代码拉取完成,页面将自动刷新
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150
#!/bin/bash
# @FileName :k8s-node-init.sh
# @Time :2024/9/14
# @Author :Rohing
# 修改主机名,使用具体的 node 名称
hostnamectl set-hostname node1
# 配置 Rocky Linux 软件源
configure_repo() {
cat > /etc/yum.repos.d/rocky.repo <<EOF
[baseos]
name=Rocky Linux \$releasever - BaseOS
baseurl=http://mirrors.sjtug.sjtu.edu.cn/rocky/\$releasever/BaseOS/\$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
[appstream]
name=Rocky Linux \$releasever - AppStream
baseurl=http://mirrors.sjtug.sjtu.edu.cn/rocky/\$releasever/AppStream/\$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
EOF
yum clean all
yum makecache
}
# 安装基本工具
install_basic_tools() {
yum install -y epel-release vim wget curl net-tools git iproute-tc bash-completion chrony
}
# 禁用防火墙和 SELinux
disable_security() {
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i 's/^SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
}
# 配置 Chrony 时间同步
configure_chrony() {
systemctl enable chronyd
systemctl start chronyd
chronyc sources
}
# 配置系统限制
configure_limits() {
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness = 0
EOF
sysctl --system
}
# 安装 ELRepo 并升级内核
install_elrepo() {
yum install -y https://www.elrepo.org/elrepo-release-9.el9.elrepo.noarch.rpm
yum --disablerepo="*" --enablerepo="elrepo-kernel" list available
yum --enablerepo=elrepo-kernel install -y kernel-ml
grub2-set-default 0
grub2-mkconfig -o /boot/grub2/grub.cfg
}
# 配置 Kernel 模块和网络
configure_kernel_network() {
cat > /etc/modules-load.d/k8s.conf <<EOF
br_netfilter
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack
EOF
modprobe br_netfilter
modprobe ip_vs
}
# 安装 containerd 并配置
install_containerd() {
yum install -y containerd
systemctl enable containerd
systemctl start containerd
mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml
sed -i 's#SystemdCgroup = false#SystemdCgroup = true#' /etc/containerd/config.toml
systemctl restart containerd
}
# 配置 containerd 镜像加速器
configure_registry_mirrors() {
sed -i 's#registry.k8s.io#registry.aliyuncs.com/google_containers#' /etc/containerd/config.toml
systemctl restart containerd
}
# 安装 crictl 工具
install_crictl() {
VERSION="v1.28.0" # 和 Kubernetes 版本一致
wget https://github.com/kubernetes-sigs/cri-tools/releases/download/$VERSION/crictl-$VERSION-linux-amd64.tar.gz
tar zxvf crictl-$VERSION-linux-amd64.tar.gz -C /usr/local/bin
chmod +x /usr/local/bin/crictl
rm -f crictl-$VERSION-linux-amd64.tar.gz
}
# 安装 Kubernetes 组件
install_k8s_components() {
cat <<EOF | tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.28/rpm/
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.28/rpm/repodata/repomd.xml.key
EOF
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet
systemctl start kubelet
}
# 节点加入 Kubernetes 集群
join_cluster() {
# 替换为主节点执行 kubeadm init 后输出的 join 命令
kubeadm join <Master-Node-IP>:6443 --token <Your-Token> \
--discovery-token-ca-cert-hash sha256:<Discovery-Hash>
}
# 运行所有功能
main() {
configure_repo
install_basic_tools
disable_security
configure_chrony
configure_limits
install_elrepo
configure_kernel_network
install_containerd
configure_registry_mirrors
install_crictl
install_k8s_components
join_cluster
}
main
举报
请认真填写举报原因,尽可能描述详细。
请选择举报类型
误判申诉
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化