|
|
楼主 |
发表于 2024-12-29 21:22:14
|
显示全部楼层
[root@k8s-master ~]# kubeadm config images list/ y3 M% R! h7 r7 [: z
I1229 21:16:13.799696 2756 version.go:256] remote version is much newer: v1.32.0; falling back to: stable-1.28" t# Y0 u. L; Q$ o; y9 N- S
registry.k8s.io/kube-apiserver:v1.28.15
. A" s: A4 z5 ^3 d- c: J0 fregistry.k8s.io/kube-controller-manager:v1.28.151 W4 { C- t0 r2 p1 c: R. A: _
registry.k8s.io/kube-scheduler:v1.28.15
8 c o& r5 G! c0 w0 qregistry.k8s.io/kube-proxy:v1.28.152 P" }0 `' x* ^# S" c
registry.k8s.io/pause:3.9 r* d3 k# E' b7 y: q) z2 H
registry.k8s.io/etcd:3.5.9-0
( N6 w' t; N3 q' O Rregistry.k8s.io/coredns/coredns:v1.10.10 q# f5 s4 D( j% {) v% J
[root@k8s-master ~]# kubeadm init --apiserver-advertise-address=192.168.8.190 --node-name=k8s-master --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.28.2 --service-cidr=192.182.22.0/20 --pod-network-cidr=192.172.21.0/20 --cri-socket=unix:///var/run/cri-dockerd.sock
: N: t. N7 b' a- l[init] Using Kubernetes version: v1.28.2* j8 ^1 |7 Y9 l$ l
[preflight] Running pre-flight checks1 H- \5 Y2 C6 q1 P! J9 ]! Q
[preflight] Pulling images required for setting up a Kubernetes cluster
7 ]$ c- Y, s) T1 t% r" J[preflight] This might take a minute or two, depending on the speed of your internet connection
) d4 O# r* {3 M8 p* U) u[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'0 ?( C( T9 Z- j
[certs] Using certificateDir folder "/etc/kubernetes/pki"
2 t6 ~* y9 `, w: Y4 T[certs] Generating "ca" certificate and key
+ T' X, h* `2 c[certs] Generating "apiserver" certificate and key6 s9 v5 T4 k( @! e% ?) K" w
[certs] apiserver serving cert is signed for DNS names [k8s-master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [192.182.16.1 192.168.8.190]
% Y, s' x9 q" v, ?) R- U+ n! n[certs] Generating "apiserver-kubelet-client" certificate and key( @2 ~ V4 b& E, l* \3 a& _' S
[certs] Generating "front-proxy-ca" certificate and key& b9 Z! Y0 U+ V8 `
[certs] Generating "front-proxy-client" certificate and key) e/ _- ~- f8 P& J. h! E) t/ d: A! c
[certs] Generating "etcd/ca" certificate and key
7 G6 Z+ i$ ~ a; D1 \[certs] Generating "etcd/server" certificate and key
5 l! P9 {8 W- A* Q4 }[certs] etcd/server serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]
9 n* r( I* `$ s! ^; o[certs] Generating "etcd/peer" certificate and key
" W4 X# {9 K% s8 Q, }[certs] etcd/peer serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]
3 c7 I' F2 D# F/ u8 q6 O[certs] Generating "etcd/healthcheck-client" certificate and key
+ ?2 s3 a7 h. S, A/ a2 E; F[certs] Generating "apiserver-etcd-client" certificate and key
+ D0 l- N6 y+ ^' a0 Z% N9 n[certs] Generating "sa" key and public key
4 ?' C& W; W. A V6 \! w# c[kubeconfig] Using kubeconfig folder "/etc/kubernetes"# u% Z' y4 G5 h$ u" g
[kubeconfig] Writing "admin.conf" kubeconfig file* f, ~0 i( [* M3 ^2 V3 r- j6 Z: P: i
[kubeconfig] Writing "kubelet.conf" kubeconfig file/ z% B+ ]) |4 n
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
. ?* H. |6 B2 N( X4 r[kubeconfig] Writing "scheduler.conf" kubeconfig file4 L/ E' [7 E5 R+ N7 z% u4 p
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"# M! Z8 O+ {8 |$ {9 H1 t
[control-plane] Using manifest folder "/etc/kubernetes/manifests"0 V9 T! A W- |4 `; j! k6 ?. g- }4 c
[control-plane] Creating static Pod manifest for "kube-apiserver"/ J" v2 G6 x4 i3 s. Q3 F5 Z$ T$ K
