gitea/cka-SVV
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

message

Browse Source
This commit is contained in:
sandervanvugt 2022-11-11 11:20:20 +01:00
parent a99dd482f4
commit 050b1f1e1a
2 changed files with 95 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
crictl.yaml Normal file
View File

@ -0,0 +1,4 @@
runtime-endpoint: unix:///var/run/containerd/containerd.sock
image-endpoint: unix:///var/run/containerd/containerd.sock
timeout: 10
debug: true

140
setup-lb-ubuntu-alpha.sh
View File

@ -4,29 +4,60 @@
# script to set up load balancing on cluster nodes # script to set up load balancing on cluster nodes
# for use in CKA courses by Sander van Vugt # for use in CKA courses by Sander van Vugt
# version 0.5 # version 0.6
# currently only supporting CentOS 7.x # currently only tested on Ubuntu 22.04 LTS Server
# run this AFTER running setup-docker.sh and setup-kubetools.sh # run this AFTER running setup-container.sh and setup-kubetools.sh
if which kubectl
then
echo all good moving on
else
echo please run setup-container.sh and setup-kubetools.sh first and then run this again
exit 6
fi
## establish key based SSH with remote hosts ## establish key based SSH with remote hosts
# obtain node information # obtain node information
echo this script requires three nodes: control1 control2 and control3 if grep control1 /etc/hosts | grep -v 127
echo enter the IP address for control1 then
read CONTROL1_IP export CONTROL1_IP=$(awk '/control1/ { print $1 }' /etc/hosts | grep -v 127)
export CONTROL1_IP=$CONTROL1_IP else
echo enter the IP address for control2 echo enter IP address for control1
read CONTROL2_IP read CONTROL1_IP
export CONTROL2_IP=$CONTROL2_IP export CONTROL1_IP=$CONTROL1_IP
echo enter the IP address for control3 sudo sh -c "echo $CONTROL1_IP control1 >> /etc/hosts"
read CONTROL3_IP fi
export CONTROL3_IP=$CONTROL3_IP
if grep control2 /etc/hosts | grep -v 127
then
export CONTROL2_IP=$(awk '/control2/ { print $1 }' /etc/hosts | grep -v 127)
else
echo enter IP address for control2
read CONTROL2_IP
export CONTROL2_IP=$CONTROL2_IP
sudo sh -c "echo $CONTROL2_IP control2 >> /etc/hosts"
fi
if grep control3 /etc/hosts | grep -v 127
then
export CONTROL3_IP=$(awk '/control3/ { print $1 }' /etc/hosts | grep -v 127)
else
echo enter IP address for control3
read CONTROL3_IP
export CONTROL3_IP=$CONTROL3_IP
sudo sh -c "echo $CONTROL3_IP control3 >> /etc/hosts"
fi
echo ##### READ ALL OF THIS BEFORE CONTINUING ###### echo ##### READ ALL OF THIS BEFORE CONTINUING ######
echo this script requires you to run setup-docker.sh and setup-kubetools.sh first echo this script requires you to run setup-docker.sh and setup-kubetools.sh first
echo this script is based on the NIC name ens33 echo this script is based on the NIC name ens33
echo if your networkcard has a different name, edit keepalived.conf echo if your networkcard has a different name, edit keepalived.conf
echo before continuing and change "interface ens33" to match your config echo before continuing and change "interface ens33" to match your config
echo . echo .
echo this script will create a keepalived apiserver at 192.168.4.100 echo this script will create a keepalived apiserver at 192.168.29.100
echo if this IP address does not match your network configuration, echo if this IP address does not match your network configuration,
