diff --git a/k8s/k8s-install.sh b/k8s/k8s-install.sh new file mode 100644 index 0000000..6a51ec8 --- /dev/null +++ b/k8s/k8s-install.sh @@ -0,0 +1,274 @@ +#!/bin/bash + +# Kubernetes 自动化安装脚本 +# 支持 Debian 和 Ubuntu 系统 +# 适用于主控机和工作节点 + +set -e + +# 颜色定义 +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' # No Color + +# 日志函数 +log_info() { + echo -e "${GREEN}[INFO]${NC} $1" +} + +log_warn() { + echo -e "${YELLOW}[WARN]${NC} $1" +} + +log_error() { + echo -e "${RED}[ERROR]${NC} $1" +} + +log_step() { + echo -e "${BLUE}[STEP]${NC} $1" +} + +# 检查是否为 root 用户 +check_root() { + if [[ $EUID -ne 0 ]]; then + log_error "此脚本需要 root 权限运行" + log_info "请使用: sudo $0" + exit 1 + fi +} + +# 检测操作系统 +detect_os() { + if [[ -f /etc/os-release ]]; then + . /etc/os-release + OS=$ID + VER=$VERSION_ID + CODENAME=$VERSION_CODENAME + else + log_error "无法检测操作系统" + exit 1 + fi + + case $OS in + ubuntu) + log_info "检测到 Ubuntu $VER ($CODENAME)" + OS_TYPE="ubuntu" + ;; + debian) + log_info "检测到 Debian $VER ($CODENAME)" + OS_TYPE="debian" + ;; + *) + log_error "不支持的操作系统: $OS" + log_info "此脚本仅支持 Ubuntu 和 Debian" + exit 1 + ;; + esac +} + +# 系统准备 +prepare_system() { + log_step "开始系统准备..." + + # 禁用 swap + log_info "禁用 swap..." + swapoff -a 2>/dev/null || true + sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab + + # 配置内核模块 + log_info "配置内核模块..." + cat > /etc/modules-load.d/k8s.conf << EOF +overlay +br_netfilter +EOF + + modprobe overlay + modprobe br_netfilter + + # 配置内核参数 + log_info "配置内核参数..." + cat > /etc/sysctl.d/k8s.conf << EOF +net.bridge.bridge-nf-call-iptables = 1 +net.bridge.bridge-nf-call-ip6tables = 1 +net.ipv4.ip_forward = 1 +EOF + + sysctl --system > /dev/null + + # 更新包列表和安装基础工具 + log_info "更新包列表并安装基础工具..." + export DEBIAN_FRONTEND=noninteractive + apt-get update -qq + apt-get install -y -qq curl wget lsof gnupg software-properties-common apt-transport-https ca-certificates + [ -d /etc/apt/sources.list.d ] || mkdir -p /etc/apt/sources.list.d + log_info "系统准备完成" +} + +# 安装 containerd +install_containerd() { + log_step "安装 containerd 容器运行时..." + + # 创建密钥目录 + mkdir -p /etc/apt/keyrings + + # 根据系统类型选择合适的仓库 + if [[ $OS_TYPE == "ubuntu" ]]; then + DOCKER_REPO="ubuntu" + else + DOCKER_REPO="debian" + fi + + # 添加 Docker 官方 GPG 密钥 + log_info "添加 Docker GPG 密钥..." + curl -fsSL https://download.docker.com/linux/$DOCKER_REPO/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg + chmod a+r /etc/apt/keyrings/docker.gpg + + # 添加 Docker 仓库 + log_info "添加 Docker 仓库..." + echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/$DOCKER_REPO $CODENAME stable" > /etc/apt/sources.list.d/docker.list + + # 更新包列表并安装 containerd + log_info "安装 containerd..." + apt-get update -qq + apt-get install -y -qq containerd.io + + # 配置 containerd + log_info "配置 containerd..." + mkdir -p /etc/containerd + containerd config default > /etc/containerd/config.toml + + # 启用 SystemdCgroup + sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml + + # 确保 CRI 插件启用(移除 disabled_plugins 中的 cri) + sed -i '/disabled_plugins.