diff --git a/manifest/README.md b/manifest/README.md new file mode 100644 index 0000000..2b1b0e5 --- /dev/null +++ b/manifest/README.md @@ -0,0 +1,40 @@ + + +# k8s-master installer 사용법 + +## 구성 요소 및 버전 + +## Prerequisites + * 해당 installer는 폐쇄망 기준 가이드입니다. + * OS 설치 및 package repo를 아래 가이드에 맞춰 설치합니다. + * https://github.com/tmax-cloud/hypercloud-install-guide/tree/master/Package#os-%EC%84%A4%EC%B9%98--package-repo-%EA%B5%AC%EC%B6%95-%EA%B0%80%EC%9D%B4%EB%93%9C + * image registry를 아래 가이드에 맞춰 구축합니다. + * https://github.com/tmax-cloud/hypercloud-install-guide/tree/master/Image_Registry#image-registry-%EC%84%A4%EC%B9%98-%EA%B0%80%EC%9D%B4%EB%93%9C + * image registry에 이미지를 push 합니다. + * https://github.com/tmax-cloud/hypercloud-install-guide/tree/master/K8S_Master#%ED%8F%90%EC%87%84%EB%A7%9D-%EC%84%A4%EC%B9%98-%EA%B0%80%EC%9D%B4%EB%93%9C + +## 폐쇄망 설치 가이드 + +## Step0. k8s.config 설정 +* 목적 : `k8s 설치 진행을 위한 k8s config 설정` +* 순서 : + * 환경에 맞는 config 내용을 작성합니다. + * imageRegistry={IP}:{PORT} + * ex : imageRegistry=172.22.5.2:5000 + * crioVersion={crio version} + * ex : crioVersion=1.17 + * k8sVersion={kubernetes version} + * ex : k8sVersion=1.17.6 + * apiServer={kubernetes API server ip} + * ex : apiServer=172.21.7.2 + * podSubnet={POD_IP_POOL}/{CIDR} + * ex : podSubnet=10.244.0.0/16 + +## Step1. installer 실행 +* 목적 : `k8s 설치 진행을 위한 shell script 실행` +* 순서 : + ```bash + sudo ./k8s_infra_installer.sh up + ``` +* 비고 : + * k8s.config, k8s_infra_installer.sh파일과 yaml 디렉토리는 같은 디렉토리 내에에 있어야 합니다. diff --git a/manifest/k8s.config b/manifest/k8s.config new file mode 100644 index 0000000..35f76cc --- /dev/null +++ b/manifest/k8s.config @@ -0,0 +1,27 @@ + +#------------------------------------------------------------------ +# ex : imageRegistry={IP}:{PORT} +# ex : crioVersion={crio version} +# ex : k8sVersion={kubernetes version} +# ex : apiServer={kubernetes API server ip} +# ex : podSubnet={POD_IP_POOL}/{CIDR} +#------------------------------------------------------------------ +#------------------------------------------------------------------ +# ex : imageRegistry=172.22.5.2:5000 +# ex : crioVersion=1.17 +# ex : k8sVersion=1.17.6 +# ex : apiServer=172.21.7.2 +# ex : podSubnet=10.244.0.0/16 +#------------------------------------------------------------------ + +#image registry +imageRegistry=172.22.5.2:5000 + +#crio +crioVersion=1.17 + +#kubernetes +k8sVersion=1.17.6 +apiServer=172.22.5.2 +podSubnet=10.244.0.0/16 + diff --git a/manifest/k8s_infra_installer.sh b/manifest/k8s_infra_installer.sh new file mode 100644 index 0000000..145a374 --- /dev/null +++ b/manifest/k8s_infra_installer.sh @@ -0,0 +1,214 @@ +#!/bin/bash + +install_dir=$(dirname "$0") +. ${install_dir}/k8s.config + +yaml_dir="${install_dir}/yaml" + +os_check=$(awk -F= '/^NAME/{print $2}' /etc/os-release) + +function set_env() { + + echo "=========================================================================" + echo "======================== set env for kubernetes ========================" + echo "=========================================================================" + + # centos + if [[ ${os_check} == "\"CentOS Linux\"" ]]; then + + # disable firewall + sudo systemctl disable firewalld + sudo systemctl stop firewalld + + #swapoff + sudo swapoff -a + sudo sed s/\\/dev\\/mapper\\/centos-swap/#\ \\/dev\\/mapper\\/centos-swap/g -i /etc/fstab + + #selinux mode + sudo setenforce 0 + sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config + + #crio-kube set + sudo modprobe overlay + sudo modprobe br_netfilter + + sudo cat << "EOF" | sudo tee -a /etc/sysctl.d/99-kubernetes-cri.conf + net.bridge.bridge-nf-call-iptables = 1 + net.ipv4.ip_forward = 1 + net.bridge.bridge-nf-call-ip6tables = 1 +EOF + sudo sysctl --system + + # ubuntu + elif [[ ${os_check} = "\"Ubuntu\"" ]]; then + + #swapoff + sudo swapoff -a + sudo sed s/\\/swap.img/#\ \\/swap.img/g -i /etc/fstab + + # others + else + sudo echo "This OS is not supported." + sudo exit 100 + fi + +} + +function install_crio() { + + echo "=========================================================================" + echo "========================== start install crio ==========================" + echo "=========================================================================" + + #centos + if [[ ${os_check} == "\"CentOS Linux\"" ]]; then + + # install crio + sudo yum install -y cri-o + sudo systemctl enable crio + sudo systemctl start crio + + # check crio + sudo systemctl status crio + rpm -qi cri-o + + # remove cni0 + sudo rm -rf /etc/cni/net.d/100-crio-bridge.conf + sudo rm -rf /etc/cni/net.d/200-loopback.conf + + # edit crio