自动化部署Kubernetes集群

自动化部署Kubernetes集群

准备虚拟机模版:k8s-manager

  1. 基于ubuntu系统标准化配置完成(ubuntu2404安装完成 + 配置华为云仓库、安装基础软件包、设置root密码、设置root远程登录、设置系统时区和时间)。

  2. 上传 ubuntu2404_auto_install_kubernetes-1.30.2.zip 到家目录,解压并赋予脚本执行权限。

    上传 setip、sethostname到/usr/local/bin,并赋予脚本执行权限。

    bash 复制代码
    [root@manager ~]# ls
    ubuntu2404_auto_install_kubernetes-1.30.2.zip
    [root@manager ~]# 
    
    [root@manager ~]# unzip ubuntu2404_auto_install_kubernetes-1.30.2.zip 
    Archive:  ubuntu2404_auto_install_kubernetes-1.30.2.zip
       creating: ubuntu2404_auto_install_kubernetes-1.30.2/
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/deploy_kubernetes_master.sh  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/deploy_kubernetes_worker.sh  
       creating: ubuntu2404_auto_install_kubernetes-1.30.2/images/
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/images/calico_cni-v3.30.7.tar  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/images/calico_kube-controllers-v3.30.7.tar  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/images/calico_node-v3.30.7.tar  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/images/coredns-v1.11.1.tar  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/images/etcd-3.5.12-0.tar  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/images/kube-apiserver-v1.30.2.tar  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/images/kube-controller-manager-v1.30.2.tar  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/images/kube-proxy-v1.30.2.tar  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/images/kube-scheduler-v1.30.2.tar  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/images/pause-3.9.tar  
       creating: ubuntu2404_auto_install_kubernetes-1.30.2/resources/
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/resources/calico-3.30.7.yaml  
       creating: ubuntu2404_auto_install_kubernetes-1.30.2/softwares/
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/softwares/cni-plugins-linux-amd64-v1.6.0.tgz  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/softwares/nerdctl-1.7.7-linux-amd64.tar.gz  
      inflating: ubuntu2404_auto_install_kubernetes-1.30.2/usage_guide.txt  
      
    [root@manager ~]# ls
    ubuntu2404_auto_install_kubernetes-1.30.2  ubuntu2404_auto_install_kubernetes-1.30.2.zip
    [root@manager ~]# cd ubuntu2404_auto_install_kubernetes-1.30.2
    [root@manager ubuntu2404_auto_install_kubernetes-1.30.2]# ls
    deploy_kubernetes_master.sh  deploy_kubernetes_worker.sh  images  resources  softwares  usage_guide.txt
    [root@manager ubuntu2404_auto_install_kubernetes-1.30.2]# chmod +x deploy*
    [root@manager ubuntu2404_auto_install_kubernetes-1.30.2]# ls
    deploy_kubernetes_master.sh  deploy_kubernetes_worker.sh  images  resources  softwares  usage_guide.txt
    
    
    [root@manager bin]# ls
    sethostname  setip
    [root@manager bin]# chmod +x sethostname setip 
    [root@manager bin]# ll
    total 16
    drwxr-xr-x  2 root root 4096 Apr 21 22:47 ./
    drwxr-xr-x 10 root root 4096 Apr 23  2024 ../
    -rwxr-xr-x  1 root root   75 Apr 21 22:47 sethostname*
    -rwxr-xr-x  1 root root 1450 Apr 21 22:47 setip*
  3. 配置/etc/hosts

    bash 复制代码
    [root@manager ~]# cat >> /etc/hosts << 'EOF'
    
    ###### kubernetes auto deploy #####
    
    10.1.8.40 master40.shizhan.cloud master40
    10.1.8.41 worker41.shizhan.cloud worker41
    10.1.8.42 worker42.shizhan.cloud worker42
    EOF
  4. 模版打快照。

自动化部署

  1. 从k8s-manager克隆出master40、worker41、worker42,并设置主机名和IP地址。

    sethostname脚本内容:

    bash 复制代码
    #!/bin/bash
    DOMAIN=shizhan.cloud
    hostnamectl hostname $1.$DOMAIN 
    hostname

    setip脚本内容:

    bash 复制代码
    #!/bin/bash
    ################################################################################
    # 脚本名称: setip
    # 脚本用途: 快速修改Ubuntu系统(Netplan网络管理)的静态IP地址
    # 使用说明: 
    #   1. 脚本需要root权限执行(sudo)
    #   2. 执行格式: ./setip [最后一段IP数字]
    #   3. 执行格式: setip [最后一段IP数字]
    #   4. 示例: 
    #      - 要设置IP为10.1.8.20,则执行: sudo ./setip 20
    #      - 要设置IP为10.1.8.100,则执行: sudo ./setip 100
    # 注意事项:
    #   1. 仅适用于使用Netplan管理网络的Ubuntu系统
    #   2. 脚本会自动识别当前网卡的IP并替换为10.1.8.X格式的新IP
    #   3. 修改的配置文件为/etc/netplan/00-static.yaml
    #   4. 执行后会自动应用网络配置并显示当前网卡IP信息
    ################################################################################
    
    # 定义Netplan静态网络配置文件路径
    network_config_file=/etc/netplan/00-static.yaml
    
    # 获取当前系统最后一个网卡的IP地址(仅取IP部分,不含子网掩码)
    IP_OLD=$(ip -br a |tail -1 | awk '{print $3}' | cut -d/ -f1)
    
    # 拼接新IP地址,前缀固定为10.1.8,最后一段由脚本参数传入
    IP_NEW=10.1.8.$1
    
    # 使用sed命令替换配置文件中的旧IP为新IP
    sed -i "s/${IP_OLD}/${IP_NEW}/" ${network_config_file}
    
    # 应用Netplan网络配置变更
    netplan apply
    
    # 显示当前所有网卡的IP简要信息,确认修改结果
    ip -br a

    三个节点分别执行:

    bash 复制代码
    # master40节点执行
    sethostname master40
    setip 40
    
    # worker41节点执行
    sethostname worker41
    setip 41
    
    # worker42节点执行
    sethostname worker42
    setip 42
  2. 自动化部署

    master40节点执行脚本/root/ubuntu2404_auto_install_kubernetes-1.30.2/deploy_kubernetes_master.sh

    worker41/worker42节点执行脚本/root/ubuntu2404_auto_install_kubernetes-1.30.2/deploy_kubernetes_worker.sh

    deploy_kubernetes_master.sh脚本内容:

    bash 复制代码
    #!/bin/bash
    set -e
    
    # ====================== 基础配置 ======================
    # 日志文件(按时间戳命名)
    LOG_FILE="/tmp/kubernetes-install-$(date +%Y-%m-%d-%H-%M-%S).log"
    # 安装痕迹标记文件
    INSTALL_MARK="/var/lib/k8s-master-installed.flag"
    # K8s版本
    K8S_VERSION="v1.30.2"
    # Pod网络段
    POD_CIDR="10.224.0.0/16"
    # 目录定义
    IMAGE_DIR="./images"
    RESOURCES_DIR="./resources"
    SOFTWARES_DIR="./softwares"
    # Calico配置文件
    CALICO_YAML="${RESOURCES_DIR}/calico-3.30.7.yaml"
    
