概要描述
该文档针对Manager8.0之前的版本
详细步骤
准备系统环境
- 执行whoami
- 执行以下命令修改/etc/sudoers文件
sed -i $''s/^[ \\t]*Defaults[ \\t]*requiretty/# Defaults requiretty/g'' /etc/sudoers
- 查看/etc/sudoers文件是否有secure_path内容
cat /etc/sudoers | grep -E ''^\\s*Defaults\\s+secure_path''
如果没有,执行以下命令给/etc/sudoers文件添加secure_path内容
echo ''Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin'' >> /etc/sudoers
- 获取配置文件
(默认为transwarp) - 判断
组是否存在,不存在则添加该组
getent group $inspector >/dev/null || groupadd -r $inspector
- 判断
用户是否存在,不存在则添加用户
getent passwd $inspector >/dev/null || useradd -c 'Default user to execute inspection' -s /bin/bash -g $inspector -r -d /home/$inspector $inspector 2> /dev/null
- 判断/etc/sudoers文件中是否存在
用户
cat /etc/sudoers | grep -E ''^\\s*$inceptor\\s+''
没有则在文件中添加
echo ''$inspector ALL=(ALL) NOPASSWD: ALL'' >> /etc/sudoers
-
获取参数
$pubkey=/etc/transwarp/transwarp_id_rsa.pub文件内容
$localsh=/usr/lib/deploy/script/conf_ssh_local.sh文件内容
执行以下命令,配置ssh key` umask 022 mkdir -p /home/$inspector/.ssh chown -R $inspector:$inspector /home/$inspector echo " + EscapeUtils.escapeAndQuoteShellCmd(pubkey) + " > /home/$inspector/.ssh/transwarp-id_rsa.pub echo " + EscapeUtils.escapeAndQuoteShellCmd(localsh) + s" > /home/$inspector/.ssh/config_ssh_local.sh sudo -u $inspector bash /home/$inspector/.ssh/config_ssh_local.sh` -
获取数据库system_setting中的hosts.generation,enabled的值
如果是true,则获取该集群的所有节点的ip和hostname,更新/etc/hosts文件
10.执行以下命令备份hosts文件
mkdir -p /etc/transwarp/conf/ && chmod 755 /etc/transwarp/conf
cp -f /etc/hosts /etc/transwarp/conf/hosts- 通过节点的osType,到对应的distro.conf文件中找到对应的执行,关闭防火墙和SELinux
firewall.disable
firewall.stop
SELinux.disable
SELinux.stop- 预留默认的端口
获取参数port="48121,50010,50020,50030,50060,50070,50075,50090,50470,50495,51888,52888,60000,60010,60020,60030,60100,60110,60120,60130,61000"
执行enbale-reserve-ports
syscttl -w net.ipv4.ip_local_reserved_ports=$ports
执行config-reserve-ports
(grep "^net.ipv4.ip_local_reserved_ports" /etc/sysctl.conf &&
sed -i $''s/^net.ipv4.ip_local_reserved_ports.*$/net.ipv4.ip_local_reserved_ports=$ports/g'' /etc/sysctl.conf) ||
echo net.ipv4.ip_local_reserved_ports=$ports >> /etc/sysctl.conf- 挂载ram盘
mkdir -p -m777 /mnt/ramdisk/ngmr && chmod 777 /mnt/ramdisk/ngmr
if ! mount | grep ramdisk > /dev/null 2>&1; then mount -t ramfs -o size=4g ramfs /mnt/ramdisk/ngmr; fi
sed -i "/ramdisk/d" /etc/fstab &&
echo ''ramfs /mnt/ramdisk/ngmr ramfs mode=777,size=4g 0 0'' >> /etc/fstab配置yum库
- packageKit
config packageKit
if [ -f /etc/yum/pluginconf.d/refresh-packagekit.conf ];then sed -i ''s/^enabled=.*$/enabled=0/g'' /etc/yum/pluginconf.d/refresh-packagekit.conf;fistop packageKit
systemctl -q is-active packagekitd && systemctl stop packagekitddisable packageKit
systemctl -q is-enabled packagekitd && systemctl disable packagekitd- subscription manager
config subscription managerif [ -f /etc/yum/pluginconf.d/subscription-manager.conf ];then sed -i ''s/^enabled=.*$/enabled=0/g'' /etc/yum/pluginconf.d/subscription-manager.conf;fi
disable subscripton manager
subscription-manager config --rhsm.manage_repos=0- 备份repo配置(根据节点的osType,到distro.conf文件中执行相应的命令)
- 判断是否需要移除现有的repo配置,是则移除
- 添加repo配置
- 执行命令对repo进行clean和update
- 设置openSsl(安装,写入ca,更新ca,清除repo缓存)
安装jdk
安装对应disro配置文件中java-home.packages配置的包
执行对应disro配置文件中java-home.ln-latest命令
执行对应distro配置文件中java-home.add-default命令
执行对应distro配置文件中java-home.add-profile命令
安装NTP并同步时区
安装对应disro配置文件中ntp.package配置的包
更新时区
禁止chrony
设置pam
获取pam.paths配置
遍历path配置 作为参数执行pam.config命令
安装TOS相关包
移除配置文件中libse.packages配置的包
检查docker盘是否存在(/var/lib/docker),检查docker盘是否是xfs格式
安装配置文件中tos.packages配置的包
设置docker和docker-monitor开机自启
执行kubenetes-logrotate配置命令
安装和配置agent
安装agent
安装tar
安装ssh.packages配置的包
安装koalas.noarch
修改/etc/transwarp-manager/agent/application.conf中的hostname和os-type
配置docker(复制文件/usr/lib/deploy/file/ca.crt到配置文件openssl.trust-anchors-dir目录,执行openssl.update-ca-command配置的命令)
重启docker和docker-monitor
启动agent
stop->start->enable agent
检查agent是否连接