Skip to content

Commit

Permalink
feat: add cloud install script. (#4030)
Browse files Browse the repository at this point in the history 
* sealos cloud install script.

* add todo

* fix ingress config.

* fix check mongo secret logic.

* add docs.

* fix script link
  • Loading branch information
@lingdie
lingdie committed Oct 7, 2023
1 parent 1fc97cb commit b458c82
Show file tree
Hide file tree
Showing 4 changed files with 224 additions and 3 deletions.
6 changes: 3 additions & 3 deletions deploy/cloud/scripts/init.sh
View file
@@ -1,5 +1,5 @@
#!/bin/bash
set -ex
set -e

cloudDomain="127.0.0.1.nip.io"
cloudPort=""
Expand Down Expand Up @@ -37,10 +37,10 @@ function gen_mongodbUri() {
if [ -z "$mongodbUri" ]; then
echo "no mongodb uri found, create mongodb and gen mongodb uri"
kubectl apply -f manifests/mongodb.yaml
echo "waiting for mongodb secret generated"
# if there is no sealos-mongodb-conn-credential secret then wait for mongodb ready
while [ -z "$(kubectl get secret -n sealos sealos-mongodb-conn-credential)" ]; do
echo "waiting for mongodb secret generated"
sleep 5
sleep 3
done
chmod +x scripts/gen-mongodb-uri.sh
mongodbUri=$(scripts/gen-mongodb-uri.sh)
Expand Down
38 changes: 38 additions & 0 deletions docs/4.0/docs/quick-start/installation/online-installation.md
View file
@@ -0,0 +1,38 @@
---
sidebar_position: 1
---

# Sealos Cluster Online Installation Guide

## Preparations

### Servers
An odd number of master servers and any number of node servers. It is recommended to use the Ubuntu 22.04 LTS Linux distribution with a kernel version of 5.4 or higher.

The recommended configuration is 4c8g, with storage over 100g. I.e., the minimum server configuration is as follows:

| | cpu | memory | disk |
|-----------|-----|--------|------|
| recommend | 4 | 8G | 100G |
| minimum | 2 | 4G | 60G |

### Network
Interconnection between servers. `master0` (the master node running the sealos CLI) should be able to SSH into other nodes without a password. All nodes should be able to communicate with each other.

### Domain
You need a domain to access Sealos and the various services you will deploy. If you don't have a domain, you can use the free domain service provided by [nip.io](https://nip.io).

### Certificate
Sealos requires certificates to ensure secure communication. By default, if you don't provide a certificate, we will use [cert-manager](https://cert-manager.io/docs/) to automatically issue one.

If you can provide a certificate, it needs to resolve the following domains (assuming the domain you provide is: cloud.example.io):
- `*.cloud.example.io`
- `cloud.example.io`

## Installation Steps

Execute the command and enter the parameters as prompted:

```bash
curl -sfL https://raw.githubusercontent.com/labring/sealos/main/scripts/cloud/install.sh | sudo bash -s
```
38 changes: 38 additions & 0 deletions docs/4.0/i18n/zh-Hans/quick-start/installation/online-installation.md
View file
@@ -0,0 +1,38 @@
---
sidebar_position: 1
---

# Sealos 集群在线安装指南

## 准备工作

### 服务器
奇数台的master服务器及任意的node服务器,推荐使用ubuntu 22.04 LTS linux发行版,操作系统内核在5.4以上;

配置推荐4c8g,存储100g以上,i.e. 最少一台的服务器配置如下:

| | cpu | memory | disk |
|-----------|-----|--------|------|
| recommend | 4 | 8G | 100G |
| minimum | 2 | 4G | 60G |

### 网络
服务器之间的网络互通,其中`master0`(执行sealos cli的master节点)可以通过ssh免密登陆到其他节点;所有节点间可以互相通信。

### 域名
你需要一个域名,用于访问 Sealos 及你将部署的各种服务。如果您没有域名,可以使用`nip.io`提供的免费域名服务。

### 证书
Sealos 需要使用证书来保证通信安全,默认在您不提供证书的情况下我们会使用 [cert-manager](https://cert-manager.io/docs/) 来自动签发证书。

如果您能提供证书,证书需要解析下列域名(假设您提供的域名为:cloud.example.io):
- `*.cloud.example.io`
- `cloud.example.io`

