浏览此站
联系我们相册切换到窄版 Language

 找回密码
 注册
易陆发现论坛»论坛 docker社区 docker社区 部署k8s集群步骤 kubernetes实施步骤
返回列表 发新帖
查看: 70|回复: 9

部署k8s集群步骤 kubernetes实施步骤

[复制链接]
admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
发表于 2024-9-2 15:00:03 | 显示全部楼层 |阅读模式
购买主题 本主题需向作者支付 5 金钱 才能浏览
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-6 17:37:32 | 显示全部楼层
kubernetes的yum源
4 i; p* y2 _+ R9 }( C+ E2 ^cat > /etc/yum.repos.d/kubernetes.repo <<EOF
  W7 y: O& }2 d8 I( Z; _" u[kubernetes]8 I; ~! a& ^: ~- C5 |/ |
name=kubernetes
& o. M6 p, [6 D+ V# g- M- a5 Y- mbaseurl=http://172.24.21.35/centos/kubernetes/( m+ |. }% z0 U; {- t0 `
gpgcheck=07 d; d% v3 N$ w' L. z$ _- a
EOF+ c  {. _9 [# y$ b8 s- ~
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-9 10:37:01 | 显示全部楼层
kubeadm init --apiserver-advertise-address=172.24.21.55  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.28.0 --service-cidr=10.177.100.0/12 --pod-network-cidr=10.233.0.0/16  --cri-socket=unix:///var/run/cri-dockerd.sock [init] Using Kubernetes version: v1.28.0 [preflight] Running pre-flight checks         [WARNING Firewalld]: firewalld is active, please ensure ports [6443 10250] are open or your cluster may not function correctly         [WARNING HTTPProxy]: Connection to "https://172.24.21.55" uses proxy "http://172.24.118.199:3128". If that is not intended, adjust your proxy settings         [WARNING HTTPProxyCIDR]: connection to "10.177.100.0/12" uses proxy "http://172.24.118.199:3128". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration         [WARNING HTTPProxyCIDR]: connection to "10.233.0.0/16" uses proxy "http://172.24.118.199:3128". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration         [WARNING Hostname]: hostname "k8s-master" could not be reached         [WARNING Hostname]: hostname "k8s-master": lookup k8s-master on 114.114.114.114:53: read udp 172.24.21.55:51870->114.114.114.114:53: i/o timeout [preflight] Pulling images required for setting up a Kubernetes cluster [preflight] This might take a minute or two, depending on the speed of your internet connection [preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-9 10:42:18 | 显示全部楼层
--apiserver-advertise-address   #声明监听ip地址
% v0 p3 }# m0 a. u" v% ] --image-repository registry.aliyuncs.com/google_containers     #指定仓库
$ B9 S4 \5 r/ o+ U4 |% D! T--kubernetes-version   指定k8s的版本3 t% M. w2 v5 j8 h1 K
9 |* u. x& N' q& K  Q/ E1 l: m
--service-cidr=10.177.100.0/12   #service网段
- @3 u, E3 ~( Q% Q  `. p--pod-network-cidr=10.233.0.0/16    #pod网段
5 ~( }1 c  j7 l4 \  @0 g--cri-socket   指定docker的中间链接软件5 a; v0 u. ^0 Y" k9 L+ n7 {/ Q
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-10 15:57:57 | 显示全部楼层
--kubernetes-version=v1.17.2: C6 H3 f  ?8 t, k. U" o
, q& }1 Y% k. V: a& H8 b8 ^
版本号,根据自己的情况更改,一般应该和 kubeadm 的版本一致
- S3 J1 q6 D4 o9 Z$ B+ w6 M: I
# D2 `- i4 b" J通过如下命令获得3 S! w& p5 \' u; m3 c4 J
+ }9 g0 O3 E. h& o
kubeadm version
) @& Y* S8 I+ V/ K! Q8 l  H! }7 ], [' |0 C3 }& ^. [4 _
输出的 GitVersion:"v1.20.4" 就是版本号了
# H. ~3 M- X5 ?- J/ m) l' M' B0 y& {- W: K# B6 y: _( ~3 w$ r
--pod-network-cidr=10.244.0.0/16
5 y2 i8 a2 }  ]7 ^' ]. L0 z! @/ Y# T5 e! U
​ pod 使用的网络,可以自定义,这个根据自己的情况修改,不修改也可以7 C- R! F, I4 E3 e! p5 ~
" }: M, o3 x8 u
​ 好像是固定的" L/ h  Q8 u/ _2 g  P
) w& k) x7 K/ L1 \6 N1 f2 @+ p
--apiserver-advertise-address=192.168.1.200
3 S3 {  m$ @5 f& Y$ w3 R1 C2 P​ master 节点的有效 IP 或者可以被解析的 DNS 名称,需要是 master 节点的有效网卡地址,比如 ens33, eth0 等。
; a  B7 i) ~) H) i
: M( n! i! Y, X. D% F3 i--ignore-preflight-errors=Swap% J1 O3 C6 s, j* C' y8 e
​ 忽略检查 Swap 时候的报错% |! d, _! _! I% c
' y, _& S% @: F  m
--control-plane-endpoint
2 U/ @& l# J7 |; T+ |: t+ G. M! Q  ^: O8 d9 u9 d( v8 N
负载均衡的地址,支持dns解析名或者IP,添加该选项后支持高可用,如果使用dns 记得该dns一定要可以被解析
5 [- z' K8 g6 Z4 S4 @+ b1 X3 O
7 _0 `/ V8 c( o2 k6 B) L! `--upload-certs
4 a$ }6 I2 w6 E- d" Z, \; n& j. G( P& t* b# Q
配合高可用使用,可以自动上传证书
' f! t+ U1 @. g  @. w% x  w& {/ m
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-10 17:12:32 | 显示全部楼层
vim deploy-kubeadm.yml
+ r/ [, Z$ ^$ i) G2 }0 R3 {) m---
- Y% a0 Q( i( O: a" V8 |$ j" |- name: Deploy  kubeadm  kubelet kubectl
) J* y8 n+ U4 S0 t  y, t  hosts: k8s6 s- Q' x& J4 g- G  G
  gather_facts: no* g$ z- m! v1 x, }$ K+ B7 E
  vars:/ L, t" B: |% v- {1 ~# z
    pkg_dir: /kubeadm-pkg8 q. ~% r7 ?7 A& Q
    pkg_names: ["kubelet", "kubeadm", "kubectl"]
, c9 T- d. i( j( r- \5 x8 Q# |! @) @# h2 T% S& w# w) ^6 S5 [
    # 变量 download_host 需要手动设置
' A, A8 f1 P: Z. ?4 f3 R$ f! m; T    # 且值需要是此 playbook 目标主机中的一个
* F& U6 Q4 f( S- J1 j( b. l; f/ y$ n    # 需要写在 inventory 文件中的名称
" N, J! \1 ^6 n0 @- C    download_host: "master"
3 u0 A; Q4 ]/ ]    local_pkg_dir: "{{ playbook_dir }}/{{ download_host }}"$ r+ r5 j/ y- k: {# b/ v! I

