3-1 部署kubelet
1.1 集群规划#
| 主机名 | 角色 | IP地址 |
|---|---|---|
| pg60-31.k8s.host.com | kubelet | 10.20.60.31 |
| pg60-32.k8s.host.com | kubelet | 10.20.60.32 |
| pg60-33.k8s.host.com | kubelet | 10.20.60.33 |
1.2 下载和分发 kubelet 二进制文件#
参考(摘要):
- 《2-1. kubernetes环境准备》
shell> echo -e "DNS1=10.20.60.11\nDNS2=10.20.60.12" >> /etc/sysconfig/network-scripts/ifcfg-eth0
shell> systemctl restart network
shell> rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
shell> yum --enablerepo=elrepo-kernel install -y kernel-lt
shell> grub2-set-default 0
shell> echo 'PATH=/opt/etcd/bin:/opt/kubernetes/server/bin/:$PATH' >> /root/.bashrc
shell> reboot
- 《2-2.2 签发kubernetes ca证书》
shell> mkdir -p /etc/kubernetes/pki/
shell> ls -l /etc/kubernetes/pki/ca*.pem
- 《1-2. Docker安装部署》
- 《2-3.2 安装和配置kubectl》
shell> mkdir ~/.kube
shell> cp /usr/local/src/kubectl.kubeconfig ~/.kube/config
- 《2-3.3 部署kube-apiserver集群(systemd)》
shell> wget http://dlsw.91donkey.com/software/source/k8s/v1.18.2/kubernetes-server-linux-amd64.tar.gz
shell> tar zxf kubernetes-server-linux-amd64.tar.gz -C /opt/
shell> mkdir /opt/kubernetes/server/sbin
1.3 创建 kubelet bootstrap kubeconfig 文件#
shell> cat > kubelet-bootstrap.sh << "EOF"
#!/bin/bash -
node_name="pg60-31 pg60-32 pg60-33"
kubelet(){
# 创建 token
export BOOTSTRAP_TOKEN=$(kubeadm token create \
--description kubelet-bootstrap-token \
--groups system:bootstrappers:${node_name} \
--kubeconfig ~/.kube/config)
# 设置集群参数
kubectl config set-cluster kubernetes \
--certificate-authority=/etc/kubernetes/pki/ca.pem \
--embed-certs=true \
--server="https://10.20.60.10:6443" \
--kubeconfig=kubelet-bootstrap-${node_name}.kubeconfig
# 设置客户端认证参数
kubectl config set-credentials kubelet-bootstrap \
--token=${BOOTSTRAP_TOKEN} \
--kubeconfig=kubelet-bootstrap-${node_name}.kubeconfig
# 设置上下文参数
kubectl config set-context default \
--cluster=kubernetes \
--user=kubelet-bootstrap \
--kubeconfig=kubelet-bootstrap-${node_name}.kubeconfig
# 设置默认上下文
kubectl config use-context default --kubeconfig=kubelet-bootstrap-${node_name}.kubeconfig
}
for node_name in ${node_name}
do
kubelet
done
EOF
注意修改 node_name 字段
1.4 查看 kubeadm 为各节点创建的 token#
- token 有效期为 1 天,超期后将不能再被用来 bootstrap kubelet,且会被 kube-controller-manager 的 tokencleaner 清理。
1.5 分发 bootstrap kubeconfig 文件到所有 worker 节点#
shell> scp kubelet-bootstrap-pg60-32.kubeconfig root@${node_ip}:/etc/kubernetes/kubelet-bootstrap.kubeconfig
1.6 创建和分发 kubelet 参数配置文件#
- 创建配置文件
shell> cat > kubelet-config.yaml.template << EOF
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
address: "10.20.60.31"
staticPodPath: ""
syncFrequency: 1m
fileCheckFrequency: 20s
httpCheckFrequency: 20s
staticPodURL: ""
port: 10250
readOnlyPort: 0
rotateCertificates: true
serverTLSBootstrap: true
authentication:
anonymous:
enabled: false
webhook:
enabled: true
x509:
