K8S 多master扩展

 

 

 

一、master01 10.192.27.100 拷到master02 10.192.27.114

 #拷贝master安装目录
[root@master01 ~]# scp -r /opt/kubernetes root@10.192.27.114:/opt 
#拷贝master节点三个组件启动文件
[root@master01 ~]# scp -r /usr/lib/systemd/system/{kube-apiserver,kube-controller-manager,kube-scheduler}.service  root@10.192.27.114:/usr/lib/systemd/system/
#拷贝etcd的证书文件SSL
[root@master01 ~]# scp -r /opt/etcd root@10.192.27.114:/opt

 

 

 

二、master02 节点上进行配置

master主节点安装目录结构

[root@master02 kubernetes]# tree
.
├── bin
│   ├── kube-apiserver
│   ├── kube-controller-manager
│   ├── kubectl
│   └── kube-scheduler
├── cfg
│   ├── kube-apiserver
│   ├── kube-controller-manager
│   ├── kube-scheduler
│   └── token.csv
└── ssl
    ├── ca-key.pem
    ├── ca.pem
    ├── server-key.pem
    └── server.pem

 

 

修改配置文件IP

[root@master02 ~]# cd /opt/kubernetes/cfg/  
[root@master02 cfg]# ls
kube-apiserver  kube-controller-manager  kube-scheduler  token.csv
[root@master02 cfg]# vi kube-apiserver  #修改配置文件IP
KUBE_APISERVER_OPTS="--logtostderr=true \
--v=4 \
--etcd-servers=https://10.192.27.100:2379,https://192.168.1.17:2379,https://192.168.1.18:2379 \
--bind-address=10.192.27.114 \
--secure-port=6443 \
--advertise-address=10.192.27.114 \
--allow-privileged=true \
--service-cluster-ip-range=10.0.0.0/24 \
--enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,ResourceQuota,NodeRestriction \
--authorization-mode=RBAC,Node \
--kubelet-https=true \
--enable-bootstrap-token-auth \
--token-auth-file=/opt/kubernetes/cfg/token.csv \
--service-node-port-range=30000-50000 \
--tls-cert-file=/opt/kubernetes/ssl/server.pem  \
--tls-private-key-file=/opt/kubernetes/ssl/server-key.pem \
--client-ca-file=/opt/kubernetes/ssl/ca.pem \
--service-account-key-file=/opt/kubernetes/ssl/ca-key.pem \
--etcd-cafile=/opt/etcd/ssl/ca.pem \
--etcd-certfile=/opt/etcd/ssl/server.pem \
--etcd-keyfile=/opt/etcd/ssl/server-key.pem"

 

启动服务  如果出现问题要同步一下时间 ntpdate time.windows.com 或者ntp服务器

[root@master02 cfg]# systemctl start kube-apiserver
[root@master02 cfg]# systemctl start kube-controller-manager
[root@master02 cfg]# systemctl start kube-scheduler
[root@master02 ~]# ps -ef | grep kube
root      10333      1  5 10:37 ?        00:00:24 /opt/kubernetes/bin/kube-apiserver --logtostderr=true --v=4 --etcd-servers=https://10.192.27.100:2379,https://10.192.27.115:2379,https://10.192.27.116:2379 --bind-address=10.192.27.114 --secure-port=6443 --advertise-address=10.192.27.114 --allow-privileged=true --service-cluster-ip-range=10.0.0.0/24 --enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,ResourceQuota,NodeRestriction --authorization-mode=RBAC,Node --kubelet-https=true --enable-bootstrap-token-auth --token-auth-file=/opt/kubernetes/cfg/token.csv --service-node-port-range=30000-50000 --tls-cert-file=/opt/kubernetes/ssl/server.pem --tls-private-key-file=/opt/kubernetes/ssl/server-key.pem --client-ca-file=/opt/kubernetes/ssl/ca.pem --service-account-key-file=/opt/kubernetes/ssl/ca-key.pem --etcd-cafile=/opt/etcd/ssl/ca.pem --etcd-certfile=/opt/etcd/ssl/server.pem --etcd-keyfile=/opt/etcd/ssl/server-key.pem
root      10412      1  0 10:38 ?        00:00:01 /opt/kubernetes/bin/kube-controller-manager --logtostderr=true --v=4 --master=127.0.0.1:8080 --leader-elect=true --address=127.0.0.1 --service-cluster-ip-range=10.0.0.0/24 --cluster-name=kubernetes --cluster-signing-cert-file=/opt/kubernetes/ssl/ca.pem --cluster-signing-key-file=/opt/kubernetes/ssl/ca-key.pem --root-ca-file=/opt/kubernetes/ssl/ca.pem --service-account-private-key-file=/opt/kubernetes/ssl/ca-key.pem --experimental-cluster-signing-duration=87600h0m0s
root      10456      1  0 10:38 ?        00:00:03 /opt/kubernetes/bin/kube-scheduler --logtostderr=true --v=4 --master=127.0.0.1:8080 --leader-elect
root      10721  10100  0 10:45 pts/1    00:00:00 grep --color=auto kube

 

 

设置开机自启

[root@master02 ~]#  systemctl enable kube-apiserver
[root@master02 ~]#  systemctl enable kube-scheduler
[root@master02 ~]#  systemctl enable kube-controller-manager
[root@master02 ~]#

 

 

检验一下

[root@master02 ~]# vim /etc/profile
[root@master02 ~]# source /etc/profile
[root@master02 ~]# kubectl get node
NAME            STATUS   ROLES    AGE   VERSION
10.192.27.115   Ready    <none>   19h   v1.13.0
10.192.27.116   Ready    <none>   19h   v1.13.0
[root@master02 ~]# kubectl get cs
NAME                 STATUS    MESSAGE             ERROR
scheduler            Healthy   ok                  
controller-manager   Healthy   ok                  
etcd-2               Healthy   {"health":"true"}   
etcd-1               Healthy   {"health":"true"}   
etcd-0               Healthy   {"health":"true"}   
[root@master02 ~]#

 

posted @ 2019-11-12 09:32  冥想心灵  阅读(43)  评论(0编辑  收藏  举报