  D$ m0 q& o: M: |& \" m) o  tasks:, j+ ?9 w  E) O6 q: Y& o
    - name: 测试使用 -e 是否设置并覆盖了变量
/ E$ c" e& N, S      debug:9 p& b- ]- W2 K" j% n3 B
        msg: "{{ local_pkg_dir }} {{ download_host }}"
# Y+ k7 i/ K- x" g, x- H3 q      tags:: h1 F* \# h  m4 T/ e7 `* C; u
        - deploy4 }8 P% b# s( W8 F8 p+ R
        - test# w6 t6 W" K8 Y' r: X- N7 p3 M
  Z& b" o* Y0 [& i' R
    - name: "只需要给 {{ download_host }}安装仓库文件"- M( I( i) G+ I. P7 e7 u
      when: inventory_hostname == download_host" r1 L8 h. E1 Y6 `" O
      copy:5 D" b& ~% Y1 H# z4 i) @
        src: file/kubernetes.repo( p$ e- K+ W5 n
        dest: /etc/yum.repos.d/kubernetes.repo
( g* ^- o2 }! P& a% @      tags:
# M5 R3 G6 ]5 ~        - deploy3 G0 Q2 S3 [% e) x7 L$ X
1 {5 d' A  t6 J- i1 ?) A+ d
    - name: 创建存放 rmp 包的目录2 j+ m: h- O9 e  n* A5 I- g
      when: inventory_hostname == download_host' ^2 c- r. O* o" l! v1 b( d9 z0 h% `
      file:
. A- Q% W% {- s% N- K* c' ?        path: "{{ pkg_dir }}"
; T5 U; C$ o8 Q" S, w/ h, _        state: directory
, t" H: n1 w: }4 p      tags:
4 ?6 z) `4 G6 f5 t& u4 G% R% X        - deploy
* k, {8 e* G+ Z* ?8 @+ a4 u2 r0 w. i
    - name:  下载软件包
5 Y: s4 }% n3 H' A; ?7 Z& E: Z1 |      when: inventory_hostname == download_host
% E9 H* ]8 t8 ]( C: }6 y% s/ e      yum:
: b( X' |( n# U        name: "{{ pkg_names }}"
1 C, ^1 a7 L4 C8 }' j( s. h        download_only: yes; w5 |5 f- p6 z% V4 P. \
        download_dir: "{{ pkg_dir }}"
. M" \0 t$ Z2 \5 j$ y) n% W$ k      tags:
% X- i' J6 Y! c- {8 `% T2 r        - deploy
4 u, ~% v9 {2 D! H4 {* g( S1 G+ J
    - name: 获取下载目录 "{{ pkg_dir }}" 中的文件列表
. J/ X1 @/ _' y8 F; Y9 J      when: inventory_hostname == download_host
6 Y3 i6 B7 h& H5 k6 w      shell: ls -1 "{{ pkg_dir }}"6 A. D6 o0 r# ^- P7 i  _
      register: files
+ X1 N, U9 L- w+ @      tags:
& i9 w+ {- w( M& h        - deploy
1 v( y0 ]. _- L% ?3 f& x8 i8 X+ T0 A
    - name: 把远程主机下载的软件包传输到 ansible 本地9 i7 n" D3 A" M* T! {, g
      when: inventory_hostname == download_host
  w; e2 K* {$ V/ V      fetch:
; I4 p8 w$ z- \  ~+ d        src: "{{ pkg_dir }}/{{ item }}"# B/ v& _( T2 l+ _6 }, L! w* u1 q
        dest: ./
& D$ X3 L& U8 t* |+ O% P% D; a      loop: "{{files.stdout_lines}}"
* }# j- W8 q" ]2 _4 `$ o      tags:" v* ]5 A4 Z# k* w4 j
        - deploy; W+ f1 d6 `0 b% w# a( a* \  [9 _& Q

