k8s-deploy/installer/templates/common.sh.j2

#!/bin/bash
# Generated by Installer V2
set -e

# 获取脚本所在目录的绝对路径，确保能找到 ../../debs
SCRIPT_DIR=$(cd "$(dirname "$0")" && pwd)
BUNDLE_ROOT=$(dirname "$SCRIPT_DIR")
DEBS_DIR="$BUNDLE_ROOT/debs"
IMAGES_DIR="$BUNDLE_ROOT/images"
BIN_DIR="$BUNDLE_ROOT/bin"

echo "[INFO] 1. 系统基础配置..."
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

cat <<MOD > /etc/modules-load.d/k8s.conf
overlay
br_netfilter
MOD
modprobe overlay
modprobe br_netfilter

cat <<SYS > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
SYS
sysctl --system

echo "[INFO] 2. 安装离线依赖包 (使用 APT 智能解析)..."
if [ -d "$DEBS_DIR" ]; then
    # 卸载可能冲突的默认包
    apt-get remove -y containerd docker docker.io || true
    
    # 使用通配符安装所有 debs，由 apt 解决顺序
    # 这里的 "./*.deb" 指向的是传入的路径
    cd "$DEBS_DIR"
    dpkg -i ./*.deb
    cd "$SCRIPT_DIR"
else
    echo "[ERROR] 找不到 debs 目录: $DEBS_DIR"
    exit 1
fi

echo "[INFO] 3. 配置 Containerd..."
mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml

# 关键配置1: 启用 SystemdCgroup
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml

# 关键配置2: 强制指定 sandbox_image 为本地导入的版本 (pause:3.9)
# 防止去 registry.k8s.io 拉取导致卡住
sed -i 's|sandbox_image = .*|sandbox_image = "{{ cluster.pause_image }}"|g' /etc/containerd/config.toml

# 关键配置3: 配置本地镜像仓库
sed -i 's|config_path = ""|config_path = "/etc/containerd/certs.d"|g' /etc/containerd/config.toml

mkdir -p /etc/containerd/certs.d/{{ registry.ip }}:{{ registry.port }}
cat <<REG > /etc/containerd/certs.d/{{ registry.ip }}:{{ registry.port }}/hosts.toml
server = "http://{{ registry.ip }}:{{ registry.port }}"
[host."http://{{ registry.ip }}:{{ registry.port }}"]
  capabilities = ["pull", "resolve"]
REG

systemctl restart containerd
systemctl enable containerd

echo "[INFO] 4. 安装 K8s 二进制与 CNI..."
# 只有当 bin 目录存在且不为空时才拷贝 (防止覆盖 apt 安装的)
# 实际上我们前面 apt install kubelet 已经安装了二进制，这里主要是 CNI
if [ -f "$BIN_DIR/cni-plugins-linux-amd64-v1.3.0.tgz" ]; then
    mkdir -p /opt/cni/bin
    tar -C /opt/cni/bin -zxvf "$BIN_DIR/cni-plugins-linux-amd64-v1.3.0.tgz"
fi

echo "[INFO] 6. 启动 Kubelet..."
systemctl enable --now kubelet