From 301be5914c59af9f666ba82f732aeb34264a800c Mon Sep 17 00:00:00 2001 From: tormakris Date: Tue, 5 Mar 2019 18:33:23 +0100 Subject: [PATCH] initial commit --- .gitignore | 1 + README.md | 41 ++++++++++ cluster-deploy | 131 ++++++++++++++++++++++++++++++++ cluster-withdraw | 58 ++++++++++++++ deploy/calico_setup.sh | 11 +++ deploy/cilium_setup.sh | 10 +++ deploy/docker_registry_setup.sh | 7 ++ deploy/flannel_setup.sh | 10 +++ deploy/kubeless_setup.sh | 5 ++ deploy/kubernetes_install.sh | 54 +++++++++++++ deploy/weavenet_setup.sh | 10 +++ withdraw/node_reset.sh | 8 ++ worker.list.example | 3 + 13 files changed, 349 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 cluster-deploy create mode 100644 cluster-withdraw create mode 100644 deploy/calico_setup.sh create mode 100644 deploy/cilium_setup.sh create mode 100644 deploy/docker_registry_setup.sh create mode 100644 deploy/flannel_setup.sh create mode 100644 deploy/kubeless_setup.sh create mode 100644 deploy/kubernetes_install.sh create mode 100644 deploy/weavenet_setup.sh create mode 100644 withdraw/node_reset.sh create mode 100644 worker.list.example diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9eb3a9f --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +worker.list diff --git a/README.md b/README.md new file mode 100644 index 0000000..f249dc9 --- /dev/null +++ b/README.md @@ -0,0 +1,41 @@ +# Kubernetes Cluster Deployer and Withdrawer + +--- + +## Available CNI plugins (as for now) +* Calico +* Cilium +* Flannel +* WeawNet + +--- + +## User's Manual + +### Preparations +The commands must be run as root on the (future) master node. The SSH-key of the master node must be uploaded on the worker node for root, so it can run seamlessly. + +Create a `worker.list` file and add the hostname or the IP address of the worker nodes in it line-by-line as you can see in the example file. + +### Deploying Kubernetes Cluster +To install the cluster run the `./cluster-deploy ` command. A Kubernetes CNI plugin name must be given as an argument. If you give the word `help` as an argument, you will get the available CNI plugins. + +### Withdraw Kubernetes Cluster +To undo the cluster installation run the `./cluster-withdraw` command and it will clean up the configurations on all nodes including the master as well. Command will purge all Kubernetes setups from nodes enlisted in the `worker.list` file! + +--- + +## Használati útmutató + +### Előkészületek +A parancsokat root-tal kell futtatni a (leendő) mester gépen. A worker gépek root felhasználójához töltsétek fel a mester SSH-kulcsát, így jelszókérés nem állítja meg a telepítési folyamatokat. + +Hozz létre egy `worker.list` fájlt, mely soronként tartalmazza a worker gépek hosztnevét vagy IP címét, ahogy a példa fájlban is látható. + +### Kubernetes Klaszter létrehozása + +A klaszter létrehozásához futtasd le a `./cluster-deploy ` parancsot. Paraméterként meg kell adni a Kubernetes klaszter hálózati bővítményét. Ha a `help` paraméterrel futtatod, akkor megkapod az elérhető Kubernetes CNI bővítmények listáját. + + +### Kubernetes Klaszter eltávolítása +A klaszter visszavonásához a `./cluster-withdraw` parancsot kell lefuttatni, és ezután eltávolítja az összes klaszter beállítást a gépeken, beleértve a mester gépet is. A parancs letörli az összes Kubernetes beállítást a hosztokról, melyek a `worker.list` fájlban szerepelnek! \ No newline at end of file diff --git a/cluster-deploy b/cluster-deploy new file mode 100644 index 0000000..9f3cb64 --- /dev/null +++ b/cluster-deploy @@ -0,0 +1,131 @@ +#!