    # ====================== 日志函数 ======================
    log() {
        local LEVEL=$1
        local MSG=$2
        local TIMESTAMP=$(date +"%Y-%m-%d %H:%M:%S")
        echo -e "[$TIMESTAMP] [$LEVEL] $MSG" | tee -a $LOG_FILE
    }
    
    # ====================== 前置检查 ======================
    check_installed() {
        log "INFO" "===== 1. 检查是否已安装 ====="
        if [ -f "$INSTALL_MARK" ]; then
            log "ERROR" "检测到该节点已通过本脚本安装过Kubernetes Master!"
            log "ERROR" "安装痕迹文件:$INSTALL_MARK"
            exit 1
        fi
        log "INFO" "未检测到历史安装痕迹,继续部署..."
    }
    
    check_env() {
        log "INFO" "===== 2. 检查基础环境 ====="
        # 检查系统版本
        OS_VERSION=$(lsb_release -r | awk '{print $2}')
        if [ "$OS_VERSION" != "24.04" ]; then
            log "ERROR" "仅支持Ubuntu 24.04系统,当前系统版本:$OS_VERSION"
            exit 1
        fi
        # 检查是否为root用户
        if [ $UID -ne 0 ]; then
            log "ERROR" "请使用root用户执行脚本!"
            exit 1
        fi
        # 检查关键目录是否存在
        for DIR in $IMAGE_DIR $RESOURCES_DIR $SOFTWARES_DIR; do
            if [ ! -d "$DIR" ]; then
                log "ERROR" "目录不存在:$DIR,请检查文件结构!"
                exit 1
            fi
        done
        # 检查Calico配置文件
        if [ ! -f "$CALICO_YAML" ]; then
            log "ERROR" "Calico配置文件不存在:$CALICO_YAML"
            exit 1
        fi
        log "INFO" "基础环境检查通过"
    }
    
    prompt_user_config() {
        log "INFO" "===== 3. 提示用户配置主机名/IP ====="
        echo -e "\033[33m请确认已完成以下配置:\033[0m"
        echo "1. 配置静态IP(如10.1.8.30/24)"
        echo "2. 配置主机名(如master30.laoma.cloud)"
        echo "3. 配置/etc/hosts解析集群节点"
        read -p "确认配置完成后按回车继续,或按Ctrl+C退出..."
        log "INFO" "用户确认配置完成,继续部署..."
    }
    
    # ====================== 系统初始化 ======================
    sys_init() {
        log "INFO" "===== 4. 系统环境初始化 ====="
        # 关闭swap
        log "INFO" "关闭swap分区..."
        swapoff -a && sed -i '/^.*swap/d' /etc/fstab && rm -f /swap.img || log "WARN" "swap分区已关闭或不存在"
        
        # 配置仓库源(华为云)
        log "INFO" "配置Ubuntu软件源..."
        cat > /etc/apt/sources.list.d/ubuntu.sources <<'EOF'
    Types: deb
    URIs: http://mirrors.huaweicloud.com/ubuntu/
    Suites: noble noble-updates noble-backports
    Components: main restricted universe multiverse
    Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg
    EOF
    
        # 配置containerd仓库
        log "INFO" "配置containerd仓库..."
        [ -f /etc/apt/trusted.gpg.d/containerd.gpg ] && rm -f /etc/apt/trusted.gpg.d/containerd.gpg
        curl -fsSL https://mirrors.huaweicloud.com/docker-ce/linux/ubuntu/gpg | gpg --dearmour -o /etc/apt/trusted.gpg.d/containerd.gpg
        cat << 'EOF' > /etc/apt/sources.list.d/docker-ce.list
    deb [arch=amd64] https://mirrors.huaweicloud.com/docker-ce/linux/ubuntu noble stable
    EOF
    
        # 配置K8s仓库(阿里云)
        log "INFO" "配置Kubernetes仓库..."
        [ -f /etc/apt/keyrings/kubernetes-apt-keyring.gpg ] && rm -f /etc/apt/keyrings/kubernetes-apt-keyring.gpg
        curl -fsSL https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
        echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb/ /" > /etc/apt/sources.list.d/kubernetes.list
    
        # 更新仓库并安装基础包
        log "INFO" "安装基础软件包..."
        (apt update -y && apt install -y vim lrzsz bash-completion open-vm-tools apt-transport-https sshpass chrony iptables ipvsadm ipset conntrack) &>> $LOG_FILE
    
        # 加载内核模块
        log "INFO" "加载K8s网络内核模块..."
        modprobe -a overlay br_netfilter ip_vs ip_vs_rr ip_vs_wrr ip_vs_lc ip_vs_sh nf_conntrack
        cat > /etc/modules-load.d/k8s-net.conf << EOF
    br_netfilter
    overlay
    ip_vs
    ip_vs_rr
    ip_vs_wrr
    ip_vs_lc
    ip_vs_sh
    nf_conntrack
    EOF
    
        # 配置内核参数
        log "INFO" "配置K8s内核参数..."
        cat > /etc/sysctl.d/k8s.conf << 'EOF'
    net.bridge.bridge-nf-call-iptables=1
    net.ipv4.ip_forward=1
    vm.swappiness=0
    EOF
        sysctl -p /etc/sysctl.d/k8s.conf >> $LOG_FILE
    
        # 配置SSH
        log "INFO" "优化SSH配置..."
        echo 'UseDNS no' >> /etc/ssh/sshd_config
        echo 'StrictHostKeyChecking no' >> /etc/ssh/ssh_config
        systemctl restart sshd | tee -a $LOG_FILE
    
        # 配置时间同步
        log "INFO" "配置时间同步..."
        systemctl enable chrony --now &>> $LOG_FILE
    
        log "INFO" "系统环境初始化完成"
    }
    
    # ====================== 安装容器运行时 ======================
    install_containerd() {
        log "INFO" "===== 5. 安装containerd/nerdctl ====="
        # 安装containerd
        log "INFO" "安装containerd 1.7.20..."
        apt install -y containerd.io=1.7.20-1 cri-tools &>> $LOG_FILE
    
        # 配置containerd
        log "INFO" "配置containerd..."
        containerd config default > /etc/containerd/config.toml
        sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
        sed -i 's|sandbox_image = ".*"|sandbox_image = "registry.k8s.io/pause:3.9"|' /etc/containerd/config.toml
    
