upgrade deploy

kubeop · Apr 1, 2020 · 928c53c · 928c53c
1 parent ab5b841
commit 928c53c
Show file tree

Hide file tree

Showing 75 changed files with 1,937 additions and 4,095 deletions.
diff --git a/README.md b/README.md
@@ -1,18 +1,16 @@
-本工具使用ansible playbook初始化系统配置、安装kubernetes高可用集群，并可进行节点扩容、替换集群证书等。本playbook安装kubernetes集群为二进制方式部署。
+		本工具使用ansible playbook初始化系统配置、安装kubernetes高可用集群，并可进行节点扩容、替换集群证书、版本升级等。本playbook安装kubernetes集群为二进制方式部署。
 
 
 
-## 使用方法：
-
 ### 一、下载二进制包
 
 ```
-wget https://storage.googleapis.com/kubernetes-release/release/v1.16.3/kubernetes-server-linux-amd64.tar.gz
+wget https://storage.googleapis.com/kubernetes-release/release/v1.16.8/kubernetes-server-linux-amd64.tar.gz
 ```
 
-- url中v1.16.3替换为需要下载的版本即可
+- url中v1.16.8替换为需要下载的版本即可。
 
-配置文件服务器
+配置文件服务器。
 
 ```
 yum -y install nginx
@@ -75,7 +73,7 @@ vip=172.16.100.200
 | pod_ip_range          | 指定k8s集群pod的网段                                         |
 | calico_ipv4pool_ipip  | 指定k8s集群使用calico的ipip模式或者bgp模式，Always为ipip模式，off为bgp模式。注意bgp模式不适用于公有云环境。当值为off的时候，切记使用引号`""`引起来。 |
 
-- 请将etcd安装在独立的服务器上，不建议跟master安装在一起
+- 请将etcd安装在独立的服务器上，不建议跟master安装在一起。数据盘尽量使用SSD盘。
 - Pod 和Service IP网段建议使用保留私有IP段，建议（Pod IP不与Service IP重复，也不要与主机IP段重复）：
   - Pod 网段
     - A类地址：10.0.0.0/8
@@ -153,11 +151,10 @@ ansible-playbook k8s.yml -i inventory -l node -t install_docker,install_node,ins
 
 #### 4.5、替换集群证书
 
-先备份并删除证书目录，然后执行以下步骤
+先备份并删除证书目录{{ssl_dir}}，然后执行以下步骤重新生成证书并分发证书。
 
 ```
-ansible-playbook k8s.yml -i inventory -t cert
-ansible-playbook k8s.yml -i inventory -t dis_certs
+ansible-playbook k8s.yml -i inventory -t cert,dis_certs
 ```
 
 然后依次重启每个节点。
@@ -185,7 +182,7 @@ ETCDCTL_API=3 etcdctl \
 ansible -i inventory master,node -l master-01 -m shell -a "rm -rf /etc/kubernetes/pki/kubelet-*"
 ```
 
-- `-l`参数更换为具体节点IP
+- `-l`参数更换为具体节点IP。
 
 逐个重启节点
 
@@ -194,13 +191,13 @@ ansible-playbook k8s.yml -i inventory -l master-01 -t restart_apiserver,restart_
 ```
 
 - 如calico、metrics-server等服务也使用了etcd，请记得一起更新相关证书。
--  `-l`参数更换为具体节点IP
+-  `-l`参数更换为具体节点IP。
 
 
 
 #### 4.6、升级kubernetes版本
 
-请先将`kubernetes_url`修改为新版本下载链接
+请先将`kubernetes_url`修改为新版本下载链接。
 
