浏览此站
联系我们相册切换到窄版 Language

 找回密码
 注册
易陆发现论坛»论坛 docker社区 docker社区 部署k8s集群步骤 kubernetes实施步骤
返回列表 发新帖
查看: 67|回复: 9

部署k8s集群步骤 kubernetes实施步骤

[复制链接]
admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
发表于 2024-9-2 15:00:03 | 显示全部楼层 |阅读模式
购买主题 本主题需向作者支付 5 金钱 才能浏览
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-6 17:37:32 | 显示全部楼层
kubernetes的yum源# V  C" o/ [3 X4 b( t8 F
cat > /etc/yum.repos.d/kubernetes.repo <<EOF
0 r# h) l+ S  J& t) t[kubernetes]
& Y3 x3 p9 {1 x) I: M" wname=kubernetes
  ^- v, o& {$ {# }) Lbaseurl=http://172.24.21.35/centos/kubernetes/
6 Z$ c1 T' _1 B0 l9 B8 ngpgcheck=0
; z( u9 Y6 R/ D1 vEOF; v. ~' \+ k) i3 N" \. H
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-9 10:37:01 | 显示全部楼层
kubeadm init --apiserver-advertise-address=172.24.21.55  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.28.0 --service-cidr=10.177.100.0/12 --pod-network-cidr=10.233.0.0/16  --cri-socket=unix:///var/run/cri-dockerd.sock [init] Using Kubernetes version: v1.28.0 [preflight] Running pre-flight checks         [WARNING Firewalld]: firewalld is active, please ensure ports [6443 10250] are open or your cluster may not function correctly         [WARNING HTTPProxy]: Connection to "https://172.24.21.55" uses proxy "http://172.24.118.199:3128". If that is not intended, adjust your proxy settings         [WARNING HTTPProxyCIDR]: connection to "10.177.100.0/12" uses proxy "http://172.24.118.199:3128". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration         [WARNING HTTPProxyCIDR]: connection to "10.233.0.0/16" uses proxy "http://172.24.118.199:3128". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration         [WARNING Hostname]: hostname "k8s-master" could not be reached         [WARNING Hostname]: hostname "k8s-master": lookup k8s-master on 114.114.114.114:53: read udp 172.24.21.55:51870->114.114.114.114:53: i/o timeout [preflight] Pulling images required for setting up a Kubernetes cluster [preflight] This might take a minute or two, depending on the speed of your internet connection [preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-9 10:42:18 | 显示全部楼层
--apiserver-advertise-address   #声明监听ip地址
& I) E7 |! f% d8 `! ]' k" a --image-repository registry.aliyuncs.com/google_containers     #指定仓库
2 z& x# |3 Z! Q4 b1 ~7 c% P+ M--kubernetes-version   指定k8s的版本7 a5 R1 E% s  p! \8 V3 M# y6 N

6 T5 V' ~1 T' n( Y; C --service-cidr=10.177.100.0/12   #service网段
! m% S8 b( M4 ?+ I* n  s--pod-network-cidr=10.233.0.0/16    #pod网段
% Y7 o: X7 Q+ c- Q--cri-socket   指定docker的中间链接软件2 }8 f, t. a) j* q+ C, i
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-10 15:57:57 | 显示全部楼层
--kubernetes-version=v1.17.2
8 b, S5 [/ b  l6 @5 d3 a) u! Y$ U  X4 r8 i4 n
版本号,根据自己的情况更改,一般应该和 kubeadm 的版本一致8 R5 i# `7 G: z1 b% {4 b
7 O3 Q/ A1 `0 l9 }5 x( V
通过如下命令获得
/ [2 V( E2 ?! |0 @# b3 _$ p3 U: t9 Y6 q7 B! p$ R. ?+ J3 }
kubeadm version+ N) q- t4 K% L9 E8 k
& K5 n1 u" ?1 N3 Q' p# V
输出的 GitVersion:"v1.20.4" 就是版本号了6 [: Q4 P0 o6 m5 N/ E8 O/ X
  l8 K/ ?! _% Y0 M$ s8 J
--pod-network-cidr=10.244.0.0/167 w% o4 I, ^) P
/ O; E& U7 v* g6 ~3 U
​ pod 使用的网络,可以自定义,这个根据自己的情况修改,不修改也可以
7 I" U- H# B1 E7 L0 a3 f' d5 J7 l9 d+ x! ~. w
​ 好像是固定的2 q# }# K1 O# A- U
$ f+ Y+ N% ]6 l, ?4 l, u0 Q
--apiserver-advertise-address=192.168.1.200& y2 W9 k; Q- k+ m
​ master 节点的有效 IP 或者可以被解析的 DNS 名称,需要是 master 节点的有效网卡地址,比如 ens33, eth0 等。% V, W+ T% z* y3 s* ^& W& o

