集群部署获取k8s二进制包
[root@master ~]# wget https://dl.k8s.io/v1.15.0/kubernetes-server-linux-amd64.tar.gz
[root@master ~]# ls
kubernetes-server-linux-amd64.tar.gz
[root@master ~]# mkdir master
[root@master ~]# mv kubernetes-server-linux-amd64.tar.tar master/
[root@master ~]# cd master/
[root@master master]# tar -zxf kubernetes-server-linux-amd64.tar.gz
[root@master master]# ls
kubernetes kubernetes-server-linux-amd64.tar.gz
[root@master master]# cd /root/master/kubernetes/server/bin
[root@master bin]# pwd
/root/master/kubernetes/server/bin
[root@master bin]# ls
apiextensions-apiserver kube-controller-manager.tar
cloud-controller-manager kubectl
cloud-controller-manager.docker_tag kubelet
cloud-controller-manager.tar kube-proxy
hyperkube kube-proxy.docker_tag
kubeadm kube-proxy.tar
kube-apiserver kube-scheduler
kube-apiserver.docker_tag kube-scheduler.docker_tag
kube-apiserver.tar kube-scheduler.tar
kube-controller-manager mounter
kube-controller-manager.docker_tag
[root@master bin]# cp kube-controller-manager kube-scheduler kube-apiserver /opt/kubernetes/bin/
[root@master bin]# chmod +x /opt/kubernetes/bin/*
[root@master bin]# ls /opt/kubernetes/bin/
etcd flanneld kube-controller-manager kube-scheduler
etcdctl kube-apiserver kubectl mk-docker-opts.sh
[root@master bin]# cat apiserver.sh
#!/bin/bash
MASTER_ADDRESS=${1:-"192.168.230.130"}
ETCD_SERVERS=${2:-"http://127.0.0.01:2379"}
cat <<EOF >/opt/kubernetes/cfg/kube-apiserver
KUBE_APISERVER_OPTS="--logtostderr=true \
--v=4 \
--etcd-servers=${ETCD_SERVERS} \
--insecure-bind-address=127.0.0.1 \
--bind-address=${MASTER_ADDRESS} \
--insecure-port=8080 \
--secure-port=6443 \
--advertise-address=${MASTER_ADDRESS} \
--allow_privileged=true \
--service-cluster-ip-range=10.10.10.0/24 \
--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota,NodeRestriction
--authorization-mode=RBAC,Node \
--kubelet-https=true \
--enable-bootstrap-token-auth \
--token-auth-file=/opt/kubernetes/cfg/token.csv \
--service-node-port-range=30000-50000 \
--tls-cert-file=/opt/kubernetes/ssl/server.pem \
--tls-private-key-file=/opt/kubernetes/ssl/server-key.pem \
--client-ca-file=/opt/kubernetes/ssl/ca.pem \
--service-account-key-file=/opt/kubernetes/ssl/ca-key.pem \
--etcd-cafile=/opt/kubernetes/ssl/ca.pem \
--etcd-certfile=/opt/kubernetes/ssl/server.pem \
--etcd-keyfile=/opt/kubernetes/ssl/server-key.pem"
EOF
cat <<EOF >/usr/lib/systemd/system/kube-apiserver.service
[Unit]
Description=Kubernetes API Server
Documentation=https://github.com/kubernetes/kubernetes
[Service]
EnvironmentFile=-/opt/kubernetes/cfg/kube-apiserver
ExecStart=/opt/kubernetes/bin/kube-apiserver $KUBE_APISERVER_OPTS
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable kube-apiserver
systemctl restart kube-apiserver
[root@master bin]# sh apiserver.sh 192.168.238.130 https://192.168.238.130:2379,https://192.168.238.129:2379,https://192.168.238.128:2379
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-apiserver.service to /usr/lib/systemd/system/kube-apiserver.service.
