docker hub
github
Kubernetes - node节点初始化
2022-11-22
#!/bin/bash
function initUser(){
# 新建普通用户
users="hehe www"
for user in ${users}
do
id -u ${user}
if [[ $? -ne 0 ]];then
ssh_path=" /home/${user}/.ssh"
useradd ${user}
su - ${user}
mkdir -p -m 700 ${ssh_path}
curl https://xxx.oss-cn-hangzhou-internal.aliyuncs.com/k8s-init/${user} -o ${ssh_path}/authorized_keys
chmod 600 ${ssh_path}/authorized_keys
chown ${user}:${user} ${ssh_path} -R
fi
done
cat /etc/sudoers | grep ansible
if [[ $? -ne 0 ]];then
echo "%ansible ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
fi
}
function disableRootLogin(){
# 禁止root用户登录
cat /etc/ssh/sshd_config | grep "PermitRootLogin yes"
sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
systemctl reload sshd
}
function initSystem(){
# 开启资源增强
cat /etc/sysctl.conf | grep "kernel.rich_container_enable"
if [[ $? -ne 0 ]] ;then
echo kernel.rich_container_enable = 1 > /etc/sysctl.conf
sysctl -p
fi
}
function copyShare(){
ls /opt/share/tools/as.sh
if [[ $? -ne 0 ]];then
mkdir -p /usr/local/src/share
mount -t nfs 10.99.8.74:/opt/share /usr/local/src/share
sleep 1
cp -r /usr/local/src/share /opt/
sleep 5
umount -f /usr/local/src/share
fi
}
initSystem
copyShare
initUser
disableRootLogin