欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

Kubernetes部署Node组件

程序员文章站 2022-07-13 22:24:46
...

將kubernetes二进制文件中的kubelet, kube-proxy拷贝到三个节点/opt/k8s/bin
可以用SCP命令
在master节点创建一个配置文档:

vim configure.sh

token"89a0bea35e38d0db7d8d25cfa4bb7f4d"参考上一篇

#! /bin/bash
# create TLS Bootstrapping Token
#----------------
#创建  kubelet bootstrapping 配置文件
export PATH=$PATH:/opt/k8s/bin
export KUBE_APISERVER="https://192.168.122.134:6443"
export BOOTSTRAP_TOKEN="89a0bea35e38d0db7d8d25cfa4bb7f4d"
#创建绑定角色
kubectl create clusterrolebinding kubelet-bootstrap \
  --clusterrole=system:node-bootstrapper \
  --user=kubelet-bootstrap
# 设置 cluster 参数
kubectl config set-cluster kubernetes \
  --certificate-authority=/opt/k8s/ssl/ca.pem \
  --embed-certs=true \
  --server=${KUBE_APISERVER} \
  --kubeconfig=bootstrap.kubeconfig

# 设置客户端认证参数
kubectl config set-credentials kubelet-bootstrap \
  --token=${BOOTSTRAP_TOKEN} \
  --kubeconfig=bootstrap.kubeconfig

#设置上下文
kubectl config set-context default \
  --cluster=kubernetes \
  --user=kubelet-bootstrap \
  --kubeconfig=bootstrap.kubeconfig

kubectl config use-context default --kubeconfig=bootstrap.kubeconfig
#-------------
#创建 kube-proxy 配置文件
kubectl config set-cluster kubernetes \
  --certificate-authority=/opt/k8s/ssl/ca.pem \
  --embed-certs=true \
  --server=${KUBE_APISERVER} \
  --kubeconfig=kube-proxy.kubeconfig

kubectl config set-credentials kube-proxy \
  --client-certificate=/opt/k8s/ssl/kube-proxy.pem \
  --client-key=/opt/k8s/ssl/kube-proxy-key.pem \
  --embed-certs=true \
  --kubeconfig=kube-proxy.kubeconfig

kubectl config set-context default \
  --cluster=kubernetes \
  --user=kube-proxy \
  --kubeconfig=kube-proxy.kubeconfig

kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig

提高权限运行生成两个文件, 一个文件是 bootstrap.kubeconfig, 另一个是 kube-proxy.kubeconfig。
將这两个文件拷贝到两个node节点/opt/k8s/cfg。
Node节点操作:

部署kubelet:

编写kubelet.conf

vim /opt/k8s/cfg/kubelet.conf

node1节点:

KUBELET_OPTS="--logtostderr=true \
--v=4 \
--address=192.168.122.135 \
--hostname-override=192.168.122.135 \
--kubeconfig=/opt/k8s/cfg/kubelet.kubeconfig \
--experimental-bootstrap-kubeconfig=/opt/k8s/cfg/bootstrap.config \
--cert-dir=/opt/k8s/ssl \
--allow-privileged=true \
--cluster-dns=10.10.10.2 \
--cluster-domain=cluster.local \
--fail-swap-on=false \
--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0"

node2节点:

KUBELET_OPTS="--logtostderr=true \
--v=4 \
--address=192.168.122.136 \
--hostname-override=192.168.122.136 \
--kubeconfig=/opt/k8s/cfg/kubelet.kubeconfig \
--experimental-bootstrap-kubeconfig=/opt/k8s/cfg/bootstrap.config \
--cert-dir=/opt/k8s/ssl \
--allow-privileged=true \
--cluster-dns=10.10.10.2 \
--cluster-domain=cluster.local \
--fail-swap-on=false \
--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0"
~    

编写kubelet.service

vim /usr/lib/systemd/system/kubelet.service
[Unit]
Description=Kubernetes Kubelet
After=docker.service
Requires=docker.service

[Service]
EnvironmentFile=/opt/k8s/cfg/kubelet.conf
ExecStart=/opt/k8s/bin/kubelet $KUBELET_OPTS
Restart=on-failure
KillMode=process

[Install]
WantedBy=multi-user.target

启动服务:

systemctl daemon-reload
systemctl enable kubelet
systemctl start kubelet

部署kube-proxy:

编写kube-proxy.conf

vim /opt/k8s/kube-proxy.conf

node节点1:

KUBE_PROXY_OPTS="--logtostderr=true \
--v=4 \
--hostname-override=192.168.122.135 \
--kubeconfig=/opt/k8s/cfg/kube-proxy.kubeconfig"

node节点2:

KUBE_PROXY_OPTS="--logtostderr=true \
--v=4 \
--hostname-override=192.168.122.136 \
--kubeconfig=/opt/k8s/cfg/kube-proxy.kubeconfig"

编写kube-proxy.service

vim /usr/lib/systemd/system/kube-proxy.service
[Unit]
Description=Kubernetes Proxy
After=network.target

[Service]
EnvironmentFile=-/opt/k8s/cfg/kube-proxy.conf
ExecStart=/opt/k8s/bin/kube-proxy $KUBE_PROXY_OPTS
Restart=on-failure

[Install]
WantedBy=multi-user.target
~              

启动服务:

systemctl daemon-reload
systemctl enable kube-proxy
systemctl start kube-proxy

当两个node节点kube,和kube-proxy等运行后,
在Master节点/opt/k8s目录下运行或创建零食环境变量export PATH=$PATH:/opt/k8s/bin

kubectl get csr

然后运行命令运行:

 kubectl certificate approve 上面显示的请求Name

再次查看,可以看到状态已经是 Approved:kubectl get csr
在Master节点查看已经通过请求的node:

kubectl get nodes

大功告成!

相关标签: Docker