zoukankan      html  css  js  c++  java

  • Centos7部署kubelet(六)

    1、二进制包准备将软件包从linux-node1复制linux-node2、linux-node3中去
    [root@linux-node1 ssl]# cd /usr/local/src/kubernetes/server/bin/
    [root@linux-node1 bin]# cp kubelet kube-proxy /opt/kubernetes/bin/
    [root@linux-node1 bin]# scp kubelet kube-proxy 192.168.43.22:/opt/kubernetes/bin/
    [root@linux-node1 bin]# scp kubelet kube-proxy 192.168.43.23:/opt/kubernetes/bin/
    2、创建角色绑定
    [root@linux-node1 bin]# kubectl create clusterrolebinding kubelet-bootstrap --clusterrole=system:node-bootstrapper --user=kubelet-bootstrap
    clusterrolebinding.rbac.authorization.k8s.io "kubelet-bootstrap" created
    3、创建kubelet bootstrapping kubeconfig 文件设置集群参数
    [root@linux-node1 bin]# cd /usr/local/src/ssl/
    [root@linux-node1 ssl]# kubectl config set-cluster kubernetes
    > --certificate-authority=/opt/kubernetes/ssl/ca.pem
    > --embed-certs=true
    > --server=https://192.168.43.21:6443
    > --kubeconfig=bootstrap.kubeconfig
    Cluster "kubernetes" set.
    4、设置客户端认证参数
    [root@linux-node1 ssl]# kubectl config set-credentials kubelet-bootstrap
    > --token=c5b00c8b2a61246c61202a53cffed505
    > --kubeconfig=bootstrap.kubeconfig
    User "kubelet-bootstrap" set.
    5、设置上下文参数
    [root@linux-node1 ~]# kubectl config set-context default
    > --cluster=kubernetes
    > --user=kubelet-bootstrap
    > --kubeconfig=bootstrap.kubeconfig
    Context "default" created.
    6、选择默认上下文
    [root@linux-node1 ~]# kubectl config use-context default --kubeconfig=bootstrap.kubeconfig
    Switched to context "default".
    [root@linux-node1 ssl]# cp bootstrap.kubeconfig /opt/kubernetes/cfg
    [root@linux-node1 ssl]# scp bootstrap.kubeconfig 192.168.43.22:/opt/kubernetes/cfg
    [root@linux-node1 ssl]# scp bootstrap.kubeconfig 192.168.43.23:/opt/kubernetes/cfg
    7、部署kubelet 1.设置CNI支持(其实只在node2、node3上操作即可)
    [root@linux-node1 ~]# mkdir -p /etc/cni/net.d
    [root@linux-node2 ~]# mkdir -p /etc/cni/net.d
    [root@linux-node3 ~]# mkdir -p /etc/cni/net.d
    [root@linux-node1 ~]# vim /etc/cni/net.d/10-default.conf
    {
    "name": "flannel",
    "type": "flannel",
    "delegate": {
    "bridge": "docker0",
    "isDefaultGateway": true,
    "mtu": 1400
    }
    }
    [root@linux-node1 ~]# scp /etc/cni/net.d/10-default.conf 192.168.43.22:/etc/cni/net.d/10-default.conf
    [root@linux-node1 ~]# scp /etc/cni/net.d/10-default.conf 192.168.43.23:/etc/cni/net.d/10-default.conf
    8、创建kubelet目录
    [root@linux-node1 ssl]# mkdir /var/lib/kubelet
    [root@linux-node2 ~]# mkdir /var/lib/kubelet
    [root@linux-node3 ~]# mkdir /var/lib/kubelet
    9、创建kubelet服务配置
    [root@linux-node1 ssl]# vim /usr/lib/systemd/system/kubelet.service
    [Unit]
    Description=Kubernetes Kubelet
    Documentation=https://github.com/GoogleCloudPlatform/kubernetes
    After=docker.service
    Requires=docker.service
    [Service]
    WorkingDirectory=/var/lib/kubelet
    ExecStart=/opt/kubernetes/bin/kubelet
    --address=192.168.43.21
    --hostname-override=192.168.43.21
    --pod-infra-container-image=mirrorgooglecontainers/pause-amd64:3.0
    --experimental-bootstrap-kubeconfig=/opt/kubernetes/cfg/bootstrap.kubeconfig
    --kubeconfig=/opt/kubernetes/cfg/kubelet.kubeconfig
    --cert-dir=/opt/kubernetes/ssl
    --network-plugin=cni
    --cni-conf-dir=/etc/cni/net.d
    --cni-bin-dir=/opt/kubernetes/bin/cni
    --cluster-dns=10.1.0.2
    --cluster-domain=cluster.local.
    --hairpin-mode hairpin-veth
    --allow-privileged=true
    --fail-swap-on=false
    --logtostderr=true
    --v=2
    --logtostderr=false
    --log-dir=/opt/kubernetes/log
    Restart=on-failure
    [root@linux-node1 ssl]# scp /usr/lib/systemd/system/kubelet.service 192.168.43.22:/usr/lib/systemd/system/kubelet.service
    [root@linux-node1 ssl]# scp /usr/lib/systemd/system/kubelet.service 192.168.43.23:/usr/lib/systemd/system/kubelet.service
    ##修改node2、node3配置文件的监听地址为本身##
    修改node2
    [root@linux-node2 ~]# vim /usr/lib/systemd/system/kubelet.service
    [Unit]
    Description=Kubernetes Kubelet
    Documentation=https://github.com/GoogleCloudPlatform/kubernetes
    After=docker.service
    Requires=docker.service
     
