def rmRemoteFile(c, filename, nodename):
# 初始化远程工具对象
robj = Remote(getEnv(nodename))
# 删除远程文件
result = robj.rmfile(filename)
if result == False:
print("failed to delete remote file.")
if not confirm("failed to delete remote file, Continue[Y/N]?"):
return True
else:
print("succeed to delete remote file.")
return True
def installKbsNodeBefore(self):
remoteBinPath = self.getRemotePath('remoteBinPath')
remoteSslPath = self.getRemotePath('remoteSslPath')
remoteCfgPath = self.getRemotePath('remoteCfgPath')
remoteLocalBinPath = self.getRemotePath('remoteLocalBinPath')
tmpPath = self.getLocalPath('tmpPath')
kbsConfigPath = self.getLocalPath('kbsConfigPath')
admin_env = self.getEnv("admin")
# 初始化远程工具对象
robj_admin = Remote(admin_env)
node_env1 = self.getEnv("master1")
# 初始化远程工具对象
robj_master1 = Remote(node_env1)
#download token csv file from master1 to local
robj_master1.download(remoteCfgPath + "/token.csv", tmpPath + "/")
#####for kubelet#####
#delete old role binding in master1
cmdRemote = remoteBinPath + "/kubectl delete clusterrolebinding/kubelet-bootstrap"
robj_admin.sudo(cmdRemote)
#create role binding in master1
cmdRemote = remoteBinPath + "/kubectl create clusterrolebinding kubelet-bootstrap"
cmdRemote = cmdRemote + " --clusterrole=system:node-bootstrapper"
cmdRemote = cmdRemote + " --user=kubelet-bootstrap"
robj_admin.sudo(cmdRemote)
#set cluster parameters and create kubelet bootstrapping kubeconfig file
cmdRemote = remoteBinPath + "/kubectl config set-cluster kubernetes"
cmdRemote = cmdRemote + " --certificate-authority=" + remoteSslPath + "/ca.pem"
cmdRemote = cmdRemote + " --embed-certs=true"
cmdRemote = cmdRemote + " --server=https://" + self.proxy_host + ":" + self.proxy_port
cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/bootstrap.kubeconfig"
robj_admin.sudo(cmdRemote)
robj_admin.local("sleep 3")
f = open(tmpPath + '/token.csv', 'r')
csv_file = csv.reader(f)
csv_content = next(csv_file)
csv_token = csv_content[0]
f.close()
#create authority parameters for client
cmdRemote = remoteBinPath + "/kubectl config set-credentials kubelet-bootstrap"
cmdRemote = cmdRemote + " --token=" + csv_token
cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/bootstrap.kubeconfig"
robj_admin.sudo(cmdRemote)
#set context parameters
cmdRemote = remoteBinPath + "/kubectl config set-context kubernetes"
cmdRemote = cmdRemote + " --cluster=kubernetes"
cmdRemote = cmdRemote + " --user=kubelet-bootstrap"
cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/bootstrap.kubeconfig"
robj_admin.sudo(cmdRemote)
#set default context
cmdRemote = remoteBinPath + "/kubectl config use-context kubernetes"
cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/bootstrap.kubeconfig"
robj_admin.sudo(cmdRemote)
#####for proxy#####
#upload proxy csr file to master1
robj_master1.upload(kbsConfigPath + "/kube-proxy-csr.json",
remoteSslPath + "/")
#delete old proxy cert files in master1
robj_master1.rmfile(remoteSslPath + "/kube-proxy.csr")
robj_master1.rmfile(remoteSslPath + "/kube-proxy.pem")
robj_master1.rmfile(remoteSslPath + "/kube-proxy-key.pem")
#create proxy cert files in master1
cmdRemote = "/usr/local/bin/cfssl gencert"
cmdRemote = cmdRemote + " -ca=" + remoteSslPath + "/ca.pem"
cmdRemote = cmdRemote + " -ca-key=" + remoteSslPath + "/ca-key.pem"
cmdRemote = cmdRemote + " -config=" + remoteSslPath + "/ca-config.json"
cmdRemote = cmdRemote + " -profile=kubernetes " + remoteSslPath + "/kube-proxy-csr.json"
cmdRemote = cmdRemote + " | " + remoteLocalBinPath + "/cfssljson -bare " + remoteSslPath + "/kube-proxy"
robj_master1.sudo(cmdRemote)
#download cert files from master1 to local
robj_master1.download(remoteSslPath + "/kube-proxy.pem", tmpPath + "/")
robj_master1.download(remoteSslPath + "/kube-proxy-key.pem",
tmpPath + "/")
robj_master1.download(remoteSslPath + "/ca.pem", tmpPath + "/")
#upload cert files from local to admin node
robj_admin.upload(tmpPath + "/kube-proxy.pem", remoteSslPath + "/")
robj_admin.upload(tmpPath + "/kube-proxy-key.pem", remoteSslPath + "/")
