• k8s记录-master组件部署(八)


    在 192.168.0.1 app 用户下执行
    1)程序准备
    tar zxvf kubernetes-server-linux-amd64.tar.gz
    mv kubernetes/server/bin/{kube-apiserver,kube-scheduler,kube-controller-
    manager,kubectl} kubernetes/bin
    2) 拷贝 CA 证书
    cp *pem kubernetes/ssl/
    3)创建 TLS Bootstrapping Token
    head -c 16 /dev/urandom | od -An -t x | tr -d ' '
    2366a641f656a0a025abb4aabda4511b
    vim /data/projects/common/kubernetes/cfg/token.csv(填入上面生成的数字)
    2366a641f656a0a025abb4aabda4511b,kubelet-bootstrap,10001,"system:kubelet-bootstrap"
    4) apiserver 服务配置
    a.修改配置
    kubernetes/cfg/kube-apiserver

    #!/bin/bash
    ETCD_HOME=etcd
    ETCD01_IP=192.168.0.1
    ETCD02_IP=192.168.0.2
    ETCD03_IP=192.168.0.3
    KUBE_HOME=kubernetes
    CLUSTER_IP="10.1.0.0/24"
    KUBE_API_ARGS="--logtostderr=true 
    --v=4 
    --etcd-servers=https://$ETCD01_IP:2379,https://$ETCD02_IP:2379,https://$ETCD03_IP:2379 
    --bind-address=0.0.0.0 
    --secure-port=6443 \
    --insecure-bind-address=0.0.0.0 
    --insecure-port=8080 
    --advertise-address=$ETCD_IP 
    --allow-privileged=true 
    --service-cluster-ip-range=$CLUSTER_IP 
    --admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota,NodeRestriction 
    --authorization-mode=RBAC,Node 
    --enable-bootstrap-token-auth 
    --token-auth-file=$KUBE_HOME/cfg/token.csv 
    --service-node-port-range=30000-50000 
    --tls-cert-file=$KUBE_HOME/ssl/server.pem 
    --tls-private-key-file=$KUBE_HOME/ssl/server-key.pem 
    --client-ca-file=$KUBE_HOME/ssl/ca.pem 
    --service-account-key-file=$KUBE_HOME/ssl/ca-key.pem 
    --etcd-cafile=$ETCD_HOME/ssl/ca.pem 
    --etcd-certfile=$ETCD_HOME/ssl/server.pem 
    --etcd-keyfile=$ETCD_HOME/ssl/server-key.pem"

    b.开启与停止服务
    #开启服务

    #!/bin/bash
    export KUBE_HOME=kubernetes
    source $KUBE_HOME/cfg/kube-apiserver
    nohup $KUBE_HOME/bin/kube-apiserver $KUBE_API_ARGS &

    #停止服务

    #!/bin/bash
    kill -9 ` ps -ef | grep kube-apiserver | grep -v grep | awk '{print $2}'`

    5)scheduler 服务配置
    kubernetes/kube-scheduler

    #!/bin/bash
    KUBE_IP=192.168.0.1
    KUBE_SCHEDULER_ARGS="--address=127.0.0.1 --logtostderr=true --v=4 --master=$KUBE_IP:8080 --leader-elect"

    b.开启与停止服务
    #开启服务

    #!/bin/bash
    KUBE_HOME=kubernetes
    source $KUBE_HOME/cfg/kube-scheduler
    nohup $KUBE_HOME/bin/kube-scheduler $KUBE_SCHEDULER_ARGS &

    #停止服务

    #!/bin/bash
    kill -9 ` ps -ef | grep kube-scheduler | grep -v grep | awk '{print $2}'`

    6)controller-manager 服务配置
    kubernetes/kube-controller-manager

    #!/bin/bash
    KUBE_HOME=/data/projects/common/kubernetes
    KUBE_IP=192.168.0.1
    CLUSTER_IP="10.1.0.0/24"
    
    KUBE_CONTROLLER_MANAGER_ARGS="--logtostderr=true 
    --v=4 
    --master=$KUBE_IP:8080 
    --leader-elect=true 
    --address=127.0.0.1 
    --service-cluster-ip-range=$CLUSTER_IP 
    --cluster-name=kubernetes 
    --cluster-signing-cert-file=$KUBE_HOME/ssl/ca.pem 
    --cluster-signing-key-file=$KUBE_HOME/ssl/ca-key.pem 
    --root-ca-file=$KUBE_HOME/ssl/ca.pem 
    --service-account-private-key-file=$KUBE_HOME/ssl/ca-key.pem"

    b.开启与停止服务
    #开启服务

    #!/bin/bash
    KUBE_HOME=kubernetes
    source $KUBE_HOME/cfg/kube-controller-manager
    nohup $KUBE_HOME/bin/kube-controller-manager $KUBE_CONTROLLER_MANAGER_ARGS &

    #停止服务

    #!/bin/bash
    kill -9 ` ps -ef | grep kube-controller-manager | grep -v grep | awk '{print $2}'`

    7)验证组件
    kubernetes/bin/kubectl get cs

  • 相关阅读:
    Solr4.7+Tomcat7.0配置
    Solr suggest 搜索建议功能 配置问题
    Solr 通过经纬度指定范围搜索
    Quartz.net 实例
    log4net简单实例
    依赖注入(Autofac)
    设计模式_状态模式_C#
    C# XML操作
    策略模式_C#_设计模式
    STM32随记
  • 原文地址:https://www.cnblogs.com/xinfang520/p/11698195.html
Copyright © 2020-2023  润新知