## 安装步骤

执行命令,并根据提示输入参数:

```bash
curl -sfL https://raw.githubusercontent.com/labring/sealos/main/scripts/cloud/install.sh | sudo bash -s
```
145 changes: 145 additions & 0 deletions scripts/cloud/install.sh
View file
@@ -0,0 +1,145 @@
#!/bin/bash


set -e

# Configurations
CLOUD_DIR="/root/.sealos/cloud"
SEALOS_VERSION="v4.3.3"
# TODO add support for multiple cloud versions

# Initialization
init() {
mkdir -p $CLOUD_DIR

# Check for sealos CLI
if ! command -v sealos &> /dev/null; then
echo "Sealos CLI is not installed."
read -p "Do you want to install it now? (y/n): " installChoice
if [[ $installChoice == "y" || $installChoice == "Y" ]]; then
curl -sfL https://raw.githubusercontent.com/labring/sealos/${SEALOS_VERSION}/scripts/install.sh |
sh -s ${SEALOS_VERSION} labring/sealos
else
echo "Please install sealos CLI to proceed."
exit 1
fi
else
echo "Sealos CLI is already installed."
fi
}

# Gather user input
collect_input() {
# Master and Node IPs
read -p "Please enter Master IPs (comma separated, at least one required): " masterIps
while [[ -z "$masterIps" ]]; do
read -p "At least one Master IP is required. Please try again: " masterIps
done
read -p "Please enter Node IPs (comma separated, leave empty if none): " nodeIps

# Cluster settings
read -p "Please enter pod subnet (default: 100.64.0.0/10): " podCidr
read -p "Please enter service subnet (default: 10.96.0.0/22): " serviceCidr
read -p "Please enter cloud domain: " cloudDomain

# Certificate handling
read -p "Do you want to input a certificate? (y/n): " inputCert
if [[ $inputCert == "y" || $inputCert == "Y" ]]; then
read -p "Please input the certificate path: " certPath
read -p "Please input the private key path: " keyPath
fi
}

# Prepare configurations
prepare_configs() {
if [[ $inputCert == "y" || $inputCert == "Y" ]]; then
# Convert certificate and key to base64
tls_crt_base64=$(cat $certPath | base64 | tr -d '\n')
tls_key_base64=$(cat $keyPath | base64 | tr -d '\n')

# Define YAML content for certificate
tls_config="
apiVersion: apps.sealos.io/v1beta1
kind: Config
metadata:
name: secret
spec:
path: manifests/tls-secret.yaml
match: docker.io/labring/sealos-cloud:latest
strategy: merge
data: |
data:
tls.crt: $tls_crt_base64
tls.key: $tls_key_base64
"
# Create tls-secret.yaml file
echo "$tls_config" > $CLOUD_DIR/tls-secret.yaml
fi

ingress_config="
apiVersion: apps.sealos.io/v1beta1
kind: Config
metadata:
creationTimestamp: null
name: ingress-nginx-config
spec:
data: |
controller:
hostNetwork: true
kind: DaemonSet
service:
type: NodePort
match: docker.io/labring/ingress-nginx:v1.5.1
path: charts/ingress-nginx/values.yaml
strategy: merge
"
echo "$ingress_config" > $CLOUD_DIR/ingress-nginx-config.yaml

sealos_gen_cmd="sealos gen labring/kubernetes:v1.25.6\
labring/helm:v3.12.0\
labring/cilium:v1.12.14\
labring/cert-manager:v1.8.0\
labring/openebs:v3.4.0\
--masters $masterIps"

if [ -n "$nodeIps" ]; then
sealos_gen_cmd+=" --nodes $nodeIps"
fi

$sealos_gen_cmd > $CLOUD_DIR/Clusterfile

# Modify Clusterfile with sed
sed -i "s|100.64.0.0/10|${podCidr:-100.64.0.0/10}|g" $CLOUD_DIR/Clusterfile
sed -i "s|10.96.0.0/22|${serviceCidr:-10.96.0.0/22}|g" $CLOUD_DIR/Clusterfile
}

# Execute commands based on collected input and prepared configs
execute_commands() {
echo "Installing Kubernetes cluster."
sealos apply -f $CLOUD_DIR/Clusterfile

echo "Installing ingress-nginx-controller and kubeblocks."
sealos run docker.io/labring/kubernetes-reflector:v7.0.151\
docker.io/labring/ingress-nginx:v1.5.1\
docker.io/labring/kubeblocks:v0.6.2\
--config-file $CLOUD_DIR/ingress-nginx-config.yaml

echo "Patching ingress-nginx-controller tolerations to allow it to run on master node. If you don't want it to run on master node, please skip this step."
kubectl -n ingress-nginx patch ds ingress-nginx-controller -p '{"spec":{"template":{"spec":{"tolerations":[{"key":"node-role.kubernetes.io/control-plane","operator":"Exists","effect":"NoSchedule"}]}}}}'

echo "Installing sealos cloud."
if [[ $inputCert == "y" || $inputCert == "Y" ]]; then
sealos run docker.io/labring/sealos-cloud:latest\
--env cloudDomain="$cloudDomain"\
--config-file $CLOUD_DIR/tls-secret.yaml
else
sealos run docker.io/labring/sealos-cloud:latest\
--env cloudDomain="$cloudDomain"
fi
}

# Main script execution
init
collect_input
prepare_configs
execute_commands

0 comments on commit b458c82

Please sign in to comment.