robj_admin.upload(tmpPath + "/ca.pem", remoteSslPath + "/")
#create kube-proxy kubeconfig file in admin node
cmdRemote = remoteBinPath + "/kubectl config set-cluster kubernetes"
cmdRemote = cmdRemote + " --certificate-authority=" + remoteSslPath + "/ca.pem"
cmdRemote = cmdRemote + " --embed-certs=true"
cmdRemote = cmdRemote + " --server=https://" + self.proxy_host + ":" + self.proxy_port
cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/kube-proxy.kubeconfig"
robj_admin.sudo(cmdRemote)
cmdRemote = remoteBinPath + "/kubectl config set-credentials kube-proxy"
cmdRemote = cmdRemote + " --client-certificate=" + remoteSslPath + "/kube-proxy.pem"
cmdRemote = cmdRemote + " --client-key=" + remoteSslPath + "/kube-proxy-key.pem"
cmdRemote = cmdRemote + " --embed-certs=true"
cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/kube-proxy.kubeconfig"
robj_admin.sudo(cmdRemote)
cmdRemote = remoteBinPath + "/kubectl config set-context kubernetes"
cmdRemote = cmdRemote + " --cluster=kubernetes"
cmdRemote = cmdRemote + " --user=kube-proxy"
cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/kube-proxy.kubeconfig"
robj_admin.sudo(cmdRemote)
cmdRemote = remoteBinPath + "/kubectl config use-context kubernetes"
cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/kube-proxy.kubeconfig"
robj_admin.sudo(cmdRemote)
def installEtcdNodeNormal(self, nodename):
node_env = self.getEnv(nodename)
# 初始化远程工具对象
robj = Remote(node_env)
remoteSslPath = self.getRemotePath('remoteSslPath')
remoteBinPath = self.getRemotePath('remoteBinPath')
remoteCfgPath = self.getRemotePath('remoteCfgPath')
remoteSystemdPath = self.getRemotePath('remoteSystemdPath')
remoteEtcdDataPath = self.getRemotePath('remoteEtcdDataPath')
etcdBinPath = self.getLocalPath('etcdBinPath')
etcdConfigPath = self.getLocalPath('etcdConfigPath')
tmpPath = self.getLocalPath('tmpPath')
#upload ca files
robj.upload(tmpPath + "/ca.csr", remoteSslPath + "/")
robj.upload(tmpPath + "/ca.pem", remoteSslPath + "/")
robj.upload(tmpPath + "/ca-key.pem", remoteSslPath + "/")
#upload etcd ca files
robj.upload(tmpPath + "/etcd.csr", remoteSslPath + "/")
robj.upload(tmpPath + "/etcd.pem", remoteSslPath + "/")
robj.upload(tmpPath + "/etcd-key.pem", remoteSslPath + "/")
#upload binary file for etcd processes
if robj.checkpath((remoteBinPath + "/etcd")) == False:
robj.upload(etcdBinPath + "/etcd", remoteBinPath + "/")
if robj.checkpath((remoteBinPath + "/etcdctl")) == False:
robj.upload(etcdBinPath + "/etcdctl", remoteBinPath + "/")
#upload etcd config file
file_config = etcdConfigPath + "/etcd.conf"
file_tmp = tmpPath + "/etcd.conf"
sedRegex = "sed \"s/{etcdNodeName}/%s/g\"" % ("etcd-" + nodename)
sedRegex = sedRegex + " | sed \"s/{etcdNodeIp}/%s/g\"" % node_env.host
sedRegex = sedRegex + " | sed \"s/{etcdNodeName1}/%s/g\"" % ("etcd-" +
"master1")
node1_env = self.getEnv("master1")
etcdNodeIp1 = node1_env.host
sedRegex = sedRegex + " | sed \"s/{etcdNodeIp1}/%s/g\"" % etcdNodeIp1
sedRegex = sedRegex + " | sed \"s/{etcdNodeName2}/%s/g\"" % ("etcd-" +
"master2")
node2_env = self.getEnv("master2")
etcdNodeIp2 = node2_env.host
sedRegex = sedRegex + " | sed \"s/{etcdNodeIp2}/%s/g\"" % etcdNodeIp2
sedRegex = sedRegex + " | sed \"s/{etcdNodeName3}/%s/g\"" % ("etcd-" +
"master3")
node3_env = self.getEnv("master3")
etcdNodeIp3 = node3_env.host
sedRegex = sedRegex + " | sed \"s/{etcdNodeIp3}/%s/g\"" % etcdNodeIp3
cmd_local = "cat %s | %s > %s" % (file_config, sedRegex, file_tmp)
robj.local(cmd_local)
robj.upload(file_tmp, remoteCfgPath + "/")
robj.upload(etcdConfigPath + "/etcd.service", remoteSystemdPath + "/")
if (remoteEtcdDataPath != "" and remoteEtcdDataPath != "/"
and robj.checkpath(remoteEtcdDataPath)):
robj.rmfile(remoteEtcdDataPath + "/*")
print("cache files of etcd is removed ...")
robj.sudo("ls -l " + remoteEtcdDataPath + "/")
else:
robj.mkdir(remoteEtcdDataPath)
#systemd for etcd process
robj.sudo("systemctl daemon-reload")
robj.sudo("systemctl enable etcd.service")
cmdRemote = "nohup systemctl restart etcd.service &> /dev/null &"
robj.sudo(cmdRemote)