修复安装 cilium 1.14 无法正常安装问题 #972
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Crane Deploy Testing | |
on: | |
push: | |
branches: [ develop , staging ] | |
jobs: | |
buildKubernetesImages: | |
if: github.ref == 'refs/heads/develop' | |
runs-on: ubuntu-20.04 | |
services: | |
simple: | |
image: slzcc/sshd:latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Login to Docker Hub | |
run: | | |
echo ${{ secrets.DOCKERHUBTOKEN }} | sudo docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin | |
- name: Create Images and Push | |
run: | | |
sudo docker info | |
cd script && \ | |
bash -x ./PushKubernetesNodeBinaries.sh | |
- name: Deploy Crane Image | |
run: | | |
sudo make build | |
sudo make push | |
deployCrane: | |
if: github.ref == 'refs/heads/staging' | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Initialize Crane Config | |
run: | | |
ls -l | |
export WORKDIR=~/work/crane/crane | |
sudo chmod 777 /etc/ssh/sshd_config | |
sudo sed -i 's/#PermitRootLogin\ .*/PermitRootLogin\ yes/g' /etc/ssh/sshd_config | |
sudo systemctl restart sshd | |
ssh-keygen -t rsa -N "" -f ~/.ssh/kube-simple | |
sudo rm -rf /root/.ssh | |
sudo mkdir /root/.ssh | |
cat ~/.ssh/kube-simple.pub >> ~/.ssh/authorized_keys | |
sudo cp -a ~/.ssh/authorized_keys /root/.ssh/authorized_keys | |
chmod 600 -R ~/.ssh/authorized_keys | |
sudo chown root:root -R /root/.ssh | |
INSTANCE_IP=`ip a | grep 'scope global eth0' | grep -v 127.0.0.1 | grep -v inet6 | awk '{print $2}' | awk -F/ '{print $1}'` | |
INSTANCE_NET_NAME=`ifconfig | egrep ^eth0 | awk -F: '{print $1}'` | |
sed -i "s/os_network_device_name:\ .*/os_network_device_name:\ ${INSTANCE_NET_NAME}/g" ${WORKDIR}/crane/group_vars/all.yml | |
sed -i "s/k8s_load_balance_ip:\ .*/k8s_load_balance_ip:\ ${INSTANCE_IP}/g" ${WORKDIR}/crane/group_vars/all.yml | |
sed -i "s/is_docker_daemon_config:\ .*/is_docker_daemon_config:\ false/g" ${WORKDIR}/crane/roles/cri-install/vars/docker.yaml | |
sed -i "s/is_kube_simple:\ .*/is_kube_simple:\ true/g" ${WORKDIR}/crane/group_vars/all.yml | |
sed -i "s/cri_driver:\ .*/cri_driver:\ ['docker']/g" ${WORKDIR}/crane/group_vars/all.yml | |
sed -i "s/cri_k8s_default:\ .*/cri_k8s_default:\ docker/g" ${WORKDIR}/crane/group_vars/all.yml | |
# sed -i "s/general_network_drive:\ .*/general_network_drive:\ calico/g" ${WORKDIR}/crane/group_vars/all.yml | |
sed -i "s/172.20.0.2/${INSTANCE_IP}/g" ${WORKDIR}/kube-simple/nodes | |
sed -i 's/false/true/g' ${WORKDIR}/crane/roles/kubernetes-addons/defaults/main.yml | |
sed -i 's/is_deploy_istio:\ .*/is_deploy_istio: false/g' ${WORKDIR}/crane/roles/kubernetes-addons/defaults/main.yml | |
sed -i "s/docker_install_type:\ \"http_binary\"/docker_install_type:\ \"local_binary\"/g" ${WORKDIR}/crane/roles/cri-install/vars/docker.yaml | |
echo "********************** Check Files Start" | |
cat ${WORKDIR}/crane/group_vars/all.yml | |
echo "********************** Check Files Done" | |
sudo apt install -y ansible | |
