怎么利用python腳本自動(dòng)部署k8s

這篇文章主要為大家展示了“怎么利用python腳本自動(dòng)部署k8s”，內(nèi)容簡而易懂，條理清晰，希望能夠幫助大家解決疑惑，下面讓小編帶領(lǐng)大家一起研究并學(xué)習(xí)一下“怎么利用python腳本自動(dòng)部署k8s”這篇文章吧。

一、準(zhǔn)備

• 通過之前在Ubuntu18.04上手動(dòng)部署過k8s之后，嘗試用python腳本進(jìn)行自動(dòng)化部署

• 這次用的是三臺centos7的虛擬機(jī)，一臺作為master執(zhí)行腳本，兩臺作為node節(jié)點(diǎn)

• 三臺機(jī)器都配置好靜態(tài)IP，可以參考之前的在centos 7中安裝配置k8s集群的步驟詳解

 二、編輯腳本

1、k8s.sh

放在/root下，用于從dockerhub拉取鏡像。

set -o errexit
set -o nounset
set -o pipefail

##這里定義版本，按照上面得到的列表自己改一下版本號

KUBE_VERSION=v1.21.3
KUBE_PAUSE_VERSION=3.4.1
ETCD_VERSION=3.4.13-0

##這是原始倉庫名，最后需要改名成這個(gè)
GCR_URL=k8s.gcr.io

##這里就是寫你要使用的倉庫
DOCKERHUB_URL=gotok8s

##這里是鏡像列表，新版本要把coredns改成coredns/coredns
images=(
kube-proxy:${KUBE_VERSION}
kube-scheduler:${KUBE_VERSION}
kube-controller-manager:${KUBE_VERSION}
kube-apiserver:${KUBE_VERSION}
pause:${KUBE_PAUSE_VERSION}
etcd:${ETCD_VERSION}
)

##這里是拉取和改名的循環(huán)語句
for imageName in ${images[@]} ; do
docker pull $DOCKERHUB_URL/$imageName
docker tag $DOCKERHUB_URL/$imageName $GCR_URL/$imageName
docker rmi $DOCKERHUB_URL/$imageName
done
docker pull coredns/coredns:1.8.0
docker tag coredns/coredns:1.8.0 k8s.gcr.io/coredns/coredns:v1.8.0
docker rmi coredns/coredns:1.8.0

2、k8s_install.py

#!/bin/python3
# -*- coding:utf-8 -*-
# author: fanb
# describe: K8S v1.21.2 一鍵腳本安裝
import os
import subprocess
import time


class k8s_install(object):
    def __init__(self,masterip,nodeip):
        self.masterip = masterip
        self.nodeip = nodeip

    def initialization_shell(self): #環(huán)境初始化shell
        # 關(guān)閉防火墻
        setenforce = "setenforce  0"
        sed_selinux = "sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux"
        sed_selinux1 = "sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config"
        sed_selinux2 = "sed -i 's/^SELINUX=permissive/SELINUX=disabled/g' /etc/sysconfig/selinux"
        sed_selinux3 = "sed -i 's/^SELINUX=permissive/SELINUX=disabled/g' /etc/selinux/config"
        stop_firewalld = "systemctl stop firewalld"
        disable_firewalld = "systemctl disable firewalld"
        swapoff_a = "swapoff -a"
        sed_swapoff = "sed -i 's/.*swap.*/#&/' /etc/fstab"

        #在所有服務(wù)器配置國內(nèi)yum源
        yum_install = "yum install -y wget  git chrony yum-utils device-mapper-persistent-data lvm2 ipset ipvsadm > /dev/null 2>&1"
        mkdir_repo = "mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak > /dev/null 2>&1"
        wget_centos = "wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo > /dev/null 2>&1"
        wget_epel = "wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo > /dev/null 2>&1"
        wget_docker = "wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo > /dev/null 2>&1"


        kubernetes_repo = """
cat >  /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
"""

        yum_clean = "yum -y makecache > /dev/null 2>&1"
        yum_makecahe = "yum -y makecache > /dev/null 2>&1"
        #修改內(nèi)核參數(shù)，由于ipvs已經(jīng)加入到了內(nèi)核的主干，所以為kube-proxy開啟ipvs的前提需要加載以下的內(nèi)核模塊
        modprobe_netfilter = "modprobe br_netfilter"
        br_netfilter = "echo 'br_netfilter' > /etc/modules-load.d/br_netfilter.conf"