        # 配置镜像加速
        log "INFO" "配置containerd镜像加速..."
        mkdir -p /etc/containerd/certs.d/docker.io
        cat > /etc/containerd/certs.d/docker.io/hosts.toml << EOF
    server = "https://registry-1.docker.io"
    [host."https://09def58152000fc00ff0c00057bad7e0.mirror.swr.myhuaweicloud.com"]
      capabilities = ["pull", "resolve"]
    EOF
        mkdir -p /etc/containerd/certs.d/registry.k8s.io
        cat > /etc/containerd/certs.d/registry.k8s.io/hosts.toml << EOF
    server = "https://registry.k8s.io"
    [host."https://k8s.m.daocloud.io"]
      capabilities = ["pull", "resolve"]
    [host."https://k8s.mirrorify.net"]
      capabilities = ["pull", "resolve"]
    [host."https://registry.cn-hangzhou.aliyuncs.com/google_containers"]
      capabilities = ["pull", "resolve"]
      override_path = true
    EOF
    
        # 安装nerdctl
        log "INFO" "安装nerdctl 1.7.7..."
        tar -xf ${SOFTWARES_DIR}/nerdctl-1.7.7-linux-amd64.tar.gz -C /usr/bin/
    
        # 配置命令补全
        log "INFO" "配置nerdctl补全..."
        [ ! -d /etc/bash_completion.d ] && mkdir /etc/bash_completion.d
        nerdctl completion bash > /etc/bash_completion.d/nerdctl
        echo 'export CONTAINERD_NAMESPACE=k8s.io' >> /etc/bash_completion.d/nerdctl
        source /etc/bash_completion.d/nerdctl
    
        # 安装CNI插件
        log "INFO" "安装CNI插件 v1.6.0..."
        mkdir -p /opt/cni/bin
        tar -xf ${SOFTWARES_DIR}/cni-plugins-linux-amd64-v1.6.0.tgz -C /opt/cni/bin
    
        # 重启containerd
        log "INFO" "重启containerd服务..."
        systemctl restart containerd && systemctl enable containerd | tee -a $LOG_FILE
    
        log "INFO" "容器运行时安装完成"
    }
    
    # ====================== 导入镜像 ======================
    import_images() {
        log "INFO" "===== 6. 导入K8s/Calico镜像 ====="
        # 设置nerdctl命名空间
        export CONTAINERD_NAMESPACE=k8s.io
    
        # 导入K8s核心镜像
        log "INFO" "导入K8s核心镜像..."
        for IMG_TAR in ${IMAGE_DIR}/kube-apiserver-${K8S_VERSION}.tar \
                      ${IMAGE_DIR}/kube-controller-manager-${K8S_VERSION}.tar \
                      ${IMAGE_DIR}/kube-scheduler-${K8S_VERSION}.tar \
                      ${IMAGE_DIR}/kube-proxy-${K8S_VERSION}.tar \
                      ${IMAGE_DIR}/coredns-v1.11.1.tar \
                      ${IMAGE_DIR}/pause-3.9.tar \
                      ${IMAGE_DIR}/etcd-3.5.12-0.tar; do
            if [ -f "$IMG_TAR" ]; then
                nerdctl load -i $IMG_TAR >> $LOG_FILE
            else
                log "ERROR" "镜像文件不存在:$IMG_TAR"
                exit 1
            fi
        done
    
        # 导入Calico镜像
        log "INFO" "导入Calico镜像..."
        for IMG_TAR in ${IMAGE_DIR}/calico_cni-v3.30.7.tar \
                      ${IMAGE_DIR}/calico_node-v3.30.7.tar \
                      ${IMAGE_DIR}/calico_kube-controllers-v3.30.7.tar; do
            if [ -f "$IMG_TAR" ]; then
                nerdctl load -i $IMG_TAR >> $LOG_FILE
            else
                log "ERROR" "镜像文件不存在:$IMG_TAR"
                exit 1
            fi
        done
    
        log "INFO" "所有镜像导入完成"
    }
    
    # ====================== 安装K8s组件 ======================
    install_k8s() {
        log "INFO" "===== 7. 安装kubeadm/kubelet/kubectl ====="
        # 安装指定版本K8s组件
        log "INFO" "安装K8s ${K8S_VERSION}组件..."
        apt install -y kubeadm=1.30.2-1.1 kubelet=1.30.2-1.1 kubectl=1.30.2-1.1 &>> $LOG_FILE
    
        # 启用kubelet
        log "INFO" "启用kubelet服务..."
        systemctl enable kubelet --now | tee -a $LOG_FILE
    
        # 配置命令补全
        log "INFO" "配置crictl/kubectl/kubeadm补全..."
        crictl completion bash > /etc/bash_completion.d/crictl
        kubectl completion bash > /etc/bash_completion.d/kubectl
        kubeadm completion bash > /etc/bash_completion.d/kubeadm
        source /etc/bash_completion.d/crictl
        source /etc/bash_completion.d/kubectl
        source /etc/bash_completion.d/kubeadm
    
        log "INFO" "K8s组件安装完成"
    }
    
    # ====================== 初始化Master节点 ======================
    init_master() {
        log "INFO" "===== 8. 初始化K8s Master节点 ====="
        # 初始化集群
        log "INFO" "执行kubeadm init初始化集群..."
        kubeadm init --kubernetes-version=${K8S_VERSION} \
                     --pod-network-cidr=${POD_CIDR} \
                     --ignore-preflight-errors=all >> $LOG_FILE
    
        # 配置kubectl凭据
        log "INFO" "配置kubectl默认凭据..."
        mkdir -p $HOME/.kube
        cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
    
        log "INFO" "Master节点初始化完成"
    }
    
    # ====================== 部署Calico网络 ======================
    deploy_calico() {
        log "INFO" "===== 9. 部署Calico网络 ====="
        # 修改Calico Pod网络段
        log "INFO" "修改Calico配置文件(匹配POD_CIDR)..."
        sed -i "s|# - name: CALICO_IPV4POOL_CIDR|- name: CALICO_IPV4POOL_CIDR|g" $CALICO_YAML
        sed -i "s|#   value: \"192.168.0.0/16\"|  value: \"${POD_CIDR}\"|g" $CALICO_YAML
    
        # 部署Calico
        log "INFO" "应用Calico配置..."
        kubectl apply -f $CALICO_YAML >> $LOG_FILE
    
        # 等待Calico Pod启动
        log "INFO" "等待Calico Pod启动(最多等待5分钟)..."
        timeout 300 bash -c 'until kubectl get pods -n kube-system | grep calico-node | grep -q Running; do sleep 5; done' || log "WARN" "Calico Pod启动超时,需手动检查"
        # 继续等待其他Pod启动
        sleep 10
    
        log "INFO" "Calico网络部署完成"
    }
    
    # ====================== 验证部署 ======================
    verify_deploy() {
        log "INFO" "===== 10. 验证K8s集群部署 ====="
        log "INFO" "=== 集群信息 ==="
        kubectl cluster-info | tee -a $LOG_FILE
        echo
    
        log "INFO" "=== K8s版本 ==="
        kubectl version | tee -a $LOG_FILE
        echo
    
        log "INFO" "=== 节点状态 ==="
        kubectl get nodes | tee -a $LOG_FILE
        echo
    
        log "INFO" "=== Pod状态 ==="
        kubectl get pods -A | tee -a $LOG_FILE
        echo
    