/bin/bash +# @author: Daniel Keszei +# @description: Kubernetes deployer +# @created: 2019-02-15 +# @version: 1.0 +# @origin: https://github.com/szefoka/openfaas_lab + + +# Variable(s) + +# Script variable(s) +PID=$$ +SCRIPTNAME="$(basename $0)" +WORKER_LIST="worker.list" +IP="" +TOKEN="" +HASH="" + + +# Functions + +#FIXME Write usage message +function usage { +cat << EOF + +Usage: $SCRIPTNAME + +Available CNI plugins: + * Calico + * Cilium + * Flannel + * WeaveNet + +EOF +} + +## Send error messages to stderr +function echo_err { + echo "Error: $@" >&2 +} + +function wait_for_worker { + while [[ "$(kubectl get nodes | grep Ready | grep none | wc -l)" -lt 1 ]]; + do + sleep 1 + done +} + +function wait_for_podnetwork { + #podnetwork should be running on the master and at least one worker node + while [[ "$(kubectl get pods -n kube-system | grep weave-net | grep Running | wc -l)" -lt 2 ]]; + do + sleep 1 + done +} + +## Check files from parameters +if [ ! -f $WORKER_LIST ]; then + echo_err "Worker list file ($WORKER_LIST) not exists." + exit 1 + else if [ ! -s $WORKER_LIST ]; then + echo_err "Worker list file ($WORKER_LIST) is empty." + fi +fi + +## Check for argument +if [ "$#" -lt 1 ]; then + echo_err "Missing CNI plugin name as an argument." + exit 1 +fi + +# Make the letters of the argument lowercase +CNI=$(tr '[:upper:]' '[:lower:]' <<< $1) + +## Setup Kubernetes +./deploy/kubernetes_install.sh + +## Initialize Master and install CNI plugin +case $CNI in + ### Setup Calico + calico) echo "[CNI] Installing Calico... "; + ./deploy/calico_setup.sh; + echo "[CNI]" Calico installion is completed.;; + + ### Setup Cilium + cilium) echo "[CNI] Installing Cilium... "; + ./deploy/cilium_setup.sh; + echo "[CNI]" Cilium installion is completed.;; + + ### Setup Flannel + flannel) echo "[CNI] Installing Flannel... "; + ./deploy/flannel_setup.sh; + echo "[CNI]" Flannel installion is completed.;; + + ### Setup WeaveNet + weavenet) echo "[CNI] Installing WeaveNet... "; + ./deploy/weavenet_setup.sh; + echo "[CNI]" WeaveNet installion is completed.;; + + ### Print out help message + help) usage; exit 0;; + + ### Wrong argument, print error message + *) echo_err "Unknown CNI plugin!"; + exit 1;; +esac + +#IP=$(ip addr sh dev $(ip ro sh | grep default | awk '{print $5}') scope global | grep inet | awk '{split($2,addresses,"/"); print addresses[1]}'):6443 +IP=$(ifconfig $(route | grep '^default' | grep -o '[^ ]*$') | grep "inet addr:" | awk '{print $2}' | cut -c6-) +TOKEN=$(kubeadm token list | tail -n 1 | cut -d ' ' -f 1) +HASH=sha256:$(openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //') + +#FIXME Do I need local docker-registry? +./deploy/docker_registry_setup.sh $IP:5000 + +# Join the worker nodes +for LINE in $(cat $WORKER_LIST | grep -vE "^#"); do + WORKERNAME=`echo $LINE | awk -F"/" '{print $NF}'` + + echo "[worker:$WORKERNAME] Deploying..." + ssh $WORKERNAME -o "StrictHostKeyChecking no" "bash -s" < ./deploy/kubernetes_install.sh true $IP:6443 $TOKEN $HASH + + #FIXME Do I need to wait for the worker? + wait_for_worker + + #FIXME Do I need local docker-registry? + ssh $WORKERNAME -o "StrictHostKeyChecking no" "bash -s" < ./deploy/docker_registry_setup.sh $IP:5000 + + echo "[worker:$WORKERNAME] Deployment is completed." +done + diff --git a/cluster-withdraw b/cluster-withdraw new file mode 100644 index 0000000..d06cd29 --- /dev/null +++ b/cluster-withdraw @@ -0,0 +1,58 @@ +#!