├── .gitignore ├── LICENSE ├── README.md └── jdos-k8s-offline ├── README.md ├── docker └── docker.service ├── etcd └── v3.3.5 │ └── etcd.service ├── install.sh └── kubenetes └── kubernetes ├── install_api_server.sh ├── install_controller_manager.sh ├── install_kubelet.sh ├── install_proxy.sh └── install_shceduler.sh /.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.dll 4 | *.so 5 | *.dylib 6 | 7 | # Test binary, build with `go test -c` 8 | *.test 9 | 10 | # Output of the go coverage tool, specifically when used with LiteIDE 11 | *.out 12 | 13 | # Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736 14 | .glide/ 15 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # jdos 2 | JDOS: a kubernetes-based datacenter operating system 3 | -------------------------------------------------------------------------------- /jdos-k8s-offline/README.md: -------------------------------------------------------------------------------- 1 | # jdos-k8s-offline 2 | jdos-k8s-offline: 在社区版本的k8s基础上支持离线一键化安装,目前支持的是在单台机器上进行的安装,其中安装的服务包括 3 | * docker 4 | * etcd 5 | * kubenetes 6 | 7 | 目前由于离线版本中需要的安装库比较大,因此部分离线安装库放在百度云中,有需要的可下载,地址[链接地址](https://pan.baidu.com/s/1Z_jYb9F20c6Yv0LD-ADDnQ) ,密码:xw7j 8 | -------------------------------------------------------------------------------- /jdos-k8s-offline/docker/docker.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Docker Application Container Engine 3 | Documentation=https://docs.docker.com 4 | After=network.target docker.socket 5 | Requires=docker.socket 6 | 7 | [Service] 8 | Type=notify 9 | ExecStart=/usr/bin/docker daemon -H=tcp://0.0.0.0:2375 -H=unix:///var/run/docker.sock 10 | MountFlags=slave 11 | LimitNOFILE=1048576 12 | LimitNPROC=1048576 13 | LimitCORE=infinity 14 | TimeoutStartSec=0 15 | 16 | [Install] 17 | WantedBy=multi-user.target 18 | 19 | -------------------------------------------------------------------------------- /jdos-k8s-offline/etcd/v3.3.5/etcd.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | 3 | Description=Etcd Server 4 | 5 | After=network.target 6 | 7 | 8 | 9 | [Service] 10 | 11 | Type=simple 12 | 13 | WorkingDirectory=/var/lib/etcd/ 14 | 15 | EnvironmentFile=-/etc/etcd/etcd.conf 16 | 17 | ExecStart=/usr/local/bin/etcd 18 | 19 | 20 | 21 | [Install] 22 | 23 | WantedBy=multi-user.target 24 | 25 | -------------------------------------------------------------------------------- /jdos-k8s-offline/install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # k8s all in one install script 4 | 5 | echo 'welcome to install k8s all-in-one ' 6 | MASTER_ADDRESS="127.0.0.1" 7 | NODE_LIST="127.0.0.1" 8 | DNS_SERVER_IP="" 9 | SERVICE_CLUSTER_IP_RANGE="10.0.0.0/16" 10 | INSTALL_HOME=$(cd `dirname $0`; pwd) 11 | INSTALL_ETCD_HOME="$INSTALL_HOME/etcd/v3.3.5" 12 | INSTALL_K8S_HOME="$INSTALL_HOME/kubenetes/kubernetes" 13 | INSTALL_DOCKER_HOME="$INSTALL_HOME/docker" 14 | INSTALL_K8S_HOME="$INSTALL_HOME/kubenetes/kubernetes" 15 | 16 | #install etcd 17 | INSTALL_ETCD (){ 18 | echo "start install etcd" 19 | cp -f $INSTALL_ETCD_HOME/etcd /usr/local/bin 20 | cp -f $INSTALL_ETCD_HOME/etcdctl /usr/local/bin 21 | mkdir -p /var/lib/etcd/ 22 | mkdir -p /etc/etcd 23 | cp -f $INSTALL_ETCD_HOME/etcd.conf /etc/etcd 24 | cp -f $INSTALL_ETCD_HOME/etcd.service /usr/lib/systemd/system 25 | echo "etcd has installed,now begin to start" 26 | systemctl daemon-reload 27 | systemctl start etcd 28 | systemctl enable etcd 29 | } 30 | 31 | #install docker 32 | INSTALL_DOCKER (){ 33 | echo "start install docker" 34 | cd $INSTALL_DOCKER_HOME 35 | yum localinstall -y docker-engine* 36 | cp -f $INSTALL_DOCKER_HOME/docker.service /usr/lib/systemd/system/ 37 | systemctl daemon-reload 38 | systemctl enable docker 39 | } 40 | 41 | #install kube master 42 | INSTALL_MASTER (){ 43 | echo "start install kube master , master ip is $MASTER_ADDRESS" 44 | cp -r $INSTALL_K8S_HOME/server/kubernetes/server/bin/* /usr/bin 45 | cd $INSTALL_K8S_HOME 46 | ./install_api_server.sh "$MASTER_ADDRESS" "$MASTER_ADDRESS" "$SERVICE_CLUSTER_IP_RANGE" 47 | echo "api server installed" 48 | ./install_controller_manager.sh "$MASTER_ADDRESS" 49 | echo "controller manager installed" 50 | ./install_shceduler.sh "$MASTER_ADDRESS" 51 | echo "schedulder installed" 52 | } 53 | 54 | #install kube node 55 | INSTALL_NODE (){ 56 | echo "install kube node ,current node address $1" 57 | CURRENT_NODE_ADDRESS=$1 58 | cp -r $INSTALL_K8S_HOME/server/kubernetes/server/bin/* /usr/bin 59 | ./install_kubelet.sh "$MASTER_ADDRESS" "$CURRENT_NODE_ADDRESS" "$DNS_SERVER_IP" 60 | echo "kubelet installed" 61 | ./install_proxy.sh "$MASTER_ADDRESS" "$CURRENT_NODE_ADDRESS" 62 | echo "proxy installed" 63 | 64 | } 65 | 66 | #while getopts "m:s:n:d:" opt; do 67 | # case $opt in 68 | # m) 69 | # MASTER_ADDRESS="$OPTARG" 70 | # ;; 71 | # n) 72 | # NODE_LIST="$OPTARG" 73 | # ;; 74 | # s) 75 | # SERVICE_CLUSTER_IP_RANGE="$OPTARG" 76 | # ;; 77 | # d) 78 | # DNS_SERVER_IP="$OPTARG" 79 | # ;; 80 | # \?) 81 | # echo "Invalid option - $OPTARG" 82 | # exit 0 83 | # ;; 84 | # esac 85 | #done 86 | #if [ ! -n $MASTER_ADDRESS ];then 87 | # echo "kube master address can not be none" 88 | # exit 0 89 | #fi 90 | 91 | #stop firewall 92 | systemctl disable firewalld.service 93 | systemctl stop firewalld.service 94 | INSTALL_ETCD 95 | INSTALL_DOCKER 96 | INSTALL_MASTER 97 | 98 | for s in `echo "$NODE_LIST"|sed 's/,/\n/g'` 99 | do 100 | INSTALL_NODE "$s" 101 | done 102 | exit 0 103 | 104 | -------------------------------------------------------------------------------- /jdos-k8s-offline/kubenetes/kubernetes/install_api_server.