        # 检查节点是否Ready
        NODE_STATUS=$(kubectl get nodes | grep $(hostname) | awk '{print $2}')
        if [ "$NODE_STATUS" = "Ready" ]; then
            log "SUCCESS" "Kubernetes Master节点部署成功!"
    	echo
    	
    	log "INFO" "worker节点执行以下命令加入集群:"
    	grep -A1 'kubeadm join' $LOG_FILE
    	echo
    
            # 创建安装痕迹文件
            touch $INSTALL_MARK
            #log "INFO" "安装痕迹文件已创建:$INSTALL_MARK"
        else
            log "ERROR" "Kubernetes Master节点部署失败,节点状态:$NODE_STATUS"
            exit 1
        fi
    }
    
    # ====================== 主流程 ======================
    main() {
        # 启动日志
        log "INFO" "===== 开始部署Kubernetes Master节点 ${K8S_VERSION} ====="
        log "INFO" "日志文件:$LOG_FILE"
    
        # 前置检查
        check_installed
        check_env
        prompt_user_config
    
        # 部署流程
        sys_init
        install_containerd
        import_images
        install_k8s
        init_master
        deploy_calico
        verify_deploy
    
        log "INFO" "===== 部署完成 ====="
    
        echo -e "\033[32m"
        echo "==================================================="
        echo " ✅   Master 节点环境部署完成!"
        echo " 📝 日志文件:$LOG_FILE"
        echo "==================================================="
        echo -e "\033[0m"
    }
    
    # 执行主流程
    main

    deploy_kubernetes_worker.sh脚本内容

    bash 复制代码
    #!/bin/bash
    set -e
    
    # ====================== 基础配置 ======================
    # 日志文件(按时间戳命名)
    LOG_FILE="/tmp/kubernetes-install-$(date +%Y-%m-%d-%H-%M-%S).log"
    # 安装痕迹标记文件
    INSTALL_MARK="/var/lib/k8s-master-installed.flag"
    # K8s版本
    K8S_VERSION="v1.30.2"
    # Pod网络段
    POD_CIDR="10.224.0.0/16"
    # 目录定义
    IMAGE_DIR="./images"
    RESOURCES_DIR="./resources"
    SOFTWARES_DIR="./softwares"
    # Calico配置文件
    CALICO_YAML="${RESOURCES_DIR}/calico-3.30.7.yaml"
    
    # ====================== 日志函数 ======================
    log() {
        local LEVEL=$1
        local MSG=$2
        local TIMESTAMP=$(date +"%Y-%m-%d %H:%M:%S")
        echo -e "[$TIMESTAMP] [$LEVEL] $MSG" | tee -a $LOG_FILE
    }
    
    # ====================== 前置检查 ======================
    check_installed() {
        log "INFO" "===== 1. 检查是否已安装 ====="
        if [ -f "$INSTALL_MARK" ]; then
            log "ERROR" "检测到该节点已通过本脚本安装过Kubernetes Master!"
            log "ERROR" "安装痕迹文件:$INSTALL_MARK"
            exit 1
        fi
        log "INFO" "未检测到历史安装痕迹,继续部署..."
    }
    
    check_env() {
        log "INFO" "===== 2. 检查基础环境 ====="
        # 检查系统版本
        OS_VERSION=$(lsb_release -r | awk '{print $2}')
        if [ "$OS_VERSION" != "24.04" ]; then
            log "ERROR" "仅支持Ubuntu 24.04系统,当前系统版本:$OS_VERSION"
            exit 1
        fi
        # 检查是否为root用户
        if [ $UID -ne 0 ]; then
            log "ERROR" "请使用root用户执行脚本!"
            exit 1
        fi
        # 检查关键目录是否存在
        for DIR in $IMAGE_DIR $RESOURCES_DIR $SOFTWARES_DIR; do
            if [ ! -d "$DIR" ]; then
                log "ERROR" "目录不存在:$DIR,请检查文件结构!"
                exit 1
            fi
        done
        # 检查Calico配置文件
        if [ ! -f "$CALICO_YAML" ]; then
            log "ERROR" "Calico配置文件不存在:$CALICO_YAML"
            exit 1
        fi
        log "INFO" "基础环境检查通过"
    }
    
    prompt_user_config() {
        log "INFO" "===== 3. 提示用户配置主机名/IP ====="
        echo -e "\033[33m请确认已完成以下配置:\033[0m"
        echo "1. 配置静态IP(如10.1.8.30/24)"
        echo "2. 配置主机名(如master30.laoma.cloud)"
        echo "3. 配置/etc/hosts解析集群节点"
        read -p "确认配置完成后按回车继续,或按Ctrl+C退出..."
        log "INFO" "用户确认配置完成,继续部署..."
    }
    
    # ====================== 系统初始化 ======================
    sys_init() {
        log "INFO" "===== 4. 系统环境初始化 ====="
        # 关闭swap
        log "INFO" "关闭swap分区..."
        swapoff -a && sed -i '/^.*swap/d' /etc/fstab && rm -f /swap.img || log "WARN" "swap分区已关闭或不存在"
        
        # 配置仓库源(华为云)
        log "INFO" "配置Ubuntu软件源..."
        cat > /etc/apt/sources.list.d/ubuntu.sources <<'EOF'
    Types: deb
    URIs: http://mirrors.huaweicloud.com/ubuntu/
    Suites: noble noble-updates noble-backports
    Components: main restricted universe multiverse
    Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg
    EOF
    
        # 配置containerd仓库
        log "INFO" "配置containerd仓库..."
        [ -f /etc/apt/trusted.gpg.d/containerd.gpg ] && rm -f /etc/apt/trusted.gpg.d/containerd.gpg
        curl -fsSL https://mirrors.huaweicloud.com/docker-ce/linux/ubuntu/gpg | gpg --dearmour -o /etc/apt/trusted.gpg.d/containerd.gpg
        cat << 'EOF' > /etc/apt/sources.list.d/docker-ce.list
    deb [arch=amd64] https://mirrors.huaweicloud.com/docker-ce/linux/ubuntu noble stable
    EOF
    
        # 配置K8s仓库(阿里云)
        log "INFO" "配置Kubernetes仓库..."
        [ -f /etc/apt/keyrings/kubernetes-apt-keyring.gpg ] && rm -f /etc/apt/keyrings/kubernetes-apt-keyring.gpg
        curl -fsSL https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
        echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb/ /" > /etc/apt/sources.list.d/kubernetes.list
    
        # 更新仓库并安装基础包
        log "INFO" "安装基础软件包..."
        (apt update -y && apt install -y vim lrzsz bash-completion open-vm-tools apt-transport-https sshpass chrony iptables ipvsadm ipset conntrack) &>> $LOG_FILE
    