6 C+ z: s2 b+ S0 W) I; e    - name: 传输 rpm 包到远程节点5 }- ]5 x; j- u/ ]& C2 M
      when: inventory_hostname != download_host0 S2 S( M  F8 R' i
      copy:. e8 W- \# o; U! b
        src: "{{ local_pkg_dir }}{{ pkg_dir }}"
1 C/ T2 ^, _5 `, t        dest: "/"
* u8 c  n4 n+ q/ M      tags:2 H* P7 R5 z6 }# W) U
        - deploy
6 }4 c* r, H3 o, F% V4 T, b5 ?0 b  j& c: m5 R4 D: ]) X& X4 R: O
    - name: 正在执行从本地安装软件包
6 c. X) T" x; ?; b3 n      shell:
' F0 n2 v) C3 ]6 |$ {1 ?        cmd: yum -y localinstall *
; e0 Z0 _9 Z+ f1 J/ J        chdir: "{{ pkg_dir }}"* s3 l* w8 F2 W2 l' e5 h
        warn: no9 e' c  g' R# w
      async: 6001 f* b4 {+ R; j- A' O5 k( N* Y
      poll: 03 a$ s3 [! q) h0 A
      register: yum_info
) ?+ Y! E' ?! [* \      tags:
  `" }; a% }9 N7 F/ Z        - deploy
3 Z* m7 |0 }* s2 x5 ?5 ^( b) \, U  p
0 @& Q9 @; N5 O: Q    - name: 打印安装结果! C/ N9 d8 e$ {8 z
      debug: var=yum_info.ansible_job_id7 f) N2 H4 H9 ^; ?1 O; \
      tags:3 ~' L4 p8 D: D  ]0 w9 C
        - deploy
8 b9 H) u: _! ^: C& T
8 p; V( I' y+ H- \  W  }2 w' S7 r( a% N
# 查看kubernetes依赖的镜像
3 H# A7 {. W! M) P) Nkubeadm config images list
9 v) {+ m  t5 N) p5 L$ E! d% o  g' t4 I: X
# 不支持高可用的集群初始化1 d& `- D; X) d# g6 Y0 k) T2 y
kubeadm init --kubernetes-version=v1.20.4 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.9.29.112 --ignore-preflight-errors=Swap
+ _# E2 B  T* w  g: h
6 P" q! o- D4 ]0 A) C9 Y/ ]# 支持高可用的集群初始化8 m  S! C# r! ~  G. D2 i8 S3 D, k2 h
kubeadm init --kubernetes-version=v1.20.4 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=masterIP --control-plane-endpoint=kube-lab  --ignore-preflight-errors=Swap --upload-certs
- N: m- w0 i& t& a: l9 n0 q' W5 G  o  m: \4 r: A
; V$ |: e9 S/ N
# 初始化成功后,会有以下信息,复制后直接在node节点使用即可加入集群! M& ^( E* ~; B' a, I
kubeadm join 10.9.29.112:6443 --token en6s67.08rnsg20dc5t8z4n \
  Q" r7 p6 P$ \, U6 Z7 c* l    --discovery-token-ca-cert-hash sha256:7d034842b9ee7a6b17d9ce7088839f4570da1c61b29922f28e72b855c10003cc ! A# l- g$ f- }( @5 Y$ X% r
; {/ J3 P: Y7 W
# 如果是高可用,还会有一条,这个使用后会添加一个master进入集群+ \% a4 B; a6 H: J' ]
kubeadm join kub-lab:6443 --token s2ccws.tzb7v4olicidp032 \
+ o" X) U  ?6 w8 F    --discovery-token-ca-cert-hash sha256:29a2b437f79c5e4958c3d73e6c64fe0a4df24f0f3bcabd5ced28392d7a882e10 \
; }* G2 t- G2 @2 p+ d1 y    --control-plane --certificate-key c0a9a1c4a067b20dca95447f809d95c973220244c740a47f71d5302e0a759ea7
% h! ]4 h( m2 L/ u% O; w7 W7 Z
  r$ C3 N2 T; [$ O# y
回复

