zoukankan      html  css  js  c++  java
  • kubernetes部署kube-scheduler服务

    同样的分非认证授权和认证授权:

    非认证授权:

    cat > /lib/systemd/system/kube-scheduler.service <<EOF
    [Unit]
    Description=Kubernetes Scheduler
    Documentation=https://github.com/GoogleCloudPlatform/kubernetes
    
    [Service]
    ExecStart=/usr/local/bin/kube-scheduler 
      --address=127.0.0.1 
      --master=http://127.0.0.1:8080 
      --leader-elect=true 
      --v=2
    Restart=on-failure
    RestartSec=5
    [Install]
    WantedBy=multi-user.target
    EOF

    认证授权:

    ----------------------------------------------

    创建 kube-scheduler 证书和私钥
    创建证书签名请求:

    cat > kube-scheduler-csr.json <<EOF
    {
        "CN": "system:kube-scheduler",
        "hosts": [
          "127.0.0.1",
          "192.168.111.10",
          "192.168.111.11",
          "192.168.111.12"
        ],
        "key": {
            "algo": "rsa",
            "size": 2048
        },
        "names": [
          {
            "C": "CN",
            "ST": "ChongQing",
            "L": "ChongQing",
            "O": "system:kube-scheduler",
            "OU": "yunwei"
          }
        ]
    }
    EOF
    
    cfssl gencert -ca=/etc/kubernetes/ca/ca.pem 
      -ca-key=/etc/kubernetes/ca/ca-key.pem 
      -config=/etc/kubernetes/ca/ca-config.json 
      -profile=kubernetes kube-scheduler-csr.json | cfssljson -bare kube-scheduler

    创建和分发 kubeconfig 文件
    kubeconfig 文件包含访问 apiserver 的所有信息,如 apiserver 地址、CA 证书和自身使用的证书;

    kubectl config set-cluster kubernetes 
      --certificate-authority=/etc/kubernetes/ca/ca.pem 
      --embed-certs=true 
      --server=https://192.168.111.9:6443 
      --kubeconfig=kube-scheduler.kubeconfig
    
    kubectl config set-credentials system:kube-scheduler 
      --client-certificate=/etc/kubernetes/ca/kube-scheduler.pem 
      --client-key=/etc/kubernetes/ca/kube-scheduler-key.pem 
      --embed-certs=true 
      --kubeconfig=kube-scheduler.kubeconfig
    
    kubectl config set-context system:kube-scheduler 
      --cluster=kubernetes 
      --user=system:kube-scheduler 
      --kubeconfig=kube-scheduler.kubeconfig
    
    kubectl config use-context system:kube-scheduler --kubeconfig=kube-scheduler.kubeconfig

    # scp /etc/kubernetes/kube-scheduler.kubeconfig 192.168.111.11:/etc/kubernetes/

    # scp /etc/kubernetes/kube-scheduler.kubeconfig 192.168.111.12:/etc/kubernetes/

    创建服务文件:

    cat > /lib/systemd/system/kube-scheduler.service <<EOF
    [Unit]
    Description=Kubernetes Scheduler
    Documentation=https://github.com/GoogleCloudPlatform/kubernetes
    
    [Service]
    ExecStart=/usr/local/bin/kube-scheduler \
      --address=127.0.0.1 \
      --kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig \
      --leader-elect=true \
      --alsologtostderr=true \
      --logtostderr=false \
      --log-dir=/var/log/kubernetes \
      --v=2
    Restart=on-failure
    RestartSec=5
    
    [Install]
    WantedBy=multi-user.target
    EOF

    启动:

    # systemctl daemon-reload&&for SERVICES in kube-scheduler;do systemctl enable $SERVICES; systemctl start  $SERVICES; systemctl status $SERVICES; done

    # kubectl get endpoints kube-scheduler --namespace=kube-system  -o yaml

  • 相关阅读:
    ASP.NET Core Docker部署
    Asp.net core WebApi 使用Swagger生成帮助页实例
    C#图片文字识别
    C#实现rabbitmq 延迟队列功能
    Windows下当地RabbitMQ服务的安装
    看大数据时代下的IT架构(1)业界消息队列对比
    查看sqlserver被锁的表以及如何解锁
    如何让win2008服务器显示中文无乱码
    Lucene.Net的服务器封装+APi组件 (开源)
    Oracle学习系列4
  • 原文地址:https://www.cnblogs.com/xuyingzhong/p/9761808.html
Copyright © 2011-2022 走看看