Master节点部署
一、部署Kubernetes API服务部署
准备安装包
[root@linux-node1 ~]# cd /usr/local/src/kubernetes
[root@linux-node1 kubernetes]# pwd
/usr/local/src/kubernetes
[root@linux-node1 kubernetes]# ll
total
drwxr-xr-x root root Apr : addons
drwxr-xr-x root root Apr : client
drwxr-xr-x root root Apr : cluster
drwxr-xr-x root root Apr : docs
drwxr-xr-x root root Apr : examples
drwxr-xr-x root root Apr : hack
-rw-r--r-- root root Apr : kubernetes-src.tar.gz
-rw-r--r-- root root Apr : LICENSES
drwxr-xr-x root root Apr : node
-rw-r--r-- root root Apr : README.md
drwxr-xr-x root root Apr : server
drwxr-xr-x root root Apr : third_party
-rw-r--r-- root root Apr : version
[root@linux-node1 kubernetes]# cp server/bin/kube-apiserver /opt/kubernetes/bin/
[root@linux-node1 kubernetes]# cp server/bin/kube-controller-manager /opt/kubernetes/bin/
[root@linux-node1 kubernetes]# cp server/bin/kube-scheduler /opt/kubernetes/bin/
创建生成CSR的JSON配置文件
root@linux-node1 kubernetes]# cd /usr/local/src/ssl/
[root@linux-node1 ssl]# pwd
/usr/local/src/ssl
[root@linux-node1 ssl]# vim kubernetes-csr.json
{
"CN": "kubernetes",
"hosts": [
"127.0.0.1",
"192.168.56.11",
"10.1.0.1",
"kubernetes",
"kubernetes.default",
"kubernetes.default.svc",
"kubernetes.default.svc.cluster",
"kubernetes.default.svc.cluster.local"
],
"key": {
"algo": "rsa",
"size":
},
"names": [
{
"C": "CN",
"ST": "BeiJing",
"L": "BeiJing",
"O": "k8s",
"OU": "System"
}
]
}
生成kubernetes证书和私钥
[root@linux-node1 ssl]# cfssl gencert -ca=/opt/kubernetes/ssl/ca.pem \
-ca-key=/opt/kubernetes/ssl/ca-key.pem \
-config=/opt/kubernetes/ssl/ca-config.json \
-profile=kubernetes kubernetes-csr.json | cfssljson -bare kubernetes
// :: [INFO] generate received request
// :: [INFO] received CSR
// :: [INFO] generating key: rsa-
// :: [INFO] encoded CSR
// :: [INFO] signed certificate with serial number
// :: [WARNING] This certificate lacks a "hosts" field. This makes it unsuitable for
websites. For more information see the Baseline Requirements for the Issuance and Management
of Publicly-Trusted Certificates, v.1.1., from the CA/Browser Forum (https://cabforum.org);
specifically, section 10.2. ("Information Requirements"). [root@linux-node1 ssl]# cp kubernetes*.pem /opt/kubernetes/ssl/
[root@linux-node1 ssl]# scp kubernetes*.pem 192.168.56.12:/opt/kubernetes/ssl/
[root@linux-node1 ssl]# scp kubernetes*.pem 192.168.56.13:/opt/kubernetes/ssl/
创建kube-apiserver使用的客户端token文件
[root@linux-node1 ssl]# head -c /dev/urandom | od -An -t x | tr -d ' '
ad6d5bb607a186796d8861557df0d17f
[root@linux-node1 ssl]# vim /opt/kubernetes/ssl/bootstrap-token.csv
ad6d5bb607a186796d8861557df0d17f,kubelet-bootstrap,,"system:kubelet-bootstrap"
创建基础用户名/密码认证配置
[root@linux-node1 ssl]# vim /usr/lib/systemd/system/kube-apiserver.service
[Unit]
Description=Kubernetes API Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=network.target [Service]
ExecStart=/opt/kubernetes/bin/kube-apiserver \
--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota,NodeRestriction \
--bind-address=192.168.56.11 \
--insecure-bind-address=127.0.0.1 \
--authorization-mode=Node,RBAC \
