• kubernetes容器集群管理部署master节点组件


    集群部署获取k8s二进制包

    [root@master ~]# wget https://dl.k8s.io/v1.15.0/kubernetes-server-linux-amd64.tar.gz
    [root@master ~]# ls
    kubernetes-server-linux-amd64.tar.gz
    [root@master ~]# mkdir master
    [root@master ~]# mv kubernetes-server-linux-amd64.tar.tar master/
    [root@master ~]# cd master/
    [root@master master]# tar -zxf kubernetes-server-linux-amd64.tar.gz
    [root@master master]# ls
    kubernetes  kubernetes-server-linux-amd64.tar.gz
    [root@master master]# cd /root/master/kubernetes/server/bin
    [root@master bin]# pwd
    /root/master/kubernetes/server/bin
    [root@master bin]# ls
    apiextensions-apiserver              kube-controller-manager.tar
    cloud-controller-manager             kubectl
    cloud-controller-manager.docker_tag  kubelet
    cloud-controller-manager.tar         kube-proxy
    hyperkube                            kube-proxy.docker_tag
    kubeadm                              kube-proxy.tar
    kube-apiserver                       kube-scheduler
    kube-apiserver.docker_tag            kube-scheduler.docker_tag
    kube-apiserver.tar                   kube-scheduler.tar
    kube-controller-manager              mounter
    kube-controller-manager.docker_tag
    [root@master bin]# cp kube-controller-manager kube-scheduler kube-apiserver /opt/kubernetes/bin/
    [root@master bin]# chmod +x /opt/kubernetes/bin/*
    [root@master bin]# ls /opt/kubernetes/bin/
    etcd     flanneld        kube-controller-manager  kube-scheduler
    etcdctl  kube-apiserver  kubectl                  mk-docker-opts.sh
    [root@master bin]# cat apiserver.sh 
    #!/bin/bash
    
    MASTER_ADDRESS=${1:-"192.168.230.130"}
    ETCD_SERVERS=${2:-"http://127.0.0.01:2379"}
    
    cat <<EOF >/opt/kubernetes/cfg/kube-apiserver
    KUBE_APISERVER_OPTS="--logtostderr=true \
    --v=4 \
    --etcd-servers=${ETCD_SERVERS} \
    --insecure-bind-address=127.0.0.1 \
    --bind-address=${MASTER_ADDRESS} \
    --insecure-port=8080 \
    --secure-port=6443 \
    --advertise-address=${MASTER_ADDRESS} \
    --allow_privileged=true \
    --service-cluster-ip-range=10.10.10.0/24 \
    --admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota,NodeRestriction 
    --authorization-mode=RBAC,Node \
    --kubelet-https=true \
    --enable-bootstrap-token-auth \
    --token-auth-file=/opt/kubernetes/cfg/token.csv \
    --service-node-port-range=30000-50000 \
    --tls-cert-file=/opt/kubernetes/ssl/server.pem \
    --tls-private-key-file=/opt/kubernetes/ssl/server-key.pem \
    --client-ca-file=/opt/kubernetes/ssl/ca.pem \
    --service-account-key-file=/opt/kubernetes/ssl/ca-key.pem \
    --etcd-cafile=/opt/kubernetes/ssl/ca.pem \
    --etcd-certfile=/opt/kubernetes/ssl/server.pem \
    --etcd-keyfile=/opt/kubernetes/ssl/server-key.pem"
    EOF
    
    cat <<EOF >/usr/lib/systemd/system/kube-apiserver.service
    [Unit]
    Description=Kubernetes API Server
    Documentation=https://github.com/kubernetes/kubernetes
    
    [Service]
    EnvironmentFile=-/opt/kubernetes/cfg/kube-apiserver
    ExecStart=/opt/kubernetes/bin/kube-apiserver $KUBE_APISERVER_OPTS
    Restart=on-failure
    
