forked from easzlab/kubeasz
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdeploy-note
87 lines (67 loc) · 3.31 KB
/
deploy-note
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#/bin/bash
# 生成ssh公私钥
# ssh-keygen -t rsa -P ''
# 以root权限复制到authorized_keys
# cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
# 再分发到各个worker服务器的~/.ssh/authorized_keys文件
# 分别测试是否可以连接
# ssh ip
# 更换ubuntu源
sudo cat >/etc/apt/sources.list<<EOF
deb-src http://archive.ubuntu.com/ubuntu xenial main restricted #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe
deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse #Added by software-properties
deb http://archive.canonical.com/ubuntu xenial partner
deb-src http://archive.canonical.com/ubuntu xenial partner
deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse
EOF
sudo apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y
# 安装python
apt-get install python2.7 git python-pip -y
# 安装python包
pip install pip --upgrade -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host mirrors.aliyun.com
pip install --no-cache-dir ansible -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host mirrors.aliyun.com
git clone https://github.com/liverpoolpjy/kubeasz.git
mkdir -p /etc/ansible
mv kubeasz/* /etc/ansible
# 提前下载k8s.193.tar.gz,并放入/tmp
# 解压二进制包,放入/etc/ansible/bin
cd /tmp
tar zxvf k8s.193.tar.gz
mv bin/* /etc/ansible/bin
cd /etc/ansible
# 提前把example/hosts文件按照实际情况改好
cp example/hosts hosts
# 测试连通性
ansible all -m ping
# 如果不通先ssh试试
# ssh 10.64.3.x
# 一部安装
ansible-playbook 90.setup.yml
# 重新ssh登录,启用kubectl
ssh kube-1
# 安装 kube-dns
kubectl create -f /etc/ansible/manifests/kubedns
# 安装heapster
kubectl create -f /etc/ansible/manifests/heapster/
# 安装dashboard
# 部署dashboard 主yaml配置文件
# kubectl create -f /etc/ansible/manifests/dashboard/kubernetes-dashboard.yaml
# 部署基本密码认证配置[可选],密码文件位于 /etc/kubernetes/ssl/basic-auth.csv
# kubectl create -f /etc/ansible/manifests/dashboard/ui-admin-rbac.yaml
# kubectl create -f /etc/ansible/manifests/dashboard/ui-read-rbac.yaml
# kubectl create -f /etc/ansible/manifests/dashboard/admin-user-sa-rbac.yaml
# 拿到登录token
# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
# 访问https://{{ ip }}:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/