--runtime-config=rbac.authorization.k8s.io/v1 \
--kubelet-https=true \
--anonymous-auth=false \
--basic-auth-file=/opt/kubernetes/ssl/basic-auth.csv \
--enable-bootstrap-token-auth \
--token-auth-file=/opt/kubernetes/ssl/bootstrap-token.csv \
--service-cluster-ip-range=10.1.0.0/ \
--service-node-port-range=- \
--tls-cert-file=/opt/kubernetes/ssl/kubernetes.pem \
--tls-private-key-file=/opt/kubernetes/ssl/kubernetes-key.pem \
--client-ca-file=/opt/kubernetes/ssl/ca.pem \
--service-account-key-file=/opt/kubernetes/ssl/ca-key.pem \
--etcd-cafile=/opt/kubernetes/ssl/ca.pem \
--etcd-certfile=/opt/kubernetes/ssl/kubernetes.pem \
--etcd-keyfile=/opt/kubernetes/ssl/kubernetes-key.pem \
--etcd-servers=https://192.168.56.11:2379,https://192.168.56.12:2379,https://192.168.56.13:2379 \
--enable-swagger-ui=true \
--allow-privileged=true \
--audit-log-maxage= \
--audit-log-maxbackup= \
--audit-log-maxsize= \
--audit-log-path=/opt/kubernetes/log/api-audit.log \
--event-ttl=1h \
--v= \
--logtostderr=false \
--log-dir=/opt/kubernetes/log
Restart=on-failure
RestartSec=
Type=notify
LimitNOFILE= [Install]
WantedBy=multi-user.target
启动API Server服务
[root@linux-node1 ssl]# systemctl daemon-reload
[root@linux-node1 ssl]# systemctl enable kube-apiserver
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-apiserver.service to /usr/lib/systemd/system/kube-apiserver.service.
[root@linux-node1 ssl]# systemctl start kube-apiserver
[root@linux-node1 ssl]# systemctl status kube-apiserver
[root@linux-node1 ssl]# netstat -nlpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 192.168.56.11: 0.0.0.0:* LISTEN /kube-apiserver
tcp 192.168.56.11: 0.0.0.0:* LISTEN /etcd
tcp 127.0.0.1: 0.0.0.0:* LISTEN /etcd
tcp 192.168.56.11: 0.0.0.0:* LISTEN /etcd
tcp 127.0.0.1: 0.0.0.0:* LISTEN /kube-apiserver
tcp 0.0.0.0: 0.0.0.0:* LISTEN /sshd
tcp 127.0.0.1: 0.0.0.0:* LISTEN /master
tcp6 ::: :::* LISTEN /sshd
tcp6 ::: :::* LISTEN /master
二、部署Controller Manager服务
设置Controller Manager配置
root@linux-node1 ssl]# vim /usr/lib/systemd/system/kube-controller-manager.service
[Unit]
Description=Kubernetes Controller Manager
Documentation=https://github.com/GoogleCloudPlatform/kubernetes [Service]
ExecStart=/opt/kubernetes/bin/kube-controller-manager \
--address=127.0.0.1 \
--master=http://127.0.0.1:8080 \
--allocate-node-cidrs=true \
--service-cluster-ip-range=10.1.0.0/ \
--cluster-cidr=10.2.0.0/ \
--cluster-name=kubernetes \
--cluster-signing-cert-file=/opt/kubernetes/ssl/ca.pem \
--cluster-signing-key-file=/opt/kubernetes/ssl/ca-key.pem \
--service-account-private-key-file=/opt/kubernetes/ssl/ca-key.pem \
--root-ca-file=/opt/kubernetes/ssl/ca.pem \
--leader-elect=true \
--v= \
--logtostderr=false \
--log-dir=/opt/kubernetes/log Restart=on-failure
RestartSec= [Install]
WantedBy=multi-user.target
启动Controller Manager
[root@linux-node1 ssl]# systemctl daemon-reload
[root@linux-node1 ssl]# systemctl enable kube-controller-manager
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-controller-manager.service to /usr/lib/systemd/system/kube-controller-manager.service.