 ```
 ansible-playbook k8s.yml -i inventory -t kube_master,kube_node
@@ -212,5 +209,5 @@ ansible-playbook k8s.yml -i inventory -t kube_master,kube_node
 ansible-playbook k8s.yml -i inventory -l master-01 -t restart_apiserver,restart_controller,restart_scheduler,restart_kubelet,restart_proxy,healthcheck
 ```
 
-- `-l`参数更换为具体节点IP
+- `-l`参数更换为具体节点IP。
 
diff --git a/fdisk.yml b/fdisk.yml
@@ -0,0 +1,58 @@
+---
+- name: "格式化磁盘"
+  hosts: all
+  vars:
+    disk: sdb
+    dir: /var/lib/etcd
+  tasks:
+    - name: set variable
+      set_fact:
+        partation: "{{ disk }}1"
+    - stat:
+        path: "/dev/{{ partation }}"
+      register: disk_stat
+      tags: fdisk
+    - name: "创建/dev/{{ disk }}分区"
+      when: not disk_stat.stat.exists
+      parted:
+        device: "/dev/{{ disk }}"
+        number: 1
+        part_type: primary
+        part_start: 0%
+        part_end: 100%
+        label: gpt
+        state: present
+      tags: fdisk
+    - name: "disk"
+      debug:
+        msg: "即将格式化的磁盘分区是/dev/{{ partation }}"
+      tags: fdisk
+    - name: "格式化/dev/{{ partation }}分区"
+      when: not disk_stat.stat.exists
+      filesystem:
+        dev: "/dev/{{ partation }}"
+        force: yes
+        fstype: xfs
+      tags: fdisk
+    - name: 重新获取facter
+      setup:
+        gather_subset:
+          - '!all'
+          - '!any'
+          - hardware
+      tags: fdisk
+    - name: 获取/dev/{{ partation }}的UUID
+      set_fact:
+        device_uuid: "{{ item.value }}"
+      with_dict:
+        - "{{ ansible_device_links.uuids }}"
+      when: item.key == (partation)
+      tags: fdisk
+    - name: "挂载/dev/{{ partation }}分区到{{ dir }}目录"
+      mount:
+        path: "{{ dir }}"
+        src: "UUID={{device_uuid[0]}}"
+        fstype: xfs
+        opts: defaults,noatime,nodiratime,nobarrier,pquota
+        state: mounted
+      tags: fdisk 
diff --git a/group_vars/all.yml b/group_vars/all.yml
@@ -1,23 +1,10 @@
-#init
-disk: /dev/vdb
-data_dir: /data
-zbx_server_ip: 172.16.9.9
-#阿里云内网机器使用
-#gpgkey: http://mirrors.cloud.aliyuncs.com
-#非阿里云以及其他能访问公网的机器使用
-gpgkey: https://mirrors.aliyun.com
-
 #k8s
-download_url: https://dl.anymb.com
-#k8s版本支持：1.10.11、1.11.5、1.12.3
-k8s_version: 1.11.5
-flannel_version: v0.10.0
-docker_version: docker-ce-18.06.1.ce
 ssl_dir: /etc/ssl/k8s
-ssl_days: 1825
-ssl_size: 4096
-apiserver_domain_name: apiserver.anymb.com
-service_cluster_ip_range: 10.64.0.0/12
-pod_cluster_cidr: 10.80.0.0/12
-cluster_dns: 10.64.0.2
-harbor: registry.anymb.com
+kubernetes_url: http://localhost
+docker_version: 19.03.5
+
+#集群配置
+apiserver_domain_name: apiserver.k8sre.com
+service_ip_range: 10.64.0.0/16
+pod_ip_range: 10.80.0.0/12
+calico_ipv4pool_ipip: "Always"
diff --git a/init.yml b/init.yml
diff --git a/inventory b/inventory
@@ -1,32 +1,24 @@
 #本组内填写etcd服务器及主机名
 [etcd]
-172.17.15.233 hostname=etcd-01
-172.17.15.234 hostname=etcd-02
-172.17.15.235 hostname=etcd-03
-172.17.15.236 hostname=etcd-04
-172.17.15.237 hostname=etcd-05
+172.16.100.201 hostname=etcd-01
+172.16.100.202 hostname=etcd-02
+172.16.100.203 hostname=etcd-03
 
 #本组内填写master服务器及主机名
 [master]
-172.17.15.238 hostname=master-01
-172.17.15.239 hostname=master-02
-172.17.15.240 hostname=master-03
-172.17.15.241 hostname=master-04
-172.17.15.242 hostname=master-05
+172.16.100.204 hostname=master-01
+172.16.100.205 hostname=master-02
+172.16.100.206 hostname=master-03
 
-#本组机器不会进行系统初始化等操作，仅用做安装kubectl命令行
-[kubectl]
-172.17.15.238 hostname=master-01
-
-#本组机器不会进行系统初始化等操作，只是apiserver证书签发时使用
-[k8s_service]
-10.64.0.1        #shoule be k8s servcie first ip
-172.17.15.246    #shoule be k8s apiserver slb ip
+[haproxy]
+172.16.100.198 hostname=haproxy-01 type=MASTER priority=100
+172.16.100.199 hostname=haproxy-02 type=BACKUP priority=90
+[all:vars]
+lb_port=6443
+vip=172.16.100.200
 
 #本组内填写node服务器及主机名
 [node]
-172.17.15.243 hostname=node-01
-172.17.15.244 hostname=node-02
-172.17.15.245 hostname=node-03
-
-
+172.16.100.207 hostname=node-01
+172.16.100.208 hostname=node-02
+172.16.100.209 hostname=node-03
diff --git a/k8s.yml b/k8s.yml
@@ -1,8 +1,8 @@
 ---
-- name: "Creating Kubernetes High Availability Cluster with Ansible Playbook"
-  hosts: etcd master node
+- name: "Deploying Kubernetes High Availability Cluster with Ansible Playbook"
+  hosts: etcd master node haproxy
   roles:
-    - { role: 'init', tags: "init",when: "ansible_os_family == 'RedHat'" }
+    - { role: 'init', tags: "init", when: "ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7'" }
 
 - name: "签发证书"
   hosts: localhost
@@ -13,23 +13,21 @@
 - name: "配置etcd"
   hosts: etcd
   roles:
-    - { role: 'etcd', tags: "install_etcd" }
+    - { role: 'etcd', tags: "install_etcd", when: "ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7'"}
 
-- name: "配置master"
-  hosts: master
+- name: "配置haproxy"
+  hosts: haproxy
   roles:
-    - { role: 'flannel', tags: "install_master" }
-    - { role: 'master', tags: "install_master" }
+    - { role: 'haproxy', tags: "install_haproxy", when: "ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7'"}
+    - { role: 'keepalived', tags: "install_keepalived", when: "ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7'" }
 
-- name: "安装kubectl"
-  hosts: kubectl
+- name: "配置master"
+  hosts: master
   roles:
-    - { role: 'kubectl', tags: "install_kubectl" }
+    - { role: 'master', tags: "install_master", when: "ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7'" }
 
 - name: "配置node"
-  hosts: node
+  hosts: master node
   roles:
-    - { role: 'flannel', tags: "install_node" }
-    - { role: 'docker', tags: "install_node" }
-    - { role: 'node', tags: "install_node" }
-
+    - { role: 'docker', tags: "install_docker", when: "ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7'" }
+    - { role: 'node', tags: "install_node", when: "ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7'" }