        k8s_conf = """
cat > /etc/sysctl.d/k8s.conf <<EOF 
net.bridge.bridge-nf-call-ip6tables = 1 
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness=0
EOF
"""

        limits_conf = """
cat > /etc/security/limits.conf << EOF
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
* hard nproc 65536
* soft  memlock  unlimited
* hard memlock  unlimited
DefaultLimitNOFILE=102400
DefaultLimitNPROC=102400
EOF
"""
        sysctl_k8s = "sysctl -p /etc/sysctl.d/k8s.conf > /dev/null 2>&1"

        #時(shí)間同步
        enable_chronyd = "systemctl enable chronyd.service"
        start_chronyd = "systemctl start chronyd.service"
        set_timezone = "timedatectl set-timezone Asia/Shanghai"
        ntpdate = "ntpdate ntp1.aliyun.com > /dev/null 2>&1"
        chronyc_sources = "chronyc sources > /dev/null 2>&1"

        #安裝docker,kubelet
        remove_docker = "yum remove -y docker docker-ce docker-common docker-selinux docker-engine > /dev/null 2>&1"
        install_docker = "yum install -y docker-ce > /dev/null 2>&1"
        start_docker = "systemctl start docker > /dev/null 2>&1"

        docker_reload = "systemctl daemon-reload > /dev/null 2>&1"
        enable_docker = "systemctl enable docker  > /dev/null 2>&1"
        restart_docker = "systemctl restart docker > /dev/null 2>&1"

        install_kubelet = "yum install -y kubelet-1.21.2 kubeadm-1.21.2 kubectl-1.21.2 --disableexcludes=kubernetes > /dev/null 2>&1"
        enable_kubelet = "systemctl enable kubelet > /dev/null 2>&1"
        start_kubelet = "systemctl start kubelet > /dev/null 2>&1"
        return setenforce,sed_selinux,sed_selinux1,sed_selinux2,sed_selinux3,stop_firewalld,disable_firewalld,swapoff_a,sed_swapoff,yum_install,\
               mkdir_repo,wget_centos,wget_epel,wget_docker,kubernetes_repo,yum_clean,yum_makecahe,modprobe_netfilter,br_netfilter,k8s_conf,limits_conf,\
               sysctl_k8s,enable_chronyd,start_chronyd,set_timezone,ntpdate,chronyc_sources,remove_docker,install_docker,start_docker,docker_reload,enable_docker,restart_docker,\
               install_kubelet,enable_kubelet,start_kubelet

    def shell_command(self):
        masterip_list = self.masterip.split(',')
        nodeip_list = self.nodeip.split(',')
        token_creat = ()
        token_code = ()
        name_num = 0
        node_num = 0
        dir0 = '''echo '{
 "exec-opts":["native.cgroupdriver=systemd"]
}' > /etc/docker/daemon.json'''
        dir1 = '''echo 'export KUBECONFIG=/etc/kubernetes/admin.conf' >> /etc/profile'''
        dir2 = '''echo '199.232.68.133 raw.githubusercontent.com' >> /etc/hosts'''
        dir3 = '''echo '{
  "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}' > /etc/docker/daemon.json'''
        # #自動(dòng)添加策略，保存服務(wù)器的主機(jī)名和密鑰信息，如果不添加，那么不再本地know_hosts文件中記錄的主機(jī)將無法連接

        for masterip in masterip_list:
            name_num += 1
            hosts_name = ""
            if masterip == masterip_list[0]:  # 如果是當(dāng)前單節(jié)點(diǎn)
                print("*"*20,"進(jìn)入Master節(jié)點(diǎn)操作，當(dāng)前IP: %s" %masterip)
                master_name = "master0%s" % name_num
                #設(shè)置名字
                hostname = os.system("hostname %s"%master_name)
                etc_hostname =  os.system("echo '%s' > /etc/hostname" % master_name)
                #設(shè)置hosts
                master_host = masterip + "  " + master_name
                etc_hosts = os.system("echo '%s' >> /etc/hosts" % master_host)
                for hosts in nodeip_list:
                    name_num += 1
                    hosts_name += hosts + "  node0%s" % (name_num - 1) + "\n"
                os.system("cat >> /etc/hosts <<EOF \n%sEOF\n" % hosts_name)
                    
