94 lines
2.9 KiB
Django/Jinja
94 lines
2.9 KiB
Django/Jinja
#!/bin/bash
|
||
# Generated by Installer V2
|
||
set -e
|
||
|
||
# 获取脚本所在目录的绝对路径,确保能找到 ../../debs
|
||
SCRIPT_DIR=$(cd "$(dirname "$0")" && pwd)
|
||
BUNDLE_ROOT=$(dirname "$SCRIPT_DIR")
|
||
DEBS_DIR="$BUNDLE_ROOT/debs"
|
||
IMAGES_DIR="$BUNDLE_ROOT/images"
|
||
BIN_DIR="$BUNDLE_ROOT/bin"
|
||
|
||
echo "[INFO] 1. 系统基础配置..."
|
||
swapoff -a
|
||
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
|
||
|
||
cat <<MOD > /etc/modules-load.d/k8s.conf
|
||
overlay
|
||
br_netfilter
|
||
MOD
|
||
modprobe overlay
|
||
modprobe br_netfilter
|
||
|
||
cat <<SYS > /etc/sysctl.d/k8s.conf
|
||
net.bridge.bridge-nf-call-iptables = 1
|
||
net.bridge.bridge-nf-call-ip6tables = 1
|
||
net.ipv4.ip_forward = 1
|
||
SYS
|
||
sysctl --system
|
||
|
||
echo "[INFO] 2. 安装离线依赖包 (使用 APT 智能解析)..."
|
||
if [ -d "$DEBS_DIR" ]; then
|
||
# 卸载可能冲突的默认包
|
||
apt-get remove -y containerd docker docker.io || true
|
||
|
||
# 使用通配符安装所有 debs,由 apt 解决顺序
|
||
# 这里的 "./*.deb" 指向的是传入的路径
|
||
cd "$DEBS_DIR"
|
||
dpkg -i ./*.deb
|
||
cd "$SCRIPT_DIR"
|
||
else
|
||
echo "[ERROR] 找不到 debs 目录: $DEBS_DIR"
|
||
exit 1
|
||
fi
|
||
|
||
echo "[INFO] 3. 配置 Containerd..."
|
||
mkdir -p /etc/containerd
|
||
containerd config default > /etc/containerd/config.toml
|
||
|
||
# 关键配置1: 启用 SystemdCgroup
|
||
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
|
||
|
||
# 关键配置2: 强制指定 sandbox_image 为本地导入的版本 (pause:3.9)
|
||
# 防止去 registry.k8s.io 拉取导致卡住
|
||
sed -i 's|sandbox_image = .*|sandbox_image = "{{ cluster.pause_image }}"|g' /etc/containerd/config.toml
|
||
|
||
# 关键配置3: 配置本地镜像仓库
|
||
sed -i 's|config_path = ""|config_path = "/etc/containerd/certs.d"|g' /etc/containerd/config.toml
|
||
|
||
mkdir -p /etc/containerd/certs.d/{{ registry.ip }}:{{ registry.port }}
|
||
cat <<REG > /etc/containerd/certs.d/{{ registry.ip }}:{{ registry.port }}/hosts.toml
|
||
server = "http://{{ registry.ip }}:{{ registry.port }}"
|
||
[host."http://{{ registry.ip }}:{{ registry.port }}"]
|
||
capabilities = ["pull", "resolve"]
|
||
REG
|
||
|
||
systemctl restart containerd
|
||
systemctl enable containerd
|
||
|
||
echo "[INFO] 4. 安装 K8s 二进制与 CNI..."
|
||
# 只有当 bin 目录存在且不为空时才拷贝 (防止覆盖 apt 安装的)
|
||
# 实际上我们前面 apt install kubelet 已经安装了二进制,这里主要是 CNI
|
||
if [ -f "$BIN_DIR/cni-plugins-linux-amd64-v1.3.0.tgz" ]; then
|
||
mkdir -p /opt/cni/bin
|
||
tar -C /opt/cni/bin -zxvf "$BIN_DIR/cni-plugins-linux-amd64-v1.3.0.tgz"
|
||
fi
|
||
|
||
echo "[INFO] 5. 导入离线镜像..."
|
||
if [ -d "$IMAGES_DIR" ]; then
|
||
for img in "$IMAGES_DIR"/*.tar; do
|
||
[ -e "$img" ] || continue
|
||
echo "Importing $img..."
|
||
ctr -n k8s.io images import "$img"
|
||
p_img=${img//_//}
|
||
base_pimg=$(basename p_img)
|
||
limg="{{registry.ip}}:{{ registry.port}}/$base_pimg"
|
||
echo "Importing $limg..."
|
||
ctr -n k8s.io images tag $p_img $limg
|
||
ctr -n k8s.io images push --plain-http $limg
|
||
done
|
||
fi
|
||
|
||
echo "[INFO] 6. 启动 Kubelet..."
|
||
systemctl enable --now kubelet
|