[root@linux-node1 ssl]# systemctl start kube-controller-manager [root@linux-node1 ssl]# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 192.168.56.11: 0.0.0.0:* LISTEN /kube-apiserver
tcp 192.168.56.11: 0.0.0.0:* LISTEN /etcd
tcp 127.0.0.1: 0.0.0.0:* LISTEN /etcd
tcp 127.0.0.1: 0.0.0.0:* LISTEN /kube-controlle
tcp 192.168.56.11: 0.0.0.0:* LISTEN /etcd
tcp 127.0.0.1: 0.0.0.0:* LISTEN /kube-apiserver
tcp 0.0.0.0: 0.0.0.0:* LISTEN /sshd
tcp 127.0.0.1: 0.0.0.0:* LISTEN /master
tcp6 ::: :::* LISTEN /sshd
tcp6 ::: :::* LISTEN /master
三、部署Kubernetes Scheduler
配置Kubernetes Scheduler
[root@linux-node1 ssl]# vim /usr/lib/systemd/system/kube-scheduler.service
[Unit]
Description=Kubernetes Scheduler
Documentation=https://github.com/GoogleCloudPlatform/kubernetes [Service]
ExecStart=/opt/kubernetes/bin/kube-scheduler \
--address=127.0.0.1 \
--master=http://127.0.0.1:8080 \
--leader-elect=true \
--v= \
--logtostderr=false \
--log-dir=/opt/kubernetes/log Restart=on-failure
RestartSec= [Install]
WantedBy=multi-user.target
启动服务
[root@linux-node1 ssl]# systemctl daemon-reload
[root@linux-node1 ssl]# systemctl enable kube-scheduler
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /usr/lib/systemd/system/kube-scheduler.service.
[root@linux-node1 ssl]# systemctl start kube-scheduler
[root@linux-node1 ssl]# systemctl status kube-scheduler
四、部署kubectl 命令行工具
准备二进制命令包
[root@linux-node1 ssl]# cd /usr/local/src/kubernetes/client/bin
[root@linux-node1 bin]# pwd
/usr/local/src/kubernetes/client/bin
[root@linux-node1 bin]# cp kubectl /opt/kubernetes/bin/
创建admin证书签名请求
[root@linux-node1 bin]# cd /usr/local/src/ssl/
[root@linux-node1 ssl]# pwd
/usr/local/src/ssl
[root@linux-node1 ssl]# vim admin-csr.json
{
"CN": "admin",
"hosts": [],
"key": {
"algo": "rsa",
"size":
},
"names": [
{
"C": "CN",
"ST": "BeiJing",
"L": "BeiJing",
"O": "system:masters",
"OU": "System"
}
]
}
生成admin证书和私钥
[root@linux-node1 ssl]# cfssl gencert -ca=/opt/kubernetes/ssl/ca.pem \
-ca-key=/opt/kubernetes/ssl/ca-key.pem \
-config=/opt/kubernetes/ssl/ca-config.json \
-profile=kubernetes admin-csr.json | cfssljson -bare admin
// :: [INFO] generate received request
// :: [INFO] received CSR
// :: [INFO] generating key: rsa-
// :: [INFO] encoded CSR
// :: [INFO] signed certificate with serial number
// :: [WARNING] This certificate lacks a "hosts" field. This makes it unsuitable for
websites. For more information see the Baseline Requirements for the Issuance and Management
of Publicly-Trusted Certificates, v.1.1., from the CA/Browser Forum (https://cabforum.org);
specifically, section 10.2. ("Information Requirements").
[root@linux-node1 ssl]# ls -l admin*
-rw-r--r-- root root May : admin.csr
-rw-r--r-- root root May : admin-csr.json
-rw------- root root May : admin-key.pem
-rw-r--r-- root root May : admin.pem
[root@linux-node1 ssl]# cp admin*.pem /opt/kubernetes/ssl/
设置集群参数
[root@linux-node1 ssl]# kubectl config set-cluster kubernetes \
--certificate-authority=/opt/kubernetes/ssl/ca.pem \
--embed-certs=true \
--server=https://192.168.56.11:6443
Cluster "kubernetes" set.
设置客户端认证参数
[root@linux-node1 ssl]# kubectl config set-credentials admin \
--client-certificate=/opt/kubernetes/ssl/admin.pem \
--embed-certs=true \
--client-key=/opt/kubernetes/ssl/admin-key.pem
User "admin" set.
设置上下文参数
[root@linux-node1 ssl]# kubectl config set-context kubernetes \
--cluster=kubernetes \
--user=admin
Context "kubernetes" created.
设置默认上下文
[root@linux-node1 ssl]# kubectl config use-context kubernetes
Switched to context "kubernetes".