    [Service]
    WorkingDirectory=/var/lib/kubelet
    ExecStart=/opt/kubernetes/bin/kubelet
    --address=192.168.43.22
    --hostname-override=192.168.43.22
    --pod-infra-container-image=mirrorgooglecontainers/pause-amd64:3.0
    --experimental-bootstrap-kubeconfig=/opt/kubernetes/cfg/bootstrap.kubeconfig
    --kubeconfig=/opt/kubernetes/cfg/kubelet.kubeconfig
    --cert-dir=/opt/kubernetes/ssl
    --network-plugin=cni
    --cni-conf-dir=/etc/cni/net.d
    --cni-bin-dir=/opt/kubernetes/bin/cni
    --cluster-dns=10.1.0.2
    --cluster-domain=cluster.local.
    --hairpin-mode hairpin-veth
    --allow-privileged=true
    --fail-swap-on=false
    --logtostderr=true
    --v=2
    --logtostderr=false
    --log-dir=/opt/kubernetes/log
    Restart=on-failure
    RestartSec=5
     
    修改node3
    [root@linux-node3 ~]# vim /usr/lib/systemd/system/kubelet.service
    [Unit]
    Description=Kubernetes Kubelet
    Documentation=https://github.com/GoogleCloudPlatform/kubernetes
    After=docker.service
    Requires=docker.service
     
    [Service]
    WorkingDirectory=/var/lib/kubelet
    ExecStart=/opt/kubernetes/bin/kubelet
    --address=192.168.43.23
    --hostname-override=192.168.43.23
    --pod-infra-container-image=mirrorgooglecontainers/pause-amd64:3.0
    --experimental-bootstrap-kubeconfig=/opt/kubernetes/cfg/bootstrap.kubeconfig
    --kubeconfig=/opt/kubernetes/cfg/kubelet.kubeconfig
    --cert-dir=/opt/kubernetes/ssl
    --network-plugin=cni
    --cni-conf-dir=/etc/cni/net.d
    --cni-bin-dir=/opt/kubernetes/bin/cni
    --cluster-dns=10.1.0.2
    --cluster-domain=cluster.local.
    --hairpin-mode hairpin-veth
    --allow-privileged=true
    --fail-swap-on=false
    --logtostderr=true
    --v=2
    --logtostderr=false
    --log-dir=/opt/kubernetes/log
    Restart=on-failure
    RestartSec=5
    10、启动kubelet
    [root@linux-node1 ssl]# systemctl daemon-reload
    [root@linux-node2 ~]# systemctl daemon-reload
    [root@linux-node3 ~]# systemctl daemon-reload
    [root@linux-node2 ~]# systemctl enable kubelet
    [root@linux-node3 ~]# systemctl enable kubelet
    [root@linux-node2 ~]# systemctl start kubelet
    [root@linux-node3 ~]# systemctl start kubelet
    11、查看csr请求,检测有无报错
    [root@linux-node1 ssl]# kubectl get csr
    NAME AGE REQUESTOR CONDITION
    node-csr-AXp3jLRnmxszpoesl-G5Saz8SyJSm3jlxSfmAXxQsaA 32s kubelet-bootstrap Pending
    node-csr-cRuooeWpWuHvOdKXCkB9o3JBcD_7KOiDl4heU-0FfYs 30s kubelet-bootstrap Pending
    12、批准kubelet的TLS证书请求
    [root@linux-node1 ssl]# kubectl get csr|grep 'Pending' | awk 'NR>0{print $1}'| xargs kubectl certificate approve
     [root@linux-node1 ssl]# kubectl get nodes
  • 相关阅读:
    输入汉字转拼音
    DBGridEh(RestoreGridLayoutIni)用法
    当选中节点的同时选中父节点
    implsments
    HTML中的post和get
    SmartUpload中文乱码
    调查平台,考试系统类型的数据收集型项目
    final
    职业生涯中12个最致命的想法
    abstract
  • 原文地址:https://www.cnblogs.com/xiaoliangxianshen/p/9165531.html
Copyright © 2011-2022 走看看