  i1 y2 t& I# a  v1 Q7 O--ignore-preflight-errors=Swap5 Z0 W7 ?' M; `9 n
​ 忽略检查 Swap 时候的报错0 `. p* ]) C- z4 P

$ n, Q7 t, S4 w, G) [--control-plane-endpoint
- k6 `, H3 p0 ?
6 g- a3 G/ C# m- m1 u负载均衡的地址,支持dns解析名或者IP,添加该选项后支持高可用,如果使用dns 记得该dns一定要可以被解析5 i* ~+ w! N% ~7 }1 _' t, Q
& E# I1 |6 S* g2 l
--upload-certs& `/ a0 }1 u" }  V2 s
; ^3 w- K& ~4 g- L2 `8 K) K4 K3 ?2 s, \
配合高可用使用,可以自动上传证书" s( y3 G( \* l. C# o
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-10 17:12:32 | 显示全部楼层
vim deploy-kubeadm.yml. R- v4 a* E: |. K; y+ S
---& ^! o' M: G+ y4 {) u5 k9 ~8 j0 z
- name: Deploy  kubeadm  kubelet kubectl* B$ ~4 R) t, P& o4 [+ i8 j8 V- E. v3 P( i
  hosts: k8s+ ^3 p, v7 \9 J* q' h( P6 J4 B: E
  gather_facts: no/ g; m4 D: _* K' O
  vars:
( q" T, Q! G. b+ `) A. Q9 y9 q    pkg_dir: /kubeadm-pkg9 H; D, w/ Q9 Z/ Y9 A7 s
    pkg_names: ["kubelet", "kubeadm", "kubectl"]
: {- H  A( a: c( b, P
/ Y9 q( `% H1 T    # 变量 download_host 需要手动设置( g4 h3 o8 Q7 n! v
    # 且值需要是此 playbook 目标主机中的一个
$ G9 X" o2 z6 w    # 需要写在 inventory 文件中的名称
! v& Y2 A2 b8 d9 a- G2 y: }    download_host: "master"+ [: F" H+ g8 d# {3 L9 A2 r7 ?
    local_pkg_dir: "{{ playbook_dir }}/{{ download_host }}"
2 w. m4 F+ {8 Y' W0 q6 W( X8 O3 y- w% l* Q
  tasks:
3 t# Z7 c& F- }9 d    - name: 测试使用 -e 是否设置并覆盖了变量5 _$ j( N! z4 }- M, b; @0 t
      debug:
, y2 m9 a8 \/ C' T        msg: "{{ local_pkg_dir }} {{ download_host }}"
6 Q) O" |0 s# b- h      tags:
8 j+ {* |5 l9 J2 J% H) U; g6 r1 [; L9 K        - deploy
8 ?: [& ]0 D- t9 [. p        - test
, ]9 l0 A2 w/ V
2 t# T6 m, H* z5 I' W* h    - name: "只需要给 {{ download_host }}安装仓库文件"* l7 i& G" ]" U7 e& Y. G7 v
      when: inventory_hostname == download_host+ J% |' j" X! r8 T7 Y% Q+ C
      copy:
7 A% A) T' k- z! n0 w; c  w        src: file/kubernetes.repo
2 ?7 H5 H3 }/ R0 O( b8 z7 M) M# Y        dest: /etc/yum.repos.d/kubernetes.repo
3 X; j8 h0 x2 [  J7 K/ g& A      tags:
6 d3 B9 c8 z* \0 f9 I        - deploy) i- ^! z7 x1 [" e! _8 G
/ N( I7 u8 b. m8 ?7 G8 L( _# S& L
    - name: 创建存放 rmp 包的目录  e7 N, F: M) X1 \. y" F, Q