使用kubectl工具
[root@linux-node1 ssl]# cd ~
[root@linux-node1 ~]# cat .kube/config
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2akNDQXFhZ0F3SUJBZ0lVUVZ3ekpYS2VIS2g0UFlTYWlHRVg2bnVDZ0hZd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pURUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFVcHBibWN4RURBT0JnTlZCQWNUQjBKbAphVXBwYm1jeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByCmRXSmxjbTVsZEdWek1CNFhEVEU0TURVek1ERXlOVEl3TUZvWERUSXpNRFV5T1RFeU5USXdNRm93WlRFTE1Ba0cKQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFVcHBibWN4RURBT0JnTlZCQWNUQjBKbGFVcHBibWN4RERBSwpCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByZFdKbGNtNWxkR1Z6Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBb2RNVE1oMDBDMWJLZGo0eFRRUlEKVncyZmw3Q2ZSYW5jclJUQk96UGZxVVZrZEExMDB1TUtSMkliaWxERGVUZWx4bkZ5VXBkK25vaUxWb2gvWDZVUwpySGtoaTNWSnJVbGlBOU01RWJOdlpCMjJ4U1IrMTFoNUMvcXNjRmMrYkpmVk5lLy9xcXZRTkp6bTlVYStQakR3CkFic0pyZGwva2dxNFRKbEJGcHNUQmJsQnV6QTdId3ZkdFBiTmFSRXVPbVdaNVVmOGo2ckRlei9TbWFqWTBpTmkKbmZJaVJtQm1GanVSMTVJcDYzSTltMzZ2V0laa29GR3RnZnBmQ0hYbk5STndMc0ZaTTFUcXBtVGZjMnMxT21mTApERTZpSGQ4TXJIbldJa0hhdzRRTU9PSE5ETkxZQmFCREZKdER5UHJEVC9qc0RjRmhaNUxiaUI0b0FmOUZzVmVmCjN3SURBUUFCbzJZd1pEQU9CZ05WSFE4QkFmOEVCQU1DQVFZd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFqQWQKQmdOVkhRNEVGZ1FVQytEankrOG9ZT1dBRGpPUXVCRFBaWnErbEJNd0h3WURWUjBqQkJnd0ZvQVVDK0RqeSs4bwpZT1dBRGpPUXVCRFBaWnErbEJNd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFBT1hheFMrdGxwSGtad1ZaM3FMCkkweHFiYzIzUDdDSjh4aTBGSm9meVRZSW4yZmZOYkFobjdKN2cwT3NlMWZQN2ZkNmxHYWd0K09xVURDS3JNUEsKb1BuTWpSa0dneVl5MjFQOFNEUWhTTWNBTGlvRnF6Tmd5bGwzbHFQWVIyOEk4UWdjTjVUdTRla0picXVBcjRFQQoxYmNIWkx6dU8vNkk0cmgrSnVkUE4rTTVTZXAxNkhmNlFQSTNXeGtCSXZuL01ORVIyM2JYTk1sNHFyTTFlOTczCkV0Y1dlSGxQaytMTUdaUEJpanZHRm4yTldtUk9oUUJSVnJTSERVK1hCeXk1dFF3UkZndjV1Tm56SkRLT3k3Y3EKU2lpUGFEYkVhRDB0eFF1VlhhVldUTTJsb2sxb05RVGgrdGdPOVBFLzNtWkFCd0JPci9VWjQ5WFJBVzN5ZEcyOAptb2s9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://192.168.56.11:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: admin
name: kubernetes
current-context: kubernetes
kind: Config
preferences: {}
users:
- name: admin
user:
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQzVENDQXNXZ0F3SUJBZ0lVS0JLOW96SUhHakdESWZESjBzdVhBejY1UEJFd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pURUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFVcHBibWN4RURBT0JnTlZCQWNUQjBKbAphVXBwYm1jeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByCmRXSmxjbTVsZEdWek1CNFhEVEU0TURVek1UQTJORGd3TUZvWERURTVNRFV6TVRBMk5EZ3dNRm93YXpFTE1Ba0cKQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFVcHBibWN4RURBT0JnTlZCQWNUQjBKbGFVcHBibWN4RnpBVgpCZ05WQkFvVERuTjVjM1JsYlRwdFlYTjBaWEp6TVE4d0RRWURWUVFMRXdaVGVYTjBaVzB4RGpBTUJnTlZCQU1UCkJXRmtiV2x1TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF1YVZBSjZxR25pZ2oKNHUvRU9CZWIveHVTNUNjZ0FLYnNjdmxEdkhkbUYvVDR0RkREN1VqL3RYdkpyN1h2Wm5hSlVyNDdaOWx1WG5pYgpxVDlTSUVEV2dzRkc5cXZOanplajk3d0VUS2NSQ0lyRC95dmM2Rys4bmVQdS9kdWl4bS9JZjBDQ0JRdDBtR2M3CmtpYjNzbm5waW51dkZrVzJPNkcrS2d5bWtmOFFlQWYzb3p0UlVrbkRuenVRMGtUSk9kQktmZk5BUS80RWI0VDEKTGpmbkJ5RmJSZnU4TTAveUtIaUlQNWRuTlk3SVUwaGp5Y3JJTHY4S3FWNnlLYkVjcWtPNXhZNWo4VHV4VlJOawpzUGhlVzczRTBQWHFWZGF3NUdhYkVId2FDcG93aUVRZDZwUW8zZjNhYytWZ2p6L1FLeEMxdDFCcFRoaEk5STdLCmxHY0VBZldZK3dJREFRQUJvMzh3ZlRBT0JnTlZIUThCQWY4RUJBTUNCYUF3SFFZRFZSMGxCQll3RkFZSUt3WUIKQlFVSEF3RUdDQ3NHQVFVRkJ3TUNNQXdHQTFVZEV3RUIvd1FDTUFBd0hRWURWUjBPQkJZRUZOb2IvMnlVekh6bwowcmNCN2ZPUVlUdTdQVWNETUI4R0ExVWRJd1FZTUJhQUZBdmc0OHZ2S0dEbGdBNHprTGdRejJXYXZwUVRNQTBHCkNTcUdTSWIzRFFFQkN3VUFBNElCQVFBMU93QzFXWW9sRkVhU0hsT2JyUTU0VWFlNGZsaEJaLzBZRkhlTlJMQVgKZFgzbURRMmk0czhuUjZabkhMUFpsYmNLV1Q0QUVnYldvYi9tV25kQUFBeXRCaEdMb3JOdU0wMzlXRVFwS2hCUQpxMC8zczh6T05ScmdHYjA2ZFJ0UUdZS2NQN1BSbmNVeXpKUFJkM05QeTErSHdlQ3pvUVV4dENsNzJoM3JodTFyCkhtUUF6Z1QvSXhKaDluemZFYXZKcUxycmNYYXdHSVlRNGZESmUvR1FnTnF6ZTlFcjJ6dXhoSmwrT2V4K28rU0MKdkdxNE4wUmU2eDNaaEhOeUg3VncrMmhlTks2TTYvS1ZMSGJmZ05hc1pseXhqZm5ubUhGbHIvRm5oWk8vcW4xQgp1UmtONnVIck5pczFJRUxKNXNaZURhdXNYOFNFTjJEVG1Bd1hQbTQyVUR6YQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBdWFWQUo2cUduaWdqNHUvRU9CZWIveHVTNUNjZ0FLYnNjdmxEdkhkbUYvVDR0RkRECjdVai90WHZKcjdYdlpuYUpVcjQ3WjlsdVhuaWJxVDlTSUVEV2dzRkc5cXZOanplajk3d0VUS2NSQ0lyRC95dmMKNkcrOG5lUHUvZHVpeG0vSWYwQ0NCUXQwbUdjN2tpYjNzbm5waW51dkZrVzJPNkcrS2d5bWtmOFFlQWYzb3p0UgpVa25Ebnp1UTBrVEpPZEJLZmZOQVEvNEViNFQxTGpmbkJ5RmJSZnU4TTAveUtIaUlQNWRuTlk3SVUwaGp5Y3JJCkx2OEtxVjZ5S2JFY3FrTzV4WTVqOFR1eFZSTmtzUGhlVzczRTBQWHFWZGF3NUdhYkVId2FDcG93aUVRZDZwUW8KM