Update worker_node_install.sh

This commit is contained in:
RomanNum3ral 2026-03-27 23:51:40 +00:00
parent 789ae1117c
commit 35c66b6ad0
1 changed files with 31 additions and 93 deletions

View File

@ -2,7 +2,7 @@
set -Eeuo pipefail set -Eeuo pipefail
######################################## ########################################
# Arch Linux RKE2 Worker Node # Arch Linux RKE2 Worker Node Prep
# #
# What this script does: # What this script does:
# - Disables swap # - Disables swap
@ -11,27 +11,15 @@ set -Eeuo pipefail
# - Configures NetworkManager to ignore CNI interfaces # - Configures NetworkManager to ignore CNI interfaces
# - Disables host nftables service to avoid breaking RKE2 service routing # - Disables host nftables service to avoid breaking RKE2 service routing
# - Installs RKE2 agent pinned to the same version as the master # - Installs RKE2 agent pinned to the same version as the master
# - Optionally joins the worker to the cluster automatically # - Prepares the node for a later manual join
# #
# Optional environment variables: # Optional environment variables:
# RKE2_VERSION=v1.34.5+rke2r1 # RKE2_VERSION=v1.34.5+rke2r1
# SERVER_URL=https://10.28.24.17:9345
# RKE2_TOKEN=your-node-token
# WORKER_NODE_NAME=arch-kubernetes-worker1 # WORKER_NODE_NAME=arch-kubernetes-worker1
# START_RKE2=true
#
# Notes:
# - If SERVER_URL and RKE2_TOKEN are both set, the script will configure
# and start the worker automatically.
# - If they are not set, the script will install everything and stop after
# preparing the node.
######################################## ########################################
RKE2_VERSION="${RKE2_VERSION:-v1.34.5+rke2r1}" RKE2_VERSION="${RKE2_VERSION:-v1.34.5+rke2r1}"
SERVER_URL="${SERVER_URL:-}" WORKER_NODE_NAME="${WORKER_NODE_NAME:-}"
RKE2_TOKEN="${RKE2_TOKEN:-}" # Get token from master sudo cat /var/lib/rancher/rke2/server/node-token
WORKER_NODE_NAME="${WORKER_NODE_NAME:-}" # Name the worker
START_RKE2="${START_RKE2:-true}"
RKE2_CONFIG_DIR="/etc/rancher/rke2" RKE2_CONFIG_DIR="/etc/rancher/rke2"
RKE2_CONFIG_FILE="${RKE2_CONFIG_DIR}/config.yaml" RKE2_CONFIG_FILE="${RKE2_CONFIG_DIR}/config.yaml"
@ -178,70 +166,28 @@ export PATH=$PATH:/var/lib/rancher/rke2/bin:/usr/local/bin
EOF EOF
} }
write_config_if_possible() { write_config_template() {
log "Writing RKE2 agent config" log "Writing worker config template"
{ {
if [[ -n "${SERVER_URL}" ]]; then echo "# Fill these in before starting rke2-agent:"
echo "server: ${SERVER_URL}" echo "# server: https://YOUR_MASTER_IP:9345"
fi echo "# token: YOUR_NODE_TOKEN"
if [[ -n "${RKE2_TOKEN}" ]]; then
echo "token: ${RKE2_TOKEN}"
fi
if [[ -n "${WORKER_NODE_NAME}" ]]; then if [[ -n "${WORKER_NODE_NAME}" ]]; then
echo "node-name: ${WORKER_NODE_NAME}" echo "node-name: ${WORKER_NODE_NAME}"
else
echo "# node-name: optional-custom-node-name"
fi fi
} > "${RKE2_CONFIG_FILE}" } > "${RKE2_CONFIG_FILE}"
chmod 600 "${RKE2_CONFIG_FILE}" chmod 600 "${RKE2_CONFIG_FILE}"
} }
start_agent_if_possible() { disable_agent_until_manual_join() {