echo manually change the check_apiserver.sh file before continuing echo manually change the check_apiserver.sh file before continuing
echo press enter to continue or Ctrl-c to interrupt and apply modifications echo press enter to continue or Ctrl-c to interrupt and apply modifications
@ -41,13 +72,7 @@ do
fi fi
done done
# create /etc/hosts for all nodes
sudo sh -c 'echo $CONTROL1_IP control1 >> /etc/hosts'
sudo sh -c 'echo $CONTROL2_IP control2 >> /etc/hosts'
sudo sh -c 'echo $CONTROL3_IP control3 >> /etc/hosts'
cat /etc/hosts cat /etc/hosts
echo this is the main thing that goes wrong: if it does, manually edit /etc/hosts on all the nodes and run the rest of the script echo this is the main thing that goes wrong: if it does, manually edit /etc/hosts on all the nodes and run the rest of the script
read read
@ -57,53 +82,70 @@ ssh-copy-id control1
ssh-copy-id control2 ssh-copy-id control2
ssh-copy-id control3 ssh-copy-id control3
# configuring sudo for easier access
sudo sh -c "echo 'Defaults timestamp_type=global,timestamp_timeout=60' >> /etc/sudoers"
sudo scp -p /etc/sudoers student@control2:/tmp/ && ssh -t control2 'sudo -S chown root:root /tmp/sudoers' && ssh -t control2 'sudo -S cp -p /tmp/sudoers /etc/'
sudo scp -p /etc/sudoers student@control3:/tmp/ && ssh -t control3 'sudo -S chown root:root /tmp/sudoers' && ssh -t control3 'sudo -S cp -p /tmp/sudoers /etc/'
#ssh control2 sudo -S sh -c "echo 'Defaults timestamp_type=global,timestamp_timeout=60' >> /etc/sudoers"
#ssh control3 sudo -S sh -c "echo 'Defaults timestamp_type=global,timestamp_timeout=60' >> /etc/sudoers"
echo DEBUG: check if sudo modification worked
read
# install required software # install required software
sudo apt install haproxy keepalived -y sudo apt install haproxy keepalived -y
ssh control2 "sudo apt install haproxy keepalived -y" ssh control2 "sudo -S apt install haproxy keepalived -y"
ssh control3 "sudo apt install haproxy keepalived -y" ssh control3 "sudo -S apt install haproxy keepalived -y"
echo DEBUG check if haproxy and keepalived are installed
read
scp /etc/hosts control2:/tmp && ssh -t control2 'sudo cp /tmp/hosts /etc/'
scp /etc/hosts control3:/tmp && ssh -t control3 'sudo cp /tmp/hosts /etc/' scp /etc/hosts control2:/tmp && ssh -t control2 'sudo -S cp /tmp/hosts /etc/'
scp /etc/hosts control3:/tmp && ssh -t control3 'sudo -S cp /tmp/hosts /etc/'
# create keepalived config # create keepalived config
# change IP address to anything that works in your environment! # change IP address to anything that works in your environment!
chmod +x check_apiserver.sh sudo chmod +x check_apiserver.sh
cp check_apiserver.sh /etc/keepalived/ sudo cp check_apiserver.sh /etc/keepalived/
scp check_apiserver.sh control2:/tmp && ssh -t control2 'sudo cp /tmp/check_apiserver.sh /etc/keepalived' scp check_apiserver.sh control2:/tmp && ssh -t control2 'sudo -S cp /tmp/check_apiserver.sh /etc/keepalived'
scp check_apiserver.sh control3:/tmp && ssh -t control3 'sudo cp /tmp/check_apiserver.sh /etc/keepalived' scp check_apiserver.sh control3:/tmp && ssh -t control3 'sudo -S cp /tmp/check_apiserver.sh /etc/keepalived'
#### creating site specific keepalived.conf file #### creating site specific keepalived.conf file
cp keepalived.conf keepalived-control2.conf sudo cp keepalived.conf keepalived-control2.conf
cp keepalived.conf keepalived-control3.conf sudo cp keepalived.conf keepalived-control3.conf