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | MASTER_ADDRESS=${1:-"$1"} 4 | ETCD_SERVERS="http://${2}:2379" 5 | SERVICE_CLUSTER_IP_RANGE=${3:-"$3"} 6 | ADMISSION_CONTROL=${4:-"AlwaysAdmit"} 7 | mkdir -p /etc/kubernetes 8 | 9 | cat </etc/kubernetes/kube-apiserver 10 | # --alsologtostderr=true: log to standard error as well as log file 11 | KUBE_ALSO_LOGTOSTDERR="--alsologtostderr=true" 12 | # --log-dir 13 | KUBE_LOG_DIR="--log-dir=/var/log/kubernetes" 14 | # --v=0: log level for V logs 15 | KUBE_LOG_LEVEL="--v=2" 16 | #stderrthreshold: only show log that over the threshold to stderr 17 | STDERR_THRESHOLD="--stderrthreshold=2" 18 | # --etcd-servers=[]: List of etcd servers to watch (http://ip:port), 19 | # comma separated. Mutually exclusive with -etcd-config 20 | KUBE_ETCD_SERVERS="--etcd-servers=${ETCD_SERVERS}" 21 | # --etcd-cafile="": SSL Certificate Authority file used to secure etcd communication. 22 | #KUBE_ETCD_CAFILE="--etcd-cafile=/srv/kubernetes/etcd/ca.pem" 23 | # --etcd-certfile="": SSL certification file used to secure etcd communication. 24 | #KUBE_ETCD_CERTFILE="--etcd-certfile=/srv/kubernetes/etcd/client.pem" 25 | # --etcd-keyfile="": key file used to secure etcd communication. 26 | #KUBE_ETCD_KEYFILE="--etcd-keyfile=/srv/kubernetes/etcd/client-key.pem" 27 | # --insecure-bind-address=127.0.0.1: The IP address on which to serve the --insecure-port. 28 | KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0" 29 | # --insecure-port=8080: The port on which to serve unsecured, unauthenticated access. 30 | KUBE_API_PORT="--insecure-port=8080" 31 | # --kubelet-port=10250: Kubelet port 32 | NODE_PORT="--kubelet-port=10250" 33 | # --advertise-address=: The IP address on which to advertise 34 | # the apiserver to members of the cluster. 35 | KUBE_ADVERTISE_ADDR="--advertise-address=${MASTER_ADDRESS}" 36 | # --allow-privileged=false: If true, allow privileged containers. 37 | KUBE_ALLOW_PRIV="--allow-privileged=false" 38 | # --service-cluster-ip-range=: A CIDR notation IP range from which to assign service cluster IPs. 39 | # This must not overlap with any IP ranges assigned to nodes for pods. 40 | KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=${SERVICE_CLUSTER_IP_RANGE}" 41 | # --admission-control="AlwaysAdmit": Ordered list of plug-ins 42 | # to do admission control of resources into cluster. 43 | # Comma-delimited list of: 44 | # LimitRanger, AlwaysDeny, SecurityContextDeny, NamespaceExists, 45 | # NamespaceLifecycle, NamespaceAutoProvision, AlwaysAdmit, 46 | # ServiceAccount, DefaultStorageClass, DefaultTolerationSeconds, ResourceQuota 47 | KUBE_ADMISSION_CONTROL="--admission-control=${ADMISSION_CONTROL}" 48 | # --client-ca-file="": If set, any request presenting a client certificate signed 49 | # by one of the authorities in the client-ca-file is authenticated with an identity 50 | # corresponding to the CommonName of the client certificate. 51 | #KUBE_API_CLIENT_CA_FILE="--client-ca-file=/srv/kubernetes/ca.crt" 52 | # --tls-cert-file="": File containing x509 Certificate for HTTPS. (CA cert, if any, 53 | # concatenated after server cert). If HTTPS serving is enabled, and --tls-cert-file 54 | # and --tls-private-key-file are not provided, a self-signed certificate and key are 55 | # generated for the public address and saved to /var/run/kubernetes. 