juwan/juwan-backend
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

feat(k01): add agent join mode to install-k3s.sh

Browse Source
This commit is contained in:
zetaloop
2026-05-05 12:29:56 +08:00
parent c456f3e296
commit e92bdf30d9
2 changed files with 58 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy/k01/README.md
+9 -15
View File
@@ -64,27 +64,21 @@ CNPG 每个 Cluster Ready 后自动生成 `<cluster>-app` Secretusername/pass
## 加节点 ## 加节点
在 server 上取 token
```bash
cat /var/lib/rancher/k3s/server/node-token
```
新机器上执行: 新机器上执行:
```bash ```bash
cd /root/juwan-backend/deploy/k01 cd /root/juwan-backend/deploy/k01
bash install-k3s.sh agent echo "<zot-admin-password>" > /root/registry-password && chmod 600 /root/registry-password
K3S_URL=https://<server-ip>:6443 K3S_TOKEN=<token> bash install-k3s.sh agent
``` ```
`install-k3s.sh agent` 会自动从 server 取 node-token 并加入集群。也可以手动操作:
```bash
cat /var/lib/rancher/k3s/server/node-token
curl -sfL https://get.k3s.io | \
K3S_URL=https://<server-ip>:6443 K3S_TOKEN=<token> \
sh -
scp root@<server-ip>:/etc/rancher/k3s/registries.yaml /etc/rancher/k3s/
systemctl restart k3s-agent
```
pod 调度由 k3s 自动分配。有状态 pod 如需固定在某台节点上,可加 `nodeSelector`
## 日常操作 ## 日常操作
```bash ```bash
deploy/k01/install-k3s.sh
+49 -21
View File
@@ -7,7 +7,52 @@ STRIMZI_VERSION="1.0.0"
REDIS_OP_VERSION="0.24.0" REDIS_OP_VERSION="0.24.0"
MONGODB_OP_VERSION="1.8.0" MONGODB_OP_VERSION="1.8.0"
if ! command -v kubectl >/dev/null 2>&1; then MODE="${1:-server}"
if [ "$MODE" != "server" ] && [ "$MODE" != "agent" ]; then
echo "usage: $0 [server|agent]" >&2
exit 1
fi
if [ ! -f /root/registry-password ]; then
echo "need /root/registry-password (zot admin password)" >&2
exit 1
fi
write_registries() {
mkdir -p /etc/rancher/k3s
cat > /etc/rancher/k3s/registries.yaml <<EOF
mirrors:
${REGISTRY_HOST}:
endpoint:
- "https://${REGISTRY_HOST}"
configs:
${REGISTRY_HOST}:
auth:
username: admin
password: $(cat /root/registry-password)
EOF
}
if [ "$MODE" = "agent" ]; then
if [ -z "${K3S_URL:-}" ] || [ -z "${K3S_TOKEN:-}" ]; then
echo "agent mode requires K3S_URL and K3S_TOKEN env" >&2
echo " on the server: cat /var/lib/rancher/k3s/server/node-token" >&2
echo " then on agent: K3S_URL=https://<server-ip>:6443 K3S_TOKEN=<token> $0 agent" >&2
exit 1
fi
write_registries
if ! command -v k3s-agent >/dev/null 2>&1 && ! systemctl is-active --quiet k3s-agent; then
curl -sfL https://get.k3s.io | K3S_URL="$K3S_URL" K3S_TOKEN="$K3S_TOKEN" sh -
else
systemctl restart k3s-agent
fi
echo
echo "k3s agent joined ${K3S_URL}"
exit 0
fi
if ! systemctl is-active --quiet k3s; then
curl -sfL https://get.k3s.io | \ curl -sfL https://get.k3s.io | \
INSTALL_K3S_EXEC="--disable=traefik --write-kubeconfig-mode=644" \ INSTALL_K3S_EXEC="--disable=traefik --write-kubeconfig-mode=644" \
sh - sh -
@@ -22,28 +67,10 @@ if ! command -v helm >/dev/null 2>&1; then
apt-get install -y helm apt-get install -y helm
fi fi
if [ ! -f /root/registry-password ]; then write_registries
echo "need /root/registry-password (zot admin password)" >&2
exit 1
fi
mkdir -p /etc/rancher/k3s
cat > /etc/rancher/k3s/registries.yaml <<EOF
mirrors:
${REGISTRY_HOST}:
endpoint:
- "https://${REGISTRY_HOST}"
configs:
${REGISTRY_HOST}:
auth:
username: admin
password: $(cat /root/registry-password)
EOF
systemctl restart k3s systemctl restart k3s
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
until kubectl get nodes >/dev/null 2>&1; do sleep 2; done until kubectl get nodes >/dev/null 2>&1; do sleep 2; done
K01_DIR="$(cd "$(dirname "$0")" && pwd)" K01_DIR="$(cd "$(dirname "$0")" && pwd)"
@@ -75,4 +102,5 @@ kubectl -n redis-operator rollout status deploy/redis-operator --timeout=300s
kubectl -n mongodb-operator rollout status deploy/mongodb-kubernetes-operator --timeout=300s kubectl -n mongodb-operator rollout status deploy/mongodb-kubernetes-operator --timeout=300s
echo echo
echo "k3s + 4 operators ready" echo "k3s server + 4 operators ready"
echo "node token: $(cat /var/lib/rancher/k3s/server/node-token)"