      when: inventory_hostname == download_host6 o- A9 a8 r* F; K
      file:7 c' x% G! T. e. X
        path: "{{ pkg_dir }}"4 C# s3 N5 h' _
        state: directory
9 k7 s2 x4 ^) B0 L- j      tags:
+ D: H3 h" @' O( X. g" i1 M) {! b( j, a5 L        - deploy. h' [0 a+ q+ f+ c- J8 z. }
5 n3 h* p7 @% Q$ H8 |1 D
    - name:  下载软件包
7 H. N9 h& o; c" s5 L! i      when: inventory_hostname == download_host5 @1 `1 {& A- l; Z& [2 h
      yum:
& h* y2 x2 G2 i1 b; F        name: "{{ pkg_names }}": _) w+ N. W+ B
        download_only: yes
0 Y3 j5 t8 j7 M( F9 p2 h. a        download_dir: "{{ pkg_dir }}"6 [; h- s/ g5 B. i% V3 W$ b5 p3 {
      tags:& t/ z: m2 m- i, }! Y. M( @! N& X9 _* a: t
        - deploy
' c2 q" I& \- `5 L2 E7 C
# o% k) f4 W" g6 o3 I* I4 t: u, o, o    - name: 获取下载目录 "{{ pkg_dir }}" 中的文件列表5 F* T: _3 j% e. Q( N- G6 H' F1 q
      when: inventory_hostname == download_host
5 ~. j$ F! b8 ]! W; d% q9 _      shell: ls -1 "{{ pkg_dir }}"
3 t* p# ^4 E% Y      register: files
) U- H/ ~! O: {  h      tags:
4 U9 j0 w. C# x2 V1 ]8 l. g* f        - deploy7 s; ?0 k1 i0 S$ w
# T: h: d; m) G) b) C, X
    - name: 把远程主机下载的软件包传输到 ansible 本地
4 s$ e6 {( d" q9 G% q  A      when: inventory_hostname == download_host* R' O: o3 X, E  A7 r8 B# i
      fetch:
: ^4 M3 g( H* c        src: "{{ pkg_dir }}/{{ item }}"
; T4 K. Q1 @: u3 U, `        dest: ./
. A! [# F! j% h0 F0 c1 V3 s: x$ ~9 f      loop: "{{files.stdout_lines}}"  z: R9 ?3 j" S; W1 ]
      tags:
: b- |2 G9 j0 Z7 F/ j        - deploy
  i% u( T: O7 d
! u, C, X3 p+ }+ c5 j5 c- M3 {    - name: 传输 rpm 包到远程节点
# P' F- E1 s: f; W" |- L      when: inventory_hostname != download_host" I. G7 G; @' X! e& A' k$ \# [* t9 T# h
      copy:
  K- t8 R0 v5 \* `# F: j        src: "{{ local_pkg_dir }}{{ pkg_dir }}"1 Q7 |& X) ~' U9 j' t( C2 R( \
        dest: "/"3 i% Q3 T% q1 o& ]' Q$ r- L0 P
      tags:- R, c: N7 V4 s3 ~. J6 i
        - deploy
) X. Z3 {" s; x# {. j. `5 K; J
- K3 c! {6 ^# G; R8 X2 E8 [4 n    - name: 正在执行从本地安装软件包
5 l% Q, E1 I+ u6 r- U# h      shell:3 Y6 p2 s. L" ~5 x0 `