[root@master bin]# cat /opt/kubernetes/cfg/kube-apiserver
KUBE_APISERVER_OPTS=“--logtostderr=true
--v=4
--etcd-servers=https://192.168.238.130:2379,https://192.168.238.129:2379,https://192.168.238.128:2379
--insecure-bind-address=127.0.0.1
--bind-address=192.168.238.130
--insecure-port=8080
--secure-port=6443
--advertise-address=192.168.238.130
--allow_privileged=true
--service-cluster-ip-range=10.10.10.0/24
--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota,NodeRestriction --authorization-mode=RBAC,Node
--kubelet-https=true
--enable-bootstrap-token-auth
--token-auth-file=/opt/kubernetes/cfg/token.csv
--service-node-port-range=30000-50000
--tls-cert-file=/opt/kubernetes/ssl/server.pem
--tls-private-key-file=/opt/kubernetes/ssl/server-key.pem
--client-ca-file=/opt/kubernetes/ssl/ca.pem
--service-account-key-file=/opt/kubernetes/ssl/ca-key.pem
--etcd-cafile=/opt/kubernetes/ssl/ca.pem
--etcd-certfile=/opt/kubernetes/ssl/server.pem
--etcd-keyfile=/opt/kubernetes/ssl/server-key.pem"
[root@master bin]# cat /usr/lib/systemd/system/kube-apiserver.service
[Unit]
Description=Kubernetes API Server
Documentation=https://github.com/kubernetes/kubernetes
[Service]
EnvironmentFile=-/opt/kubernetes/cfg/kube-apiserver
ExecStart=/opt/kubernetes/bin/kube-apiserver $KUBE_APISERVER_OPTS
Restart=on-failure
[Install]
WantedBy=multi-user.target
[root@master bin]# cp /root/token.csv /opt/kubernetes/cfg/
[root@master bin]# systemctl daemon-reload
[root@master bin]# systemctl start kube-apiserver
[root@master bin]# systemctl status kube-apiserver
● kube-apiserver.service - Kubernetes API Server
Loaded: loaded (/usr/lib/systemd/system/kube-apiserver.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2019-07-08 00:19:12 CST; 5s ago
Docs: https://github.com/kubernetes/kubernetes
Main PID: 9389 (kube-apiserver)
Memory: 237.0M
CGroup: /system.slice/kube-apiserver.service
└─9389 /opt/kubernetes/bin/kube-apiserver --logtostderr=true --v=4 --etcd-servers=https://192.168.238.130:2379,https://...
Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.303440 9389 wrap.go:42] GET /apis/rbac.authorization.k8s.io/v...40304]
Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.306232 9389 wrap.go:42] POST /apis/rbac.authorization.k8s.io/...40304]
Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.306446 9389 storage_rbac.go:208] created clusterrole.rbac.aut...o-edit
Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.312507 9389 wrap.go:42] GET /apis/rbac.authorization.k8s.io/v...40304]
Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.315463 9389 wrap.go:42] POST /apis/rbac.authorization.k8s.io/...40304]
Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.315628 9389 storage_rbac.go:208] created clusterrole.rbac.aut...o-view
Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.317279 9389 wrap.go:42] GET /apis/rbac.authorization.k8s.io/v...40304]
Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.320248 9389 wrap.go:42] POST /apis/rbac.authorization.k8s.io/...40304]
Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.320381 9389 storage_rbac.go:208] created clusterrole.rbac.aut...apster
Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.321952 9389 wrap.go:42] GET /apis/rbac.authorization.k8s.io/v...40304]
Hint: Some lines were ellipsized, use -l to show in full.
[root@master bin]# cat controller-manager.sh
#!/bin/bash
MASTER_ADDRESS=${1:-"127.0.0.1"}
cat <<EOF >/opt/kubernetes/cfg/kube-controller-manager
KUBE_CONTROLLER_MANAGER_OPTS="--logtostderr=true \
--v=4 \
--master=${MASTER_ADDRESS}:8080 \
--leader-elect=true \
--address=127.0.0.1 \
--service-cluster-ip-range=10.10.10.0/24 \
--cluster-name=kubernetes \
--cluster-signing-cert-file=/opt/kubernetes/ssl/ca.pem \
--cluster-signing-key-file=/opt/kubernetes/ssl/ca-key.pem \
--service-account-private-key-file=/opt/kubernetes/ssl/ca-key.pem \
--root-ca-file=/opt/kubernetes/ssl/ca.pem"
EOF
cat <<EOF >>/usr/lib/systemd/system/kube-controller-manager.service
[Unit]
Description=Kubernetes Controller Manager
Documentation=https://github.com/kubernetes/kubernetes
[Service]
EnvironmentFile=-/opt/kubernetes/cfg/kube-controller-manager
ExecStart=/opt/kubernetes/bin/kube-controller-manager $KUBE_CONTROLLER_MANAGER_OPTS
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable kube-controller-manager
systemctl restart kube-controller-manager
[root@master bin]# sh controller-manager.sh 127.0.0.1
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-controller-manager.service to /usr/lib/systemd/system/kube-controller-manager.service.
[root@master bin]# systemctl status kube-controller-manager
● kube-controller-manager.service - Kubernetes Controller Manager
Loaded: loaded (/usr/lib/systemd/system/kube-controller-manager.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2019-07-08 01:11:38 CST; 52s ago
Docs: https://github.com/kubernetes/kubernetes
Main PID: 9647 (kube-controller)
Memory: 125.4M
CGroup: /system.slice/kube-controller-manager.service
└─9647 /opt/kubernetes/bin/kube-controller-manager --logtostderr=true --v=4 --master=127.0.0.1:8080 --leader-elect=true...
Jul 08 01:12:29 master kube-controller-manager[9647]: I0708 01:12:29.568788 9647 cronjob_controller.go:128] Found 0 jobs
Jul 08 01:12:29 master kube-controller-manager[9647]: I0708 01:12:29.568802 9647 cronjob_controller.go:134] Found 0 groups
Jul 08 01:12:29 master kube-controller-manager[9647]: I0708 01:12:29.795439 9647 reflector.go:160] Listing and watching *v...o:133
Jul 08 01:12:29 master kube-controller-manager[9647]: E0708 01:12:29.796578 9647 reflector.go:125] k8s.io/client-go/inform...ource
Jul 08 01:12:29 master kube-controller-manager[9647]: I0708 01:12:29.801372 9647 reflector.go:160] Listing and watching *v...o:133
Jul 08 01:12:29 master kube-controller-manager[9647]: E0708 01:12:29.801927 9647 reflector.go:125] k8s.io/client-go/inform...s.io)
Jul 08 01:12:30 master kube-controller-manager[9647]: I0708 01:12:30.797753 9647 reflector.go:160] Listing and watching *v...o:133
Jul 08 01:12:30 master kube-controller-manager[9647]: E0708 01:12:30.798917 9647 reflector.go:125] k8s.io/client-go/inform...ource
Jul 08 01:12:30 master kube-controller-manager[9647]: I0708 01:12:30.802656 9647 reflector.go:160] Listing and watching *v...o:133
Jul 08 01:12:30 master kube-controller-manager[9647]: E0708 01:12:30.803446 9647 reflector.go:125] k8s.io/client-go/inform...s.io)
Hint: Some lines were ellipsized, use -l to show in full.
[root@master bin]# cat scheduler.sh
#!/bin/bash
MASTER_ADDRESS=${1:-"127.0.0.1"}
cat <<EOF >/opt/kubernetes/cfg/kube-scheduler
KUBE_SCHEDULER_OPTS="--logtostderr=true \
--v=4 \
--master=${MASTER_ADDRESS}:8080 \
--leader-elect"
EOF
cat <<EOF >/usr/lib/systemd/system/kube-scheduler.service
[Unit]
Description=Kubernetes Scheduler
Documentation=https://github.com/kubernetes/kubernetes
[Service]
EnvironmentFile=-/opt/kubernetes/cfg/kube-scheduler
ExecStart=/opt/kubernetes/bin/kube-scheduler $KUBE_SCHEDULER_OPTS
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable kube-scheduler
systemctl restart kube-scheduler
[root@master bin]# sh scheduler.sh 127.0.0.1
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /usr/lib/systemd/system/kube-scheduler.service.
[root@master bin]# systemctl status kube-scheduler
● kube-scheduler.service - Kubernetes Scheduler
Loaded: loaded (/usr/lib/systemd/system/kube-scheduler.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2019-07-08 01:19:33 CST; 20s ago
Docs: https://github.com/kubernetes/kubernetes
Main PID: 9717 (kube-scheduler)
Memory: 41.8M
CGroup: /system.slice/kube-scheduler.service
└─9717 /opt/kubernetes/bin/kube-scheduler --logtostderr=true --v=4 --master=127.0.0.1:8080 --leader-elect
Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.039679 9717 shared_informer.go:176] caches populated
Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.140505 9717 shared_informer.go:176] caches populated
Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.241452 9717 shared_informer.go:176] caches populated
Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.342335 9717 shared_informer.go:176] caches populated
Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.443425 9717 shared_informer.go:176] caches populated
Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.543503 9717 shared_informer.go:176] caches populated
Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.643839 9717 shared_informer.go:176] caches populated
Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.643976 9717 leaderelection.go:235] attempting to acquire lead...ler...
Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.653106 9717 leaderelection.go:245] successfully acquired leas...eduler
Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.754649 9717 shared_informer.go:176] caches populated
Hint: Some lines were ellipsized, use -l to show in full.
[root@master bin]# cat /opt/kubernetes/cfg/kube-controller-manager
KUBE_CONTROLLER_MANAGER_OPTS="--logtostderr=true
--v=4
--master=127.0.0.1:8080
--leader-elect=true
--address=127.0.0.1
--service-cluster-ip-range=10.10.10.0/24
--cluster-name=kubernetes
--cluster-signing-cert-file=/opt/kubernetes/ssl/ca.pem
--cluster-signing-key-file=/opt/kubernetes/ssl/ca-key.pem
--service-account-private-key-file=/opt/kubernetes/ssl/ca-key.pem
--root-ca-file=/opt/kubernetes/ssl/ca.pem"
[root@master bin]# cat /opt/kubernetes/cfg/kube-scheduler
KUBE_SCHEDULER_OPTS="--logtostderr=true
--v=4
--master=127.0.0.1:8080
--leader-elect"
查看状态
[root@master bin]# kubectl get cs
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-1 Healthy {"health": "true"}
etcd-2 Healthy {"health": "true"}
etcd-0 Healthy {"health": "true"}