zoukankan      html  css  js  c++  java
  • kubernetes部署kube-scheduler服务

    同样的分非认证授权和认证授权:

    非认证授权:

    cat > /lib/systemd/system/kube-scheduler.service <<EOF
    [Unit]
    Description=Kubernetes Scheduler
    Documentation=https://github.com/GoogleCloudPlatform/kubernetes
    
    [Service]
    ExecStart=/usr/local/bin/kube-scheduler 
      --address=127.0.0.1 
      --master=http://127.0.0.1:8080 
      --leader-elect=true 
      --v=2
    Restart=on-failure
    RestartSec=5
    [Install]
    WantedBy=multi-user.target
    EOF

    认证授权:

    ----------------------------------------------

    创建 kube-scheduler 证书和私钥
    创建证书签名请求:

    cat > kube-scheduler-csr.json <<EOF
    {
        "CN": "system:kube-scheduler",
        "hosts": [
          "127.0.0.1",
          "192.168.111.10",
          "192.168.111.11",
          "192.168.111.12"
        ],
        "key": {
            "algo": "rsa",
            "size": 2048
        },
        "names": [
          {
            "C": "CN",
            "ST": "ChongQing",
            "L": "ChongQing",
            "O": "system:kube-scheduler",
            "OU": "yunwei"
          }
        ]
    }
    EOF
    
    cfssl gencert -ca=/etc/kubernetes/ca/ca.pem 
      -ca-key=/etc/kubernetes/ca/ca-key.pem 
      -config=/etc/kubernetes/ca/ca-config.json 
      -profile=kubernetes kube-scheduler-csr.json | cfssljson -bare kube-scheduler

    创建和分发 kubeconfig 文件
    kubeconfig 文件包含访问 apiserver 的所有信息,如 apiserver 地址、CA 证书和自身使用的证书;

    kubectl config set-cluster kubernetes 
      --certificate-authority=/etc/kubernetes/ca/ca.pem 
      --embed-certs=true 
      --server=https://192.168.111.9:6443 
      --kubeconfig=kube-scheduler.kubeconfig
    
    kubectl config set-credentials system:kube-scheduler 
      --client-certificate=/etc/kubernetes/ca/kube-scheduler.pem 
      --client-key=/etc/kubernetes/ca/kube-scheduler-key.pem 
      --embed-certs=true 
      --kubeconfig=kube-scheduler.kubeconfig
    
    kubectl config set-context system:kube-scheduler 
      --cluster=kubernetes 
      --user=system:kube-scheduler 
      --kubeconfig=kube-scheduler.kubeconfig
    
    kubectl config use-context system:kube-scheduler --kubeconfig=kube-scheduler.kubeconfig

    # scp /etc/kubernetes/kube-scheduler.kubeconfig 192.168.111.11:/etc/kubernetes/

    # scp /etc/kubernetes/kube-scheduler.kubeconfig 192.168.111.12:/etc/kubernetes/

    创建服务文件:

    cat > /lib/systemd/system/kube-scheduler.service <<EOF
    [Unit]
    Description=Kubernetes Scheduler
    Documentation=https://github.com/GoogleCloudPlatform/kubernetes
    
    [Service]
    ExecStart=/usr/local/bin/kube-scheduler \
      --address=127.0.0.1 \
      --kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig \
      --leader-elect=true \
      --alsologtostderr=true \
      --logtostderr=false \
      --log-dir=/var/log/kubernetes \
      --v=2
    Restart=on-failure
    RestartSec=5
    
    [Install]
    WantedBy=multi-user.target
    EOF

    启动:

    # systemctl daemon-reload&&for SERVICES in kube-scheduler;do systemctl enable $SERVICES; systemctl start  $SERVICES; systemctl status $SERVICES; done

    # kubectl get endpoints kube-scheduler --namespace=kube-system  -o yaml

  • 相关阅读:
    获得spring代理对象的原对象
    自动注入bean,简化持久化
    java Instrument修改字节码实现aop功能
    c# 笔记
    js 字符串与json互转
    js Deferred的使用
    chrome 插件开发 通讯机制
    ajax 采用XMLHttpRequest post、get 发送数据
    [转]c fscanf 按行读取文件_(Testbench用法总结)1. Testbench中文本数据的存储读取操作对比...
    转:VIVADO使用技巧:设置DCI与内部参考电压
  • 原文地址:https://www.cnblogs.com/xuyingzhong/p/9761808.html
Copyright © 2011-2022 走看看