k8s记录-master组件部署(八)

在 192.168.0.1 app 用户下执行
1)程序准备
tar zxvf kubernetes-server-linux-amd64.tar.gz
mv kubernetes/server/bin/{kube-apiserver,kube-scheduler,kube-controller-
manager,kubectl} kubernetes/bin
2) 拷贝 CA 证书
cp *pem kubernetes/ssl/
3)创建 TLS Bootstrapping Token
head -c 16 /dev/urandom | od -An -t x | tr -d ' '
2366a641f656a0a025abb4aabda4511b
vim /data/projects/common/kubernetes/cfg/token.csv(填入上面生成的数字)
2366a641f656a0a025abb4aabda4511b,kubelet-bootstrap,10001,"system:kubelet-bootstrap"
4) apiserver 服务配置
a.修改配置
kubernetes/cfg/kube-apiserver

#!/bin/bash
ETCD_HOME=etcd
ETCD01_IP=192.168.0.1
ETCD02_IP=192.168.0.2
ETCD03_IP=192.168.0.3
KUBE_HOME=kubernetes
CLUSTER_IP="10.1.0.0/24"
KUBE_API_ARGS="--logtostderr=true \
--v=4 \
--etcd-servers=https://$ETCD01_IP:2379,https://$ETCD02_IP:2379,https://$ETCD03_IP:2379 \
--bind-address=0.0.0.0 \
--secure-port=6443 \\
--insecure-bind-address=0.0.0.0 \
--insecure-port=8080 \
--advertise-address=$ETCD_IP \
--allow-privileged=true \
--service-cluster-ip-range=$CLUSTER_IP \
--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota,NodeRestriction \
--authorization-mode=RBAC,Node \
--enable-bootstrap-token-auth \
--token-auth-file=$KUBE_HOME/cfg/token.csv \
--service-node-port-range=30000-50000 \
--tls-cert-file=$KUBE_HOME/ssl/server.pem \
--tls-private-key-file=$KUBE_HOME/ssl/server-key.pem \
--client-ca-file=$KUBE_HOME/ssl/ca.pem \
--service-account-key-file=$KUBE_HOME/ssl/ca-key.pem \
--etcd-cafile=$ETCD_HOME/ssl/ca.pem \
--etcd-certfile=$ETCD_HOME/ssl/server.pem \
--etcd-keyfile=$ETCD_HOME/ssl/server-key.pem"

b.开启与停止服务
#开启服务

#!/bin/bash
export KUBE_HOME=kubernetes
source $KUBE_HOME/cfg/kube-apiserver
nohup $KUBE_HOME/bin/kube-apiserver $KUBE_API_ARGS &

#停止服务

#!/bin/bash
kill -9 ` ps -ef | grep kube-apiserver | grep -v grep | awk '{print $2}'`

5)scheduler 服务配置
kubernetes/kube-scheduler

#!/bin/bash
KUBE_IP=192.168.0.1
KUBE_SCHEDULER_ARGS="--address=127.0.0.1 --logtostderr=true --v=4 --master=$KUBE_IP:8080 --leader-elect"

b.开启与停止服务
#开启服务

#!/bin/bash
KUBE_HOME=kubernetes
source $KUBE_HOME/cfg/kube-scheduler
nohup $KUBE_HOME/bin/kube-scheduler $KUBE_SCHEDULER_ARGS &

#停止服务

#!/bin/bash
kill -9 ` ps -ef | grep kube-scheduler | grep -v grep | awk '{print $2}'`

6)controller-manager 服务配置
kubernetes/kube-controller-manager

#!/bin/bash
KUBE_HOME=/data/projects/common/kubernetes
KUBE_IP=192.168.0.1
CLUSTER_IP="10.1.0.0/24"

KUBE_CONTROLLER_MANAGER_ARGS="--logtostderr=true \
--v=4 \
--master=$KUBE_IP:8080 \
--leader-elect=true \
--address=127.0.0.1 \
--service-cluster-ip-range=$CLUSTER_IP \
--cluster-name=kubernetes \
--cluster-signing-cert-file=$KUBE_HOME/ssl/ca.pem \
--cluster-signing-key-file=$KUBE_HOME/ssl/ca-key.pem \
--root-ca-file=$KUBE_HOME/ssl/ca.pem \
--service-account-private-key-file=$KUBE_HOME/ssl/ca-key.pem"

b.开启与停止服务
#开启服务

#!/bin/bash
KUBE_HOME=kubernetes
source $KUBE_HOME/cfg/kube-controller-manager
nohup $KUBE_HOME/bin/kube-controller-manager $KUBE_CONTROLLER_MANAGER_ARGS &

#停止服务

#!/bin/bash
kill -9 ` ps -ef | grep kube-controller-manager | grep -v grep | awk '{print $2}'`

7)验证组件
kubernetes/bin/kubectl get cs

posted @ 2019-10-18 14:39  信方  阅读(257)  评论(0编辑  收藏  举报