56 | #KUBE_API_TLS_CERT_FILE="--tls-cert-file=/srv/kubernetes/server.cert" 57 | # --tls-private-key-file="": File containing x509 private key matching --tls-cert-file. 58 | #KUBE_API_TLS_PRIVATE_KEY_FILE="--tls-private-key-file=/srv/kubernetes/server.key" 59 | ##enable RBAC add-by-myf5.net 60 | KUBE_RBAC="--authorization-mode=RBAC" 61 | EOF 62 | 63 | 64 | KUBE_APISERVER_OPTS=" \${KUBE_ALSO_LOGTOSTDERR} \\ 65 | \${STDERR_THRESHOLD} \\ 66 | \${KUBE_LOG_DIR} \\ 67 | \${KUBE_LOG_LEVEL} \\ 68 | \${KUBE_ETCD_SERVERS} \\ 69 | \${KUBE_API_ADDRESS} \\ 70 | \${KUBE_API_PORT} \\ 71 | \${NODE_PORT} \\ 72 | \${KUBE_ADVERTISE_ADDR} \\ 73 | \${KUBE_ALLOW_PRIV} \\ 74 | \${KUBE_SERVICE_ADDRESSES} \\ 75 | \${KUBE_ADMISSION_CONTROL} \\ 76 | \${KUBE_RBAC}" 77 | 78 | 79 | cat </usr/lib/systemd/system/kube-apiserver.service 80 | [Unit] 81 | Description=Kubernetes API Server 82 | Documentation=https://github.com/kubernetes/kubernetes 83 | [Service] 84 | EnvironmentFile=-/etc/kubernetes/kube-apiserver 85 | ExecStart=/usr/bin/kube-apiserver ${KUBE_APISERVER_OPTS} 86 | Restart=on-failure 87 | [Install] 88 | WantedBy=multi-user.target 89 | EOF 90 | 91 | systemctl daemon-reload 92 | systemctl enable kube-apiserver 93 | systemctl restart kube-apiserver 94 | -------------------------------------------------------------------------------- /jdos-k8s-offline/kubenetes/kubernetes/install_controller_manager.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | MASTER_ADDRESS=${1:-"$1"} 5 | 6 | cat </etc/kubernetes/kube-controller-manager 7 | KUBE_LOGTOSTDERR="--logtostderr=false" 8 | KUBE_LOG_DIR="--log-dir=/var/log/kubernetes" 9 | KUBE_LOG_LEVEL="--v=4" 10 | KUBE_MASTER="--master=${MASTER_ADDRESS}:8080" 11 | 12 | KUBE_CLUSTER_CIDR="--cluster-cidr=10.1.0.0/16" 13 | 14 | # --root-ca-file="": If set, this root certificate authority will be included in 15 | # service account's token secret. This must be a valid PEM-encoded CA bundle. 16 | #KUBE_CONTROLLER_MANAGER_ROOT_CA_FILE="--root-ca-file=/srv/kubernetes/ca.crt" 17 | 18 | # --service-account-private-key-file="": Filename containing a PEM-encoded private 19 | # RSA key used to sign service account tokens. 20 | #KUBE_CONTROLLER_MANAGER_SERVICE_ACCOUNT_PRIVATE_KEY_FILE="--service-account-private-key-file=/srv/kubernetes/server.key" 21 | 22 | # --leader-elect 23 | KUBE_LEADER_ELECT="--leader-elect=false" 24 | EOF 25 | 26 | KUBE_CONTROLLER_MANAGER_OPTS=" \${KUBE_LOGTOSTDERR} \\ 27 | \${KUBE_LOG_DIR} \\ 28 | \${KUBE_LOG_LEVEL} \\ 29 | \${KUBE_MASTER} \\ 30 | \${KUBE_CLUSTER_CIDR}\\ 31 | \${KUBE_LEADER_ELECT}" 32 | 33 | cat </usr/lib/systemd/system/kube-controller-manager.service 34 | [Unit] 35 | Description=Kubernetes Controller Manager 36 | Documentation=https://github.com/kubernetes/kubernetes 37 | After=kube-apiserver.service 38 | After=network.target 39 | Requires=kube-apiserver.service 40 | 41 | [Service] 42 | EnvironmentFile=-/etc/kubernetes/kube-controller-manager 43 | ExecStart=/usr/bin/kube-controller-manager ${KUBE_CONTROLLER_MANAGER_OPTS} 44 | Restart=on-failure 45 | 46 | [Install] 47 | WantedBy=multi-user.target 48 | EOF 49 | 50 | systemctl daemon-reload 51 | systemctl enable kube-controller-manager 52 | systemctl restart kube-controller-manager 53 | -------------------------------------------------------------------------------- /jdos-k8s-offline/kubenetes/kubernetes/install_kubelet.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | MASTER_ADDRESS=${1:-"$1"} 4 | NODE_ADDRESS=${2:-"$2"} 5 | DNS_SERVER_IP=${3:-"$3"} 6 | DNS_DOMAIN=${4:-"cluster.local"} 7 | 8 | mkdir -p /etc/kubernetes 9 | 10 | cat </etc/kubernetes/kubelet 11 | # --logtostderr=true: log to standard error instead of files 12 | KUBE_LOGTOSTDERR="--logtostderr=false" 13 | #LOG TO FILE 14 | KUBE_LOG_DIR="--log-dir=/var/log/kubernetes" 15 | 16 | # --v=0: log level for V logs 17 | KUBE_LOG_LEVEL="--v=4" 18 | # --address=0.0.0.0: The IP address for the Kubelet to serve on (set to 0.0.0.0 for all interfaces) 19 | NODE_ADDRESS="--address=${NODE_ADDRESS}" 20 | # --port=10250: The port for the Kubelet to serve on. Note that "kubectl logs" will not work if you set this flag. 21 | NODE_PORT="" 22 | # --hostname-override="": If non-empty, will use this string as identification instead of the actual hostname. 23 | NODE_HOSTNAME="--hostname-override=${NODE_ADDRESS}" 24 | # --api-servers=[]: List of Kubernetes API servers for publishing events, 25 | # and reading pods and services. (ip:port), comma separated. 26 | KUBELET_API_SERVER="--api-servers=${MASTER_ADDRESS}:8080" 27 | # --allow-privileged=false: If true, allow containers to request privileged mode. [default=false] 28 | KUBE_ALLOW_PRIV="--allow-privileged=false" 29 | # DNS info 30 | KUBELET__DNS_IP="--cluster-dns=${DNS_SERVER_IP}" 31 | KUBELET_DNS_DOMAIN="--cluster-domain=${DNS_DOMAIN}" 32 | # Add your own! 33 | KUBELET_ARGS="" 34 | EOF 35 | 36 | KUBE_PROXY_OPTS=" \${KUBE_LOGTOSTDERR} \\ 37 | \${KUBE_LOG_DIR} \\ 38 | \${KUBE_LOG_LEVEL} \\ 39 | \${NODE_ADDRESS} \\ 40 | \${NODE_PORT} \\ 41 | \${NODE_HOSTNAME} \\ 42 | \${KUBELET_API_SERVER} \\ 43 | \${KUBE_ALLOW_PRIV} \\ 44 | \${KUBELET_DNS_DOMAIN} \\ 45 | \$KUBELET_ARGS" 46 | 47 | cat </usr/lib/systemd/system/kubelet.service 48 | [Unit] 49 | Description=Kubernetes Kubelet 50 | After=docker.service 51 | Requires=docker.service 52 | [Service] 53 | EnvironmentFile=-/etc/kubernetes/kubelet 54 | ExecStart=/usr/bin/kubelet ${KUBE_PROXY_OPTS} 55 | Restart=on-failure 56 | KillMode=process 57 | [Install] 58 | WantedBy=multi-user.target 59 | EOF 60 | 61 | systemctl daemon-reload 62 | systemctl enable kubelet 63 | systemctl restart kubelet 64 | -------------------------------------------------------------------------------- /jdos-k8s-offline/kubenetes/kubernetes/install_proxy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | MASTER_ADDRESS=${1:-"$1"} 