        cmd: yum -y localinstall *% W! j$ I: G- j
        chdir: "{{ pkg_dir }}"5 Z( g9 x0 Q8 Z0 l5 o8 K3 H/ T: ?
        warn: no
1 `+ x; H0 O+ ^6 C* j      async: 600
4 V* j0 L1 ^% B4 f9 Z, }+ |4 ~6 Q      poll: 0
5 v% s/ @* F' L/ R      register: yum_info
* u. T3 A3 x5 Z, V" M9 ~, f      tags:6 v- q7 u8 r0 X  U4 P: \; h
        - deploy( \  i8 U4 P8 M' S8 F3 a$ w
$ z, B# D& S# m- M0 s
    - name: 打印安装结果% n" p' g! k: O% ^% R# X
      debug: var=yum_info.ansible_job_id
% y2 ^' c% ~0 d  M0 c7 s5 ^. Q      tags:/ B: ^8 V2 T# M" q
        - deploy
) u5 D- V  w+ u& S1 K, g# f
9 x+ b6 x. e* O6 }# @2 n3 C0 ]$ s0 O* q& X  ~
# 查看kubernetes依赖的镜像
" {7 v$ t- B3 s$ D  ]8 E8 _3 f" Ckubeadm config images list4 ~! ~1 B2 ^! X- @
& l. I' l) e+ f( \: d4 B
# 不支持高可用的集群初始化
6 E. ]) @; a; M  p2 ^3 Y& Gkubeadm init --kubernetes-version=v1.20.4 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.9.29.112 --ignore-preflight-errors=Swap" f0 U4 C# K* f, w' U: {6 S
9 |& T  g! ~* a/ O* z% m$ k- {
# 支持高可用的集群初始化2 z1 F, U0 E: M- c# O3 S' L
kubeadm init --kubernetes-version=v1.20.4 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=masterIP --control-plane-endpoint=kube-lab  --ignore-preflight-errors=Swap --upload-certs
1 @+ Q8 j# b$ \; s; O
( A. R7 E2 V0 `3 s! \! |( h  a4 y* k$ n" Q
# 初始化成功后,会有以下信息,复制后直接在node节点使用即可加入集群( W, b. C2 u3 }  }
kubeadm join 10.9.29.112:6443 --token en6s67.08rnsg20dc5t8z4n \+ |& x' z" R  Y& c  U! p
    --discovery-token-ca-cert-hash sha256:7d034842b9ee7a6b17d9ce7088839f4570da1c61b29922f28e72b855c10003cc
1 N7 M* S3 D2 Q. I
# v! [3 h1 s! B$ {! C8 F; e# 如果是高可用,还会有一条,这个使用后会添加一个master进入集群- q9 I$ |8 l6 B& p! W6 H0 V
kubeadm join kub-lab:6443 --token s2ccws.tzb7v4olicidp032 \0 J1 {; X' c5 O+ @1 y
    --discovery-token-ca-cert-hash sha256:29a2b437f79c5e4958c3d73e6c64fe0a4df24f0f3bcabd5ced28392d7a882e10 \
1 R' D6 d& Z5 }  e' |    --control-plane --certificate-key c0a9a1c4a067b20dca95447f809d95c973220244c740a47f71d5302e0a759ea7
- s6 A1 m& Z( b, _5 k7 Y- J& d
) S5 w* J; {1 X! V' ~8 n
回复