        # 加载内核模块
        log "INFO" "加载K8s网络内核模块..."
        modprobe -a overlay br_netfilter ip_vs ip_vs_rr ip_vs_wrr ip_vs_lc ip_vs_sh nf_conntrack
        cat > /etc/modules-load.d/k8s-net.conf << EOF
    br_netfilter
    overlay
    ip_vs
    ip_vs_rr
    ip_vs_wrr
    ip_vs_lc
    ip_vs_sh
    nf_conntrack
    EOF
    
        # 配置内核参数
        log "INFO" "配置K8s内核参数..."
        cat > /etc/sysctl.d/k8s.conf << 'EOF'
    net.bridge.bridge-nf-call-iptables=1
    net.ipv4.ip_forward=1
    vm.swappiness=0
    EOF
        sysctl -p /etc/sysctl.d/k8s.conf >> $LOG_FILE
    
        # 配置SSH
        log "INFO" "优化SSH配置..."
        echo 'UseDNS no' >> /etc/ssh/sshd_config
        echo 'StrictHostKeyChecking no' >> /etc/ssh/ssh_config
        systemctl restart sshd | tee -a $LOG_FILE
    
        # 配置时间同步
        log "INFO" "配置时间同步..."
        systemctl enable chrony --now &>> $LOG_FILE
    
        log "INFO" "系统环境初始化完成"
    }
    
    # ====================== 安装容器运行时 ======================
    install_containerd() {
        log "INFO" "===== 5. 安装containerd/nerdctl ====="
        # 安装containerd
        log "INFO" "安装containerd 1.7.20..."
        apt install -y containerd.io=1.7.20-1 cri-tools &>> $LOG_FILE
    
        # 配置containerd
        log "INFO" "配置containerd..."
        containerd config default > /etc/containerd/config.toml
        sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
        sed -i 's|sandbox_image = ".*"|sandbox_image = "registry.k8s.io/pause:3.9"|' /etc/containerd/config.toml
    
        # 配置镜像加速
        log "INFO" "配置containerd镜像加速..."
        mkdir -p /etc/containerd/certs.d/docker.io
        cat > /etc/containerd/certs.d/docker.io/hosts.toml << EOF
    server = "https://registry-1.docker.io"
    [host."https://09def58152000fc00ff0c00057bad7e0.mirror.swr.myhuaweicloud.com"]
      capabilities = ["pull", "resolve"]
    EOF
        mkdir -p /etc/containerd/certs.d/registry.k8s.io
        cat > /etc/containerd/certs.d/registry.k8s.io/hosts.toml << EOF
    server = "https://registry.k8s.io"
    [host."https://k8s.m.daocloud.io"]
      capabilities = ["pull", "resolve"]
    [host."https://k8s.mirrorify.net"]
      capabilities = ["pull", "resolve"]
    [host."https://registry.cn-hangzhou.aliyuncs.com/google_containers"]
      capabilities = ["pull", "resolve"]
      override_path = true
    EOF
    
        # 安装nerdctl
        log "INFO" "安装nerdctl 1.7.7..."
        tar -xf ${SOFTWARES_DIR}/nerdctl-1.7.7-linux-amd64.tar.gz -C /usr/bin/
    
        # 配置命令补全
        log "INFO" "配置nerdctl补全..."
        [ ! -d /etc/bash_completion.d ] && mkdir /etc/bash_completion.d
        nerdctl completion bash > /etc/bash_completion.d/nerdctl
        echo 'export CONTAINERD_NAMESPACE=k8s.io' >> /etc/bash_completion.d/nerdctl
        source /etc/bash_completion.d/nerdctl
    
        # 安装CNI插件
        log "INFO" "安装CNI插件 v1.6.0..."
        mkdir -p /opt/cni/bin
        tar -xf ${SOFTWARES_DIR}/cni-plugins-linux-amd64-v1.6.0.tgz -C /opt/cni/bin
    
        # 重启containerd
        log "INFO" "重启containerd服务..."
        systemctl restart containerd && systemctl enable containerd | tee -a $LOG_FILE
    
        log "INFO" "容器运行时安装完成"
    }
    
    # ====================== 导入镜像 ======================
    import_images() {
        log "INFO" "===== 6. 导入K8s/Calico镜像 ====="
        # 设置nerdctl命名空间
        export CONTAINERD_NAMESPACE=k8s.io
    
        # 导入K8s核心镜像
        log "INFO" "导入K8s核心镜像..."
        for IMG_TAR in ${IMAGE_DIR}/kube-proxy-${K8S_VERSION}.tar ${IMAGE_DIR}/pause-3.9.tar
        do
            if [ -f "$IMG_TAR" ]; then
                nerdctl load -i $IMG_TAR >> $LOG_FILE
            else
                log "ERROR" "镜像文件不存在:$IMG_TAR"
                exit 1
            fi
        done
    
        # 导入Calico镜像
        log "INFO" "导入Calico镜像..."
        for IMG_TAR in ${IMAGE_DIR}/calico_cni-v3.30.7.tar \
                      ${IMAGE_DIR}/calico_node-v3.30.7.tar \
                      ${IMAGE_DIR}/calico_kube-controllers-v3.30.7.tar; do
            if [ -f "$IMG_TAR" ]; then
                nerdctl load -i $IMG_TAR >> $LOG_FILE
            else
                log "ERROR" "镜像文件不存在:$IMG_TAR"
                exit 1
            fi
        done
    
        log "INFO" "所有镜像导入完成"
    }
    
    # ====================== 安装K8s组件 ======================
    install_k8s() {
        log "INFO" "===== 7. 安装kubeadm/kubelet/kubectl ====="
        # 安装指定版本K8s组件
        log "INFO" "安装K8s ${K8S_VERSION}组件..."
        apt install -y kubeadm=1.30.2-1.1 kubelet=1.30.2-1.1 kubectl=1.30.2-1.1 &>> $LOG_FILE
    
        # 启用kubelet
        log "INFO" "启用kubelet服务..."
        systemctl enable kubelet --now | tee -a $LOG_FILE
    
        # 配置命令补全
        log "INFO" "配置crictl/kubectl/kubeadm补全..."
        crictl completion bash > /etc/bash_completion.d/crictl
        kubectl completion bash > /etc/bash_completion.d/kubectl
        kubeadm completion bash > /etc/bash_completion.d/kubeadm
        source /etc/bash_completion.d/crictl
        source /etc/bash_completion.d/kubectl
        source /etc/bash_completion.d/kubeadm
    
        log "INFO" "K8s组件安装完成"
    }
    
    # ====================== 8. 部署完成提示 ======================
    finish() {
        touch $INSTALL_MARK
        log "INFO" "===== 部署完成 ====="
        echo -e "\033[32m"
        echo "==================================================="
        echo " ✅  Worker 节点环境部署完成!"
        echo " 📝 日志文件:$LOG_FILE"
        echo "==================================================="
        echo -e "\033[0m"
    
        echo -e "\033[33m"
        echo "👉 请回到 **Master 节点** 执行以下命令获取加入命令:"
        echo "   kubeadm token create --print-join-command"
        echo ""
        echo "👉 然后在本节点执行输出的 join 命令,例如:"
        echo "   kubeadm join 10.1.8.10:6443 --token xxx --discovery-token-ca-cert-hash sha256:xxx"
        echo -e "\033[0m"
    }
    