[control-plane] Creating static Pod manifest for "kube-controller-manager"
. Y' w, G, i8 k# N( k[control-plane] Creating static Pod manifest for "kube-scheduler"
" B" Z, ^3 d# [* B0 z[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"9 R3 ]0 O1 {! c3 h+ Z J k
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"! E0 [4 ~; j) k C' ]% B
[kubelet-start] Starting the kubelet! k2 C) H+ E) i% o2 C9 a
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
9 G! p0 C) ? ^[apiclient] All control plane components are healthy after 10.503849 seconds9 m, B; D, {0 ~) q. D2 Y" N+ f
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace; k% C4 E' ?; \1 b
[kubelet] Creating a ConfigMap "kubelet-config" in namespace kube-system with the configuration for the kubelets in the cluster
3 ?7 M% G; C! ]/ v: Q[upload-certs] Skipping phase. Please see --upload-certs
" W t( K; D" x6 }0 S9 e& T[mark-control-plane] Marking the node k8s-master as control-plane by adding the labels: [node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]3 {$ M& f/ L. [ n. L; `* d
[mark-control-plane] Marking the node k8s-master as control-plane by adding the taints [node-role.kubernetes.io/control-plane:NoSchedule]
9 R3 D. f% |: h6 x& o. a[bootstrap-token] Using token: gz21hk.okzfsa63qkqquxwr
/ _, @1 e- i! N9 c7 @4 j0 Q, ?) L[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles( q9 F- X7 S6 ^, @" K5 M& b: \
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes8 r- L2 U% c9 U2 O
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
1 X3 O7 ~# f3 u& _8 s/ N[bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token. O, t& ?6 g( i$ E$ L
[bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster: [! C: f! e0 h9 l
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
3 a- o% E- t) N. [3 ] C* B: c[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
2 W2 w5 L6 m2 z" }[addons] Applied essential addon: CoreDNS/ }7 V, u, H( _: q3 I; i! M
[addons] Applied essential addon: kube-proxy6 t3 q4 T& k7 m p
" z; E4 Y& H: n7 FYour Kubernetes control-plane has initialized successfully!. r+ A2 b) `+ P# j) U+ P% u, Y* i
8 K6 v" f5 n) B& U) ]( L4 R) _, oTo start using your cluster, you need to run the following as a regular user:
$ _5 ?' B ]0 M, s8 H3 f h J% \8 |" z
mkdir -p $HOME/.kube
/ t5 d( \8 W3 \( j sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config9 _+ c4 ?0 n1 J9 w* z3 Y
sudo chown $(id -u):$(id -g) $HOME/.kube/config. {+ ~$ q' l* [" H( e. W
9 \$ [* F- \! {Alternatively, if you are the root user, you can run:( G, w( D! m( d( n& ?4 p+ r
2 F9 E, F* k: ^: }9 |
export KUBECONFIG=/etc/kubernetes/admin.conf0 z; r' [3 m7 F7 l4 @
9 b) ^+ K% w, h, i- u4 ^+ t( S) gYou should now deploy a pod network to the cluster.
( b2 W e$ J# j. JRun "kubectl apply -f [podnetwork].yaml" with one of the options listed at: [7 o' B6 Q( W2 {6 w+ H
https://kubernetes.io/docs/conce ... inistration/addons/
3 L9 x N; i2 J' w! T/ k; r/ _" X) C+ G; w: O: q" p+ A" ~
Then you can join any number of worker nodes by running the following on each as root:4 r! {6 V0 A }& T
+ D5 D/ ]; a7 B5 w% H/ P# @' C
kubeadm join 192.168.8.190:6443 --token gz21hk.okzfsa63qkqquxwr \
1 L6 m, t: l( E, z3 V* ? --discovery-token-ca-cert-hash sha256:5aeba3bb6d94b76440997cbc4ee9c2ef8a791211a7da0abb39a75142a040bc00 M0 W j- @$ J! F$ b; ~
|
|
发表于 2024-12-29 21:21:46