#!/bin/bash
if [ ! -f /usr/bin/dialog ]; then
yum -y install dialog
fi
HEIGHT=20
WIDTH=85
CHOICE_HEIGHT=14
BACKTITLE="DEFEND Test Lab"
TITLE="Install Kubernetes - Multi-master with HAProxy - Ubuntu 18.04 LTS"
MENU="Choose one of the following options:"
IP_LBS=`cat txt |head -n 1 | tail -n 1`
IP_MASTER1=`cat txt |head -n 2 | tail -n 1`
IP_MASTER2=`cat txt |head -n 3 | tail -n 1`
IP_MASTER3=`cat txt |head -n 4 | tail -n 1`
JOIN_TOKEN=`cat txt |head -n 5 | tail -n 1`
while [ "$CHOICE" != "8" ]; do
CHOICE=$(dialog --clear \
--backtitle "$BACKTITLE" \
--title "$TITLE" \
--menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
1 "Cluster Configuration"\
2 "Setup Load Balancer"\
3 "Install Primary Controller node"\
4 "Get Cluster Join Command" \
5 "Install Secondary Controller node"\
6 "Install Worker node"\
7 "Install Test HTTP deployment/service"\
8 "Exit" 2>&1 >/dev/tty)
clear
case $CHOICE in
1)
dialog --form "Enter IP Address" 12 60 8 \
"LBS: " 1 1 "$IP_LBS" 1 15 16 0 \
"Master1:" 2 1 "$IP_MASTER1" 2 15 16 0 \
"Master2:" 3 1 "$IP_MASTER2" 3 15 16 0 \
"Master3:" 4 1 "$IP_MASTER3" 4 15 16 0 \
"JoinToken:" 5 1 "$JOIN_TOKEN" 5 15 500 0 \
2> txt
IP_LBS=`cat txt |head -n 1 | tail -n 1`
IP_MASTER1=`cat txt |head -n 2 | tail -n 1`
IP_MASTER2=`cat txt |head -n 3 | tail -n 1`
IP_MASTER3=`cat txt |head -n 4 | tail -n 1`
JOIN_TOKEN=`cat txt |head -n 5 | tail -n 1`
;;
2)
cat << EOF
GPC : Network Services - Create Network LoadBalancer - TCP Load Balancing -
Start Configuration - External - Single region only - Target Pool
Backend configuration - backends Existing Instances - create a health check
Firewall allow ingress TCP/6443 from 130.211.0.0/22 35.191.0.0/16
AWS : TBD
EOF
read -p '[======== Go Back ======] press enter key'
;;
3)
cat common.sh > master1.sh
cat << EOF >> master1.sh
cat << M1EOFM1 > kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
kubernetesVersion: stable
apiServer:
certSANs:
- "$IP_LBS"
controlPlaneEndpoint: "$IP_LBS:6443"
M1EOFM1
kubeadm config images pull
kubeadm init --config=kubeadm-config.yaml
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
sleep 10
kubectl get node
kubectl apply -f https://github.com/weaveworks/weave/releases/download/v2.8.1/weave-daemonset-k8s.yaml
yum -y install wget
wget 'https://github.com/derailed/k9s/releases/download/v0.25.18/k9s_Linux_x86_64.tar.gz'
tar -xvf k9s_Linux_x86_64.tar.gz
chmod +x k9s
mv k9s /usr/bin
k9s
EOF
ssh $IP_MASTER1 '/bin/sh -s' < master1.sh
read -p '[======== Go Back ======] press enter key'
;;
4)
echo '/usr/bin/kubeadm token create --print-join-command' > get_token.sh
JOIN_TOKEN=`ssh $IP_MASTER1 '/bin/sh -s' < get_token.sh`
echo $JOIN_TOKEN
cat << EOF > txt
$IP_HAPROXY
$IP_MASTER1
$IP_MASTER2
$IP_MASTER3
$JOIN_TOKEN
EOF
read -p '[======== Go Back ======] press enter key'
;;
5)
if [ ! -f /usr/bin/sshpass ]; then
yum -y install sshpass
fi
read -p "Enter ssh password for Secondary Controller : " PASSWORD
cat << EOF > copy.sh
USER=root
if [ ! -f /usr/bin/sshpass ]; then
yum -y install sshpass
fi
MASTER_NODE_IPS="$IP_MASTER2 $IP_MASTER3" # apply the correct master1 and master2 ips
for host in \${MASTER_NODE_IPS}; do
sshpass -p "$PASSWORD" scp -o StrictHostKeyChecking=no /etc/kubernetes/pki/ca.crt "\${USER}"@\$host:
sshpass -p "$PASSWORD" scp -o StrictHostKeyChecking=no /etc/kubernetes/pki/ca.key "\${USER}"@\$host:
sshpass -p "$PASSWORD" scp -o StrictHostKeyChecking=no /etc/kubernetes/pki/sa.key "\${USER}"@\$host:
sshpass -p "$PASSWORD" scp -o StrictHostKeyChecking=no /etc/kubernetes/pki/sa.pub "\${USER}"@\$host:
sshpass -p "$PASSWORD" scp -o StrictHostKeyChecking=no /etc/kubernetes/pki/front-proxy-ca.crt "\${USER}"@\$host:
sshpass -p "$PASSWORD" scp -o StrictHostKeyChecking=no /etc/kubernetes/pki/front-proxy-ca.key "\${USER}"@\$host:
sshpass -p "$PASSWORD" scp -o StrictHostKeyChecking=no /etc/kubernetes/pki/etcd/ca.crt "\${USER}"@\$host:etcd-ca.crt
sshpass -p "$PASSWORD" scp -o StrictHostKeyChecking=no /etc/kubernetes/pki/etcd/ca.key "\${USER}"@\$host:etcd-ca.key
sshpass -p "$PASSWORD" scp -o StrictHostKeyChecking=no /etc/kubernetes/admin.conf "\${USER}"@\$host:
done
EOF
sshpass -p "$PASSWORD" ssh -o StrictHostKeyChecking=no $IP_MASTER1 '/bin/sh -s' < copy.sh
cat common.sh > move.sh
cat << EOF >> move.sh
USER=root
mkdir -p /etc/kubernetes/pki/etcd
mv /\${USER}/ca.crt /etc/kubernetes/pki/
