Skip to content

Commit 4b13e6f

Browse files
xfstudioxfstudio
committed
2nd part of document ,add shell script and salt state file
1 parent fed4c38 commit 4b13e6f

9 files changed

+520
-8
lines changed

DOCUMENT/zh-cn/一、SaltStack搭建Kubernetes集群管理架构基础设施.md

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,18 @@ salt '*' cmd.exec_code python 'import sys; print sys.version'
140140
确认全部命令执行完成,报错不可怕,能够根据错误检查出问题所在加以解决,可怕的是不报错却没达到预期输出。如存在minion丢失,使用“sudo systemctl status salt-minion -l”进行错误排查
141141
##### 2.
142142
安装并配置docker==以下命令皆在master机上执行即可==
143+
- 系统配置
144+
```
145+
# 关闭防火墙
146+
salt '*' cmd.run 'systemctl disable firewalld && systemctl stop firewalld && systemctl status firewalld'
147+
# 设置SELINUX为permissive模式
148+
salt '*' cmd.run 'sed -i "s/SELINUX=enforcing/SELINUX=permissive/g" /etc/selinux/config'
149+
# 设置iptables参数
150+
salt '*' cmd.run 'tee /etc/sysctl.d/k8s.conf <<-"EOF"
151+
net.bridge.bridge-nf-call-iptables = 1
152+
net.bridge.bridge-nf-call-ip6tables = 1
153+
EOF'
154+
```
143155
- 自动挂载数据盘(如有,推荐)
144156
```
145157
salt '*' cmd.run 'echo "/dev/xvdb1 /data ext3 defaults 0 0">> /etc/fstab'
@@ -208,6 +220,7 @@ docker inspect <容器ID或NAME>查看Runtime
208220
yum install -y util-linux
209221
# 首先,计算出你要进入容器的PID:
210222
PID=$(docker inspect --format {{.State.Pid}} <container_name_or_ID>)
223+
PID=$(docker inspect --format {{.State.Pid}} 3d2e168a206f)
211224
# 然后进入容器:
212225
nsenter --target $PID --mount --uts --ipc --net --pid
213226
```
@@ -288,7 +301,7 @@ salt "*" cmd.run 'yum install -y /tmp/rpm/*.rpm'
288301
289302
```
290303
##### 6.
291-
salt的pillar提供统一的集群配置模板管理,是实现自动化运维的关键所在,所使用的jinra模板引擎,类似于PHP的MVC,易于理解和使用。要注意sls配置文件的yaml强制约定以两个空格作为缩进,“:”和键值之间必须有至少一个空格。使用salt集群化安装和配置kubernetes、etcd、flannel(参考来源:[I:shdowsocks自用梯子的搭建和优化](http://note.youdao.com/noteshare?id=c2087b3ba10809abf605d8068d94b25d&sub=CF294ADF75E14B5EA0382D2E0E8D2286)[II:kubeadm(安装过程需科学上网)](https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/)[III:kubeadm国内安装](https://my.oschina.net/xdatk/blog/895645?nocache=1498467713064)[IV:手动搭建kubernetes集群](https://github.com/opsnull/follow-me-install-kubernetes-cluster)[一键部署Kubernetes高可用集群](http://www.cnblogs.com/keithtt/p/6649995.html)[V:kubeadm v1.6.6的一些注意事项](http://blog.csdn.net/tiger435/article/details/73996078)
304+
salt的pillar提供统一的集群配置模板管理,是实现自动化运维的关键所在,所使用的jinra模板引擎,类似于PHP的MVC,易于理解和使用。要注意sls配置文件的yaml强制约定以两个空格作为缩进,“:”和键值之间必须有至少一个空格。使用salt集群化安装和配置kubernetes、etcd、flannel(参考来源:[I:shdowsocks自用梯子的搭建和优化](http://note.youdao.com/noteshare?id=c2087b3ba10809abf605d8068d94b25d&sub=CF294ADF75E14B5EA0382D2E0E8D2286)、[II:kubeadm(安装过程需科学上网)](https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/)、[III:kubeadm国内安装](https://my.oschina.net/xdatk/blog/895645?nocache=1498467713064)、[IV:手动搭建kubernetes集群](https://github.com/opsnull/follow-me-install-kubernetes-cluster)、[一键部署Kubernetes高可用集群](http://www.cnblogs.com/keithtt/p/6649995.html)、[V:kubeadm v1.6.6的一些注意事项](http://blog.csdn.net/tiger435/article/details/73996078)、[VI:kubeadm HA](https://github.com/cookeem/kubeadm-ha)
292305
- 创建集群环境配置文件模板
293306
```
294307
tee /srv/pillar/top.sls <<-EOF

DOCUMENT/zh-cn/二、EFK+Prometheus可扩展的DevOps自动化运维部署及监控体系.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -49,11 +49,11 @@ nginx:
4949
#分组配置:【/etc/salt/master】
5050
```
5151
nodegroups:
52-
web1group: 'L@wx,SN2013-08-21'
53-
web2group: 'L@SN2013-08-22,SN2014'
52+
k8s-master: 'centos7-bcc1-xf-baidu-cn-guangzhou'
53+
k8s-worker: 'centos7-bcc2-xf-baidu-cn-guangzhou,centos7-bcc3-xf-baidu-cn-guangzhou'
5454
```
5555
#其中L@表示后面的主机id格式为列表,即主机id以逗号分隔:G@表示以grain格式描述:S@表示以IP子网或地址格式描述
56-
salt -N web2group test.ping #探测web2group被控主机的连通性
56+
salt -N k8s-worker test.ping #探测web2group被控主机的连通性
5757
```
5858
-C,--compound,根据条件运算符not、and、or去匹配不同规则的主机信息
5959
```
@@ -293,7 +293,7 @@ EOF
293293
```
294294
salt '*' state.sls usr.local.kubernetes.deploy-k8s
295295
salt -E 'centos7-bcc[2,3].*' cmd.run 'bash /usr/local/kubernetes/deploy-k8s.sh replica'
296-
salt -E 'centos7-bcc[2,3].*' cmd.run 'kubeadm join --token 849fab.ec34e21817d1c573 172.16.0.2:6443'
296+
salt -E 'centos7-bcc[2,3].*' cmd.run 'kubeadm join --token cde652.ba6f5498291abf9a 172.16.0.2:6443'
297297
# 使用ConfigMap文件创建集群容器,此处注意sls的include每次只能包含一个文件
298298
salt '*' cmd.run 'mkdir -p /usr/local/kubernetes/manifests/kube-efk/'
299299
salt '*' state.sls usr.local.kubernetes.manifests

pillar/env.sls.sample

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,7 +72,11 @@ packages:
7272
defaultbackend: 1.3
7373
#
7474
elasticsearch: v2.4.1-2
75+
fluentd-elasticsearch: 1.23
7576
kibana: v4.6.1-1
77+
skydns: 2015-10-13-8c72f8c
78+
exechealthz: 1.0
79+
#
7680
event-exporter: v0.1.0-r2
7781
prometheus-to-sd: v0.1.2-r2
7882
ip-masq-agent-amd64: v2.0.2

0 commit comments

Comments
 (0)