    [Install]
    WantedBy=multi-user.target
    EOF
    
    systemctl daemon-reload
    systemctl enable kube-apiserver
    systemctl restart kube-apiserver
    [root@master bin]# sh apiserver.sh 192.168.238.130 https://192.168.238.130:2379,https://192.168.238.129:2379,https://192.168.238.128:2379
    Created symlink from /etc/systemd/system/multi-user.target.wants/kube-apiserver.service to /usr/lib/systemd/system/kube-apiserver.service.
    [root@master bin]# cat /opt/kubernetes/cfg/kube-apiserver
    KUBE_APISERVER_OPTS=“--logtostderr=true 
    --v=4 
    --etcd-servers=https://192.168.238.130:2379,https://192.168.238.129:2379,https://192.168.238.128:2379 
    --insecure-bind-address=127.0.0.1 
    --bind-address=192.168.238.130 
    --insecure-port=8080 
    --secure-port=6443 
    --advertise-address=192.168.238.130 
    --allow_privileged=true 
    --service-cluster-ip-range=10.10.10.0/24 
    --admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota,NodeRestriction --authorization-mode=RBAC,Node 
    --kubelet-https=true 
    --enable-bootstrap-token-auth 
    --token-auth-file=/opt/kubernetes/cfg/token.csv 
    --service-node-port-range=30000-50000 
    --tls-cert-file=/opt/kubernetes/ssl/server.pem 
    --tls-private-key-file=/opt/kubernetes/ssl/server-key.pem 
    --client-ca-file=/opt/kubernetes/ssl/ca.pem 
    --service-account-key-file=/opt/kubernetes/ssl/ca-key.pem 
    --etcd-cafile=/opt/kubernetes/ssl/ca.pem 
    --etcd-certfile=/opt/kubernetes/ssl/server.pem 
    --etcd-keyfile=/opt/kubernetes/ssl/server-key.pem"
    [root@master bin]# cat /usr/lib/systemd/system/kube-apiserver.service 
    [Unit]
    Description=Kubernetes API Server
    Documentation=https://github.com/kubernetes/kubernetes
    
    [Service]
    EnvironmentFile=-/opt/kubernetes/cfg/kube-apiserver
    ExecStart=/opt/kubernetes/bin/kube-apiserver $KUBE_APISERVER_OPTS
    Restart=on-failure
    
    [Install]
    WantedBy=multi-user.target
    [root@master bin]# cp /root/token.csv /opt/kubernetes/cfg/
    [root@master bin]# systemctl daemon-reload
    [root@master bin]# systemctl start kube-apiserver
    [root@master bin]# systemctl status kube-apiserver
    ● kube-apiserver.service - Kubernetes API Server
       Loaded: loaded (/usr/lib/systemd/system/kube-apiserver.service; enabled; vendor preset: disabled)
       Active: active (running) since Mon 2019-07-08 00:19:12 CST; 5s ago
         Docs: https://github.com/kubernetes/kubernetes
     Main PID: 9389 (kube-apiserver)
       Memory: 237.0M
       CGroup: /system.slice/kube-apiserver.service
               └─9389 /opt/kubernetes/bin/kube-apiserver --logtostderr=true --v=4 --etcd-servers=https://192.168.238.130:2379,https://...
    
    Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.303440    9389 wrap.go:42] GET /apis/rbac.authorization.k8s.io/v...40304]
    Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.306232    9389 wrap.go:42] POST /apis/rbac.authorization.k8s.io/...40304]
    Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.306446    9389 storage_rbac.go:208] created clusterrole.rbac.aut...o-edit
    Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.312507    9389 wrap.go:42] GET /apis/rbac.authorization.k8s.io/v...40304]
    Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.315463    9389 wrap.go:42] POST /apis/rbac.authorization.k8s.io/...40304]
    Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.315628    9389 storage_rbac.go:208] created clusterrole.rbac.aut...o-view
    Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.317279    9389 wrap.go:42] GET /apis/rbac.authorization.k8s.io/v...40304]
    Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.320248    9389 wrap.go:42] POST /apis/rbac.authorization.k8s.io/...40304]
    Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.320381    9389 storage_rbac.go:208] created clusterrole.rbac.aut...apster
    Jul 08 00:19:17 master kube-apiserver[9389]: I0708 00:19:17.321952    9389 wrap.go:42] GET /apis/rbac.authorization.k8s.io/v...40304]
    Hint: Some lines were ellipsized, use -l to show in full.
    