/bin/bash +# @author: Daniel Keszei +# @description: Kubernetes cluster withdrawer +# @created: 2019-02-26 +# @version: 1.0 + + +# Variable(s) + +# Script variable(s) +PID=$$ +SCRIPTNAME="$(basename $0)" +WORKER_LIST="worker.list" + +# Functions + +#FIXME Write usage message +function usage { +cat << EOF + +EOF + +} + +## Send error messages to stderr +function echo_err { + echo "Error: $@" >&2 +} + + +## Check files from parameters +if [ ! -f $WORKER_LIST ]; then + echo_err "Worker list file ($WORKER_LIST) not exists." + exit 1 + else if [ ! -s $WORKER_LIST ]; then + echo_err "Worker list file ($WORKER_LIST) is empty." + fi +fi + +# Reset Master node +./withdraw/node_reset.sh +rm -rf ~/.kube + +#FIXME Does local docker-registry needs removal +#./deploy/docker_registry_setup.sh $IP:5000 + +# Reset the workers0 +for LINE in $(cat $WORKER_LIST | grep -vE "^#"); do + WORKERNAME=`echo $LINE | awk -F"/" '{print $NF}'` + + echo "[worker:$WORKERNAME] Evicating..." + ssh $WORKERNAME -o "StrictHostKeyChecking no" "bash -s" < ./withdraw/node_reset.sh + + #FIXME Does local docker-registry needs removal +# ssh $WORKERNAME -o "StrictHostKeyChecking no" "bash -s" < ./deploy/docker_registry_setup.sh $IP:5000 + + echo "[worker:$WORKERNAME] Eviction is completed." +done \ No newline at end of file diff --git a/deploy/calico_setup.sh b/deploy/calico_setup.sh new file mode 100644 index 0000000..cf05195 --- /dev/null +++ b/deploy/calico_setup.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +## Initialize Kubernetes +kubeadm init --ignore-preflight-errors=SystemVerification --pod-network-cidr=192.168.0.0/16 +mkdir -p $HOME/.kube +cp -i /etc/kubernetes/admin.conf $HOME/.kube/config +chown $(id -u):$(id -g) $HOME/.kube/config + +## Apply Calico CNI plugin +kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml +kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml diff --git a/deploy/cilium_setup.sh b/deploy/cilium_setup.sh new file mode 100644 index 0000000..fc87ce9 --- /dev/null +++ b/deploy/cilium_setup.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +## Initialize Kubernetes +kubeadm init --ignore-preflight-errors=SystemVerification +mkdir -p $HOME/.kube +cp -i /etc/kubernetes/admin.conf $HOME/.kube/config +chown $(id -u):$(id -g) $HOME/.kube/config + +## Apply Cilium CNI plugin +kubectl create -f https://raw.githubusercontent.com/cilium/cilium/v1.4/examples/kubernetes/1.13/cilium.yaml diff --git a/deploy/docker_registry_setup.sh b/deploy/docker_registry_setup.sh new file mode 100644 index 0000000..b38a1ab --- /dev/null +++ b/deploy/docker_registry_setup.sh @@ -0,0 +1,7 @@ +#!/bin/bash +IP=$1 +sed "/ExecStart/ s/$/ --insecure-registry=$IP/" /lib/systemd/system/docker.service > /lib/systemd/system/tmp +mv /lib/systemd/system/tmp /lib/systemd/system/docker.service +systemctl daemon-reload +systemctl restart docker.service +docker run -d -p 5000:5000 --restart=always --name registry registry:2 diff --git a/deploy/flannel_setup.sh b/deploy/flannel_setup.sh new file mode 100644 index 0000000..86db6ef --- /dev/null +++ b/deploy/flannel_setup.