sudo cp -a crane/ansible.cfg /etc/ansible/ansible.cfg | |
sudo usermod -aG docker runner | |
make local_load_dockerd | |
# Create Public Network | |
sudo docker network create --subnet 172.20.0.0/24 kube_simple | |
# Start Crane Node | |
sudo docker run -d -v crane-node-socket:/var/run \ | |
-v crane-node-k8s-etc:/etc/kubernetes \ | |
-v crane-node-k8s-kubelet:/var/lib/kubelet \ | |
-v crane-node-cni-bin:/opt/cni/bin \ | |
-v crane-node-cni-etc:/etc/cni/net.d \ | |
-v crane-node-etcd:/var/lib/etcd \ | |
-v crane-node-tmp:/tmp \ | |
--privileged \ | |
docker:20.10.17-dind | |
sudo docker run -d --name crane-node \ | |
--net kube_simple \ | |
--privileged \ | |
-v crane-node-socket:/var/run \ | |
-v crane-node-k8s-etc:/etc/kubernetes \ | |
-v crane-node-k8s-kubelet:/var/lib/kubelet \ | |
-v crane-node-cni-bin:/opt/cni/bin \ | |
-v crane-node-cni-etc:/etc/cni/net.d \ | |
-v crane-node-etcd:/var/lib/etcd \ | |
-v crane-node-tmp:/tmp \ | |
--entrypoint "/sbin/init" \ | |
slzcc/ubuntu:20.04-linuxkit-5.10.34-docker | |
sleep 10 | |
sudo docker exec -i crane-node docker info | |
sudo docker cp ~/.ssh/authorized_keys crane-node:/root/.ssh/authorized_keys | |
sudo docker exec -i crane-node chown root:root /root/.ssh/authorized_keys | |
sudo docker exec -i crane-node chmod 600 /root/.ssh/authorized_keys | |
export CONTAINER_IP=`docker inspect crane-node --format "{{ .NetworkSettings.Networks.kube_simple.IPAddress }}"` | |
sed -i "/kube-node/a ${CONTAINER_IP}" ${WORKDIR}/kube-simple/nodes | |
# Deploy crane | |
cd ${WORKDIR}/crane/ && ansible-playbook -i ../kube-simple/nodes main.yml -vv | |
sudo kubectl get node --kubeconfig=/etc/kubernetes/admin.conf | |
sudo kubectl get pods --all-namespaces -o wide --kubeconfig=/etc/kubernetes/admin.conf | |
# Start Add Master Kube-Simple | |
sudo docker run -d -v crane-add-master-socket:/var/run \ | |
-v crane-add-master-k8s-etc:/etc/kubernetes \ | |
-v crane-add-master-k8s-kubelet:/var/lib/kubelet \ | |
-v crane-add-master-cni-bin:/opt/cni/bin \ | |
-v crane-add-master-cni-etc:/etc/cni/net.d \ | |
-v crane-add-master-etcd:/var/lib/etcd \ | |
-v crane-add-master-tmp:/tmp \ | |
--privileged \ | |
docker:20.10.17-dind | |
sudo docker run -d --name add-master \ | |
--net kube_simple \ | |
--privileged \ | |
-v crane-add-master-socket:/var/run \ | |
-v crane-add-master-k8s-etc:/etc/kubernetes \ | |
-v crane-add-master-k8s-kubelet:/var/lib/kubelet \ | |
-v crane-add-master-cni-bin:/opt/cni/bin \ | |
-v crane-add-master-cni-etc:/etc/cni/net.d \ | |
-v crane-add-master-etcd:/var/lib/etcd \ | |
-v crane-add-master-tmp:/tmp \ | |
--entrypoint "/sbin/init" \ | |
slzcc/ubuntu:20.04-linuxkit-5.10.34-docker | |
sleep 10 | |
sudo docker exec -i add-master docker info | |
sudo docker cp ~/.ssh/authorized_keys add-master:/root/.ssh/authorized_keys | |
sudo docker exec -i add-master chown root:root /root/.ssh/authorized_keys | |
sudo docker exec -i add-master chmod 600 /root/.ssh/authorized_keys | |
