#!/bin/bash
#update soft
apt update && apt upgrade
apt install wget tar curl rsync bzip2 lsof telnet htop screen tree vim gcc tree git make net-tools lrzsz psmisc hwloc gsmartcontrol chrony -y
#时间设置
timedatectl set-local-rtc 1
timedatectl set-timezone Asia/Shanghai
systemctl start chrony
systemctl enable chrony
cat <<EOF | sudo tee /lib/systemd/system/rc.local.service
[Unit]
Description=/etc/rc.local Compatibility
Documentation=man:systemd-rc-local-generator(8)
ConditionFileIsExecutable=/etc/rc.local
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
ExecStart=/etc/rc.local start
TimeoutSec=0
RemainAfterExit=no
GuessMainPID=no
[Install]
WantedBy=multi-user.target
Alias=rc-local.service
EOF
ln -s /lib/systemd/system/rc.local.service /etc/systemd/system/rc.local.service
cat <<EOF | sudo tee /etc/rc.local
#!/bin/bash
# 将你需要执行的命令写在这里,禁止写入死循环命令
exit 0
EOF
chmod 755 /etc/rc.local
#设置最大打开文件描述符数
cat >> /etc/security/limits.conf <<EOF
* soft nofile 65535
* hard nofile 65535
EOF
#set ssh
sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
systemctl restart sshd.service
# profile 修改
echo "export HISTTIMEFORMAT=\"%F %T \"" >> /etc/profile
echo "" >> /etc/profile
echo "## 自定义别名" >> /etc/profile
echo "alias c=clear" >> /etc/profile
echo "alias vi=vim" >> /etc/profile
echo "alias dsh='du -hsx * | sort -rh | head -n 10'" >> /etc/profile
sed -i 's/HISTSIZE=1000/HISTSIZE=10000/g' /etc/profile
source /etc/profile
K8S集群搭建
- 本集群搭建在 aws上面,使用的是UBUNTU18.04系统
- 集群环境如下:
master节点: 172.31.25.36
node1节点: 172.31.21.5
node2节点: 172.31.23.174
- 安装docker,参考以下文章
- 安装k8s
apt-get update && apt-get install -y apt-transport-https curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://apt.kubernetes.io/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubelet kubeadm kubectl
apt-mark hold kubelet kubeadm kubectl
echo " " >> /etc/profile
echo "## setting for k8s" >> /etc/profile
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> /etc/profile
. /etc/profile
kubeadm init --apiserver-advertise-address=172.31.25.36 --pod-network-cidr=192.168.16.0/20 ## 初始化master
curl -L "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')" > weave.yaml ## 安装weave网络
修改 weave.yaml 再env下加入:
- name: IPALLOC_RANGE
value: 192.168.16.0/20
kubectl apply -f weave.yaml
kubectl get pods -n kube-system -o wide ## 查看pods状态
kubeadm join 172.31.25.36:6443 --token lbm7wf.hiwr8d1ed5nxkxfh \
--discovery-token-ca-cert-hash sha256:b2758c8b463658df45f0c2a665b5985fdb302c3efbe260921ff4a56b84c8445a ## 在node节点运行,将node加入到master当中
kubectl get nodes ## 查看集群状态
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended/kubernetes-dashboard.yaml ## 安装kubernetes-dashboard
- 创建一个dashboard登录用户
vi jiang-user.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: jiang
namespace: kube-system
vi jiang-user-role-binding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dashboard:jiang
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: jiang
namespace: kube-system
kubectl create -f jiang-user-role-binding.yaml
kubectl get secret -n kube-system | grep jiang ## 得到jiang-token-fhrsq 这个用户的对象
kubectl describe secret/jiang-token-fhrsq -n kube-system ## 得到token,登录的时候就使用这个token登录