Update worker_node_install.sh
This commit is contained in:
parent
789ae1117c
commit
35c66b6ad0
|
|
@ -2,7 +2,7 @@
|
||||||
set -Eeuo pipefail
|
set -Eeuo pipefail
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
# Arch Linux RKE2 Worker Node
|
# Arch Linux RKE2 Worker Node Prep
|
||||||
#
|
#
|
||||||
# What this script does:
|
# What this script does:
|
||||||
# - Disables swap
|
# - Disables swap
|
||||||
|
|
@ -11,27 +11,15 @@ set -Eeuo pipefail
|
||||||
# - Configures NetworkManager to ignore CNI interfaces
|
# - Configures NetworkManager to ignore CNI interfaces
|
||||||
# - Disables host nftables service to avoid breaking RKE2 service routing
|
# - Disables host nftables service to avoid breaking RKE2 service routing
|
||||||
# - Installs RKE2 agent pinned to the same version as the master
|
# - Installs RKE2 agent pinned to the same version as the master
|
||||||
# - Optionally joins the worker to the cluster automatically
|
# - Prepares the node for a later manual join
|
||||||
#
|
#
|
||||||
# Optional environment variables:
|
# Optional environment variables:
|
||||||
# RKE2_VERSION=v1.34.5+rke2r1
|
# RKE2_VERSION=v1.34.5+rke2r1
|
||||||
# SERVER_URL=https://10.28.24.17:9345
|
|
||||||
# RKE2_TOKEN=your-node-token
|
|
||||||
# WORKER_NODE_NAME=arch-kubernetes-worker1
|
# WORKER_NODE_NAME=arch-kubernetes-worker1
|
||||||
# START_RKE2=true
|
|
||||||
#
|
|
||||||
# Notes:
|
|
||||||
# - If SERVER_URL and RKE2_TOKEN are both set, the script will configure
|
|
||||||
# and start the worker automatically.
|
|
||||||
# - If they are not set, the script will install everything and stop after
|
|
||||||
# preparing the node.
|
|
||||||
########################################
|
########################################
|
||||||
|
|
||||||
RKE2_VERSION="${RKE2_VERSION:-v1.34.5+rke2r1}"
|
RKE2_VERSION="${RKE2_VERSION:-v1.34.5+rke2r1}"
|
||||||
SERVER_URL="${SERVER_URL:-}"
|
WORKER_NODE_NAME="${WORKER_NODE_NAME:-}"
|
||||||
RKE2_TOKEN="${RKE2_TOKEN:-}" # Get token from master sudo cat /var/lib/rancher/rke2/server/node-token
|
|
||||||
WORKER_NODE_NAME="${WORKER_NODE_NAME:-}" # Name the worker
|
|
||||||
START_RKE2="${START_RKE2:-true}"
|
|
||||||
|
|
||||||
RKE2_CONFIG_DIR="/etc/rancher/rke2"
|
RKE2_CONFIG_DIR="/etc/rancher/rke2"
|
||||||
RKE2_CONFIG_FILE="${RKE2_CONFIG_DIR}/config.yaml"
|
RKE2_CONFIG_FILE="${RKE2_CONFIG_DIR}/config.yaml"
|
||||||
|
|
@ -178,70 +166,28 @@ export PATH=$PATH:/var/lib/rancher/rke2/bin:/usr/local/bin
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
write_config_if_possible() {
|
write_config_template() {
|
||||||
log "Writing RKE2 agent config"
|
log "Writing worker config template"
|
||||||
|
|
||||||
{
|
{
|
||||||
if [[ -n "${SERVER_URL}" ]]; then
|
echo "# Fill these in before starting rke2-agent:"
|
||||||
echo "server: ${SERVER_URL}"
|
echo "# server: https://YOUR_MASTER_IP:9345"
|
||||||
fi
|
echo "# token: YOUR_NODE_TOKEN"
|
||||||
|
|
||||||
if [[ -n "${RKE2_TOKEN}" ]]; then
|
|
||||||
echo "token: ${RKE2_TOKEN}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ -n "${WORKER_NODE_NAME}" ]]; then
|
if [[ -n "${WORKER_NODE_NAME}" ]]; then
|
||||||
echo "node-name: ${WORKER_NODE_NAME}"
|
echo "node-name: ${WORKER_NODE_NAME}"
|
||||||
|
else
|
||||||
|
echo "# node-name: optional-custom-node-name"
|
||||||
fi
|
fi
|
||||||
} > "${RKE2_CONFIG_FILE}"
|
} > "${RKE2_CONFIG_FILE}"
|
||||||
|
|
||||||
chmod 600 "${RKE2_CONFIG_FILE}"
|
chmod 600 "${RKE2_CONFIG_FILE}"
|
||||||
}
|
}
|
||||||
|
|
||||||
start_agent_if_possible() {
|
disable_agent_until_manual_join() {
|
||||||
|
log "Leaving rke2-agent disabled until manual join"
|
||||||
|
|
||||||
systemctl daemon-reload
|
systemctl daemon-reload
|
||||||
systemctl enable rke2-agent.service
|
systemctl disable --now rke2-agent.service >/dev/null 2>&1 || true
|
||||||
|
|
||||||
if [[ "${START_RKE2}" != "true" ]]; then
|
|
||||||
warn "START_RKE2=false, leaving rke2-agent disabled from startup execution"
|
|
||||||
return
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ -z "${SERVER_URL}" || -z "${RKE2_TOKEN}" ]]; then
|
|
||||||
warn "SERVER_URL and/or RKE2_TOKEN not set. Worker is prepared but not joined."
