node节点批量加入k8s集群ansible playbook

使用工具ansible

仅供参考，缺失安装包的话可以私聊我

内核更新playbook

sh-k8s_update_kernel.yaml

---
- hosts: all
  remote_user: deploy
  become: yes
  max_fail_percentage: 30

  tasks:
    - name: modify hostname
      shell: hostnamectl set-hostname {{hostname}}

    - shell:  mkdir -p  /opt/k8s-install/  && cd /opt/k8s-install/  && wget http://10.120.175.36/kernel.tar.gz
      ignore_errors: True

    - name: remove old kernel
      #shell: yum -y remove kernel-tools-3.10.0-1160.71.1.el7.x86_64  kernel-tools-libs-3.10.0-1160.71.1.el7.x86_64 kernel-headers-3.10.0-1160.el7.x86_64 kernel-headers-3.10.0-1160.71.1.el7.x86_64
      shell: rpm -qa | grep kernel | grep 3.10 | xargs  yum -y remove

    - name: install new kernel
      shell: tar xf  /opt/k8s-install/kernel.tar.gz -C /tmp/   && yum -y install /tmp/kernel/*.rpm

    - name: update kernel
      shell: grub2-set-default 'CentOS Linux (5.4.231-1.el7.elrepo.x86_64) 7 (Core)'  &&  grub2-mkconfig -o /boot/grub2/grub.cfg

    - name: reboot
      shell: sed -i 's/,nobarrier//g' /etc/fstab && reboot
      ignore_errors: True

node节点初始化 playbook

sh-k8s_init_node.yaml

---
- hosts: all
  remote_user: deploy
  become: yes
  max_fail_percentage: 30

  tasks:
    - name: "替换ntp.conf"
      template: src=ntp.conf dest=/etc/ntp.conf

    - name: copy fuse-libs-2.9.2-11.el7.x86_64.rpm
      copy: src=/home/xuchuan/fuse-libs-2.9.2-11.el7.x86_64.rpm dest=/tmp/

    - name: install fuse
      shell: rpm -ivh /tmp/fuse-libs-2.9.2-11.el7.x86_64.rpm --force --nodeps

    - name: copy init_k8s_node.sh
      copy: src=/opt/ansible/k8s_config/sh-k8s/init_k8s_node.sh dest=/tmp/

    - name: init node
      shell: sh /tmp/init_k8s_node.sh

    - name: copy config.toml
      copy: src=/opt/ansible/k8s_config/sh-k8s/config.toml dest=/etc/containerd/config.toml

    - name: copy kubelet.service
      copy: src=/opt/ansible/k8s_config/sh-k8s/kubelet.service dest=/usr/lib/systemd/system/

    - name: systemctl daemon-reload
      shell: systemctl daemon-reload &&  systemctl restart containerd &&  systemctl enable containerd # && systemctl status kubelet

init_k8s_node.sh 脚本

#!/bin/bash
# 用于k8s初始化脚本

function system_config() {
  systemctl stop firewalld
  setenforce 0 
  sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
  swapoff -a
  sed -i '/swap/ s/^/#/' /etc/fstab
  systemctl start ntpd
  cat > /etc/sysctl.d/k8s.conf << EOF
  net.ipv4.ip_forward = 1  
  net.bridge.bridge-nf-call-ip6tables = 1  
  net.bridge.bridge-nf-call-iptables = 1
  net.ipv4.ip_forward = 1
  user.max_user_namespaces=28633
EOF
  cat << EOF > /etc/modules-load.d/containerd.conf
  overlay
  br_netfilter
EOF
  sysctl -p /etc/sysctl.d/k8s.conf
}

function add_mod() {
  #加载内核模块
  modprobe br_netfilter
  modprobe overlay

  cat > /etc/sysconfig/modules/ipvs.modules < /etc/containerd/config.toml
  systemctl daemon-reload
  systemctl enable --now containerd
}

function install_calicoctl {
  wget -P /bin/ http://10.120.175.36/calicoctl 
  chmod +x /bin/calicoctl
}

function install_crictl() {
  #download crictl client tool
  wget -P /opt/k8s-init/  http://10.120.175.36/crictl-v1.24.0-linux-amd64.tar.gz
  tar -zxvf /opt/k8s-init/crictl-v1.24.0-linux-amd64.tar.gz -C  /bin/
  cp /usr/local/bin/ctr /bin/
  cat > /etc/crictl.yaml < /tmp/check_status.txt
  swapnum=`free -m |grep Swap |awk '{print $2}'`
  if [ $swapnum != 0 ];then
     echo 'swap 禁用失败' > /tmp/check_status.txt
  fi
  sysctl -a |grep "net.ipv4.ip_forward = 1"
  if [ $? != 0 ];then
     echo 'ipv4 路由转发开启失败' >>/tmp/check_status.txt
  fi
  sudo ipvsadm -Ln
  if [ $? != 0 ];then
     echo 'ipvsadm 安装失败' >>/tmp/check_status.txt
  fi
  systemctl  status containerd.service | grep Active | grep running
  if [ $? != 0 ];then
     echo 'containerd服务启动失败' >>/tmp/check_status.txt
  fi
  kubelet --version
  if [ $? != 0 ];then
     echo 'kubelet 安装失败' >>/tmp/check_status.txt
  fi
}
system_config
add_mod
upgrade_lib
install_containerd
install_calicoctl
install_crictl
install_k8s
check_status