Kubernetes(六)master节点组件部署

  • A+
所属分类:Kubernetes

两个文件bootstrap.kubeconfig文件、kube-proxy kubeconfig文件分发到node

github获取K8S二进制包,最新版本v1.12.5,在master部署

cd /root/tools
wget https://dl.k8s.io/v1.12.5/kubernetes-server-linux-amd64.tar.gz
tar -zxvf kubernetes-server-linux-amd64.tar.gz 
cd /root/tools/kubernetes/server/bin
cp kube-apiserver kube-controller-manager kube-scheduler /opt/kubernetes/bin/
[root@k8s-master bin]# ls /opt/kubernetes/bin/
etcd  etcdctl  kube-apiserver  kube-controller-manager  kubectl  kube-scheduler

课件分别上传到master和node服务器

[root@k8s-master tools]# mkdir master_pkg
[root@k8s-master tools]# mv master.zip /root/tools/master_pkg/
[root@k8s-master tools]# cd master_pkg/
[root@k8s-master tools]# unzip master.zip

在github k8s的主干,可以看到master和node脚本,下面用课件提供的脚本

https://github.com/kubernetes/kubernetes/tree/master/cluster/centos/master/scripts

部署apiserver

执行apiserver脚本 参数指定master ip和endpoint

[root@k8s-master master_pkg]# vim apiserver.sh 
#!/bin/bash

MASTER_ADDRESS=${1:-"192.168.1.195"}
ETCD_SERVERS=${2:-"http://127.0.0.1:2379"}

cat <<EOF >/opt/kubernetes/cfg/kube-apiserver

KUBE_APISERVER_OPTS="--logtostderr=true \\
--v=4 \\
--etcd-servers=${ETCD_SERVERS} \\
--insecure-bind-address=127.0.0.1 \\
--bind-address=${MASTER_ADDRESS} \\
--insecure-port=8080 \\
--secure-port=6443 \\
--advertise-address=${MASTER_ADDRESS} \\
--allow-privileged=true \\
--service-cluster-ip-range=10.10.10.0/24 \\
--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota,NodeRestriction \
--authorization-mode=RBAC,Node \\
--kubelet-https=true \\
--enable-bootstrap-token-auth \\
--token-auth-file=/opt/kubernetes/cfg/token.csv \\
--service-node-port-range=30000-50000 \\
--tls-cert-file=/opt/kubernetes/ssl/server.pem  \\
--tls-private-key-file=/opt/kubernetes/ssl/server-key.pem \\
--client-ca-file=/opt/kubernetes/ssl/ca.pem \\
--service-account-key-file=/opt/kubernetes/ssl/ca-key.pem \\
--etcd-cafile=/opt/kubernetes/ssl/ca.pem \\
--etcd-certfile=/opt/kubernetes/ssl/server.pem \\
--etcd-keyfile=/opt/kubernetes/ssl/server-key.pem"

EOF

cat <<EOF >/usr/lib/systemd/system/kube-apiserver.service
[Unit]
Description=Kubernetes API Server
Documentation=https://github.com/kubernetes/kubernetes

[Service]
EnvironmentFile=-/opt/kubernetes/cfg/kube-apiserver
ExecStart=/opt/kubernetes/bin/kube-apiserver \$KUBE_APISERVER_OPTS
Restart=on-failure

[Install]
WantedBy=multi-user.target
EOF
/root/tools/master_pkg/apiserver.sh 192.168.20.211 https://192.168.20.211:2379,https://192.168.20.212:2379,https://192.168.20.213:2379
systemctl daemon-reload
systemctl enable kube-apiserver
systemctl restart kube-apiserver

部署完成检查文件

vim /opt/kubernetes/cfg/kube-apiserver 
vim /usr/lib/systemd/system/kube-apiserver.service

启动报错,缺少token.csv文件,拷贝重新启动

cp /root/ssl/token.csv /opt/kubernetes/cfg/

systemctl start kube-apiserver
ps -ef|grepkube-apiserver
systemctl list-unit-files|grep  kube-apiserver

部署controller-manager

[root@k8s-master master_pkg]# vim controller-manager.sh 
#!/bin/bash

MASTER_ADDRESS=${1:-"127.0.0.1"}

cat <<EOF >/opt/kubernetes/cfg/kube-controller-manager


KUBE_CONTROLLER_MANAGER_OPTS="--logtostderr=true \\
--v=4 \\
--master=${MASTER_ADDRESS}:8080 \\
--leader-elect=true \\
--address=127.0.0.1 \\
--service-cluster-ip-range=10.10.10.0/24 \\
--cluster-name=kubernetes \\
--cluster-signing-cert-file=/opt/kubernetes/ssl/ca.pem \\
--cluster-signing-key-file=/opt/kubernetes/ssl/ca-key.pem  \\
--service-account-private-key-file=/opt/kubernetes/ssl/ca-key.pem \\
--root-ca-file=/opt/kubernetes/ssl/ca.pem"

EOF

cat <<EOF >/usr/lib/systemd/system/kube-controller-manager.service
[Unit]
Description=Kubernetes Controller Manager
Documentation=https://github.com/kubernetes/kubernetes

[Service]
EnvironmentFile=-/opt/kubernetes/cfg/kube-controller-manager
ExecStart=/opt/kubernetes/bin/kube-controller-manager \$KUBE_CONTROLLER_MANAGER_OPTS
Restart=on-failure

[Install]
WantedBy=multi-user.target
EOF

执行脚本,指定ip

/root/tools/master_pkg/controller-manager.sh 127.0.0.1

启动

systemctl daemon-reload
systemctl enable kube-controller-manager
systemctl restart kube-controller-manager
[root@k8s-master master_pkg]# ps -ef|grep controller-manager

部署scheduler

[root@k8s-master master_pkg]# vim scheduler.sh 
#!/bin/bash

MASTER_ADDRESS=${1:-"127.0.0.1"}

cat <<EOF >/opt/kubernetes/cfg/kube-scheduler

KUBE_SCHEDULER_OPTS="--logtostderr=true \\
--v=4 \\
--master=${MASTER_ADDRESS}:8080 \\
--leader-elect"

EOF

cat <<EOF >/usr/lib/systemd/system/kube-scheduler.service
[Unit]
Description=Kubernetes Scheduler
Documentation=https://github.com/kubernetes/kubernetes

[Service]
EnvironmentFile=-/opt/kubernetes/cfg/kube-scheduler
ExecStart=/opt/kubernetes/bin/kube-scheduler \$KUBE_SCHEDULER_OPTS
Restart=on-failure

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl enable kube-scheduler
systemctl restart kube-scheduler

指定ip

/root/tools/master_pkg/scheduler.sh 127.0.0.1

启动

systemctl daemon-reload
systemctl enable kube-scheduler
systemctl restart kube-scheduler
[root@k8s-master master_pkg]# ps -ef|grep scheduler

检测集群状态

[root@k8s-master cfg]#  kubectl get cs
NAME                 STATUS    MESSAGE             ERROR
controller-manager   Healthy   ok                  
scheduler            Healthy   ok                  
etcd-0               Healthy   {"health":"true"}   
etcd-2               Healthy   {"health":"true"}   
etcd-1               Healthy   {"health":"true"}

YaLei

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: