更新rancher部署

2024-11-21 01:16:33 +08:00 · 2023-09-03 18:14:35 +08:00 · 2023-09-03 18:14:35 +08:00 · da1dfee7de
commit da1dfee7de
parent a3d3862285
4 changed files with 23 additions and 196 deletions
--- a/install/kubernetes/rancher/all_image.py
+++ b/install/kubernetes/rancher/all_image.py
@ -1,176 +1,6 @@
-# 所需要的所有镜像
-images = [
-    'busybox',
-    'rancher/backup-restore-operator:v1.0.2',
-    'rancher/banzaicloud-fluentd:v1.11.2-alpine-2',
-    'rancher/banzaicloud-logging-operator:3.6.0',
-    'rancher/calico-cni:v3.13.4',
-    'rancher/calico-cni:v3.16.1',
-    'rancher/calico-ctl:v3.13.4',
-    'rancher/calico-ctl:v3.16.1',
-    'rancher/calico-kube-controllers:v3.13.4',
-    'rancher/calico-kube-controllers:v3.16.1',
-    'rancher/calico-node:v3.13.4',
-    'rancher/calico-node:v3.16.1',
-    'rancher/calico-pod2daemon-flexvol:v3.13.4',
-    'rancher/calico-pod2daemon-flexvol:v3.16.1',
-    'rancher/cis-operator:v1.0.1',
-    'rancher/cluster-proportional-autoscaler:1.7.1',
-    'rancher/cluster-proportional-autoscaler:1.8.1',
-    'rancher/configmap-reload:v0.3.0-rancher2',
-    'rancher/coredns-coredns:1.6.2',
-    'rancher/coredns-coredns:1.6.5',
-    'rancher/coredns-coredns:1.6.9',
-    'rancher/coredns-coredns:1.7.0',
-    'rancher/coreos-etcd:v3.3.15-rancher1',
-    'rancher/coreos-etcd:v3.4.13-rancher1',
-    'rancher/coreos-etcd:v3.4.3-rancher1',
-    'rancher/coreos-flannel:v0.12.0',
-    'rancher/coreos-flannel:v0.13.0-rancher1',
-    'rancher/coreos-kube-state-metrics:v1.9.7',
-    'rancher/coreos-prometheus-config-reloader:v0.38.1',
-    'rancher/coreos-prometheus-operator:v0.38.1',
-    'rancher/curlimages-curl:7.70.0',
-    'rancher/directxman12-k8s-prometheus-adapter-amd64:v0.6.0',
-    'rancher/eks-operator:v1.0.4',
-    'rancher/flannel-cni:v0.3.0-rancher6',
-    'rancher/fleet-agent:v0.3.1',
-    'rancher/fleet:v0.3.1',
-    'rancher/fluent-bit-out-syslog:0.1.0',
-    'rancher/fluent-fluent-bit:1.5.4',
-    'rancher/fluent-fluent-bit:1.5.4-debug',
-    'rancher/fluentd:v0.1.19',
-    'rancher/gitjob:v0.1.8',
-    'rancher/grafana-grafana:6.7.4',
-    'rancher/grafana-grafana:7.1.5',
-    'rancher/hyperkube:v1.16.15-rancher1',
-    'rancher/hyperkube:v1.17.13-rancher1',
-    'rancher/hyperkube:v1.18.10-rancher1',
-    'rancher/hyperkube:v1.19.3-rancher1',
-    'rancher/istio-1.5-migration:0.1.1',
-    'rancher/istio-citadel:1.5.9',
-    'rancher/istio-coredns-plugin:0.2-istio-1.1',
-    'rancher/istio-galley:1.5.9',
-    'rancher/istio-install-cni:1.7.3',
-    'rancher/istio-installer:1.7.3-rancher2',
-    'rancher/istio-kubectl:1.4.6',
-    'rancher/istio-kubectl:1.5.10',
-    'rancher/istio-kubectl:1.5.9',
-    'rancher/istio-mixer:1.5.9',
-    'rancher/istio-mixer:1.7.3',
-    'rancher/istio-node-agent-k8s:1.5.9',
-    'rancher/istio-pilot:1.5.9',
-    'rancher/istio-pilot:1.7.3',
-    'rancher/istio-proxyv2:1.5.9',
-    'rancher/istio-proxyv2:1.7.3',
-    'rancher/istio-sidecar_injector:1.5.9',
-    'rancher/jaegertracing-all-in-one:1.14',
-    'rancher/jenkins-jnlp-slave:3.35-4',
-    'rancher/jetstack-cert-manager-controller:v0.8.1',
-    'rancher/jettech-kube-webhook-certgen:v1.2.1',
-    'rancher/jimmidyson-configmap-reload:v0.2.2',
-    'rancher/jimmidyson-configmap-reload:v0.3.0',
-    'rancher/k3s-upgrade:v1.17.13-k3s2',
-    'rancher/k3s-upgrade:v1.18.10-k3s2',
-    'rancher/k3s-upgrade:v1.19.3-k3s2',
-    'rancher/k8s-dns-dnsmasq-nanny:1.15.0',
-    'rancher/k8s-dns-dnsmasq-nanny:1.15.10',
-    'rancher/k8s-dns-dnsmasq-nanny:1.15.2',
-    'rancher/k8s-dns-kube-dns:1.15.0',
-    'rancher/k8s-dns-kube-dns:1.15.10',
-    'rancher/k8s-dns-kube-dns:1.15.2',
-    'rancher/k8s-dns-node-cache:1.15.13',
-    'rancher/k8s-dns-node-cache:1.15.7',
-    'rancher/k8s-dns-sidecar:1.15.0',
-    'rancher/k8s-dns-sidecar:1.15.10',
-    'rancher/k8s-dns-sidecar:1.15.2',
-    'rancher/kiali-kiali:v1.17',
-    'rancher/kiali-kiali:v1.24.0',
-    'rancher/kiwigrid-k8s-sidecar:0.1.151',
-    'rancher/klipper-helm:v0.2.3',
-    'rancher/klipper-helm:v0.2.7',
-    'rancher/klipper-helm:v0.3.0',
-    'rancher/klipper-lb:v0.1.2',
-    'rancher/kube-api-auth:v0.1.4',
-    'rancher/kubectl:v1.18.0',
-    'rancher/kubectl:v1.18.6',
-    'rancher/kubernetes-external-dns:v0.7.3',
-    'rancher/library-busybox:1.31.1',
-    'rancher/library-nginx:1.19.2-alpine',
-    'rancher/library-traefik:1.7.19',
-    'rancher/local-path-provisioner:v0.0.11',
-    'rancher/local-path-provisioner:v0.0.14',
-    'rancher/log-aggregator:v0.1.7',
-    'rancher/longhornio-csi-attacher:v2.0.0',
-    'rancher/longhornio-csi-node-driver-registrar:v1.2.0',
-    'rancher/longhornio-csi-provisioner:v1.4.0',
-    'rancher/longhornio-csi-resizer:v0.3.0',
-    'rancher/longhornio-longhorn-engine:v1.0.2',
-    'rancher/longhornio-longhorn-instance-manager:v1_20200514',
-    'rancher/longhornio-longhorn-manager:v1.0.2',
-    'rancher/longhornio-longhorn-ui:v1.0.2',
-    'rancher/metrics-server:v0.3.4',
-    'rancher/metrics-server:v0.3.6',
-    'rancher/minio-minio:RELEASE.2020-07-13T18-09-56Z',
-    'rancher/nginx-ingress-controller-defaultbackend:1.5-rancher1',
-    'rancher/nginx-ingress-controller:nginx-0.35.0-rancher2',
-    'rancher/opa-gatekeeper:v3.1.0-beta.7',
-    'rancher/openpolicyagent-gatekeeper:v3.1.1',
-    'rancher/openzipkin-zipkin:2.14.2',
-    'rancher/pause:3.1',
-    'rancher/pause:3.2',
-    'rancher/pipeline-jenkins-server:v0.1.4',
-    'rancher/pipeline-tools:v0.1.15',
-    'rancher/plugins-docker:18.09',
-    'rancher/prom-alertmanager:v0.21.0',
-    'rancher/prom-node-exporter:v1.0.1',
-    'rancher/prom-prometheus:v2.12.0',
-    'rancher/prom-prometheus:v2.18.2',
-    'rancher/prometheus-auth:v0.2.1',
-    'rancher/pstauffer-curl:v1.0.3',
-    'rancher/pushprox-client:v0.1.0-rancher1-client',
-    'rancher/pushprox-proxy:v0.1.0-rancher1-proxy',
-    'rancher/rancher-agent:v2.4.8',
-    'rancher/rancher-agent:v2.5.2',
-    'rancher/rancher-operator:v0.1.1',
-    'rancher/rancher-webhook:v0.1.0-beta7',
-    'rancher/rancher:v2.5.2',
-    'rancher/rke-tools:v0.1.66',
-    'rancher/security-scan:v0.1.14',
-    'rancher/security-scan:v0.2.1',
-    'rancher/shell:v0.1.5',
-    'rancher/sonobuoy-sonobuoy:v0.16.3',
-    'rancher/squareup-ghostunnel:v1.5.2',
-    'rancher/system-upgrade-controller:v0.6.2',
-    'rancher/tekton-utils:v0.1.0',
-    'rancher/thanosio-thanos:v0.15.0',
-    'rancher/webhook-receiver:v0.2.4',
-    'registry:2'
-]
-# images=[
-#     'rancher/mirrored-coreos-flannel:v0.15.1',
-#     'rancher/hyperkube:v1.18.20-rancher1',
-#     'rancher/rke-tools:v0.1.75',
-#     'rancher/mirrored-coreos-etcd:v3.4.15-rancher1',
-#     'rancher/rancher-agent:v2.5.2',
-#     'rancher/rancher:v2.5.2',
-#     'rancher/fleet-agent:v0.3.1',
-#     'rancher/nginx-ingress-controller:nginx-0.35.0-rancher2',
-#     'rancher/rke-tools:v0.1.65',
-#     'rancher/mirrored-calico-node:v3.13.4',
-#     'rancher/mirrored-calico-pod2daemon-flexvol:v3.13.4',
-#     'rancher/mirrored-calico-cni:v3.13.4',
-#     'rancher/mirrored-coredns-coredns:1.6.9',
-#     'rancher/kube-api-auth:v0.1.4',
-#     'rancher/mirrored-metrics-server:v0.3.6',
-#     'rancher/mirrored-cluster-proportional-autoscaler:1.7.1',
-#     'rancher/mirrored-nginx-ingress-controller-defaultbackend:1.5-rancher1',
-#     'rancher/mirrored-pause:3.1',
-#     'registry:2',
-#     'busybox'
-# ]
+images = open("rancher-images.txt").readlines()

-images = list(set(images))
+images = list(set([x.strip() for x in images if x.strip()]))
 # 通过私有仓库，将公有镜像下发到内网每台机器上，例如内网ccr.ccs.tencentyun.com的仓库，共约26G
 HOST = 'ccr.ccs.tencentyun.com/cube-rancher/'
 # print('docker login ')
@ -182,11 +12,11 @@ for image in images:
    # 可联网机器上拉取公有镜像并推送到私有仓库
    # print('docker pull %s && docker tag %s %s && docker push %s &' % (image,image,image_name,image_name))

-    # # # 内网机器上拉取私有仓库镜像
+    # 内网机器上拉取私有仓库镜像
    # image=image.replace('@sha256','')
    # print("docker pull %s && docker tag %s %s &" % (image_name,image_name,image))

-    # # 拉取公有镜像
+    # 拉取公有镜像
    image=image.replace('@sha256','')
    print("docker pull %s &" % (image,))

@ -197,3 +27,4 @@ print('wait')



+
--- a/install/kubernetes/rancher/init_node_cpu.sh
+++ b/install/kubernetes/rancher/init_node_cpu.sh
@ -1,9 +1,5 @@
-hostname=`ifconfig eth1 | grep 'inet '| awk '{print $2}' | head -n 1 | awk -F. {'printf("node%03d%03d%03d%03d\n", $1, $2, $3, $4)'}`
-echo $hostname
-hostnamectl set-hostname ${hostname}
-
-echo "127.0.0.1 ${hostname}" >> /etc/hosts
-echo "::1 ${hostname}" >> /etc/hosts
+# ubuntu:20.04
+#sysctl -w net/netfilter/nf_conntrack_max=524288

 service docker stop
 rpm -qa | grep docker | xargs yum remove -y
@ -18,8 +14,13 @@ yum update -y
 yum install docker-ce -y 
 yum install -y htop docker-compose
 yum install -y wireshark
+yum install -y telnet
+
 # 停止docker，修改配置
 systemctl stop docker
+systemctl stop docker.socket
+systemctl stop docker.service
+
 # 将源docker目录下文件，复制到新目录下
 cp -R /var/lib/docker/* /data/docker/

--- a/install/kubernetes/rancher/init_node_gpu.sh
+++ b/install/kubernetes/rancher/init_node_gpu.sh
@ -1,9 +1,3 @@
-hostname=`ifconfig eth1 | grep 'inet '| awk '{print $2}' | head -n 1 | awk -F. {'printf("node%03d%03d%03d%03d\n", $1, $2, $3, $4)'}`
-echo $hostname
-hostnamectl set-hostname ${hostname}
-
-echo "127.0.0.1 ${hostname}" >> /etc/hosts
-echo "::1 ${hostname}" >> /etc/hosts

 service docker stop
 rpm -qa | grep docker | xargs yum remove -y
--- a/install/kubernetes/rancher/readme.md
+++ b/install/kubernetes/rancher/readme.md
@ -12,7 +12,7 @@

 关于镜像的版本，这与rancher和k8s的版本有关。你可以在这里选择一个能够部署k8s 1.18的rancher版本：https://github.com/rancher/rancher/releases

-比如我这里使用的是rancher_version=v2.5.2，即2.5.2版本，那么这个版本依赖的镜像，可以在https://github.com/rancher/rancher/releases/tag/$rancher_version  中找到其所依赖的镜像txt文件，也就是 https://github.com/rancher/rancher/releases/download/$rancher_version/rancher-images.txt
+比如我这里使用的是rancher_version=v2.6.2，即2.6.2版本，那么这个版本依赖的镜像，可以在https://github.com/rancher/rancher/releases/tag/$rancher_version  中找到其所依赖的镜像txt文件，也就是 https://github.com/rancher/rancher/releases/download/$rancher_version/rancher-images.txt

 之后，将依赖的镜像在开发网中拉取下来，然后重新tag成内网仓库镜像，例如docker.oa.com域名下的镜像，推送到docker.oa.com上，接着需要在idc中的每个机器上拉取下来，再tag成原始镜像名。
 参考命令：
@ -46,24 +46,26 @@ reset_docker.sh 是为了在机器从rancher集群中踢出以后，把rancher

 # 部署rancher server

-# 部署k8s集群
-
 单节点部署rancher server  

 ```bash
 # 清理历史部署痕迹
 reset_docker.sh

-# 需要拉取镜像(这里以2.5.2版本为例)
+# 需要拉取镜像(这里以2.6.2版本为例)
+wget https://github.com/rancher/rancher/releases/download/v2.6.2/rancher-images.txt
+
 python3 all_image.py > pull_rancher_images.sh
 sh pull_rancher_images.sh

-export RANCHER_CONTAINER_TAG=v2.5.2
+export RANCHER_CONTAINER_TAG=v2.6.2
 sudo docker run -d --privileged --restart=unless-stopped -p 443:443 --name=myrancher -e AUDIT_LEVEL=3 rancher/rancher:$RANCHER_CONTAINER_TAG

 ```

-执行完毕后，进去rancher server的https://xx.xx.xx.xx/ 的web界面，这里的xx取决于你服务器的IP地址，之后选择添加集群->选择自定义集群->填写集群名称
+# 部署k8s集群
+
+部署完rancher server后，进去rancher server的https://xx.xx.xx.xx/ 的web界面，这里的xx取决于你服务器的IP地址，之后选择添加集群->选择自定义集群->填写集群名称

 然后选择kubernetes的版本（注意：这个版本在第一次打开选择页面时可能刷新不出来，需要等待1~2分钟再刷新才能显示）

@ -135,7 +137,6 @@ services部分的示例（注意缩进对齐）

 部署完成后，集群的状态会变为"Active"，之后就可以继续其他的操作了，比如执行sh start.sh xx.xx.xx.xx等等

-
 # rancher server 高可用
  
 rancher server 有高可用部署方案，可以参考官网https://rancher.com/docs/rancher/v2.x/en/installation/how-ha-works/
@ -147,13 +148,15 @@ services部分的示例（注意缩进对齐）
 因此下面提供一种方案，能使在单容器模式下，机器重启后，rancher server仍可用。
 ```bash
 export RANCHER_CONTAINER_NAME=myrancher
-export RANCHER_CONTAINER_TAG=v2.5.2
+export RANCHER_CONTAINER_TAG=v2.6.2

 docker stop $RANCHER_CONTAINER_NAME
 docker create --volumes-from $RANCHER_CONTAINER_NAME --name rancher-data rancher/rancher:$RANCHER_CONTAINER_TAG
 # 先备份一遍
 docker run --volumes-from rancher-data --privileged -v $PWD:/backup alpine tar zcvf /backup/rancher-data-backup.tar.gz /var/lib/rancher
 docker run --name myrancher-new -d --privileged --volumes-from rancher-data --restart=unless-stopped -p 443:443 rancher/rancher:$RANCHER_CONTAINER_TAG
+# 等到上面运行成功
+docker rm $RANCHER_CONTAINER_NAME
 ```

 然后就可以把原有容器删除掉了。
@ -178,8 +181,6 @@ docker stop $RANCHER_CONTAINER_NAME
 docker start $RANCHER_CONTAINER_NAME
 ```

-
-
 # 部署完成后需要部分修正

 1、因为metric-server默认镜像拉取是Always，所以要修改成imagePullPolicy: IfNotPresent