Skip to content

Commit

Permalink
更新添加master节点步骤和文档
Browse files Browse the repository at this point in the history
  • Loading branch information
gjmzj committed Mar 18, 2018
1 parent 7563af4 commit 160f9b2
Show file tree
Hide file tree
Showing 6 changed files with 59 additions and 36 deletions.
15 changes: 13 additions & 2 deletions 21.addmaster.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,23 @@
- hosts: lb
tasks:
- name: 配置 haproxy
template: src=haproxy.cfg.j2 dest=/etc/haproxy/haproxy.cfg
template: src={{ base_dir }}/roles/lb/templates/haproxy.cfg.j2 dest=/etc/haproxy/haproxy.cfg
- name: 重启haproxy服务
shell: systemctl enable haproxy && systemctl restart haproxy

- hosts: kube-master
- hosts: new-master
roles:
- prepare
- docker
- kube-master
- kube-node
# 根据hosts中配置,以下两种网络只会安装一种
- { role: calico, when: "CLUSTER_NETWORK == 'calico'" }
- { role: flannel, when: "CLUSTER_NETWORK == 'flannel'" }
# 禁止业务 pod调度到 master节点
tasks:
- name: 禁止业务 pod调度到 master节点
shell: "{{ bin_dir }}/kubectl cordon {{ NODE_IP }} "
when: DEPLOY_MODE != "allinone"
ignore_errors: true

14 changes: 6 additions & 8 deletions 99.clean.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
# 清理 kube-node 相关服务
- hosts:
- kube-master
- new-master
- kube-node
- new-node
tasks:
Expand All @@ -25,7 +26,9 @@
- "/root/local/kube-system/"

# 清理 kube-master 相关
- hosts: kube-master
- hosts:
- kube-master
- new-master
tasks:
- name: stop kube-master service
shell: "systemctl stop kube-apiserver kube-controller-manager kube-scheduler"
Expand All @@ -42,6 +45,7 @@
# 清理集群docker服务、网络相关
- hosts:
- kube-master
- new-master
- kube-node
- new-node
tasks:
Expand Down Expand Up @@ -120,13 +124,7 @@
- "/etc/haproxy"
- "/etc/keepalived"

- hosts:
- kube-master
- kube-node
- new-node
- deploy
- etcd
- lb
- hosts: all
tasks:
- name: 清理证书目录和文件
file: name={{ item }} state=absent
Expand Down
41 changes: 28 additions & 13 deletions docs/guide/op/AddMaster.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,29 +3,32 @@
注意:目前仅支持按照本项目`多主模式`(hosts.m-masters.example)部署的`k8s`集群增加`master`节点

新增`kube-master`节点大致流程为:
- 节点预处理 prepare
- 重新配置LB节点的 haproxy服务
- 安装 master 节点服务
- LB节点重新配置 haproxy并重启 haproxy服务
- 新节点预处理 prepare
- 新节点安装 docker 服务
- 新节点安装 kube-master 服务
- 新节点安装 kube-node 服务
- 新节点安装网络插件相关
- 禁止业务 pod调度到新master节点

### 操作步骤

按照本项目说明,首先确保deploy节点能够ssh免密码登陆新增节点,然后在**deploy**节点执行三步:

- 修改ansible hosts 文件,在 [kube-master] 组添加新增的节点;在[lb] 组添加新增master 节点,举例如下:
- 修改ansible hosts 文件,在 [new-master] 组添加新增的节点;在[lb] 组添加新增master 节点,举例如下:

``` bash
[kube-master]
192.168.1.1 NODE_IP="192.168.1.1"
192.168.1.2 NODE_IP="192.168.1.2"
192.168.1.5 NODE_IP="192.168.1.5" # 新增 master节点

[lb]
192.168.1.1 LB_IF="ens3" LB_ROLE=backup
192.168.1.4 LB_IF="ens3" LB_ROLE=master
192.168.1.2 LB_IF="ens3" LB_ROLE=master
[lb:vars]
master1="192.168.1.1:6443"
master2="192.168.1.2:6443"
master3="192.168.1.5:6443" # 新增 master节点
master3="192.168.1.5:6443" # 新增 master节点
...
[new-master]
192.168.1.5 NODE_IP="192.168.1.5" # 新增 master节点

```
- 修改roles/lb/templates/haproxy.cfg.j2 文件,增加新增的master节点,举例如下:

Expand All @@ -37,13 +40,13 @@ listen kube-master
balance source
server s1 {{ master1 }} check inter 10000 fall 2 rise 2 weight 1
server s2 {{ master2 }} check inter 10000 fall 2 rise 2 weight 1
server s3 {{ master3 }} check inter 10000 fall 2 rise 2 weight 1
server s3 {{ master3 }} check inter 10000 fall 2 rise 2 weight 1 # 新增 master节点
```

- 执行安装脚本

``` bash
$ cd /etc/ansible && ansible-playbook 20.addmaster.yml
$ cd /etc/ansible && ansible-playbook 21.addmaster.yml
```

### 验证
Expand All @@ -57,4 +60,16 @@ $ systemctl status kube-scheduler
# 查看新master的服务日志
$ journalctl -u kube-apiserver -f

# 查看集群节点,可以看到新 master节点 Ready, 并且禁止了POD 调度功能
$ kubectl get node
NAME STATUS ROLES AGE VERSION
192.168.1.1 Ready,SchedulingDisabled <none> 3h v1.9.3
192.168.1.2 Ready,SchedulingDisabled <none> 3h v1.9.3
192.168.1.3 Ready <none> 3h v1.9.3
192.168.1.4 Ready <none> 3h v1.9.3
192.168.1.5 Ready,SchedulingDisabled <none> 2h v1.9.3 # 新增 master节点
```

### 后续

上述步骤验证成功,确认新节点工作正常后,为了方便后续再次添加节点,在ansible hosts文件中,把 [new-master] 组下的节点全部复制到 [kube-master] 组下,并清空 [new-master] 组中的节点。
10 changes: 4 additions & 6 deletions docs/guide/op/AddNode.md
Original file line number Diff line number Diff line change
@@ -1,12 +1,10 @@
## 增加 kube-node 节点

新增`kube-node`节点大致流程为:
- 节点预处理 prepare
- 安装 kubectl (可选)
- 安装 docker
- 安装 kubelet 和 kube-proxy
- 准备网络插件 calico 或 flannel
- 批准新节点 kubectl certificate approve
- 新节点预处理 prepare
- 新节点安装 docker 服务
- 新节点安装 kube-node 服务
- 新节点安装网络插件相关

### 操作步骤

Expand Down
7 changes: 5 additions & 2 deletions example/hosts.m-masters.example
Original file line number Diff line number Diff line change
Expand Up @@ -32,17 +32,20 @@ MASTER_PORT="8443" # 设置 api-server VIP地址的服务端口
[harbor]
#192.168.1.8 NODE_IP="192.168.1.8"

# 预留组,后续添加master节点使用
[new-master]
#192.168.1.5 NODE_IP="192.168.1.5"

# 预留组,后续添加node节点使用
[new-node]
#192.168.1.xx NODE_IP="192.168.1.xx"
#192.168.1.xx NODE_IP="192.168.1.xx"

[all:vars]
# ---------集群主要参数---------------
#集群部署模式:allinone, single-master, multi-master
DEPLOY_MODE=multi-master

#集群 MASTER IP,一般为VIP地址
#集群 MASTER IP即 LB节点VIP地址,并根据 LB节点的 MASTER_PORT组成 KUBE_APISERVER
MASTER_IP="192.168.1.10"
KUBE_APISERVER="https://192.168.1.10:8443"

Expand Down
8 changes: 3 additions & 5 deletions roles/prepare/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@
- lxc-common

- block:
# 删除默认安装
when: ansible_distribution == "CentOS"
- name: 删除centos默认安装
yum: name={{ item }} state=absent
with_items:
Expand Down Expand Up @@ -73,10 +73,9 @@
regexp: "^SELINUX"
line: "SELINUX=disabled"

when: ansible_distribution == "CentOS"

- name: 添加 kubectl 命令自动补全
shell: "echo 'source <(kubectl completion bash)' >> ~/.bashrc"
shell: "sed -i '/kubectl completion/d' ~/.bashrc && \
echo 'source <(kubectl completion bash)' >> ~/.bashrc"

# 设置系统参数for k8s
# 消除docker info 警告WARNING: bridge-nf-call-ip[6]tables is disabled
Expand All @@ -86,7 +85,6 @@
- name: 加载br_netfilter模块
modprobe: name=br_netfilter state=present
ignore_errors: true
#shell: "modprobe br_netfilter"

- name: 生效系统参数
shell: "sysctl -p /etc/sysctl.d/95-k8s-sysctl.conf"
Expand Down

0 comments on commit 160f9b2

Please sign in to comment.