zoukankan      html  css  js  c++  java

  • kubernetes部署kube-scheduler服务

    同样的分非认证授权和认证授权:

    非认证授权:

    cat > /lib/systemd/system/kube-scheduler.service <<EOF
[Unit]
Description=Kubernetes Scheduler
Documentation=https://github.com/GoogleCloudPlatform/kubernetes

[Service]
ExecStart=/usr/local/bin/kube-scheduler 
  --address=127.0.0.1 
  --master=http://127.0.0.1:8080 
  --leader-elect=true 
  --v=2
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
EOF

    认证授权:

    ----------------------------------------------

    创建 kube-scheduler 证书和私钥
    创建证书签名请求:

    cat > kube-scheduler-csr.json <<EOF
{
    "CN": "system:kube-scheduler",
    "hosts": [
      "127.0.0.1",
      "192.168.111.10",
      "192.168.111.11",
      "192.168.111.12"
    ],
    "key": {
        "algo": "rsa",
        "size": 2048
    },
    "names": [
      {
        "C": "CN",
        "ST": "ChongQing",
        "L": "ChongQing",
        "O": "system:kube-scheduler",
        "OU": "yunwei"
      }
    ]
}
EOF

cfssl gencert -ca=/etc/kubernetes/ca/ca.pem 
  -ca-key=/etc/kubernetes/ca/ca-key.pem 
  -config=/etc/kubernetes/ca/ca-config.json 
  -profile=kubernetes kube-scheduler-csr.json | cfssljson -bare kube-scheduler

    创建和分发 kubeconfig 文件
    kubeconfig 文件包含访问 apiserver 的所有信息,如 apiserver 地址、CA 证书和自身使用的证书;

    kubectl config set-cluster kubernetes 
  --certificate-authority=/etc/kubernetes/ca/ca.pem 
  --embed-certs=true 
  --server=https://192.168.111.9:6443 
  --kubeconfig=kube-scheduler.kubeconfig

kubectl config set-credentials system:kube-scheduler 
  --client-certificate=/etc/kubernetes/ca/kube-scheduler.pem 
  --client-key=/etc/kubernetes/ca/kube-scheduler-key.pem 
  --embed-certs=true 
  --kubeconfig=kube-scheduler.kubeconfig

kubectl config set-context system:kube-scheduler 
  --cluster=kubernetes 
  --user=system:kube-scheduler 
  --kubeconfig=kube-scheduler.kubeconfig

kubectl config use-context system:kube-scheduler --kubeconfig=kube-scheduler.kubeconfig

    # scp /etc/kubernetes/kube-scheduler.kubeconfig 192.168.111.11:/etc/kubernetes/

    # scp /etc/kubernetes/kube-scheduler.kubeconfig 192.168.111.12:/etc/kubernetes/

    创建服务文件:

    cat > /lib/systemd/system/kube-scheduler.service <<EOF
[Unit]
Description=Kubernetes Scheduler
Documentation=https://github.com/GoogleCloudPlatform/kubernetes

[Service]
ExecStart=/usr/local/bin/kube-scheduler \
  --address=127.0.0.1 \
  --kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig \
  --leader-elect=true \
  --alsologtostderr=true \
  --logtostderr=false \
  --log-dir=/var/log/kubernetes \
  --v=2
Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
EOF

    启动:

    # systemctl daemon-reload&&for SERVICES in kube-scheduler;do systemctl enable $SERVICES; systemctl start  $SERVICES; systemctl status $SERVICES; done

    # kubectl get endpoints kube-scheduler --namespace=kube-system  -o yaml
  • 相关阅读:
    在Docker中启动Nacos-Server
    maven配置阿里云公共仓库
    Centos7动态IP改静态后SSH很慢
    Vue+NodeJS的跨域请求Session不同
    一款非常简洁漂亮方便调用的jQuery前端分页
    springmvc后台接收List参数的几种办法
    net use命令详解(转)
    c#开发windows服务
    c# base64转字符串
    关于web api 验证
  • 原文地址:https://www.cnblogs.com/xuyingzhong/p/9761808.html
Copyright © 2011-2022 走看看