def rmRemoteFile(c, filename, nodename): # 初始化远程工具对象 robj = Remote(getEnv(nodename)) # 删除远程文件 result = robj.rmfile(filename) if result == False: print("failed to delete remote file.") if not confirm("failed to delete remote file, Continue[Y/N]?"): return True else: print("succeed to delete remote file.") return True
def installKbsNodeBefore(self): remoteBinPath = self.getRemotePath('remoteBinPath') remoteSslPath = self.getRemotePath('remoteSslPath') remoteCfgPath = self.getRemotePath('remoteCfgPath') remoteLocalBinPath = self.getRemotePath('remoteLocalBinPath') tmpPath = self.getLocalPath('tmpPath') kbsConfigPath = self.getLocalPath('kbsConfigPath') admin_env = self.getEnv("admin") # 初始化远程工具对象 robj_admin = Remote(admin_env) node_env1 = self.getEnv("master1") # 初始化远程工具对象 robj_master1 = Remote(node_env1) #download token csv file from master1 to local robj_master1.download(remoteCfgPath + "/token.csv", tmpPath + "/") #####for kubelet##### #delete old role binding in master1 cmdRemote = remoteBinPath + "/kubectl delete clusterrolebinding/kubelet-bootstrap" robj_admin.sudo(cmdRemote) #create role binding in master1 cmdRemote = remoteBinPath + "/kubectl create clusterrolebinding kubelet-bootstrap" cmdRemote = cmdRemote + " --clusterrole=system:node-bootstrapper" cmdRemote = cmdRemote + " --user=kubelet-bootstrap" robj_admin.sudo(cmdRemote) #set cluster parameters and create kubelet bootstrapping kubeconfig file cmdRemote = remoteBinPath + "/kubectl config set-cluster kubernetes" cmdRemote = cmdRemote + " --certificate-authority=" + remoteSslPath + "/ca.pem" cmdRemote = cmdRemote + " --embed-certs=true" cmdRemote = cmdRemote + " --server=https://" + self.proxy_host + ":" + self.proxy_port cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/bootstrap.kubeconfig" robj_admin.sudo(cmdRemote) robj_admin.local("sleep 3") f = open(tmpPath + '/token.csv', 'r') csv_file = csv.reader(f) csv_content = next(csv_file) csv_token = csv_content[0] f.close() #create authority parameters for client cmdRemote = remoteBinPath + "/kubectl config set-credentials kubelet-bootstrap" cmdRemote = cmdRemote + " --token=" + csv_token cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/bootstrap.kubeconfig" robj_admin.sudo(cmdRemote) #set context parameters cmdRemote = remoteBinPath + "/kubectl config set-context kubernetes" cmdRemote = cmdRemote + " --cluster=kubernetes" cmdRemote = cmdRemote + " --user=kubelet-bootstrap" cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/bootstrap.kubeconfig" robj_admin.sudo(cmdRemote) #set default context cmdRemote = remoteBinPath + "/kubectl config use-context kubernetes" cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/bootstrap.kubeconfig" robj_admin.sudo(cmdRemote) #####for proxy##### #upload proxy csr file to master1 robj_master1.upload(kbsConfigPath + "/kube-proxy-csr.json", remoteSslPath + "/") #delete old proxy cert files in master1 robj_master1.rmfile(remoteSslPath + "/kube-proxy.csr") robj_master1.rmfile(remoteSslPath + "/kube-proxy.pem") robj_master1.rmfile(remoteSslPath + "/kube-proxy-key.pem") #create proxy cert files in master1 cmdRemote = "/usr/local/bin/cfssl gencert" cmdRemote = cmdRemote + " -ca=" + remoteSslPath + "/ca.pem" cmdRemote = cmdRemote + " -ca-key=" + remoteSslPath + "/ca-key.pem" cmdRemote = cmdRemote + " -config=" + remoteSslPath + "/ca-config.json" cmdRemote = cmdRemote + " -profile=kubernetes " + remoteSslPath + "/kube-proxy-csr.json" cmdRemote = cmdRemote + " | " + remoteLocalBinPath + "/cfssljson -bare " + remoteSslPath + "/kube-proxy" robj_master1.sudo(cmdRemote) #download cert files from master1 to local robj_master1.download(remoteSslPath + "/kube-proxy.pem", tmpPath + "/") robj_master1.download(remoteSslPath + "/kube-proxy-key.pem", tmpPath + "/") robj_master1.download(remoteSslPath + "/ca.pem", tmpPath + "/") #upload cert files from local to admin node robj_admin.upload(tmpPath + "/kube-proxy.pem", remoteSslPath + "/") robj_admin.upload(tmpPath + "/kube-proxy-key.pem", remoteSslPath + "/") robj_admin.upload(tmpPath + "/ca.pem", remoteSslPath + "/") #create kube-proxy kubeconfig file in admin node cmdRemote = remoteBinPath + "/kubectl config set-cluster kubernetes" cmdRemote = cmdRemote + " --certificate-authority=" + remoteSslPath + "/ca.pem" cmdRemote = cmdRemote + " --embed-certs=true" cmdRemote = cmdRemote + " --server=https://" + self.proxy_host + ":" + self.proxy_port cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/kube-proxy.kubeconfig" robj_admin.sudo(cmdRemote) cmdRemote = remoteBinPath + "/kubectl config set-credentials kube-proxy" cmdRemote = cmdRemote + " --client-certificate=" + remoteSslPath + "/kube-proxy.pem" cmdRemote = cmdRemote + " --client-key=" + remoteSslPath + "/kube-proxy-key.pem" cmdRemote = cmdRemote + " --embed-certs=true" cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/kube-proxy.kubeconfig" robj_admin.sudo(cmdRemote) cmdRemote = remoteBinPath + "/kubectl config set-context kubernetes" cmdRemote = cmdRemote + " --cluster=kubernetes" cmdRemote = cmdRemote + " --user=kube-proxy" cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/kube-proxy.kubeconfig" robj_admin.sudo(cmdRemote) cmdRemote = remoteBinPath + "/kubectl config use-context kubernetes" cmdRemote = cmdRemote + " --kubeconfig=" + remoteCfgPath + "/kube-proxy.kubeconfig" robj_admin.sudo(cmdRemote)
def installEtcdNodeNormal(self, nodename): node_env = self.getEnv(nodename) # 初始化远程工具对象 robj = Remote(node_env) remoteSslPath = self.getRemotePath('remoteSslPath') remoteBinPath = self.getRemotePath('remoteBinPath') remoteCfgPath = self.getRemotePath('remoteCfgPath') remoteSystemdPath = self.getRemotePath('remoteSystemdPath') remoteEtcdDataPath = self.getRemotePath('remoteEtcdDataPath') etcdBinPath = self.getLocalPath('etcdBinPath') etcdConfigPath = self.getLocalPath('etcdConfigPath') tmpPath = self.getLocalPath('tmpPath') #upload ca files robj.upload(tmpPath + "/ca.csr", remoteSslPath + "/") robj.upload(tmpPath + "/ca.pem", remoteSslPath + "/") robj.upload(tmpPath + "/ca-key.pem", remoteSslPath + "/") #upload etcd ca files robj.upload(tmpPath + "/etcd.csr", remoteSslPath + "/") robj.upload(tmpPath + "/etcd.pem", remoteSslPath + "/") robj.upload(tmpPath + "/etcd-key.pem", remoteSslPath + "/") #upload binary file for etcd processes if robj.checkpath((remoteBinPath + "/etcd")) == False: robj.upload(etcdBinPath + "/etcd", remoteBinPath + "/") if robj.checkpath((remoteBinPath + "/etcdctl")) == False: robj.upload(etcdBinPath + "/etcdctl", remoteBinPath + "/") #upload etcd config file file_config = etcdConfigPath + "/etcd.conf" file_tmp = tmpPath + "/etcd.conf" sedRegex = "sed \"s/{etcdNodeName}/%s/g\"" % ("etcd-" + nodename) sedRegex = sedRegex + " | sed \"s/{etcdNodeIp}/%s/g\"" % node_env.host sedRegex = sedRegex + " | sed \"s/{etcdNodeName1}/%s/g\"" % ("etcd-" + "master1") node1_env = self.getEnv("master1") etcdNodeIp1 = node1_env.host sedRegex = sedRegex + " | sed \"s/{etcdNodeIp1}/%s/g\"" % etcdNodeIp1 sedRegex = sedRegex + " | sed \"s/{etcdNodeName2}/%s/g\"" % ("etcd-" + "master2") node2_env = self.getEnv("master2") etcdNodeIp2 = node2_env.host sedRegex = sedRegex + " | sed \"s/{etcdNodeIp2}/%s/g\"" % etcdNodeIp2 sedRegex = sedRegex + " | sed \"s/{etcdNodeName3}/%s/g\"" % ("etcd-" + "master3") node3_env = self.getEnv("master3") etcdNodeIp3 = node3_env.host sedRegex = sedRegex + " | sed \"s/{etcdNodeIp3}/%s/g\"" % etcdNodeIp3 cmd_local = "cat %s | %s > %s" % (file_config, sedRegex, file_tmp) robj.local(cmd_local) robj.upload(file_tmp, remoteCfgPath + "/") robj.upload(etcdConfigPath + "/etcd.service", remoteSystemdPath + "/") if (remoteEtcdDataPath != "" and remoteEtcdDataPath != "/" and robj.checkpath(remoteEtcdDataPath)): robj.rmfile(remoteEtcdDataPath + "/*") print("cache files of etcd is removed ...") robj.sudo("ls -l " + remoteEtcdDataPath + "/") else: robj.mkdir(remoteEtcdDataPath) #systemd for etcd process robj.sudo("systemctl daemon-reload") robj.sudo("systemctl enable etcd.service") cmdRemote = "nohup systemctl restart etcd.service &> /dev/null &" robj.sudo(cmdRemote)