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +## Initialize Kubernetes +kubeadm init --ignore-preflight-errors=SystemVerification --pod-network-cidr=10.244.0.0/16 +mkdir -p $HOME/.kube +cp -i /etc/kubernetes/admin.conf $HOME/.kube/config +chown $(id -u):$(id -g) $HOME/.kube/config + +## Apply Flannel CNI plugin +kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml diff --git a/deploy/kubeless_setup.sh b/deploy/kubeless_setup.sh new file mode 100644 index 0000000..f7031db --- /dev/null +++ b/deploy/kubeless_setup.sh @@ -0,0 +1,5 @@ +#!/bin/bash +RELEASE=$(curl -s https://api.github.com/repos/kubeless/kubeless/releases/latest | grep tag_name | cut -d '"' -f 4) +kubectl create ns kubeless +kubectl create -f https://github.com/kubeless/kubeless/releases/download/$RELEASE/kubeless-$RELEASE.yaml +#kubectl create -f https://github.com/kubeless/kubeless/releases/download/$RELEASE/kubeless-non-rbac-$RELEASE.yaml \ No newline at end of file diff --git a/deploy/kubernetes_install.sh b/deploy/kubernetes_install.sh new file mode 100644 index 0000000..a84de82 --- /dev/null +++ b/deploy/kubernetes_install.sh @@ -0,0 +1,54 @@ +#!/bin/bash + +CLIENT=$1 +IP=$2 +TOKEN=$3 +HASH=$4 + + +#Installing Docker +DOCKER_INSTALLED=$(which docker) +if [ "$DOCKER_INSTALLED" = "" ] +then + apt-get remove docker docker-engine docker.io + apt-get update + apt-get install -y apt-transport-https ca-certificates curl software-properties-common + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - + add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" + apt-get update + apt-get install -y docker-ce +fi + + +#Installing Kubernetes +KUBERNETES_INSTALLED=$(which kubeadm) +if [ "$KUBERNETES_INSTALLED" = "" ] +then + curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - + touch /etc/apt/sources.list.d/kubernetes.list + chmod 666 /etc/apt/sources.list.d/kubernetes.list + echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list + apt-get update + apt-get install -y kubelet kubeadm kubectl kubernetes-cni +fi + +#Disabling swap for Kubernetes +sysctl net.bridge.bridge-nf-call-iptables=1 > /dev/null +swapoff -a + +if [ -z "$CLIENT" ] +then +# kubeadm init --ignore-preflight-errors=SystemVerification +# mkdir -p $HOME/.kube +# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config +# chown $(id -u):$(id -g) $HOME/.kube/config + : + +elif [ "$CLIENT" = "true" ] +then + kubeadm join $IP --token $TOKEN --discovery-token-ca-cert-hash $HASH --ignore-preflight-errors=SystemVerification + echo "Client ($IP) joined to Master" +else + echo "Invalid argument" +fi + diff --git a/deploy/weavenet_setup.sh b/deploy/weavenet_setup.sh new file mode 100644 index 0000000..eba5315 --- /dev/null +++ b/deploy/weavenet_setup.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +## Initialize Kubernetes +kubeadm init --ignore-preflight-errors=SystemVerification +mkdir -p $HOME/.kube +cp -i /etc/kubernetes/admin.conf $HOME/.kube/config +chown $(id -u):$(id -g) $HOME/.kube/config + +## Apply WeaveNet CNI plugin +kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')" diff --git a/withdraw/node_reset.sh b/withdraw/node_reset.sh new file mode 100644 index 0000000..b426ffe --- /dev/null +++ b/withdraw/node_reset.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +kubeadm reset --force +docker system prune -a +docker stop $(docker ps -a -q) +docker rm $(docker ps -a -q) +docker rmi $(docker images -a -q) +iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X \ No newline at end of file diff --git a/worker.list.example b/worker.list.example new file mode 100644 index 0000000..da73edc --- /dev/null +++ b/worker.list.example @@ -0,0 +1,3 @@ +node2 +node3 +node4