clientCAFile: "/etc/kubernetes/pki/ca.pem"
authorization:
mode: Webhook
registryPullQPS: 0
registryBurst: 20
eventRecordQPS: 0
eventBurst: 20
enableDebuggingHandlers: true
enableContentionProfiling: true
healthzPort: 10248
healthzBindAddress: "10.20.60.31"
clusterDomain: "cluster.local"
clusterDNS:
- "10.254.0.2"
// - "192.168.0.2"
nodeStatusUpdateFrequency: 10s
nodeStatusReportFrequency: 1m
imageMinimumGCAge: 2m
imageGCHighThresholdPercent: 85
imageGCLowThresholdPercent: 80
volumeStatsAggPeriod: 1m
kubeletCgroups: ""
systemCgroups: ""
cgroupRoot: ""
cgroupsPerQOS: true
cgroupDriver: cgroupfs
runtimeRequestTimeout: 10m
hairpinMode: promiscuous-bridge
maxPods: 220
podCIDR: "172.60.0.0/16"
podPidsLimit: -1
resolvConf: /etc/resolv.conf
maxOpenFiles: 1000000
kubeAPIQPS: 1000
kubeAPIBurst: 2000
serializeImagePulls: false
evictionHard:
memory.available: "100Mi"
nodefs.available: "10%"
nodefs.inodesFree: "5%"
imagefs.available: "15%"
evictionSoft: {}
enableControllerAttachDetach: true
failSwapOn: true
containerLogMaxSize: 20Mi
containerLogMaxFiles: 10
systemReserved: {}
kubeReserved: {}
systemReservedCgroup: ""
kubeReservedCgroup: ""
enforceNodeAllocatable: ["pods"]
EOF
注意根据不同服务器修改配置项
- 分发配置文件
shell> scp kubelet-config.yaml.template root@${node_ip}/etc/kubernetes/kubelet-config.yaml
1.7 创建和分发 kubelet systemd unit 文件#
- 创建
shell> cat > kubelet.service.template << "EOF"
[Unit]
Description=Kubernetes Kubelet
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=containerd.service
Requires=containerd.service
[Service]
ExecStart=/opt/kubernetes/server/bin/kubelet \
--bootstrap-kubeconfig=/etc/kubernetes/kubelet-bootstrap.kubeconfig \
--cgroup-driver=systemd \
--cert-dir=/etc/kubernetes/pki \
--root-dir=/export/kubernetes/kubelet \
--kubeconfig=/etc/kubernetes/kubelet.kubeconfig \
--config=/etc/kubernetes/kubelet-config.yaml \
--hostname-override=pg60-31 \
--image-pull-progress-deadline=15m \
--pod-infra-container-image=kubernetes/pause:latest \
// --pod-infra-container-image=ibmcom/pause:3.1 \
--volume-plugin-dir=/export/kubernetes/kubelet/kubelet-plugins/volume/exec/ \
--logtostderr=true \
--v=2
Restart=always
RestartSec=5
StartLimitInterval=0
[Install]
WantedBy=multi-user.target
EOF
注意根据不同服务器修改配置项
- 分发
shell> scp kubelet.service root@${node_ip}:/etc/systemd/system/kubelet.service
1.8 启动 kubelet 服务#
shell> mkdir -p /export/kubernetes/kubelet/kubelet-plugins/volume/exec/
shell> /usr/sbin/swapoff -a
shell> systemctl daemon-reload && systemctl enable kubelet && systemctl restart kubelet
1.9 查看 kubelet 情况#
所有节点均注册
分类:
Kubernetes
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 理解Rust引用及其生命周期标识(上)
· 浏览器原生「磁吸」效果!Anchor Positioning 锚点定位神器解析
· DeepSeek 开源周回顾「GitHub 热点速览」
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布:重大改进与新特性概览!
· AI与.NET技术实操系列(二):开始使用ML.NET
· 单线程的Redis速度为什么快?