    
    # ====================== 主流程 ======================
    main() {
        # 启动日志
        log "INFO" "===== 开始部署Kubernetes Worker节点 ${K8S_VERSION} ====="
        log "INFO" "日志文件:$LOG_FILE"
    
        # 前置检查
        check_installed
        check_env
        prompt_user_config
    
        # 部署流程
        sys_init
        install_containerd
        import_images
        install_k8s
        finish
    }
    
    # 执行主流程
    main

    三节点分别执行自动化部署脚本:

    bash 复制代码
    # master40节点
    [root@master40 ubuntu2404_auto_install_kubernetes-1.30.2]# ./deploy_kubernetes_master.sh 
    [2026-04-21 23:21:52] [INFO] ===== 开始部署Kubernetes Master节点 v1.30.2 =====
    [2026-04-21 23:21:52] [INFO] 日志文件:/tmp/kubernetes-install-2026-04-21-23-21-52.log
    [2026-04-21 23:21:52] [INFO] ===== 1. 检查是否已安装 =====
    [2026-04-21 23:21:52] [INFO] 未检测到历史安装痕迹,继续部署...
    [2026-04-21 23:21:52] [INFO] ===== 2. 检查基础环境 =====
    [2026-04-21 23:21:52] [INFO] 基础环境检查通过
    [2026-04-21 23:21:52] [INFO] ===== 3. 提示用户配置主机名/IP =====
    请确认已完成以下配置:
    1. 配置静态IP(如10.1.8.30/24)
    2. 配置主机名(如master30.laoma.cloud)
    3. 配置/etc/hosts解析集群节点
    确认配置完成后按回车继续,或按Ctrl+C退出...
    [2026-04-21 23:21:54] [INFO] 用户确认配置完成,继续部署...
    [2026-04-21 23:21:54] [INFO] ===== 4. 系统环境初始化 =====
    [2026-04-21 23:21:54] [INFO] 关闭swap分区...
    [2026-04-21 23:21:54] [INFO] 配置Ubuntu软件源...
    [2026-04-21 23:21:54] [INFO] 配置containerd仓库...
    [2026-04-21 23:21:54] [INFO] 配置Kubernetes仓库...
    [2026-04-21 23:21:55] [INFO] 安装基础软件包...
    [2026-04-21 23:22:49] [INFO] 加载K8s网络内核模块...
    [2026-04-21 23:22:49] [INFO] 配置K8s内核参数...
    [2026-04-21 23:22:49] [INFO] 优化SSH配置...
    Failed to restart sshd.service: Unit sshd.service not found.
    [2026-04-21 23:22:49] [INFO] 配置时间同步...
    [2026-04-21 23:22:50] [INFO] 系统环境初始化完成
    [2026-04-21 23:22:50] [INFO] ===== 5. 安装containerd/nerdctl =====
    [2026-04-21 23:22:50] [INFO] 安装containerd 1.7.20...
    [2026-04-21 23:23:11] [INFO] 配置containerd...
    [2026-04-21 23:23:11] [INFO] 配置containerd镜像加速...
    [2026-04-21 23:23:11] [INFO] 安装nerdctl 1.7.7...
    [2026-04-21 23:23:11] [INFO] 配置nerdctl补全...
    [2026-04-21 23:23:11] [INFO] 安装CNI插件 v1.6.0...
    [2026-04-21 23:23:12] [INFO] 重启containerd服务...
    [2026-04-21 23:23:13] [INFO] 容器运行时安装完成
    [2026-04-21 23:23:13] [INFO] ===== 6. 导入K8s/Calico镜像 =====
    [2026-04-21 23:23:13] [INFO] 导入K8s核心镜像...
    [2026-04-21 23:23:32] [INFO] 导入Calico镜像...
    [2026-04-21 23:23:53] [INFO] 所有镜像导入完成
    [2026-04-21 23:23:53] [INFO] ===== 7. 安装kubeadm/kubelet/kubectl =====
    [2026-04-21 23:23:53] [INFO] 安装K8s v1.30.2组件...
    [2026-04-21 23:25:49] [INFO] 启用kubelet服务...
    [2026-04-21 23:25:50] [INFO] 配置crictl/kubectl/kubeadm补全...
    [2026-04-21 23:25:50] [INFO] K8s组件安装完成
    [2026-04-21 23:25:50] [INFO] ===== 8. 初始化K8s Master节点 =====
    [2026-04-21 23:25:50] [INFO] 执行kubeadm init初始化集群...
    [2026-04-21 23:26:06] [INFO] 配置kubectl默认凭据...
    [2026-04-21 23:26:06] [INFO] Master节点初始化完成
    [2026-04-21 23:26:06] [INFO] ===== 9. 部署Calico网络 =====
    [2026-04-21 23:26:06] [INFO] 修改Calico配置文件(匹配POD_CIDR)...
    [2026-04-21 23:26:06] [INFO] 应用Calico配置...
    [2026-04-21 23:26:08] [INFO] 等待Calico Pod启动(最多等待5分钟)...
    [2026-04-21 23:26:39] [INFO] Calico网络部署完成
    [2026-04-21 23:26:39] [INFO] ===== 10. 验证K8s集群部署 =====
    [2026-04-21 23:26:39] [INFO] === 集群信息 ===
    Kubernetes control plane is running at https://10.1.8.40:6443
    CoreDNS is running at https://10.1.8.40:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
    
    To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
    
    [2026-04-21 23:26:39] [INFO] === K8s版本 ===
    Client Version: v1.30.2
    Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
    Server Version: v1.30.2
    
    [2026-04-21 23:26:39] [INFO] === 节点状态 ===
    NAME                     STATUS   ROLES           AGE   VERSION
    master40.shizhan.cloud   Ready    control-plane   37s   v1.30.2
    
    [2026-04-21 23:26:39] [INFO] === Pod状态 ===
    NAMESPACE     NAME                                             READY   STATUS    RESTARTS   AGE
    kube-system   calico-kube-controllers-585df69d45-fnj9n         1/1     Running   0          19s
    kube-system   calico-node-6vqnt                                1/1     Running   0          20s
    kube-system   coredns-7db6d8ff4d-5rt4m                         1/1     Running   0          19s
    kube-system   coredns-7db6d8ff4d-wdvjq                         1/1     Running   0          19s
    kube-system   etcd-master40.shizhan.cloud                      1/1     Running   0          35s
    kube-system   kube-apiserver-master40.shizhan.cloud            1/1     Running   0          33s
    kube-system   kube-controller-manager-master40.shizhan.cloud   1/1     Running   0          34s
    kube-system   kube-proxy-j6s2v                                 1/1     Running   0          20s
    kube-system   kube-scheduler-master40.shizhan.cloud            1/1     Running   0          34s
    
    [2026-04-21 23:26:39] [SUCCESS] Kubernetes Master节点部署成功!
    