|
|
||||||
return
|
|
||||||
fi
|
|
||||||
|
|
||||||
log "Starting RKE2 agent"
|
|
||||||
systemctl restart rke2-agent.service
|
|
||||||
}
|
|
||||||
|
|
||||||
wait_for_agent() {
|
|
||||||
if [[ "${START_RKE2}" != "true" ]]; then
|
|
||||||
return
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ -z "${SERVER_URL}" || -z "${RKE2_TOKEN}" ]]; then
|
|
||||||
return
|
|
||||||
fi
|
|
||||||
|
|
||||||
log "Waiting for rke2-agent service"
|
|
||||||
|
|
||||||
local waited=0
|
|
||||||
until systemctl is-active --quiet rke2-agent.service; do
|
|
||||||
sleep 5
|
|
||||||
waited=$((waited + 5))
|
|
||||||
|
|
||||||
if (( waited % 30 == 0 )); then
|
|
||||||
warn "rke2-agent not active yet; recent logs:"
|
|
||||||
journalctl -u rke2-agent -n 40 --no-pager || true
|
|
||||||
fi
|
|
||||||
|
|
||||||
if (( waited >= 600 )); then
|
|
||||||
journalctl -u rke2-agent -n 200 --no-pager || true
|
|
||||||
die "Timed out waiting for rke2-agent to become active"
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
}
|
}
|
||||||
|
|
||||||
print_summary() {
|
print_summary() {
|
||||||
|
|
@ -249,31 +195,24 @@ print_summary() {
|
||||||
|
|
||||||
echo "RKE2 version: ${RKE2_VERSION}"
|
echo "RKE2 version: ${RKE2_VERSION}"
|
||||||
echo "Config file: ${RKE2_CONFIG_FILE}"
|
echo "Config file: ${RKE2_CONFIG_FILE}"
|
||||||
echo "Server URL: ${SERVER_URL:-<not set>}"
|
|
||||||
echo "Node name: ${WORKER_NODE_NAME:-<default hostname>}"
|
echo "Node name: ${WORKER_NODE_NAME:-<default hostname>}"
|
||||||
echo
|
echo
|
||||||
|
echo "This node has NOT joined the cluster yet."
|
||||||
if [[ -n "${SERVER_URL}" && -n "${RKE2_TOKEN}" && "${START_RKE2}" == "true" ]]; then
|
echo
|
||||||
echo "Worker attempted automatic join."
|
echo "Next steps:"
|
||||||
echo "Check from the master with:"
|
echo "1. Edit ${RKE2_CONFIG_FILE}"
|
||||||
echo " /var/lib/rancher/rke2/bin/kubectl get nodes -o wide"
|
echo "2. Set:"
|
||||||
echo
|
echo " server: https://YOUR_MASTER_IP:9345"
|
||||||
echo "Local diagnostics:"
|
echo " token: YOUR_NODE_TOKEN"
|
||||||
echo " sudo systemctl status rke2-agent --no-pager"
|
if [[ -n "${WORKER_NODE_NAME}" ]]; then
|
||||||
echo " sudo journalctl -u rke2-agent -n 200 --no-pager"
|
echo " node-name: ${WORKER_NODE_NAME}"
|
||||||
else
|
|
||||||
echo "Worker is installed and ready, but not joined yet."
|
|
||||||
echo
|
|
||||||
echo "To join later, set these in ${RKE2_CONFIG_FILE}:"
|
|
||||||
echo " server: https://YOUR_MASTER_IP:9345"
|
|
||||||
echo " token: YOUR_NODE_TOKEN"
|
|
||||||
if [[ -n "${WORKER_NODE_NAME}" ]]; then
|
|
||||||
echo " node-name: ${WORKER_NODE_NAME}"
|
|
||||||
fi
|
|
||||||
echo
|
|
||||||
echo "Then run:"
|
|
||||||
echo " sudo systemctl enable --now rke2-agent"
|
|
||||||
fi
|
fi
|
||||||
|
echo "3. Start the agent:"
|
||||||
|
echo " sudo systemctl enable --now rke2-agent"
|
||||||
|
echo
|
||||||
|
echo "Check status:"
|
||||||
|
echo " sudo systemctl status rke2-agent --no-pager"
|
||||||
|
echo " sudo journalctl -u rke2-agent -n 200 --no-pager"
|
||||||
}
|
}
|
||||||
|
|
||||||
main() {
|
main() {
|
||||||
|
|
@ -284,9 +223,8 @@ main() {
|
||||||
configure_networkmanager
|
configure_networkmanager
|
||||||
enable_support_services
|
enable_support_services
|
||||||
install_rke2_agent
|
install_rke2_agent
|
||||||
write_config_if_possible
|
write_config_template
|
||||||
start_agent_if_possible
|
disable_agent_until_manual_join
|
||||||
wait_for_agent
|
|
||||||
print_summary
|
print_summary
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue