kubernetes集群之部署kube-scheduler组件
#创建csr请求
[root@master-1 work]# cat kube-scheduler-csr.json
{
"CN": "system:kube-scheduler",
"hosts": [
"127.0.0.1",
"192.168.10.28",
"192.168.10.29",
"192.168.10.30",
"192.168.10.31"
],
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"ST": "Hubei",
"L": "Wuhan",
"O": "system:kube-scheduler",
"OU": "system"
}
]
}
创建证书
[root@master-1 work]# cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes kube-scheduler-csr.json | cfssljson -bare kube-scheduler
2022/01/15 12:56:06 [INFO] generate received request
2022/01/15 12:56:06 [INFO] received CSR
2022/01/15 12:56:06 [INFO] generating key: rsa-2048
2022/01/15 12:56:06 [INFO] encoded CSR
2022/01/15 12:56:06 [INFO] signed certificate with serial number 590063874685592696745003825094956388230301625419
2022/01/15 12:56:06 [WARNING] This certificate lacks a "hosts" field. This makes it unsuitable for
websites. For more information see the Baseline Requirements for the Issuance and Management
of Publicly-Trusted Certificates, v.1.1.6, from the CA/Browser Forum (https://cabforum.org);
specifically, section 10.2.3 ("Information Requirements").
#创建kube-scheduler的kubeconfig
1.设置集群参数
[root@master-1 work]# kubectl config set-cluster kubernetes --certificate-authority=ca.pem --embed-certs=true --server=https://192.168.10.29:6443 --kubeconfig=kube-scheduler.kubeconfig Cluster "kubernetes" set. 您在 /var/spool/mail/root 中有新邮件 [root@master-1 work]# kubectl config set-credentials system:kube-scheduler --client-certificate=kube-scheduler.pem --client-key=kube-scheduler-key.pem --embed-certs=true --kubeconfig=kube-scheduler.kubeconfig User "system:kube-scheduler" set. [root@master-1 work]# kubectl config set-context system:kube-scheduler --cluster=kubernetes --user=system:kube-scheduler --kubeconfig=kube-scheduler.kubeconfig Context "system:kube-scheduler" created. [root@master-1 work]# kubectl config use-context system:kube-scheduler --kubeconfig=kube-scheduler.kubeconfig Switched to context "system:kube-scheduler".
创建配置文件
[root@master-1 work]# vim kube-scheduler.conf KUBE_SCHEDULER_OPTS="--address=127.0.0.1 \ --kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig \ --leader-elect=true \ --alsologtostderr=true \ --logtostderr=false \ --log-dir=/var/log/kubernetes \ --v=2"
#创建服务启动文件
[root@master-1 work]# vim kube-scheduler.service [Unit] Description=Kubernetes Scheduler Documentation=https://github.com/kubernetes/kubernetes [Service] EnvironmentFile=-/etc/kubernetes/kube-scheduler.conf ExecStart=/usr/local/bin/kube-scheduler $KUBE_SCHEDULER_OPTS Restart=on-failure RestartSec=5 [Install] WantedBy=multi-user.target
分发其他节点
[root@master-1 work]# cp kube-scheduler*.pem /etc/kubernetes/ssl/ [root@master-1 work]# cp kube-scheduler.kubeconfig /etc/kubernetes/ [root@master-1 work]# cp kube-scheduler.conf /etc/kubernetes/ [root@master-1 work]# cp kube-scheduler.service /usr/lib/systemd/system/ [root@master-1 work]# rsync -vaz kube-scheduler*.pem master-2:/etc/kubernetes/ssl/ sending incremental file list kube-scheduler-key.pem kube-scheduler.pem sent 2,525 bytes received 54 bytes 1,719.33 bytes/sec total size is 3,159 speedup is 1.22 [root@master-1 work]# rsync -vaz kube-scheduler*.pem master-3:/etc/kubernetes/ssl/ sending incremental file list kube-scheduler-key.pem kube-scheduler.pem sent 2,525 bytes received 54 bytes 5,158.00 bytes/sec total size is 3,159 speedup is 1.22 [root@master-1 work]# rsync -vaz kube-scheduler.kubeconfig kube-scheduler.conf master-2:/etc/kubernetes/ sending incremental file list kube-scheduler.conf kube-scheduler.kubeconfig sent 4,536 bytes received 54 bytes 9,180.00 bytes/sec total size is 6,619 speedup is 1.44 您在 /var/spool/mail/root 中有新邮件 [root@master-1 work]# rsync -vaz kube-scheduler.kubeconfig kube-scheduler.conf master-3:/etc/kubernetes/ sending incremental file list kube-scheduler.conf kube-scheduler.kubeconfig sent 4,536 bytes received 54 bytes 9,180.00 bytes/sec total size is 6,619 speedup is 1.44 [root@master-1 work]# rsync -vaz kube-scheduler.service master-2:/usr/lib/systemd/system/ sending incremental file list kube-scheduler.service sent 305 bytes received 35 bytes 226.67 bytes/sec total size is 292 speedup is 0.86 [root@master-1 work]# rsync -vaz kube-scheduler.service master-3:/usr/lib/systemd/system/ sending incremental file list kube-scheduler.service sent 305 bytes received 35 bytes 680.00 bytes/sec total size is 292 speedup is 0.86
启动
[root@master-1 work]# systemctl daemon-reload
您在 /var/spool/mail/root 中有新邮件
[root@master-1 work]# systemctl enable kube-scheduler
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /usr/lib/systemd/system/kube-scheduler.service.
[root@master-1 work]# systemctl start kube-scheduler
[root@master-1 work]# systemctl status kube-scheduler
● kube-scheduler.service - Kubernetes Scheduler
Loaded: loaded (/usr/lib/systemd/system/kube-scheduler.service; enabled; vendor preset: disabled)
Active: active (running) since 六 2022-01-15 13:11:15 CST; 11s ago
Docs: https://github.com/kubernetes/kubernetes
Main PID: 34356 (kube-scheduler)
Tasks: 7
Memory: 15.1M
CGroup: /system.slice/kube-scheduler.service
└─34356 /usr/local/bin/kube-scheduler --address=127.0.0.1 --kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig --leader-elect=true --alsologtostderr=true --logtostderr=false --log-dir=/var/log/...
1月 15 13:11:16 master-1 kube-scheduler[34356]: reserve: {}
1月 15 13:11:16 master-1 kube-scheduler[34356]: score: {}
1月 15 13:11:16 master-1 kube-scheduler[34356]: schedulerName: default-scheduler
1月 15 13:11:16 master-1 kube-scheduler[34356]: ------------------------------------Configuration File Contents End Here---------------------------------
1月 15 13:11:16 master-1 kube-scheduler[34356]: I0115 13:11:16.936434 34356 server.go:139] "Starting Kubernetes Scheduler" version="v1.23.0-rc.0"
1月 15 13:11:16 master-1 kube-scheduler[34356]: I0115 13:11:16.941128 34356 tlsconfig.go:200] "Loaded serving cert" certName="Generated self signed cert" certDetail="\"localhost@1642223476\" [serving] va...
1月 15 13:11:16 master-1 kube-scheduler[34356]: I0115 13:11:16.941256 34356 named_certificates.go:53] "Loaded SNI cert" index=0 certName="self-signed loopback" certDetail="\"apiserver-loopback-client@164...
1月 15 13:11:16 master-1 kube-scheduler[34356]: I0115 13:11:16.941498 34356 secure_serving.go:200] Serving securely on [::]:10259
1月 15 13:11:16 master-1 kube-scheduler[34356]: I0115 13:11:16.942713 34356 tlsconfig.go:240] "Starting DynamicServingCertificateController"
1月 15 13:11:17 master-1 kube-scheduler[34356]: I0115 13:11:17.044695 34356 leaderelection.go:248] attempting to acquire leader lease kube-system/kube-scheduler...
Hint: Some lines were ellipsized, use -l to show in full.
草都可以从石头缝隙中长出来更可况你呢