举报

1320503165

70

主题

73

回帖

1201

积分

网站编辑

积分
1201
发表于 2024-9-14 11:01:25 | 显示全部楼层
cat > /etc/docker/daemon.json <<EOF
/ E0 V/ Y* F3 M{
9 b% N, s8 O9 [8 U' ^"registry-mirrors":[
1 d8 A/ ?' _) R" h% n6 e4 a3 t"https://docker.m.daocloud.io",: }3 w6 Q$ E" P! {- |# u3 W; D
"https://huecher.io",, v' S! `6 N: D, c
"https://dockerhub.timeweb.cloud",
% X/ R+ J! P) N. v& ^"https://noohub.ru",
1 ]" ~% r4 [3 h" e* d"https://docker.aws19527.cn") }; G$ `, f6 [3 _
]; R: d" Q2 B: I
}) \, O, f& A0 `3 m* j  R
EOF
回复

举报

1320503165

70

主题

73

回帖

1201

积分

网站编辑

积分
1201
发表于 2024-9-14 17:07:25 | 显示全部楼层
kubeadm init --apiserver-advertise-address=192.168.8.190  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.28.0 --service-cidr=10.177.100.0/12 --pod-network-cidr=10.233.0.0/16  --cri-socket=unix:///var/run/cri-dockerd.sock  
/ o( x) ^# e6 x) ~: O8 N- W; ~[init] Using Kubernetes version: v1.28.0
5 G& y! v+ K  {3 B1 t8 B[preflight] Running pre-flight checks
: t$ @' p; t  Z4 u[preflight] Pulling images required for setting up a Kubernetes cluster/ H: \$ o$ k3 z9 w
[preflight] This might take a minute or two, depending on the speed of your internet connection
. t7 v* ?4 `+ X) F2 t0 }  I  ]7 R[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'# ~/ k6 a- y2 e  }/ w! ^0 ^
W0914 17:05:50.073955    7690 checks.go:835] detected that the sandbox image "registry.k8s.io/pause:3.6" of the container runtime is inconsistent with that used by kubeadm. It is recommended that using "registry.aliyuncs.com/google_containers/pause:3.9" as the CRI sandbox image.$ {4 B" o; i7 V1 y) _# X
[certs] Using certificateDir folder "/etc/kubernetes/pki"
  M. T% V  B0 v4 K[certs] Generating "ca" certificate and key
& H/ A6 h; L2 [. t+ {[certs] Generating "apiserver" certificate and key9 W+ m& a3 `* e: P. X/ k
[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes-master kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.176.0.1 192.168.8.190]3 U6 B' h+ _$ ^" W8 [
[certs] Generating "apiserver-kubelet-client" certificate and key
1 }! g; O/ Z% A8 |  P[certs] Generating "front-proxy-ca" certificate and key3 R) N* F8 k9 U  D& ~) ?
[certs] Generating "front-proxy-client" certificate and key0 B, a4 D6 {" a2 W
[certs] Generating "etcd/ca" certificate and key2 A( c' @! O3 @+ z- k6 e- n
[certs] Generating "etcd/server" certificate and key9 d" X* t" j: x/ a
[certs] etcd/server serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]4 H* \* S+ C  N  b& q* j$ z! K
[certs] Generating "etcd/peer" certificate and key
" d# j' R* A! X- M$ b' l[certs] etcd/peer serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]
6 J$ \7 h* e% [$ r4 T. k0 Q: o[certs] Generating "etcd/healthcheck-client" certificate and key! z5 V' A1 w5 a+ r, k8 I. M
[certs] Generating "apiserver-etcd-client" certificate and key
  n8 B$ ]/ i: S' w9 u# g[certs] Generating "sa" key and public key4 R/ U0 d2 n! z0 @6 G' c4 A
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"& \" k3 E4 v7 h
[kubeconfig] Writing "admin.conf" kubeconfig file
; q+ M; V$ _- W& e[kubeconfig] Writing "kubelet.conf" kubeconfig file, d5 [3 ?+ c1 Q3 z# f! }* X5 Z
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
. y9 H: D! @' l( H% Y1 ^[kubeconfig] Writing "scheduler.conf" kubeconfig file  n+ W5 P3 R5 I/ G
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"' w8 I. s/ J8 _
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
: r5 }2 @: {1 T) ]" Z[control-plane] Creating static Pod manifest for "kube-apiserver"
0 v4 Q! ]! e6 l  m[control-plane] Creating static Pod manifest for "kube-controller-manager"
+ d* P: o- a. u, @1 Z[control-plane] Creating static Pod manifest for "kube-scheduler"+ \0 F) U, j- S. d: m
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
, b9 G$ W* X- i- a0 [8 d* @0 g[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"$ m8 W' q9 x4 N/ S: n+ s
[kubelet-start] Starting the kubelet
0 G) F7 T3 `: g[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s! {  k/ F' D  {% Q9 R
[kubelet-check] Initial timeout of 40s passed.
- g$ ^+ _3 u8 V. J6 }3 D: p4 M& X1 P
回复