2YzYWMrVmdqei9RS3hDMXQxQnBUaGhJOUk3S2xHY0VBZldZK3dJREFRQUJBb0lCQUNibXR1UFkrdTZIVU1YTQpJbHp5clpDdWtZQlhwb0FjZW0yNVIvVmxPN0tIZGRvckZuTlJtYXZJN2NGeEtXSmFNbnB4UEhlTmUzQTJhNy95CmNkNHFXQWo4UVVlTlJyemRGdkhocHpEOHpUZnlCQklqZWQ0SEZBb3Q2ald0NFpVZGRYRWM3bUhxUFp0MS9taW8KMjd5OWlTK29yVTdJZXVCU0MwdzZiR2twZnFUNEF3UEZqQXVWRzBjOWJpYVpwZFhCSmt6UUs4MDV1QmdlaVVTKwp0Z2haV3dqZ1RTWDZSRndEVG5IZ2wzT3htemhrb281MVI4QUZ6ODhsVHNWdHExVVpvVmViOGFoSzY1V2RPdEh5Ck90UEVsY0dhV1htT1BCVDNQY1puWDNCYmhpN0pzSVRhclMzZTlPWkIxeTdnUDlFaDBMKzM3eElFU0k1SUxBOUYKVFhML1dOa0NnWUVBMG9Nd3dqN1EybjhUd3dGMHdFWVh2dEZZbWtHZHBBWmZXVFFVa3JUcEtIVTJaZE90QUtXYgpZU0UyQmFFQ2duUFM2aXNtOXdRTmVTY2NuZW1qcHNDcDN3QllUdjBYS2FFZlMvMmhCRTI5MGhBOXNRWGdwdm1YCkRLcU5maGJJVTFXTU5kUytrZVRXc1FyaWl6M0FCYVpHbnpESVpNK0p3NUowczBhclE3K1JoUVVDZ1lFQTRjS0IKK2w5Z1ptZ25RWTc1dnZVZWg5OURIYzhmUFBvTlZNZndBNlFNR3Rhc2diOGI3L1Z3YVBUQS9HUHVOeThBOHg4WgpnNDhFbGVpd2d1UU14bnYwT0JDejhVVWNBMm94a1RHMWpOVmNMTjltcjRsck5LT2g3V2FHbk5vcmpqcGgzeUNhCjltTXpUUzNCWlBSTnVmb1JkNngwR0JHT0MxamhMRWtRKytNVkJmOENnWUJmdi81QWkvUFJQalhOMys2cnVmWDQKL0IyUjVFQ0FwOGxjdUp5VzhpU1BHMmxIdlpVV0V6MXVXMzNINTZsTmpzTWpjY2RDV1p5TE82Zi9oNUxCT1NiSwo0TXhKK1VJODFDVjVHZjdRQjFCTXFNaDJxVmE2ZkJJaFY3NE4yT3o3UXBFSXR5Q0xHWXd4Y09NRU5HMFA1TWFBCmg5N09RN3ZFc2V2VTAxTDQrTHlHeFFLQmdRQ2F3WmdTQm1GeHNjSC9PY0JQdTMzVFRDT1pBb3Q2WkRyUlBFRjIKYlhUeXpPZnlCUXhrb0k0UEZJQmFRekpmMTdQQjlUYXJMVlhLWVhqbU1PZmxBOEYwMFZaWWRMUndUdEp0b25LKwplTiszenVoNE9pNG9KbWR3OHBBaVk1ZnA1bkdDMzduNlhpUWpxdExnbm12TnFmTmhZdkV1TXBKNWl0TElaY25qCnNWV1BCd0tCZ0FRbUN5bHZYVEFIb3h0K1hTTWZiYytMREVDdUJOTitWRGttd29NWjVvZEkzQitvS291SXJZcnoKRnM3Tzk5c1NabnVJUzJ4ZWJ2V1JSOGY3V1NWZVA4a250M2w3KzUxYlc2YnpDRnN6Y21EL1JtS0diWk9jeWk1OApkanJrVU13WHZETzdId1hGUXkvZjFRSkJDQ0VHM2JBT1JFcCs5QVlXNWw4SWl6TWovNlhCCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
以上操作生成的配置文件
#如果其它节点需要使用kubectl把此文件拷贝过去即可,无需再执行以上操作
[root@linux-node1 ~]# ll .kube/config
-rw------- root root May : .kube/config
[root@linux-node1 ~]#
[root@linux-node1 ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd- Healthy {"health": "true"}
etcd- Healthy {"health": "true"}
etcd- Healthy {"health": "true"}
Master节点部署的更多相关文章
- Kubernetes集群部署之四Master节点部署
Kubernetes Master节点部署三个服务:kube-apiserver.kube-controller-manager.kube-scheduler和一个命令工具kubectl. Maste ...