mv /\${USER}/ca.key /etc/kubernetes/pki/
mv /\${USER}/sa.pub /etc/kubernetes/pki/
mv /\${USER}/sa.key /etc/kubernetes/pki/
mv /\${USER}/front-proxy-ca.crt /etc/kubernetes/pki/
mv /\${USER}/front-proxy-ca.key /etc/kubernetes/pki/
mv /\${USER}/etcd-ca.crt /etc/kubernetes/pki/etcd/ca.crt
mv /\${USER}/etcd-ca.key /etc/kubernetes/pki/etcd/ca.key
mv /\${USER}/admin.conf /etc/kubernetes/admin.conf
$JOIN_TOKEN --control-plane
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
sleep 10
kubectl get node
yum -y install wget
wget 'https://github.com/derailed/k9s/releases/download/v0.25.18/k9s_Linux_x86_64.tar.gz'
tar -xvf k9s_Linux_x86_64.tar.gz
chmod +x k9s
mv k9s /usr/bin
EOF
sshpass -p "$PASSWORD" ssh -o StrictHostKeyChecking=no $IP_MASTER2 '/bin/sh -s' < move.sh
sshpass -p "$PASSWORD" ssh -o StrictHostKeyChecking=no $IP_MASTER3 '/bin/sh -s' < move.sh
read -p '[======== Go Back ======] press enter key'
;;
6)
read -p "Enter worker node IP: " wip
cat common.sh > worker.sh
cat << EOF >> worker.sh
$JOIN_TOKEN
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
sleep 10
kubectl get node
yum -y install wget
wget 'https://github.com/derailed/k9s/releases/download/v0.25.18/k9s_Linux_x86_64.tar.gz'
tar -xvf k9s_Linux_x86_64.tar.gz
chmod +x k9s
mv k9s /usr/bin
EOF
ssh $wip '/bin/sh -s' < worker.sh
read -p '[======== Go Back ======] press enter key'
;;
7)
cat << EOF > deploy.sh
cat << DEPEOF > test-app.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: test
name: test-app
namespace: default
spec:
minReadySeconds: 5
progressDeadlineSeconds: 600
replicas: 4
revisionHistoryLimit: 10
selector:
matchLabels:
app: test
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: test
spec:
containers:
- image: hieuvpn/lap:6
imagePullPolicy: Always
name: lap
ports:
- containerPort: 80
protocol: TCP
resources:
limits:
cpu: 200m
requests:
cpu: 50m
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
DEPEOF
cat << DEPEOF > test-svc.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: test
name: test
namespace: default
spec:
allocateLoadBalancerNodePorts: true
externalIPs:
- $IP_MASTER1
- $IP_MASTER2
- $IP_MASTER3
ports:
- nodePort: 30380
port: 8080
protocol: TCP
targetPort: 80
selector:
app: test
sessionAffinity: None
type: LoadBalancer
DEPEOF
kubectl apply -f test-app.yaml
kubectl apply -f test-svc.yaml
EOF
ssh $IP_MASTER1 '/bin/sh -s' < deploy.sh
read -p '[======== Go Back ======] press enter key'
;;
esac
done
Common.sh
#!/bin/bash
echo "Installing Docker..."
#yum -y update
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum -y install docker-ce
containerd config default > /etc/containerd/config.toml
systemctl restart containerd
systemctl enable --now docker
echo "Check Docker Status"
systemctl status docker
echo "Install kubelet kubeadm kubectl"
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet kubeadm kubectl
yum install -y nfs-utils
systemctl enable --now kubelet
systemctl status kubelet
sed -i '/swap/d' /etc/fstab
swapoff -a
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl --system
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
systemctl stop firewalld
systemctl disable firewalld
#echo "Reboot OS in 10 seconds..."
/usr/bin/sleep 5
#reboot
kubeadm config images pull
#docker pull mysql:8.0.28
#docker pull bitnami/phpmyadmin
*****Manual install kubeadm
Installing kubeadm | Kubernetes
****Remove master node from etcd
$ kubectl exec etcd-< nodeNameMasterNode > -n kube-system -- etcdctl --cacert /etc/kubernetes/pki/etcd/ca.crt --cert /etc/kubernetes/pki/etcd/peer.crt --key /etc/kubernetes/pki/etcd/peer.key member list
1863b58e85c8a808, started, nodeNameMaster1, https://IP1:2380, https://IP1:2379, false
676d4bfab319fa22, started, nodeNameMaster2, https://IP2:2380, https://IP2:2379, false
b0c50c50d563ed51, started, nodeNameMaster3, https://IP3:2380, https://IP3:2379, false
$ kubectl exec etcd-nodeNameMaster1 -n kube-system -- etcdctl --cacert /etc/kubernetes/pki/etcd/ca.crt --cert /etc/kubernetes/pki/etcd/peer.crt --key /etc/kubernetes/pki/etcd/peer.key member remove b0c50c50d563ed51
Member b0c50c50d563ed51 removed from cluster d1e1de99e3d19634
This entry was posted
on Friday, February 3rd, 2023 at 6:13 am and is filed under Mẹo vặt của hiếu râu.
You can follow any responses to this entry through the RSS 2.0 feed.
Both comments and pings are currently closed.