举报

1320503165

70

主题

73

回帖

1201

积分

网站编辑

积分
1201
发表于 2024-9-15 10:54:27 | 显示全部楼层
[root@kubernetes-master net]# kubeadm init --apiserver-advertise-address=192.168.8.190  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.28.0 --service-cidr=10.177.100.0/12 --pod-network-cidr=10.233.0.0/16  --cri-socket=unix:///var/run/cri-dockerd.sock  
2 _% r4 S. s$ }8 O0 \( F[init] Using Kubernetes version: v1.28.0
5 n1 \8 a- w6 a, r) n[preflight] Running pre-flight checks
- o- Y, V, n4 t  ][preflight] Pulling images required for setting up a Kubernetes cluster
& x4 x( b) t3 N3 D. H8 s[preflight] This might take a minute or two, depending on the speed of your internet connection& M# R' p5 d! Y: e; g
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
% f. p) G' I0 @2 `3 T[certs] Using certificateDir folder "/etc/kubernetes/pki", b( I* I2 V3 p' h- r+ a5 G7 S
[certs] Generating "ca" certificate and key$ H. |) F- q7 H' \
[certs] Generating "apiserver" certificate and key
+ {6 H$ \1 Q9 M" _$ ]. ^: n3 ?[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes-master kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.176.0.1 192.168.8.190]
' d9 ?7 `" B6 U- l1 K[certs] Generating "apiserver-kubelet-client" certificate and key
& p5 Y' L2 b1 U[certs] Generating "front-proxy-ca" certificate and key
. f  h! a( I1 R% y[certs] Generating "front-proxy-client" certificate and key
* Z$ H/ a/ ^2 G$ z[certs] Generating "etcd/ca" certificate and key
2 N- N+ n! E* V  _[certs] Generating "etcd/server" certificate and key0 m( S* ]$ I. L& P$ w: z1 g
[certs] etcd/server serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]; O5 w  E" f2 p4 p& H  E# @
[certs] Generating "etcd/peer" certificate and key) O1 @) n$ G3 q8 v0 g. d& h( F7 c5 z
[certs] etcd/peer serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]% v8 \6 A) ~' d* C6 d$ N  q& I
[certs] Generating "etcd/healthcheck-client" certificate and key& @' |% r: k% p! q$ O' j. M
[certs] Generating "apiserver-etcd-client" certificate and key- g" c! ~) ~0 G* i
[certs] Generating "sa" key and public key
) }( M3 H6 k+ |, k" o$ k[kubeconfig] Using kubeconfig folder "/etc/kubernetes"& r/ s$ G5 U. T4 |' G
[kubeconfig] Writing "admin.conf" kubeconfig file% G& z, R$ z8 _( z; Q# E  Z- E
[kubeconfig] Writing "kubelet.conf" kubeconfig file
! @* Y5 L. I- l) C- n[kubeconfig] Writing "controller-manager.conf" kubeconfig file) r2 r1 {" C5 Q6 f2 J
[kubeconfig] Writing "scheduler.conf" kubeconfig file
, a" _# F) E  S& S9 J4 ?[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
& k/ V+ @$ Z8 N: Z# ~[control-plane] Using manifest folder "/etc/kubernetes/manifests"
/ W' r: ]5 Y7 i, X$ y' t  `[control-plane] Creating static Pod manifest for "kube-apiserver"
) V, s4 {: P  ?7 m[control-plane] Creating static Pod manifest for "kube-controller-manager"
) S& k2 U" `" d[control-plane] Creating static Pod manifest for "kube-scheduler"+ J9 W' V" W9 r% x$ }; y
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
2 C7 W6 K) [( U5 W) h0 b! K[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"8 w/ e! c( }+ p9 o; |
[kubelet-start] Starting the kubelet2 j5 }/ u8 [2 ]. t  g
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s" Y3 }7 O) F# ?1 r* f0 d4 l
[apiclient] All control plane components are healthy after 17.005335 seconds
3 C4 ?% N. f1 R[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
8 {) g6 \* P1 `1 U/ ]% Q[kubelet] Creating a ConfigMap "kubelet-config" in namespace kube-system with the configuration for the kubelets in the cluster
" ^3 f7 }7 T4 R/ U9 \[upload-certs] Skipping phase. Please see --upload-certs& i. h9 ^3 t, |: U5 ~! @1 O/ ^
[mark-control-plane] Marking the node kubernetes-master as control-plane by adding the labels: [node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]
1 x7 Z1 z6 a% Z+ e5 x[mark-control-plane] Marking the node kubernetes-master as control-plane by adding the taints [node-role.kubernetes.io/control-plane:NoSchedule]
+ m2 t) Q: e/ e& f! C[bootstrap-token] Using token: ajiqtj.xwpscuol7csse0d9" y4 Y# X( ?$ G6 f8 z! K9 o
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
6 p) U# S; h% s" R; I2 v% i" {+ Q[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes  ]. v( l" f8 [" a. l6 l/ m0 i
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
" {9 |- l- x- B7 ]0 p- c[bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
5 h6 E+ r  Q- q[bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster$ }; V) B9 t' {; s3 k5 f, v
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace6 Z: V) a( j! H2 a- ^6 U
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key+ T" W/ ]# C% f# z( Z
[addons] Applied essential addon: CoreDNS' y, o/ S) D  t+ w3 |
[addons] Applied essential addon: kube-proxy3 O4 ?3 ?2 A9 `( Z% i7 c7 V4 Q