5 | NODE_ADDRESS=${2:-"$2"} 6 | 7 | cat </etc/kubernetes/kube-proxy 8 | # --logtostderr=true: log to standard error instead of files 9 | KUBE_LOGTOSTDERR="--logtostderr=false" 10 | KUBE_LOG_DIR="--log-dir=/var/log/kubernetes" 11 | # --v=0: log level for V logs 12 | KUBE_LOG_LEVEL="--v=2" 13 | # --hostname-override="": If non-empty, will use this string as identification instead of the actual hostname. 14 | NODE_HOSTNAME="--hostname-override=${NODE_ADDRESS}" 15 | # --master="": The address of the Kubernetes API server (overrides any value in kubeconfig) 16 | KUBE_MASTER="--master=http://${MASTER_ADDRESS}:8080" 17 | EOF 18 | 19 | KUBE_PROXY_OPTS=" \${KUBE_LOGTOSTDERR} \\ 20 | \${KUBE_LOG_DIR} \\ 21 | \${KUBE_LOG_LEVEL} \\ 22 | \${NODE_HOSTNAME} \\ 23 | \${KUBE_MASTER}" 24 | 25 | cat </usr/lib/systemd/system/kube-proxy.service 26 | [Unit] 27 | Description=Kubernetes Proxy 28 | After=network.target 29 | [Service] 30 | EnvironmentFile=-/etc/kubernetes/kube-proxy 31 | ExecStart=/usr/bin/kube-proxy ${KUBE_PROXY_OPTS} 32 | Restart=on-failure 33 | [Install] 34 | WantedBy=multi-user.target 35 | EOF 36 | 37 | systemctl daemon-reload 38 | systemctl enable kube-proxy 39 | systemctl restart kube-proxy 40 | -------------------------------------------------------------------------------- /jdos-k8s-offline/kubenetes/kubernetes/install_shceduler.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | MASTER_ADDRESS=${1:-"$1"} 5 | 6 | cat </etc/kubernetes/kube-scheduler 7 | ### 8 | # kubernetes scheduler config 9 | 10 | # --logtostderr=true: log to standard error instead of files 11 | KUBE_LOGTOSTDERR="--logtostderr=false" 12 | 13 | # Log to file 14 | KUBE_LOG_DIR="--log-dir=/var/log/kubernetes" 15 | 16 | # --v=0: log level for V logs 17 | KUBE_LOG_LEVEL="--v=4" 18 | 19 | KUBE_MASTER="--master=${MASTER_ADDRESS}:8080" 20 | 21 | # --leader-elect 22 | KUBE_LEADER_ELECT="--leader-elect=false" 23 | 24 | # Add your own! 25 | KUBE_SCHEDULER_ARGS="" 26 | 27 | EOF 28 | 29 | KUBE_SCHEDULER_OPTS=" \${KUBE_LOGTOSTDERR} \\ 30 | \${KUBE_LOG_DIR} \\ 31 | \${KUBE_LOG_LEVEL} \\ 32 | \${KUBE_MASTER} \\ 33 | \${KUBE_LEADER_ELECT} \\ 34 | \${KUBE_SCHEDULER_ARGS}" 35 | 36 | cat </usr/lib/systemd/system/kube-scheduler.service 37 | [Unit] 38 | Description=Kubernetes Scheduler 39 | Documentation=https://github.com/kubernetes/kubernetes 40 | After=kube-apiserver.service 41 | Requires=kube-apiserver.service 42 | 43 | [Service] 44 | EnvironmentFile=-/etc/kubernetes/kube-scheduler 45 | ExecStart=/usr/bin/kube-scheduler ${KUBE_SCHEDULER_OPTS} 46 | Restart=on-failure 47 | 48 | [Install] 49 | WantedBy=multi-user.target 50 | EOF 51 | 52 | systemctl daemon-reload 53 | systemctl enable kube-scheduler 54 | systemctl restart kube-scheduler 55 | --------------------------------------------------------------------------------