    [2026-04-21 23:26:39] [INFO] worker节点执行以下命令加入集群:
    kubeadm join 10.1.8.40:6443 --token x5yaas.oamvtjsa49du3p44 \
    	--discovery-token-ca-cert-hash sha256:5f1e414da1b66c6ebfeff5add68e9dd5ba3a9afb42cc0e2845de8c84c4b740ba 
    
    [2026-04-21 23:26:39] [INFO] ===== 部署完成 =====
    
    ===================================================
     ✅   Master 节点环境部署完成!
     📝 日志文件:/tmp/kubernetes-install-2026-04-21-23-21-52.log
    ===================================================
    bash 复制代码
    # worker41节点
    [root@worker41 ubuntu2404_auto_install_kubernetes-1.30.2]# ./deploy_kubernetes_worker.sh 
    [2026-04-21 23:22:24] [INFO] ===== 开始部署Kubernetes Worker节点 v1.30.2 =====
    [2026-04-21 23:22:24] [INFO] 日志文件:/tmp/kubernetes-install-2026-04-21-23-22-24.log
    [2026-04-21 23:22:24] [INFO] ===== 1. 检查是否已安装 =====
    [2026-04-21 23:22:24] [INFO] 未检测到历史安装痕迹,继续部署...
    [2026-04-21 23:22:24] [INFO] ===== 2. 检查基础环境 =====
    [2026-04-21 23:22:24] [INFO] 基础环境检查通过
    [2026-04-21 23:22:24] [INFO] ===== 3. 提示用户配置主机名/IP =====
    请确认已完成以下配置:
    1. 配置静态IP(如10.1.8.30/24)
    2. 配置主机名(如master30.laoma.cloud)
    3. 配置/etc/hosts解析集群节点
    确认配置完成后按回车继续,或按Ctrl+C退出...
    [2026-04-21 23:22:26] [INFO] 用户确认配置完成,继续部署...
    [2026-04-21 23:22:26] [INFO] ===== 4. 系统环境初始化 =====
    [2026-04-21 23:22:26] [INFO] 关闭swap分区...
    [2026-04-21 23:22:26] [INFO] 配置Ubuntu软件源...
    [2026-04-21 23:22:26] [INFO] 配置containerd仓库...
    [2026-04-21 23:22:26] [INFO] 配置Kubernetes仓库...
    [2026-04-21 23:22:26] [INFO] 安装基础软件包...
    [2026-04-21 23:23:10] [INFO] 加载K8s网络内核模块...
    [2026-04-21 23:23:10] [INFO] 配置K8s内核参数...
    [2026-04-21 23:23:10] [INFO] 优化SSH配置...
    Failed to restart sshd.service: Unit sshd.service not found.
    [2026-04-21 23:23:10] [INFO] 配置时间同步...
    [2026-04-21 23:23:11] [INFO] 系统环境初始化完成
    [2026-04-21 23:23:11] [INFO] ===== 5. 安装containerd/nerdctl =====
    [2026-04-21 23:23:11] [INFO] 安装containerd 1.7.20...
    [2026-04-21 23:23:31] [INFO] 配置containerd...
    [2026-04-21 23:23:31] [INFO] 配置containerd镜像加速...
    [2026-04-21 23:23:31] [INFO] 安装nerdctl 1.7.7...
    [2026-04-21 23:23:32] [INFO] 配置nerdctl补全...
    [2026-04-21 23:23:32] [INFO] 安装CNI插件 v1.6.0...
    [2026-04-21 23:23:33] [INFO] 重启containerd服务...
    [2026-04-21 23:23:33] [INFO] 容器运行时安装完成
    [2026-04-21 23:23:33] [INFO] ===== 6. 导入K8s/Calico镜像 =====
    [2026-04-21 23:23:33] [INFO] 导入K8s核心镜像...
    [2026-04-21 23:23:36] [INFO] 导入Calico镜像...
    [2026-04-21 23:23:57] [INFO] 所有镜像导入完成
    [2026-04-21 23:23:57] [INFO] ===== 7. 安装kubeadm/kubelet/kubectl =====
    [2026-04-21 23:23:57] [INFO] 安装K8s v1.30.2组件...
    [2026-04-21 23:25:48] [INFO] 启用kubelet服务...
    [2026-04-21 23:25:48] [INFO] 配置crictl/kubectl/kubeadm补全...
    [2026-04-21 23:25:48] [INFO] K8s组件安装完成
    [2026-04-21 23:25:48] [INFO] ===== 部署完成 =====
    
    ===================================================
     ✅  Worker 节点环境部署完成!
     📝 日志文件:/tmp/kubernetes-install-2026-04-21-23-22-24.log
    ===================================================
    
    
    👉 请回到 **Master 节点** 执行以下命令获取加入命令:
       kubeadm token create --print-join-command
    
    👉 然后在本节点执行输出的 join 命令,例如:
       kubeadm join 10.1.8.10:6443 --token xxx --discovery-token-ca-cert-hash sha256:xxx
    bash 复制代码
    # worker42节点
    [root@worker42 ubuntu2404_auto_install_kubernetes-1.30.2]# ./deploy_kubernetes_worker.sh 
    [2026-04-21 23:22:43] [INFO] ===== 开始部署Kubernetes Worker节点 v1.30.2 =====
    [2026-04-21 23:22:43] [INFO] 日志文件:/tmp/kubernetes-install-2026-04-21-23-22-43.log
    [2026-04-21 23:22:43] [INFO] ===== 1. 检查是否已安装 =====
    [2026-04-21 23:22:43] [INFO] 未检测到历史安装痕迹,继续部署...
    [2026-04-21 23:22:43] [INFO] ===== 2. 检查基础环境 =====
    [2026-04-21 23:22:43] [INFO] 基础环境检查通过
    [2026-04-21 23:22:43] [INFO] ===== 3. 提示用户配置主机名/IP =====
    请确认已完成以下配置:
    1. 配置静态IP(如10.1.8.30/24)
    2. 配置主机名(如master30.laoma.cloud)
    3. 配置/etc/hosts解析集群节点
    确认配置完成后按回车继续,或按Ctrl+C退出...
    [2026-04-21 23:22:45] [INFO] 用户确认配置完成,继续部署...
    [2026-04-21 23:22:45] [INFO] ===== 4. 系统环境初始化 =====
    [2026-04-21 23:22:45] [INFO] 关闭swap分区...
    [2026-04-21 23:22:45] [INFO] 配置Ubuntu软件源...
    [2026-04-21 23:22:45] [INFO] 配置containerd仓库...
    [2026-04-21 23:22:45] [INFO] 配置Kubernetes仓库...
    [2026-04-21 23:22:45] [INFO] 安装基础软件包...
    [2026-04-21 23:23:28] [INFO] 加载K8s网络内核模块...
    [2026-04-21 23:23:28] [INFO] 配置K8s内核参数...
    [2026-04-21 23:23:28] [INFO] 优化SSH配置...
    Failed to restart sshd.service: Unit sshd.service not found.
    [2026-04-21 23:23:28] [INFO] 配置时间同步...
    [2026-04-21 23:23:29] [INFO] 系统环境初始化完成
    [2026-04-21 23:23:29] [INFO] ===== 5. 安装containerd/nerdctl =====
    [2026-04-21 23:23:29] [INFO] 安装containerd 1.7.20...
    [2026-04-21 23:23:41] [INFO] 配置containerd...
    [2026-04-21 23:23:41] [INFO] 配置containerd镜像加速...
    [2026-04-21 23:23:41] [INFO] 安装nerdctl 1.7.7...
    [2026-04-21 23:23:42] [INFO] 配置nerdctl补全...
    [2026-04-21 23:23:42] [INFO] 安装CNI插件 v1.6.0...
    [2026-04-21 23:23:43] [INFO] 重启containerd服务...
    [2026-04-21 23:23:44] [INFO] 容器运行时安装完成
    [2026-04-21 23:23:44] [INFO] ===== 6. 导入K8s/Calico镜像 =====
    [2026-04-21 23:23:44] [INFO] 导入K8s核心镜像...
    [2026-04-21 23:23:47] [INFO] 导入Calico镜像...
    [2026-04-21 23:24:07] [INFO] 所有镜像导入完成
    [2026-04-21 23:24:07] [INFO] ===== 7. 安装kubeadm/kubelet/kubectl =====
    [2026-04-21 23:24:07] [INFO] 安装K8s v1.30.2组件...
    [2026-04-21 23:25:50] [INFO] 启用kubelet服务...
    [2026-04-21 23:25:50] [INFO] 配置crictl/kubectl/kubeadm补全...
    [2026-04-21 23:25:50] [INFO] K8s组件安装完成
    [2026-04-21 23:25:50] [INFO] ===== 部署完成 =====
    