                print("*"*20,"進(jìn)入環(huán)境初始化，請耐心等待....")
                for shell in self.initialization_shell():
                    time.sleep(1)
                    env_init = os.system(shell)
                print("*"*20,"環(huán)境初始化完成，安裝kubernetes...")
                #設(shè)置hosts
                #集群初始化
                registry = os.system("%s" %dir3)
                restart_docker = os.system("systemctl restart docker")
                dockerpull = os.system("sh /root/k8s.sh")
                docker_problem = os.system("%s" %dir0)
                restart_docker = os.system("systemctl restart docker")
                status_docker = os.system("systemctl status docker")
                kubeadm_init = os.system("kubeadm init")
                
                export_root = os.system("export KUBECONFIG=/etc/kubernetes/admin.conf")
                config = os.system("%s" %dir1)
                source = os.system("source /etc/profile")
                
                mkdir_kube = os.system("mkdir -p /root/.kube")
                kube_config = os.system("cp -i /etc/kubernetes/admin.conf /root/.kube/config")
                
                kubelet_enable = os.system("systemctl enable kubelet")
                kubelet_start = os.system("systemctl start kubelet")
                
                manage_yaml = os.system("sed -i 's/.*- --port=0*/#&/' /etc/kubernetes/manifests/kube-controller-manager.yaml")
                scheduler_yaml = os.system("sed -i 's/.*- --port=0*/#&/' /etc/kubernetes/manifests/kube-scheduler.yaml")
               
                
                #配置flannel網(wǎng)絡(luò)
                print("*" * 20, "正在安裝網(wǎng)絡(luò)組件flannel....")
                flannel_before = os.system("%s" %dir2)
                flannel_wget = os.system("wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml")
                yum_flannel = os.system("yum install -y flannel")
                flannel_apply = os.system("kubectl apply -f /root/kube-flannel.yml")
                print("*" * 20, "網(wǎng)絡(luò)組件flannel安裝完成....")
                
                token_creat = subprocess.getstatusoutput("kubeadm token create")
                token_code = subprocess.getstatusoutput("openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'")
                token_creat = token_creat[1].split('\n')[-1]
                token_code = token_code[1]

                # 安裝從節(jié)點(diǎn)
                for nodeip in nodeip_list:  
                    os.system("scp -rp /etc/hosts %s:/etc/hosts" % nodeip)
                    print("*" * 20, "進(jìn)入Node節(jié)點(diǎn)操作，當(dāng)前IP: %s" % nodeip)
                    node_num += 1
                    node_name = "node0%s" % (node_num)
                    # 設(shè)置名字
                    os.system("ssh %s \"hostname %s\"" % (nodeip,node_name))
                    os.system("ssh %s \"echo '%s' > /etc/hostname\"" % (nodeip,node_name))
                    print("*" * 20, "進(jìn)入環(huán)境初始化，請耐心等待....")
                    for shell in self.initialization_shell():
                        time.sleep(1)
                        os.system("ssh %s \"%s\"" %(nodeip,shell))
                    enable_node = os.system("ssh %s \"systemctl enable kubelet\"" %nodeip)  
                    start_node = os.system("ssh %s \"systemctl start kubelet\"" %nodeip)
                    admin = os.system("scp /etc/kubernetes/admin.conf %s:/root" %nodeip)
                    print("*" * 20, "正在加入集群....")
                    print("token_creat : ",token_creat)
                    print("token_code : ",token_code)
                    docker_problem = os.system("scp -r /etc/docker/daemon.json %s:/etc/docker" %nodeip)
                    restart_docker = os.system("ssh %s \"systemctl restart docker\"" %nodeip)
               	    status_docker = os.system("ssh %s \"systemctl status docker\"" %nodeip)
                    kubeadm_join = os.system("ssh %s \"kubeadm join %s:6443 --token %s --discovery-token-ca-cert-hash sha256:%s\"" % (nodeip,masterip, str(token_creat), str(token_code)))
                    cni = os.system("scp -r /etc/cni %s:/etc" %nodeip)
                    print("*" * 20, "加入集群成功....")
                    