config + sudo sed -i 's/\"\/usr\/libexec\/cni\"/\"\/usr\/libexec\/cni\"\,\"\/opt\/cni\/bin\"/g' /etc/crio/crio.conf + sudo sed -i 's/\#insecure\_registries = \"\[\]\"/\insecure\_registries = \[\"{imageRegistry}\"\]/g' /etc/crio/crio.conf + sudo sed -i 's/\#registries = \[/registries = \[\"{imageRegistry}\"\]/g' /etc/crio/crio.conf + sed -i 's/k8s.gcr.io/{imageRegistry}\/k8s.gcr.io/g' /etc/crio/crio.conf + sed -i 's/registry.fedoraproject.org/{imageRegistry}/g' /etc/containers/registries.conf + sudo sed -i "s|{imageRegistry}|${imageRegistry}|g" /etc/crio/crio.conf + sudo sed -i "s|{imageRegistry}|${imageRegistry}|g" /etc/containers/registries.conf + + sudo systemctl restart crio + + elif [[ ${os_check} = "\"Ubuntu\"" ]]; then + + # install crio + sudo apt-get -y install cri-o-${crioVersion} + sudo systemctl enable crio.service + sudo systemctl start crio.service + + # check crio + sudo systemctl status crio + + # remove cni0 + sudo rm -rf /etc/cni/net.d/100-crio-bridge.conf + sudo rm -rf /etc/cni/net.d/200-loopback.conf + + # edit crio config + sudo systemctl restart crio + + # others + else + sudo echo "This OS is not supported." + sudo exit 100 + fi + + +} + +function install_kube() { + + echo "=========================================================================" + echo "======================= start install kubernetes ======================" + echo "=========================================================================" + + #install kubernetes + if [[ -z ${k8sVersion} ]]; then + k8sVersion=1.17.6 + else + k8sVersion=${k8sVersion} + fi + + if [[ -z ${apiServer} ]]; then + apiServer=127.0.0.1 + else + apiServer=${apiServer} + fi + + if [[ -z ${podSubnet} ]]; then + podSubnet=10.244.0.0/16 + else + podSubnet=${podSubnet} + fi + + # centos + if [[ ${os_check} == "\"CentOS Linux\"" ]]; then + + #install kubernetes components + sudo yum install -y kubeadm-${k8sVersion}-0 kubelet-${k8sVersion}-0 kubectl-${k8sVersion}-0 + sudo systemctl enable --now kubelet + # ubuntu + elif [[ ${os_check} = "\"Ubuntu\"" ]]; then + + #install kubernetes components + sudo apt-get install -y kubeadm-${k8sVersion}-0 kubelet-${k8sVersion}-0 kubectl-${k8sVersion}-0 + sudo systemctl enable kubelet + # others + else + echo "This OS is not supported." + exit 100 + fi + + sudo echo '1' > /proc/sys/net/ipv4/ip_forward + sudo echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables + + #change kubeadm yaml + sudo sed -i "s|{k8sVersion}|v${k8sVersion}|g" ${yaml_dir}/kubeadm-config.yaml + sudo sed -i "s|{apiServer}|${apiServer}|g" ${yaml_dir}/kubeadm-config.yaml + sudo sed -i "s|{podSubnet}|\"${podSubnet}\"|g" ${yaml_dir}/kubeadm-config.yaml + sudo sed -i "s|{imageRegistry}|${imageRegistry}|g" ${yaml_dir}/kubeadm-config.yaml + + # kube init + sudo kubeadm init --config=${yaml_dir}/kubeadm-config.yaml --upload-certs + + mkdir -p $HOME/.kube + sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config + sudo chown $(id -u):$(id -g) $HOME/.kube/config + + echo "=========================================================================" + echo "====================== complete install kubernetes ====================" + echo "=========================================================================" + +} + +function uninstall() { + + kubeadm reset -f + + sudo sed -i "s|v${k8sVersion}|{k8sVersion}|g" ${yaml_dir}/kubeadm-config.yaml + sudo sed -i "s|${apiServer}|{apiServer}|g" ${yaml_dir}/kubeadm-config.yaml + sudo sed -i "s|\"${podSubnet}\"|{podSubnet}|g" ${yaml_dir}/kubeadm-config.yaml + sudo sed -i "s|${imageRegistry}|{imageRegistry}|g" ${yaml_dir}/kubeadm-config.yaml + + sudo rm -rf $HOME/.kube + +} + +function main(){ + + case "${1:-}" in + up) + set_env + install_crio + install_kube + ;; + delete) + uninstall + ;; + *) + set +x + echo " service list:" >&2 + echo " $0 up" >&2 + echo " $0 delete" >&2 + ;; + esac +} +main $1 + diff --git a/manifest/kubeadm-config.yaml b/manifest/kubeadm-config.yaml new file mode 100644 index 0000000..43eef9a --- /dev/null +++ b/manifest/kubeadm-config.yaml @@ -0,0 +1,20 @@ +apiVersion: kubeadm.k8s.io/v1beta2 +kind: InitConfiguration +localAPIEndpoint: + advertiseAddress: {apiServer} + bindPort: 6443 +nodeRegistration: + criSocket: /var/run/crio/crio.sock +--- +apiVersion: kubeadm.k8s.io/v1beta2 +kind: ClusterConfiguration +kubernetesVersion: {k8sVersion} +controlPlaneEndpoint: {apiServer}:6443 +imageRepository: {imageRegistry}/k8s.gcr.io +networking: + serviceSubnet: 10.96.0.0/16 + podSubnet: {podSubnet} +--- +apiVersion: kubelet.config.k8s.io/v1beta1 +kind: KubeletConfiguration +cgroupDriver: systemd