    ===================================================
     ✅  Worker 节点环境部署完成!
     📝 日志文件:/tmp/kubernetes-install-2026-04-21-23-22-43.log
    ===================================================
    
    
    👉 请回到 **Master 节点** 执行以下命令获取加入命令:
       kubeadm token create --print-join-command
    
    👉 然后在本节点执行输出的 join 命令,例如:
       kubeadm join 10.1.8.10:6443 --token xxx --discovery-token-ca-cert-hash sha256:xxx
  3. worker41、worker42节点加入集群

    bash 复制代码
    # worker41加入集群
    [root@worker41 ~]# kubeadm join 10.1.8.40:6443 --token x5yaas.oamvtjsa49du3p44 \
            --discovery-token-ca-cert-hash sha256:5f1e414da1b66c6ebfeff5add68e9dd5ba3a9afb42cc0e2845de8c84c4b740ba
    [preflight] Running pre-flight checks
    [preflight] Reading configuration from the cluster...
    [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
    [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
    [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
    [kubelet-start] Starting the kubelet
    [kubelet-check] Waiting for a healthy kubelet. This can take up to 4m0s
    [kubelet-check] The kubelet is healthy after 1.003392671s
    [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap
    
    This node has joined the cluster:
    * Certificate signing request was sent to apiserver and a response was received.
    * The Kubelet was informed of the new secure connection details.
    
    Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
    
    # worker42加入集群
    [root@worker42 ~]# kubeadm join 10.1.8.40:6443 --token x5yaas.oamvtjsa49du3p44 \
            --discovery-token-ca-cert-hash sha256:5f1e414da1b66c6ebfeff5add68e9dd5ba3a9afb42cc0e2845de8c84c4b740ba
    [preflight] Running pre-flight checks
    [preflight] Reading configuration from the cluster...
    [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
    [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
    [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
    [kubelet-start] Starting the kubelet
    [kubelet-check] Waiting for a healthy kubelet. This can take up to 4m0s
    [kubelet-check] The kubelet is healthy after 1.002952342s
    [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap
    
    This node has joined the cluster:
    * Certificate signing request was sent to apiserver and a response was received.
    * The Kubelet was informed of the new secure connection details.
    
    Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
  4. master40节点验证集群状态

    bash 复制代码
    [root@master40 ~]# kubectl get nodes
    NAME                     STATUS   ROLES           AGE     VERSION
    master40.shizhan.cloud   Ready    control-plane   7m49s   v1.30.2
    worker41.shizhan.cloud   Ready    <none>          56s     v1.30.2
    worker42.shizhan.cloud   Ready    <none>          45s     v1.30.2
    [root@master40 ~]# kubectl get pods -A
    NAMESPACE     NAME                                             READY   STATUS    RESTARTS   AGE
    kube-system   calico-kube-controllers-585df69d45-fnj9n         1/1     Running   0          7m40s
    kube-system   calico-node-6vqnt                                1/1     Running   0          7m41s
    kube-system   calico-node-dvhv5                                1/1     Running   0          54s
    kube-system   calico-node-dx5cr                                1/1     Running   0          65s
    kube-system   coredns-7db6d8ff4d-5rt4m                         1/1     Running   0          7m40s
    kube-system   coredns-7db6d8ff4d-wdvjq                         1/1     Running   0          7m40s
    kube-system   etcd-master40.shizhan.cloud                      1/1     Running   0          7m56s
    kube-system   kube-apiserver-master40.shizhan.cloud            1/1     Running   0          7m54s
    kube-system   kube-controller-manager-master40.shizhan.cloud   1/1     Running   0          7m55s
    kube-system   kube-proxy-429sh                                 1/1     Running   0          65s
    kube-system   kube-proxy-dn242                                 1/1     Running   0          54s
    kube-system   kube-proxy-j6s2v                                 1/1     Running   0          7m41s
    kube-system   kube-scheduler-master40.shizhan.cloud            1/1     Running   0          7m55s
  5. 三台主机关机打快照

相关推荐
mounter6252 小时前
【内核前沿】Linux IPC 迎来大变局?POSIX 消息队列增强、io_uring IPC 与 Bus1 十年回归
linux·运维·服务器·kernel·ipc·io_uring
wzl202612132 小时前
企业微信定时群发技术实现与实操指南(原生接口+工具落地)
java·运维·前端·企业微信
2401_895521343 小时前
Linux下安装Redis
linux·运维·redis
网络小白不怕黑3 小时前
2.1VMware部署Windows_server_2008_R2
运维·服务器
一叶飘零_sweeeet3 小时前
Docker Compose实战指南
运维·docker·容器
Bruce_Liuxiaowei4 小时前
Windows防火墙规则导出工具:让安全配置可备份、可迁移、可审计
运维·windows·安全·网络安全
SPC的存折4 小时前
10、Docker容器故障排查
linux·运维·数据库·docker·容器
liuyunshengsir5 小时前
linux 下新增用户后无法使用TAB补全功能的最佳解决方法
linux·运维·服务器
志栋智能6 小时前
超自动化巡检:驱动运维团队从操作走向优化
运维·服务器·自动化