export CONTAINER_IP=`docker inspect add-master --format "{{ .NetworkSettings.Networks.kube_simple.IPAddress }}"` | |
sed -i "/k8s-cluster-add-master/a ${CONTAINER_IP}" ${WORKDIR}/kube-simple/nodes | |
# Add Master | |
cd ${WORKDIR}/crane/ && ansible-playbook -i ../kube-simple/nodes add_master.yml -vv | |
sleep 60 | |
sudo kubectl get node --kubeconfig=/etc/kubernetes/admin.conf | |
# Start Add Node Kube-Simple | |
sudo docker run -d -v crane-add-node-socket:/var/run \ | |
-v crane-add-node-k8s-etc:/etc/kubernetes \ | |
-v crane-add-node-k8s-kubelet:/var/lib/kubelet \ | |
-v crane-add-node-cni-bin:/opt/cni/bin \ | |
-v crane-add-node-cni-etc:/etc/cni/net.d \ | |
-v crane-add-node-etcd:/var/lib/etcd \ | |
-v crane-add-node-tmp:/tmp \ | |
--privileged \ | |
docker:20.10.17-dind | |
sudo docker run -d --name add-node \ | |
--net kube_simple \ | |
--privileged \ | |
-v crane-add-node-socket:/var/run \ | |
-v crane-add-node-k8s-etc:/etc/kubernetes \ | |
-v crane-add-node-k8s-kubelet:/var/lib/kubelet \ | |
-v crane-add-node-cni-bin:/opt/cni/bin \ | |
-v crane-add-node-cni-etc:/etc/cni/net.d \ | |
-v crane-add-node-etcd:/var/lib/etcd \ | |
-v crane-add-node-tmp:/tmp \ | |
--entrypoint "/sbin/init" \ | |
slzcc/ubuntu:20.04-linuxkit-5.10.34-docker | |
sleep 20 | |
sudo docker exec -i add-node docker info | |
sudo docker cp ~/.ssh/authorized_keys add-node:/root/.ssh/authorized_keys | |
sudo docker exec -i add-node chown root:root /root/.ssh/authorized_keys | |
sudo docker exec -i add-node chmod 600 /root/.ssh/authorized_keys | |
export CONTAINER_IP=`docker inspect add-node --format "{{ .NetworkSettings.Networks.kube_simple.IPAddress }}"` | |
sed -i "/k8s-cluster-add-node/a ${CONTAINER_IP}" ${WORKDIR}/kube-simple/nodes | |
# Add Node | |
cd ${WORKDIR}/crane/ && ansible-playbook -i ../kube-simple/nodes add_nodes.yml -vv | |
sleep 60 | |
sudo kubectl get node --kubeconfig=/etc/kubernetes/admin.conf | |
# Kubernetes Certificate Rotation | |
ls -l /etc/kubernetes/pki/ | |
cd ${WORKDIR}/crane/ && ansible-playbook -i ../kube-simple/nodes k8s_certificate_rotation.yml -vv | |
ls -l /etc/kubernetes/pki/ | |
sleep 60 | |
sudo kubectl get node --kubeconfig=/etc/kubernetes/admin.conf | |
# Etcd Certificate Rotation | |
ls -l /etc/kubernetes/pki/etcd/ | |
cd ${WORKDIR}/crane/ && ansible-playbook -i ../kube-simple/nodes etcd_certificate_rotation.yml -vv | |
ls -l /etc/kubernetes/pki/etcd/ | |
sleep 60 | |
sudo kubectl get node --kubeconfig=/etc/kubernetes/admin.conf | |
# Upgrade Kubernetes | |
cd ${WORKDIR}/crane/ && ansible-playbook -i ../kube-simple/nodes upgrade_version.yml -vv | |
# Start Add Etcd | |
sed -i "/etcd-cluster-add-node/a ${CONTAINER_IP}" ${WORKDIR}/kube-simple/nodes | |
# Add Etcd | |
sudo kubectl get cs --kubeconfig=/etc/kubernetes/admin.conf | |
cd ${WORKDIR}/crane/ && ansible-playbook -i ../kube-simple/nodes add_etcd.yml -vv | |
# clean crane | |
cd ${WORKDIR}/crane/ && ansible-playbook -i ../kube-simple/nodes remove_cluster.yml -vv | |
shell: bash |