kubernetes集群之部署kube-scheduler组件
#创建csr请求
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | [root@master-1 work]# cat kube-scheduler-csr.json { "CN": "system:kube-scheduler", "hosts": [ "127.0.0.1", "192.168.10.28", "192.168.10.29", "192.168.10.30", "192.168.10.31" ], "key": { "algo": "rsa", "size": 2048 }, "names": [ { "C": "CN", "ST": "Hubei", "L": "Wuhan", "O": "system:kube-scheduler", "OU": "system" } ]} |
创建证书
1 2 3 4 5 6 7 8 9 10 | [root@master-1 work]# cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes kube-scheduler-csr.json | cfssljson -bare kube-scheduler2022/01/15 12:56:06 [INFO] generate received request2022/01/15 12:56:06 [INFO] received CSR2022/01/15 12:56:06 [INFO] generating key: rsa-20482022/01/15 12:56:06 [INFO] encoded CSR2022/01/15 12:56:06 [INFO] signed certificate with serial number 5900638746855926967450038250949563882303016254192022/01/15 12:56:06 [WARNING] This certificate lacks a "hosts" field. This makes it unsuitable forwebsites. For more information see the Baseline Requirements for the Issuance and Managementof Publicly-Trusted Certificates, v.1.1.6, from the CA/Browser Forum (https://cabforum.org);specifically, section 10.2.3 ("Information Requirements"). |
#创建kube-scheduler的kubeconfig
1.设置集群参数
1 2 3 4 5 6 7 8 9 | [root@master-1 work]# kubectl config set-cluster kubernetes --certificate-authority=ca.pem --embed-certs=true --server=https://192.168.10.29:6443 --kubeconfig=kube-scheduler.kubeconfigCluster "kubernetes" set.您在 /var/spool/mail/root 中有新邮件[root@master-1 work]# kubectl config set-credentials system:kube-scheduler --client-certificate=kube-scheduler.pem --client-key=kube-scheduler-key.pem --embed-certs=true --kubeconfig=kube-scheduler.kubeconfigUser "system:kube-scheduler" set.[root@master-1 work]# kubectl config set-context system:kube-scheduler --cluster=kubernetes --user=system:kube-scheduler --kubeconfig=kube-scheduler.kubeconfigContext "system:kube-scheduler" created.[root@master-1 work]# kubectl config use-context system:kube-scheduler --kubeconfig=kube-scheduler.kubeconfigSwitched to context "system:kube-scheduler". |
创建配置文件
1 2 3 4 5 6 7 8 9 | [root@master-1 work]# vim kube-scheduler.conf KUBE_SCHEDULER_OPTS="--address=127.0.0.1 \--kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig \--leader-elect=true \--alsologtostderr=true \--logtostderr=false \--log-dir=/var/log/kubernetes \--v=2" |
#创建服务启动文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | [root@master-1 work]# vim kube-scheduler.service[Unit]Description=Kubernetes SchedulerDocumentation=https://github.com/kubernetes/kubernetes[Service]EnvironmentFile=-/etc/kubernetes/kube-scheduler.confExecStart=/usr/local/bin/kube-scheduler $KUBE_SCHEDULER_OPTSRestart=on-failureRestartSec=5[Install]WantedBy=multi-user.target |
分发其他节点
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | [root@master-1 work]# cp kube-scheduler*.pem /etc/kubernetes/ssl/[root@master-1 work]# cp kube-scheduler.kubeconfig /etc/kubernetes/[root@master-1 work]# cp kube-scheduler.conf /etc/kubernetes/[root@master-1 work]# cp kube-scheduler.service /usr/lib/systemd/system/[root@master-1 work]# rsync -vaz kube-scheduler*.pem master-2:/etc/kubernetes/ssl/sending incremental file listkube-scheduler-key.pemkube-scheduler.pemsent 2,525 bytes received 54 bytes 1,719.33 bytes/sectotal size is 3,159 speedup is 1.22[root@master-1 work]# rsync -vaz kube-scheduler*.pem master-3:/etc/kubernetes/ssl/sending incremental file listkube-scheduler-key.pemkube-scheduler.pemsent 2,525 bytes received 54 bytes 5,158.00 bytes/sectotal size is 3,159 speedup is 1.22[root@master-1 work]# rsync -vaz kube-scheduler.kubeconfig kube-scheduler.conf master-2:/etc/kubernetes/sending incremental file listkube-scheduler.confkube-scheduler.kubeconfigsent 4,536 bytes received 54 bytes 9,180.00 bytes/sectotal size is 6,619 speedup is 1.44您在 /var/spool/mail/root 中有新邮件[root@master-1 work]# rsync -vaz kube-scheduler.kubeconfig kube-scheduler.conf master-3:/etc/kubernetes/sending incremental file listkube-scheduler.confkube-scheduler.kubeconfigsent 4,536 bytes received 54 bytes 9,180.00 bytes/sectotal size is 6,619 speedup is 1.44[root@master-1 work]# rsync -vaz kube-scheduler.service master-2:/usr/lib/systemd/system/sending incremental file listkube-scheduler.servicesent 305 bytes received 35 bytes 226.67 bytes/sectotal size is 292 speedup is 0.86[root@master-1 work]# rsync -vaz kube-scheduler.service master-3:/usr/lib/systemd/system/sending incremental file listkube-scheduler.servicesent 305 bytes received 35 bytes 680.00 bytes/sectotal size is 292 speedup is 0.86 |
启动
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | [root@master-1 work]# systemctl daemon-reload您在 /var/spool/mail/root 中有新邮件[root@master-1 work]# systemctl enable kube-schedulerCreated symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /usr/lib/systemd/system/kube-scheduler.service.[root@master-1 work]# systemctl start kube-scheduler[root@master-1 work]# systemctl status kube-scheduler● kube-scheduler.service - Kubernetes Scheduler Loaded: loaded (/usr/lib/systemd/system/kube-scheduler.service; enabled; vendor preset: disabled) Active: active (running) since 六 2022-01-15 13:11:15 CST; 11s ago Docs: https://github.com/kubernetes/kubernetes Main PID: 34356 (kube-scheduler) Tasks: 7 Memory: 15.1M CGroup: /system.slice/kube-scheduler.service └─34356 /usr/local/bin/kube-scheduler --address=127.0.0.1 --kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig --leader-elect=true --alsologtostderr=true --logtostderr=false --log-dir=/var/log/...1月 15 13:11:16 master-1 kube-scheduler[34356]: reserve: {}1月 15 13:11:16 master-1 kube-scheduler[34356]: score: {}1月 15 13:11:16 master-1 kube-scheduler[34356]: schedulerName: default-scheduler1月 15 13:11:16 master-1 kube-scheduler[34356]: ------------------------------------Configuration File Contents End Here---------------------------------1月 15 13:11:16 master-1 kube-scheduler[34356]: I0115 13:11:16.936434 34356 server.go:139] "Starting Kubernetes Scheduler" version="v1.23.0-rc.0"1月 15 13:11:16 master-1 kube-scheduler[34356]: I0115 13:11:16.941128 34356 tlsconfig.go:200] "Loaded serving cert" certName="Generated self signed cert" certDetail="\"localhost@1642223476\" [serving] va...1月 15 13:11:16 master-1 kube-scheduler[34356]: I0115 13:11:16.941256 34356 named_certificates.go:53] "Loaded SNI cert" index=0 certName="self-signed loopback" certDetail="\"apiserver-loopback-client@164...1月 15 13:11:16 master-1 kube-scheduler[34356]: I0115 13:11:16.941498 34356 secure_serving.go:200] Serving securely on [::]:102591月 15 13:11:16 master-1 kube-scheduler[34356]: I0115 13:11:16.942713 34356 tlsconfig.go:240] "Starting DynamicServingCertificateController"1月 15 13:11:17 master-1 kube-scheduler[34356]: I0115 13:11:17.044695 34356 leaderelection.go:248] attempting to acquire leader lease kube-system/kube-scheduler...Hint: Some lines were ellipsized, use -l to show in full. |
草都可以从石头缝隙中长出来更可况你呢
分类:
k8s
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本
· C#/.NET/.NET Core优秀项目和框架2025年2月简报
· 葡萄城 AI 搜索升级:DeepSeek 加持,客户体验更智能
· 什么是nginx的强缓存和协商缓存
· 一文读懂知识蒸馏