sed -i 's/state MASTER/state SLAVE/' keepalived-control2.conf sudo sed -i 's/state MASTER/state SLAVE/' keepalived-control2.conf
sed -i 's/state MASTER/state SLAVE/' keepalived-control3.conf sudo sed -i 's/state MASTER/state SLAVE/' keepalived-control3.conf
sed -i 's/priority 255/priority 254/' keepalived-control2.conf sudo sed -i 's/priority 255/priority 254/' keepalived-control2.conf
sed -i 's/priority 255/priority 253/' keepalived-control3.conf sudo sed -i 's/priority 255/priority 253/' keepalived-control3.conf
cp keepalived.conf /etc/keepalived/ sudo cp keepalived.conf /etc/keepalived/
scp keepalived-control2.conf control2:/tmp && ssh -t control2 'sudo cp /tmp/keepalived-control2.conf /etc/keepalived/keepalived.conf' scp keepalived-control2.conf control2:/tmp && ssh -t control2 'sudo -S cp /tmp/keepalived-control2.conf /etc/keepalived/keepalived.conf'
scp keepalived-control3.conf control3:/tmp && ssh -t control3 'sudo cp /tmp/keepalived-control3.conf /etc/keepalived/keepalived.conf' scp keepalived-control3.conf control3:/tmp && ssh -t control3 'sudo -S cp /tmp/keepalived-control3.conf /etc/keepalived/keepalived.conf'
echo DEBUG check if files are copied over successfully
read
### rewriting haproxy.cfg with site specific IP addresses ### rewriting haproxy.cfg with site specific IP addresses
sed -i s/server\ control1\ 1.1.1.1\:6443\ check/server\ control1\ $CONTROL1_IP\:6443\ check/ haproxy.cfg sudo sed -i s/server\ control1\ 1.1.1.1\:6443\ check/server\ control1\ $CONTROL1_IP\:6443\ check/ haproxy.cfg
sed -i s/server\ control2\ 1.1.1.2\:6443\ check/server\ control2\ $CONTROL2_IP\:6443\ check/ haproxy.cfg sudo sed -i s/server\ control2\ 1.1.1.2\:6443\ check/server\ control2\ $CONTROL2_IP\:6443\ check/ haproxy.cfg
sed -i s/server\ control3\ 1.1.1.3\:6443\ check/server\ control3\ $CONTROL3_IP\:6443\ check/ haproxy.cfg sudo sed -i s/server\ control3\ 1.1.1.3\:6443\ check/server\ control3\ $CONTROL3_IP\:6443\ check/ haproxy.cfg
# copy haproxy.cfg to destinations # copy haproxy.cfg to destinations
cp haproxy.cfg /etc/haproxy/ sudo cp haproxy.cfg /etc/haproxy/
scp haproxy.cfg control2:/tmp && ssh -t control2 'sudo cp /tmp/haproxy.cfg /etc/haproxy/' scp haproxy.cfg control2:/tmp && ssh -t control2 'sudo -S cp /tmp/haproxy.cfg /etc/haproxy/'
scp haproxy.cfg control3:/tmp && ssh -t control3 'sudo cp /tmp/haproxy.cfg /etc/haproxy/' scp haproxy.cfg control3:/tmp && ssh -t control3 'sudo -S cp /tmp/haproxy.cfg /etc/haproxy/'
echo DEBUG check if haproxy files are copied over successfully
read
# start and enable services # start and enable services
systemctl enable keepalived --now sudo systemctl enable keepalived --now
systemctl enable haproxy --now sudo systemctl enable haproxy --now
ssh control2 systemctl enable keepalived --now ssh control2 sudo -S systemctl enable keepalived --now
ssh control2 systemctl enable haproxy --now ssh control2 sudo -S systemctl enable haproxy --now
ssh control3 systemctl enable keepalived --now ssh control3 sudo -S systemctl enable keepalived --now
ssh control3 systemctl enable haproxy --now ssh control3 sudo -S systemctl enable haproxy --now
echo setup is now done, please verify echo setup is now done, please verify
echo the first node that started the services - normally control1 - should run the virtual IP address 192.168.29.100 echo the first node that started the services - normally control1 - should run the virtual IP address 192.168.29.100