*cri/s/^/#/' /etc/containerd/config.toml + + # 启动并启用 containerd + systemctl restart containerd + systemctl enable containerd + + # 验证 containerd 状态 + if systemctl is-active --quiet containerd; then + log_info "containerd 安装并启动成功" + else + log_error "containerd 启动失败" + exit 1 + fi +} + +# 安装 Kubernetes 组件 +install_kubernetes() { + log_step "安装 Kubernetes 组件..." + + # 添加 Kubernetes GPG 密钥 + log_info "添加 Kubernetes GPG 密钥..." + mkdir -p -m 755 /etc/apt/keyrings + curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg + chmod a+r /etc/apt/keyrings/kubernetes-apt-keyring.gpg + + # 添加 Kubernetes 仓库 + log_info "添加 Kubernetes 仓库..." + echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' > /etc/apt/sources.list.d/kubernetes.list + + # 更新包列表并安装 K8s 组件 + log_info "安装 kubelet, kubeadm, kubectl..." + apt-get update -qq + apt-get install -y -qq kubelet kubeadm kubectl + + # 锁定版本防止自动更新 + apt-mark hold kubelet kubeadm kubectl + + # 启用 kubelet + systemctl enable kubelet + + log_info "Kubernetes 组件安装完成" +} + +# 验证安装 +verify_installation() { + log_step "验证安装..." + + # 检查 containerd + if systemctl is-active --quiet containerd; then + log_info "✓ containerd 运行正常" + else + log_error "✗ containerd 未运行" + return 1 + fi + + # 检查 kubelet + if systemctl is-enabled --quiet kubelet; then + log_info "✓ kubelet 已启用" + else + log_error "✗ kubelet 未启用" + return 1 + fi + + # 检查命令是否可用 + local commands=("kubeadm" "kubelet" "kubectl") + for cmd in "${commands[@]}"; do + if command -v $cmd > /dev/null 2>&1; then + local version=$($cmd version --client=true --short 2>/dev/null | grep -o 'v[0-9.]*' | head -1) + log_info "✓ $cmd 已安装 ($version)" + else + log_error "✗ $cmd 未找到" + return 1 + fi + done + + # 检查 CRI 是否可用 + if crictl version > /dev/null 2>&1; then + log_info "✓ CRI 插件可用" + else + log_warn "! crictl 不可用,但这不影响基本功能" + fi +} + +# 显示后续步骤 +show_next_steps() { + log_step "安装完成!" + echo + log_info "后续步骤:" + echo " 主控节点初始化:" + echo " sudo kubeadm init --pod-network-cidr=10.244.0.0/16" + echo + echo " 工作节点加入集群:" + echo " sudo kubeadm join :6443 --token --discovery-token-ca-cert-hash " + echo + echo " 配置 kubectl (在主控节点上):" + echo " mkdir -p \$HOME/.kube" + echo " sudo cp -i /etc/kubernetes/admin.conf \$HOME/.kube/config" + echo " sudo chown \$(id -u):\$(id -g) \$HOME/.kube/config" + echo + echo " 安装网络插件 (推荐 Flannel):" + echo " kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml" + echo +} + +# 主函数 +main() { + log_info "开始 Kubernetes 自动化安装..." + echo "支持系统: Ubuntu 和 Debian" + echo "安装组件: containerd + kubelet + kubeadm + kubectl" + echo + + check_root + detect_os + prepare_system + install_containerd + install_kubernetes + + if verify_installation; then + show_next_steps + log_info "脚本执行成功!" + exit 0 + else + log_error "安装验证失败,请检查错误信息" + exit 1 + fi +} + +# 脚本入口 +main "$@"