log "Leaving rke2-agent disabled until manual join"
systemctl daemon-reload systemctl daemon-reload
systemctl enable rke2-agent.service systemctl disable --now rke2-agent.service >/dev/null 2>&1 || true
if [[ "${START_RKE2}" != "true" ]]; then
warn "START_RKE2=false, leaving rke2-agent disabled from startup execution"
return
fi
if [[ -z "${SERVER_URL}" || -z "${RKE2_TOKEN}" ]]; then
warn "SERVER_URL and/or RKE2_TOKEN not set. Worker is prepared but not joined."
return
fi
log "Starting RKE2 agent"
systemctl restart rke2-agent.service
}
wait_for_agent() {
if [[ "${START_RKE2}" != "true" ]]; then
return
fi
if [[ -z "${SERVER_URL}" || -z "${RKE2_TOKEN}" ]]; then
return
fi
log "Waiting for rke2-agent service"
local waited=0
until systemctl is-active --quiet rke2-agent.service; do
sleep 5
waited=$((waited + 5))
if (( waited % 30 == 0 )); then
warn "rke2-agent not active yet; recent logs:"
journalctl -u rke2-agent -n 40 --no-pager || true
fi
if (( waited >= 600 )); then
journalctl -u rke2-agent -n 200 --no-pager || true
die "Timed out waiting for rke2-agent to become active"
fi
done
} }
print_summary() { print_summary() {
@ -249,31 +195,24 @@ print_summary() {
echo "RKE2 version: ${RKE2_VERSION}" echo "RKE2 version: ${RKE2_VERSION}"
echo "Config file: ${RKE2_CONFIG_FILE}" echo "Config file: ${RKE2_CONFIG_FILE}"
echo "Server URL: ${SERVER_URL:-<not set>}"
echo "Node name: ${WORKER_NODE_NAME:-<default hostname>}" echo "Node name: ${WORKER_NODE_NAME:-<default hostname>}"
echo echo
echo "This node has NOT joined the cluster yet."
if [[ -n "${SERVER_URL}" && -n "${RKE2_TOKEN}" && "${START_RKE2}" == "true" ]]; then echo
echo "Worker attempted automatic join." echo "Next steps:"
echo "Check from the master with:" echo "1. Edit ${RKE2_CONFIG_FILE}"
echo " /var/lib/rancher/rke2/bin/kubectl get nodes -o wide" echo "2. Set:"
echo echo " server: https://YOUR_MASTER_IP:9345"
echo "Local diagnostics:" echo " token: YOUR_NODE_TOKEN"
echo " sudo systemctl status rke2-agent --no-pager" if [[ -n "${WORKER_NODE_NAME}" ]]; then
echo " sudo journalctl -u rke2-agent -n 200 --no-pager" echo " node-name: ${WORKER_NODE_NAME}"
else
echo "Worker is installed and ready, but not joined yet."
echo
echo "To join later, set these in ${RKE2_CONFIG_FILE}:"
echo " server: https://YOUR_MASTER_IP:9345"
echo " token: YOUR_NODE_TOKEN"
if [[ -n "${WORKER_NODE_NAME}" ]]; then
echo " node-name: ${WORKER_NODE_NAME}"
fi
echo
echo "Then run:"
echo " sudo systemctl enable --now rke2-agent"
fi fi
echo "3. Start the agent:"
echo " sudo systemctl enable --now rke2-agent"
echo
echo "Check status:"
echo " sudo systemctl status rke2-agent --no-pager"
echo " sudo journalctl -u rke2-agent -n 200 --no-pager"
} }
main() { main() {
@ -284,9 +223,8 @@ main() {
configure_networkmanager configure_networkmanager
enable_support_services enable_support_services
install_rke2_agent install_rke2_agent
write_config_if_possible write_config_template
start_agent_if_possible disable_agent_until_manual_join
wait_for_agent
print_summary print_summary
} }