeadm、minikube或者k3s。这些工具能够自动化地在单个节点或者多个节点上部署一个简单的Kubernetes集群。1. 使用kubeadm: - 安装Docker或者co
2023-09-27

k8s怎么部署nginx集群

要部署一个nginx集群,首先需要安装和配置Kubernetes(k8s)环境。以下是部署一个简单nginx集群的步骤:1. 安装和配置Kubernetes集群:按照官方文档的指导,安装和配置一个Kubernetes集群。2. 创建一个ng
2023-10-23

k8s如何部署redis集群

这篇文章主要讲解了“k8s如何部署redis集群”,文中的讲解内容简单清晰,易于学习与理解,下面请大家跟着小编的思路慢慢深入,一起来研究和学习“k8s如何部署redis集群”吧!redis集群搭建1.1使用redis-cli创建集群# 查看
2023-07-05

Rancher部署并导入K8S集群的方法是什么

这篇文章主要介绍“Rancher部署并导入K8S集群的方法是什么”,在日常操作中,相信很多人在Rancher部署并导入K8S集群的方法是什么问题上存在疑惑,小编查阅了各式资料,整理出简单好用的操作方法,希望对大家解答”Rancher部署并导
2023-06-22

基于K8S的StatefulSet部署MySQL集群

展示如何使用 StatefulSet 控制器运行一个有状态的应用程序。此例是多副本的 MySQL 数据库。 示例应用的拓扑结构有一个主服务器和多个副本,使用异步的基于行(Row-Based) 的数据复制。

k8s中如何部署redis集群

在Kubernetes中部署Redis集群通常可以通过以下步骤进行:创建Redis的ConfigMap:在Kubernetes中,可以使用ConfigMap来存储Redis的配置文件。可以通过以下命令创建一个ConfigMap:kubect
k8s中如何部署redis集群
2024-04-09

k8s集群部署的步骤是什么

部署Kubernetes集群的步骤如下:1. 准备环境:为部署Kubernetes集群的所有节点准备合适的操作系统(如Ubuntu、CentOS等)以及所需的硬件资源,如CPU、内存和磁盘空间等。2. 安装Docker:在所有节点上安装Do
2023-10-11

k8s下mysql容器集群怎么部署

在Kubernetes下部署MySQL容器集群可以使用StatefulSet来管理。下面是一个示例:1. 创建一个MySQL配置文件`mysql-configmap.yaml`,其中包含MySQL的配置信息:```yamlapiVersio
2023-09-23

编程热搜

目录