本文永久链接: https://www.xtplayer.cn/rke2/rke2-node-init/
在 rke2 集群创建后,没有把 rke2 bin 目录添加到主机环境变量,在节点维护时需要通过完全路径或者切换到指定的目录下才能执行对应的命令。并且也未把 kubectl 和 crictl 配置文件放在默认路径。以至于执行 kubectl 或者 crictl 需要指定配置文件路径。
为了方便后期维护,以下脚本可以对 rke2 节点进行简单的初始化,仅供参考。
#!/bin/bash NAMESERVER_LIST=" 114.114.114.114 223.5.5.5 " docker_check (){ if [ $( which dockerd >> /dev/null 2>&1; echo ${?} ) = 0 ]; then echo "rke2 节点中不建议同时运行 docker 服务,建议卸载 docker 服务。" exit fi } networkmanager_check (){ if systemctl list-unit-files --no-pager | grep NetworkManager.service >> /dev/null && [ $(systemctl is-active NetworkManager.service) = active ]; then echo "注意: 如果没有使用 NetworkManager 管理网络接口, 建议执行 systemctl stop NetworkManager.service && systemctl disable NetworkManager.service 禁用 NetworkManager。 " fi } init_timezone (){ ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime; } init_os_language (){ echo 'LANG="en_US.UTF-8"' >> /etc/profile; source /etc/profile; } init_dns_resolved (){ if [ $(systemctl is-active systemd-resolved.service) = active ]; then touch /etc/resolv.conf-bak-rke2; cat /etc/resolv.conf > /etc/resolv.conf-bak-rke2; systemctl disable systemd-resolved.service; systemctl stop systemd-resolved.service; rm -rf /etc/resolv.conf; touch /etc/resolv.conf; cat /etc/resolv.conf-bak-rke2 | grep -v -E "nameserver.*127" >> /etc/resolv.conf; for i in ${NAMESERVER_LIST} ; do echo "nameserver ${i} " >> /etc/resolv.conf; done fi } init_selinux () { if [ -f /etc/selinux/config ]; then if ! cat /etc/selinux/config | grep -w 'SELINUX=disabled' >> /dev/null; then sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config; fi fi } ini_firewalld (){ systemctl stop firewalld.service >> /dev/null 2>&1; systemctl disable firewalld.service >> /dev/null 2>&1; ufw disable >> /dev/null 2>&1; } init_etcd_group (){ groupadd etcd; useradd -g etcd etcd; } init_sysctl (){ sysctl_parameter_list=" net.bridge.bridge-nf-call-iptables=1 net.bridge.bridge-nf-call-ip6tables=1 net.bridge.bridge-nf-call-arptables=1 net.ipv4.ip_forward=1 kernel.panic=10 kernel.panic_on_oops=1 vm.overcommit_memory=1 " for i in ${sysctl_parameter_list} ; do a=$( echo ${i} | awk -F'=' '{print $1}' ) if cat /etc/sysctl.conf /etc/sysctl.d/* | grep -v "#.*${a} .*=" | grep "^${a} .*=" >> /dev/null; then sed -i 's/^[ \t]*//g' /etc/sysctl.conf /etc/sysctl.d/*; sed -i "/^#.*${a} $.*=/ ! s/^${a} $.*=.*/${i} /g" /etc/sysctl.conf /etc/sysctl.d/*; else echo "${i} " >> /etc/sysctl.conf; fi done sysctl -p } init_env_var_lib_rancher_rke2_bin (){ if ! env | grep '/var/lib/rancher/rke2/bin' >> /dev/null && ! cat /etc/profile | grep -w -E "PATH=.*/var/lib/rancher/rke2/bin" ; then echo 'export PATH="$PATH:/usr/local/bin:/var/lib/rancher/rke2/bin"' >> /etc/profile; source /etc/profile; fi } init_kubectl_crictl_completion (){ echo 'if [ $( which kubectl >> /dev/null 2>&1; echo ${?} ) = 0 ]; then source <(kubectl completion bash); fi' >> /etc/profile; echo 'if [ $( which crictl >> /dev/null 2>&1; echo ${?} ) = 0 ]; then source <(crictl completion bash); fi' >> /etc/profile; } init_crictl_config (){ if [ ! -f /etc/crictl.yaml ]; then touch /etc/crictl.yaml cat > /etc/crictl.yaml<<EOF runtime-endpoint: unix:///run/k3s/containerd/containerd.sock image-endpoint: unix:///run/k3s/containerd/containerd.sock timeout: 20 debug: false EOF else if ! cat /etc/crictl.yaml | grep -w -E "runtime-endpoint" ; then echo 'runtime-endpoint: unix:///run/k3s/containerd/containerd.sock' >> /etc/crictl.yaml; elif ! cat /etc/crictl.yaml | grep -w -E 'runtime-endpoint: unix:///run/k3s/containerd/containerd.sock' ; then sed -i '/runtime-endpoint/d' /etc/crictl.yaml; echo 'runtime-endpoint: unix:///run/k3s/containerd/containerd.sock' >> /etc/crictl.yaml; fi if ! cat /etc/crictl.yaml | grep -w -E "image-endpoint" ; then echo 'image-endpoint: unix:///run/k3s/containerd/containerd.sock' >> /etc/crictl.yaml; elif ! cat /etc/crictl.yaml | grep -w -E 'image-endpoint: unix:///run/k3s/containerd/containerd.sock' ; then sed -i '/image-endpoint/d' /etc/crictl.yaml; echo 'image-endpoint: unix:///run/k3s/containerd/containerd.sock' >> /etc/crictl.yaml; fi fi } init_ctr_env (){ if ! cat /etc/profile | grep -w -E "CONTAINERD_NAMESPACE" >> /dev/null; then echo 'export CONTAINERD_NAMESPACE=k8s.io' >> /etc/profile; fi if ! cat /etc/profile | grep -w -E "CONTAINERD_ADDRESS" >> /dev/null; then echo 'export CONTAINERD_ADDRESS=/run/k3s/containerd/containerd.sock' >> /etc/profile; fi } docker_check; networkmanager_check; init_timezone; init_os_language; init_dns_resolved; init_selinux; ini_firewalld; init_etcd_group; init_sysctl; init_ctr_env; init_env_var_lib_rancher_rke2_bin; init_kubectl_crictl_completion; init_crictl_config;