               
                print("*" * 20 ,"執(zhí)行以下命令,檢查K8s集群\n")
                print("*" * 20,"kubectl get nodes")
                print("*" * 20, "kubectl get cs")
                print("*" * 20, "kubectl get pod -n kube-system")
               

            else:   #否則就是集群模式
                print("進(jìn)入集群模式安裝")
                print("暫無")
                exit()

if __name__ == '__main__':
    # #用戶輸入IP:
    print("----------0、請先安裝python3 并使用python3 執(zhí)行此腳本------------")
    print("----------1、此腳本依賴網(wǎng)絡(luò)，請連接好網(wǎng)絡(luò)執(zhí)行此腳本-----------")
    print("----------2、請將此腳本在主節(jié)點(diǎn)上執(zhí)行，請?jiān)谥鞴?jié)點(diǎn)上對其他所有節(jié)點(diǎn)做免密登錄-----------")
    print("**********3、請確認(rèn)主節(jié)點(diǎn)已對其他節(jié)點(diǎn)做好免密登錄，再次確認(rèn)后再執(zhí)行此腳本**********")
    k8s_masterip = input("請輸入K8S_Master IP, 多個(gè)IP以逗號分隔: ")
    k8s_nodeip = input("請輸入K8S_node IP,多個(gè)IP以逗號分隔: ")
    ask_ent = input("**********   確認(rèn)/取消 (Y/N) :")
    if ask_ent.upper() == "Y":
        k8s_install = k8s_install(k8s_masterip,k8s_nodeip)
        k8s_install.shell_command()
    else:
        exit()

三、配置ssh免密

[root@master ~]# ssh-keygen
[root@master ~]# ssh-copy-id 192.168.139.132
[root@master ~]# ssh-copy-id 192.168.139.133

四、下載python3和git

root@master ~]# vim k8s_install.py

五、執(zhí)行腳本

[root@master ~]# python3 k8s_install.py

六、成功

******************** 執(zhí)行以下命令,檢查K8s集群

******************** kubectl get nodes
******************** kubectl get cs
******************** kubectl get pod -n kube-system
[root@master ~]# kubectl get nodes
NAME       STATUS   ROLES                  AGE     VERSION
master01   Ready    control-plane,master   7m2s    v1.21.2
node01     Ready    <none>                 3m30s   v1.21.2
node02     Ready    <none>                 25s     v1.21.2
[root@master ~]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME                 STATUS    MESSAGE             ERROR
scheduler            Healthy   ok                  
controller-manager   Healthy   ok                  
etcd-0               Healthy   {"health":"true"}   
[root@master ~]# kubectl get pod -n kube-system
NAME                               READY   STATUS              RESTARTS   AGE
coredns-558bd4d5db-fkqcb           0/1     ContainerCreating   0          6m52s
coredns-558bd4d5db-tvb7j           0/1     ContainerCreating   0          6m52s
etcd-master01                      1/1     Running             0          7m16s
kube-apiserver-master01            1/1     Running             0          7m16s
kube-controller-manager-master01   1/1     Running             0          7m12s
kube-flannel-ds-9hx9s              0/1     Init:0/1            0          43s
kube-flannel-ds-cl9r7              0/1     Init:0/1            0          3m49s
kube-flannel-ds-gn4m4              0/1     CrashLoopBackOff    5          6m52s
kube-proxy-cv5t8                   0/1     ContainerCreating   0          43s
kube-proxy-kjqm7                   0/1     ContainerCreating   0          3m49s
kube-proxy-plbgm                   1/1     Running             0          6m52s
kube-scheduler-master01            1/1     Running             0          7m13s

以上是“怎么利用python腳本自動(dòng)部署k8s”這篇文章的所有內(nèi)容，感謝各位的閱讀！相信大家都有了一定的了解，希望分享的內(nèi)容對大家有所幫助，如果還想學(xué)習(xí)更多知識，歡迎關(guān)注億速云行業(yè)資訊頻道！