下载地址:https://dl.k8s.io/v1.9.6/kubernetes-server-linux-amd64.tar.gzcd /tools/tar xf kubernetes-server-linux-amd64.tar.gz
(2)在跳板机上生成master证书
#cd /temp/sslcat >k8s-csr.Json <<EOF{ "CN": "kubernetes","hosts": [ "127.0.0.1","192.168.19.128","10.254.0.1","kubernetes","kubernetes.default","kubernetes.default.svc","kubernetes.default.svc.cluster","kubernetes.default.svc.cluster.local" ],"key": { "algo": "rsa","size": 2048 },"names": [ { "C": "CN","ST": "Hangzhou","L": "Hangzhou","O": "k8s","OU": "System" } ]}EOF生成证书:#cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.Json -profile=kubernetes k8s-csr.Json | cfsslJson -bare kubernetes #(3)配置和启动API-server
在跳板机上生成API-server的启动文件
cat > kube-APIserver.service <<EOF[Unit]Description=Kubernetes API Serverdocumentation=https://github.com/GoogleCloudplatform/kubernetesAfter=network.target[Service]ExecStart=/opt/kubernetes/bin/kube-APIserver --admission-control=namespacelifecycle,limitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota --advertise-address=192.168.19.128 --bind-address=192.168.19.128 --insecure-bind-address=127.0.0.1 --authorization-mode=RBAC --runtime-config=rbac.authorization.k8s.io/v1Alpha1 --kubelet-https=true --enable-bootstrap-token-auth=true --token-auth-file=/opt/kubernetes/ssl/token.csv --service-cluster-ip-range=10.254.0.0/16 --service-node-port-range=8400-9000 --tls-cert-file=/opt/kubernetes/ssl/kubernetes.pem --tls-private-key-file=/opt/kubernetes/ssl/kubernetes-key.pem --clIEnt-ca-file=/opt/kubernetes/ssl/ca.pem --service-account-key-file=/opt/kubernetes/ssl/ca-key.pem --etcd-cafile=/opt/kubernetes/ssl/ca.pem --etcd-certfile=/opt/kubernetes/ssl/kubernetes.pem --etcd-keyfile=/opt/kubernetes/ssl/kubernetes-key.pem --etcd-servers=https://192.168.19.128:2379,https://192.168.19.129:2379,https://192.168.19.130:2379 --enable-swagger-ui=true --allow-privileged=true --APIserver-count=3 --audit-log-maxage=30 --audit-log-maxbackup=3 --audit-log-maxsize=100 --audit-log-path=/var/lib/audit.log --event-ttl=1h --v=2Restart=on-failureRestartSec=5Type=notifylimitNOfile=65536[Install]WantedBy=multi-user.targetEOF
把master的组件,证书和私钥以及APIserver的启动文件发送master01上
ansible 192.168.19.128 -m copy -a ‘src=/tools/kubernetes/server/bin/kubectl dest=/opt/kubernetes/bin/kubectl mode=0755‘ansible 192.168.19.128 -m copy -a ‘src=/tools/kubernetes/server/bin/kube-APIserver dest=/opt/kubernetes/bin/kube-APIserver mode=0755‘ansible 192.168.19.128 -m copy -a ‘src=/tools/kubernetes/server/bin/kube-controller-manager dest=/opt/kubernetes/bin/kube-controller-manager mode=0755‘ansible 192.168.19.128 -m copy -a ‘src=/tools/kubernetes/server/bin/kube-scheduler dest=/opt/kubernetes/bin/kube-scheduler mode=0755‘ansible 192.168.19.128 -m copy -a ‘src=kubernetes-key.pem dest=/opt/kubernetes/ssl/kubernetes-key.pem‘ansible 192.168.19.128 -m copy -a ‘src=kubernetes.pem dest=/opt/kubernetes/ssl/kubernetes.pem‘ansible 192.168.19.128 -m copy -a ‘src=kube-APIserver.service dest=/usr/lib/systemd/system/kube-APIserver.service‘
启动APIserver
systemctl daemon-reloadsystemctl start kube-APIserversystemctl enable kube-APIserversystemctl status API-server
#(4)配置和启动kube-controller-manager
生成kube-controller-manager的启动服务文件
cat >kube-controller-manager.service<<EOF[Unit]Description=Kubernetes Controller Managerdocumentation=https://github.com/GoogleCloudplatform/kubernetes[Service]ExecStart=/opt/kubernetes/bin/kube-controller-manager --address=127.0.0.1 --master=http://127.0.0.1:8080 --allocate-node-cIDrs=true --service-cluster-ip-range=10.254.0.0/16 --cluster-cIDr=172.30.0.0/16 --cluster-name=kubernetes --cluster-signing-cert-file=/opt/kubernetes/ssl/ca.pem --cluster-signing-key-file=/opt/kubernetes/ssl/ca-key.pem --service-account-private-key-file=/opt/kubernetes/ssl/ca-key.pem --root-ca-file=/opt/kubernetes/ssl/ca.pem --leader-elect=true --v=2Restart=on-failureRestartSec=5[Install]WantedBy=multi-user.targetEOF
把启动服务文件发送到master
ansible 192.168.19.128 -m copy -a ‘src=kube-controller-manager.service dest=/usr/lib/systemd/system/kube-controller-manager.service‘
在master01上启动kube-controller-manager服务
systemctl daemon-reloadsystemctl start kube-controller-managersystemctl enable kube-controller-managersystemctl status kube-controller-manager
#(5)配置和启动kube-scheduler
生成kube-scheduler服务配置文件
cat >kube-scheduler.service <<EOF[Unit]Description=Kubernetes Schedulerdocumentation=https://github.com/GoogleCloudplatform/kubernetes[Service]ExecStart=/opt/kubernetes/bin/kube-scheduler --address=127.0.0.1 --master=http://127.0.0.1:8080 --leader-elect=true --v=2Restart=on-failureRestartSec=5[Install]WantedBy=multi-user.targetEOF
发送给master01
ansible 192.168.19.128 -m copy -a ‘src=kube-scheduler.service dest=/usr/lib/systemd/system/kube-scheduler.service‘
启动kube-scheduler
systemctl daemon-reloadsystemctl start kube-schedulersystemctl enable kube-schedulersystemctl status kube-scheduler
#(6)验证
以上是内存溢出为你收集整理的(四)部署master组件全部内容,希望文章能够帮你解决(四)部署master组件所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)