    [root@master bin]# cat controller-manager.sh 
    #!/bin/bash
    MASTER_ADDRESS=${1:-"127.0.0.1"}
    cat <<EOF >/opt/kubernetes/cfg/kube-controller-manager
    KUBE_CONTROLLER_MANAGER_OPTS="--logtostderr=true \
    --v=4 \
    --master=${MASTER_ADDRESS}:8080 \
    --leader-elect=true \
    --address=127.0.0.1 \
    --service-cluster-ip-range=10.10.10.0/24 \
    --cluster-name=kubernetes \
    --cluster-signing-cert-file=/opt/kubernetes/ssl/ca.pem \
    --cluster-signing-key-file=/opt/kubernetes/ssl/ca-key.pem \
    --service-account-private-key-file=/opt/kubernetes/ssl/ca-key.pem \
    --root-ca-file=/opt/kubernetes/ssl/ca.pem"
    EOF
    
    cat <<EOF >>/usr/lib/systemd/system/kube-controller-manager.service
    [Unit]
    Description=Kubernetes Controller Manager
    Documentation=https://github.com/kubernetes/kubernetes
    
    [Service]
    EnvironmentFile=-/opt/kubernetes/cfg/kube-controller-manager
    ExecStart=/opt/kubernetes/bin/kube-controller-manager $KUBE_CONTROLLER_MANAGER_OPTS
    Restart=on-failure
    [Install]
    WantedBy=multi-user.target
    EOF
    systemctl daemon-reload
    systemctl enable kube-controller-manager
    systemctl restart kube-controller-manager
    [root@master bin]# sh controller-manager.sh 127.0.0.1
    Created symlink from /etc/systemd/system/multi-user.target.wants/kube-controller-manager.service to /usr/lib/systemd/system/kube-controller-manager.service.
    [root@master bin]# systemctl status kube-controller-manager
    ● kube-controller-manager.service - Kubernetes Controller Manager
       Loaded: loaded (/usr/lib/systemd/system/kube-controller-manager.service; enabled; vendor preset: disabled)
       Active: active (running) since Mon 2019-07-08 01:11:38 CST; 52s ago
         Docs: https://github.com/kubernetes/kubernetes
     Main PID: 9647 (kube-controller)
       Memory: 125.4M
       CGroup: /system.slice/kube-controller-manager.service
               └─9647 /opt/kubernetes/bin/kube-controller-manager --logtostderr=true --v=4 --master=127.0.0.1:8080 --leader-elect=true...
    
    Jul 08 01:12:29 master kube-controller-manager[9647]: I0708 01:12:29.568788    9647 cronjob_controller.go:128] Found 0 jobs
    Jul 08 01:12:29 master kube-controller-manager[9647]: I0708 01:12:29.568802    9647 cronjob_controller.go:134] Found 0 groups
    Jul 08 01:12:29 master kube-controller-manager[9647]: I0708 01:12:29.795439    9647 reflector.go:160] Listing and watching *v...o:133
    Jul 08 01:12:29 master kube-controller-manager[9647]: E0708 01:12:29.796578    9647 reflector.go:125] k8s.io/client-go/inform...ource
    Jul 08 01:12:29 master kube-controller-manager[9647]: I0708 01:12:29.801372    9647 reflector.go:160] Listing and watching *v...o:133
    Jul 08 01:12:29 master kube-controller-manager[9647]: E0708 01:12:29.801927    9647 reflector.go:125] k8s.io/client-go/inform...s.io)
    Jul 08 01:12:30 master kube-controller-manager[9647]: I0708 01:12:30.797753    9647 reflector.go:160] Listing and watching *v...o:133
    Jul 08 01:12:30 master kube-controller-manager[9647]: E0708 01:12:30.798917    9647 reflector.go:125] k8s.io/client-go/inform...ource
    Jul 08 01:12:30 master kube-controller-manager[9647]: I0708 01:12:30.802656    9647 reflector.go:160] Listing and watching *v...o:133
    Jul 08 01:12:30 master kube-controller-manager[9647]: E0708 01:12:30.803446    9647 reflector.go:125] k8s.io/client-go/inform...s.io)
    Hint: Some lines were ellipsized, use -l to show in full.
    [root@master bin]# cat scheduler.sh 
    #!/bin/bash
    MASTER_ADDRESS=${1:-"127.0.0.1"}
    cat <<EOF >/opt/kubernetes/cfg/kube-scheduler
    KUBE_SCHEDULER_OPTS="--logtostderr=true \
    --v=4 \
    --master=${MASTER_ADDRESS}:8080 \
    --leader-elect"
    EOF
    
    cat <<EOF >/usr/lib/systemd/system/kube-scheduler.service
    [Unit]
    Description=Kubernetes Scheduler
    Documentation=https://github.com/kubernetes/kubernetes
    [Service]
    EnvironmentFile=-/opt/kubernetes/cfg/kube-scheduler
    ExecStart=/opt/kubernetes/bin/kube-scheduler $KUBE_SCHEDULER_OPTS
    Restart=on-failure
    [Install]
    WantedBy=multi-user.target
    EOF
    systemctl daemon-reload
    systemctl enable kube-scheduler
    systemctl restart kube-scheduler
    [root@master bin]# sh scheduler.sh 127.0.0.1
    Created symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /usr/lib/systemd/system/kube-scheduler.service.
    [root@master bin]# systemctl status kube-scheduler
    ● kube-scheduler.service - Kubernetes Scheduler
       Loaded: loaded (/usr/lib/systemd/system/kube-scheduler.service; enabled; vendor preset: disabled)
       Active: active (running) since Mon 2019-07-08 01:19:33 CST; 20s ago
         Docs: https://github.com/kubernetes/kubernetes
     Main PID: 9717 (kube-scheduler)
       Memory: 41.8M
       CGroup: /system.slice/kube-scheduler.service
               └─9717 /opt/kubernetes/bin/kube-scheduler --logtostderr=true --v=4 --master=127.0.0.1:8080 --leader-elect
    
    Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.039679    9717 shared_informer.go:176] caches populated
    Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.140505    9717 shared_informer.go:176] caches populated
    Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.241452    9717 shared_informer.go:176] caches populated
    Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.342335    9717 shared_informer.go:176] caches populated
    Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.443425    9717 shared_informer.go:176] caches populated
    Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.543503    9717 shared_informer.go:176] caches populated
    Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.643839    9717 shared_informer.go:176] caches populated
    Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.643976    9717 leaderelection.go:235] attempting to acquire lead...ler...
    Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.653106    9717 leaderelection.go:245] successfully acquired leas...eduler
    Jul 08 01:19:35 master kube-scheduler[9717]: I0708 01:19:35.754649    9717 shared_informer.go:176] caches populated
    Hint: Some lines were ellipsized, use -l to show in full.
    [root@master bin]# cat /opt/kubernetes/cfg/kube-controller-manager 
    KUBE_CONTROLLER_MANAGER_OPTS="--logtostderr=true 
    --v=4 
    --master=127.0.0.1:8080 
    --leader-elect=true 
    --address=127.0.0.1 
    --service-cluster-ip-range=10.10.10.0/24 
    --cluster-name=kubernetes 
    --cluster-signing-cert-file=/opt/kubernetes/ssl/ca.pem 
    --cluster-signing-key-file=/opt/kubernetes/ssl/ca-key.pem 
    --service-account-private-key-file=/opt/kubernetes/ssl/ca-key.pem 
    --root-ca-file=/opt/kubernetes/ssl/ca.pem"
    [root@master bin]# cat /opt/kubernetes/cfg/kube-scheduler 
    KUBE_SCHEDULER_OPTS="--logtostderr=true 
    --v=4 
    --master=127.0.0.1:8080 
    --leader-elect"
    查看状态
    [root@master bin]# kubectl get cs
    NAME                 STATUS    MESSAGE              ERROR
    scheduler            Healthy   ok                   
    controller-manager   Healthy   ok                   
    etcd-1               Healthy   {"health": "true"}   
    etcd-2               Healthy   {"health": "true"}   
    etcd-0               Healthy   {"health": "true"}  
    
    
  • 相关阅读:
    oracle中next_day()、last_day()函数解析
    Oracle数据库统一审核的启用测试与关闭
    20170722上课笔记
    20170721上课笔记
    20170720上课笔记
    20170719上课笔记
    20170718上课笔记
    20170717上课笔记
    《Linux系统基础》随堂笔记5
    《oracle的安装》
  • 原文地址:https://www.cnblogs.com/yinshoucheng-golden/p/11147886.html
Copyright © 2020-2023  润新知