- K8s集群部署(二)------ Master节点部署
Master节点要部署三个服务:API Server.Scheduler.Controller Manager. apiserver提供集群管理的REST API接口,包括认证授权.数据校验以 及集群 ...
- kubeadm高可用master节点部署文档
kubeadm的标准部署里,etcd和master都是单节点的. 但上生产,至少得高可用. etcd的高可用,用kubeadm微微扩散一下就可以. 但master却官方没有提及. 于是搜索了几篇文档, ...
- k8s集群之master节点部署
apiserver的部署 api-server的部署脚本 [root@mast-1 k8s]# cat apiserver.sh #!/bin/bash MASTER_ADDRESS=$1 主节点IP ...
- kubernetes master节点部署(三)
一.部署kubernetes api服务 1.1.准备软件包 [root@linux-node1 ~]# cd /usr/local/src/kubernetes [root@linux-node1 ...
- 二进制安装 kubernetes 1.12(三) - 部署 Master 节点组件
在Master节点部署组件 在部署Kubernetes之前一定要确保etcd.flannel.docker是正常工作的,否则先解决问题再继续. 创建 CA 证书 mkdir -p /iba/master ...
- 二进制部署1.23.4版本k8s集群-5-部署Master节点服务
1.安装Docker 在21.22.200三台机器上安装Docker.安装命令: 在21.22.200三台主机上部署Docker. ~]# curl -fsSL https://get.docker. ...
- 二、安装并配置Kubernetes Master节点
1. 安装配置Master节点上的Kubernetes服务 1.1 安装Master节点上的Kubernetes服务 yum -y install kubernetes 1.2 修改kube-apis ...
- 使用Kubeadm安装Kubernetes【单Master节点】
参考:Kubernetes官方文档 Kubernetes安装方案选择 Centos 7 配置科学上网 安装Calico网络插件 kubernetes-dashboard部署 Kubernetes ...
随机推荐
- Log4j(一):Log4j将日志信息写入数据库
前言 为了监听一些数据的采集等功能,需要随时监听设备的状态,所以需要运行的时候将日志打入到数据库中. 正文 第一步: 首先是jar包,由于我使用的是springboot,所以,在springboot- ...
- python pandas.DataFrame .loc,.iloc,.ix 用法
refer to: http://www.cnblogs.com/harvey888/p/6006200.html
- 使用Celery踩过的坑
为什么要使用celery Celery是一个使用Python开发的分布式任务调度模块,因此对于大量使用Python构建的系统,可以说是无缝衔接,使用起来很方便.Celery专注于实时处理任务,同时也支 ...
- poj3311 经典tsp问题
题目的大概意思就是一个人到一些城市送披萨,要求找到一条路径可以遍历每个城市后返回出发点,而且路径距离最短.最后输出最短距离就可以. 注意:每个城市可反复訪问多次. 因为题中明白说了两个城市间的直接可达 ...
- 使用UNetbootin制作U盘启动
制作Ubuntu系统启动U盘,可以用软碟通UltraISO,也能用UNetbootin这个软件. UNetbootin的好处是有windows客户端,也有Linux的客户端,也就是说可以很方便的在Li ...
- centos7上docker安装和使用教程
Docker 是一个创建和管理 Linux 容器的开源工具.容器就像是轻量级的虚拟机,并且可以以毫秒级的速度来启动或停止.Docker 帮助系统管理员和程序员在容器中开发应用程序,并且可以扩展到成千上 ...
- malloc/free与new/delete的不同及注意点
#include<iostream> using namespace std; class Obj{ public : Obj(){cout<<"Initializa ...
- 关于_WIN32_WINNT的含义
在使用一些新版本的API,或者控件的新特性(比如新版的ComCtl32.dll)的时候,你可能会得到“error C2065: undeclared identifier.“这个错误.原因是这些功能是 ...
- 对表空间 'USERS' 无权限
保存对表 "CHENGYU"."T_USER" 的更改时出现一个错误: 行 1: ORA-01950: 对表空间 'USERS' 无权限 更改用户的默认表空 ...
- TensorFlow计算图,张量,会话基础知识
import tensorflow as tf get_default_graph = "tensorflow_get_default_graph.png" # 当前默认的计算图 ...