- X  u0 e+ Q/ S; x( g, XYour Kubernetes control-plane has initialized successfully!& v* k# T$ F8 ]5 y7 n

8 m9 L& e2 J9 s: ~  P( q' mTo start using your cluster, you need to run the following as a regular user:
3 r8 y# W9 Y3 g! D# n, o
9 e$ v9 w1 d9 V  mkdir -p $HOME/.kube7 H/ e9 o3 A) w2 M, n1 |* N* L/ W
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
' D* X$ g! |! C( V2 w# a4 G/ P  sudo chown $(id -u):$(id -g) $HOME/.kube/config
, g5 ^% N! O9 H0 o' G, w; W
/ ]( D& ^8 A+ i/ g+ a8 Y2 ^Alternatively, if you are the root user, you can run:. h/ W8 u9 R2 e2 b3 y, J- E
7 Z7 P0 O# O- Z8 c/ Q! N, w$ a$ F
  export KUBECONFIG=/etc/kubernetes/admin.conf. E0 d* B' Q7 O6 B9 V& e9 r
8 @( C/ G: P) E9 y" d
You should now deploy a pod network to the cluster.1 R3 ~. Z. @3 C2 L( r, Z7 s% g6 _
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
) g# r: r7 i  `3 A  |/ }  https://kubernetes.io/docs/conce ... inistration/addons/
$ ]! W9 [* N8 H  e! E- ~! K
" L: q) \8 E9 z! w+ XThen you can join any number of worker nodes by running the following on each as root:
9 z! ^, V2 \+ p. v' e' n8 u8 w
7 v) L3 n+ e% W; ~8 skubeadm join 192.168.8.190:6443 --token ajiqtj.xwpscuol7csse0d9 \
( Q' ]& Q2 K' W2 \        --discovery-token-ca-cert-hash sha256:87ab51d4f77f290e00c0060990eb5efa886752e39b2e74721d96d2c41bb92699 * R2 S0 \; x8 i
[root@kubernetes-master net]# 5 E6 N/ p) [, d8 W5 ^4 V' ~
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-15 15:03:28 | 显示全部楼层
# 安装ipset和ipvsadm
5 w- f7 e& `; Y, g2 A        yum install ipset ipvsadmin -y2 p( h  \- @# X
# 添加需要加载的模块写入脚本文件% u) t% }* E3 Z% p$ \% b- G! u- u# P
cat <<EOF > /etc/sysconfig/modules/ipvs.modules
; P1 Z2 ?0 a4 {#!/bin/bash% `1 G- g  P# q- x3 ]1 B
modprobe -- ip_vs7 ^( Z4 h( W# a+ O+ D: d; a
modprobe -- ip_vs_rr
- I- `# Y0 _% x/ ]3 wmodprobe -- ip_vs_wrr/ o# q  `& a4 R: q7 s
modprobe -- ip_vs_sh; ?- @: O' x) |( f8 k: c
modprobe -- nf_conntrack_ipv4
8 r) n& A: F+ x  o, cEOF
. S: J' l1 h  W3 n3 W# 为脚本文件添加执行权限! m/ e5 F0 i$ u$ ?3 v5 Q
        chmod +x /etc/sysconfig/modules/ipvs.modules& I& I' E8 V- n/ N; ?
# 执行脚本文件
" v7 e. x7 I7 w; C; _, d9 o1 u         /bin/bash /etc/sysconfig/modules/ipvs.modules5 M' K) E0 g+ T4 @
# 查看对应的模块是否加载成功
2 S/ V, X/ k' H        lsmod | grep -e ip_vs -e nf_conntrack_ipv4
' P. T9 G! A0 I/ ?0 v% T
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

返回首页|Archiver|手机版|小黑屋|易陆发现技术论坛 ( 蜀ICP备2026014127号-1 )

GMT+8, 2026-6-12 00:32 , Processed in 0.037411 second(s), 32 queries .

Powered by Discuz! X5.0

© 2001-2026 Discuz! Team.

快速回复 返回顶部 返回列表