举报

1320503165

70

主题

73

回帖

1201

积分

网站编辑

积分
1201
发表于 2024-9-14 11:01:25 | 显示全部楼层
cat > /etc/docker/daemon.json <<EOF- b6 U5 F2 g+ |+ i( p
{5 E& l4 @. s- R6 d
"registry-mirrors":[
. ?& d, x8 W) g6 W" S"https://docker.m.daocloud.io",! }$ f# O+ b, e0 U- D4 b
"https://huecher.io",, h- J( Z0 `/ ~1 G0 m/ s
"https://dockerhub.timeweb.cloud",
9 j8 D4 q. \! X" P"https://noohub.ru",
$ g3 V* c9 w3 f% \; `$ A"https://docker.aws19527.cn"  g: ~$ N1 J% B6 W+ e
]
* O0 S; E3 B" R0 l}4 n$ G3 @8 S  F/ C
EOF
回复

举报

1320503165

70

主题

73

回帖

1201

积分

网站编辑

积分
1201
发表于 2024-9-14 17:07:25 | 显示全部楼层
kubeadm init --apiserver-advertise-address=192.168.8.190  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.28.0 --service-cidr=10.177.100.0/12 --pod-network-cidr=10.233.0.0/16  --cri-socket=unix:///var/run/cri-dockerd.sock  
* C1 w% w# d- n# w# c" W[init] Using Kubernetes version: v1.28.00 p! w* j6 i6 i# R2 t: P
[preflight] Running pre-flight checks
: h% q) `: Z  }  D0 v! N. Z1 J[preflight] Pulling images required for setting up a Kubernetes cluster1 i* d. Z( t. f+ R
[preflight] This might take a minute or two, depending on the speed of your internet connection
- Z0 O& E) C/ u5 K# B& P, b[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
9 f0 h( |3 e: g9 k0 MW0914 17:05:50.073955    7690 checks.go:835] detected that the sandbox image "registry.k8s.io/pause:3.6" of the container runtime is inconsistent with that used by kubeadm. It is recommended that using "registry.aliyuncs.com/google_containers/pause:3.9" as the CRI sandbox image.! p6 ^, f- N# W$ _" ~
[certs] Using certificateDir folder "/etc/kubernetes/pki"( m# b3 i/ k" b' w" _/ A5 C
[certs] Generating "ca" certificate and key
8 u1 m  s% h) c4 f6 l[certs] Generating "apiserver" certificate and key2 F. Z! I: r- `( P- ]
[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes-master kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.176.0.1 192.168.8.190]
. I8 K: \$ h+ X) l8 Z[certs] Generating "apiserver-kubelet-client" certificate and key
" _" @' s# Y3 @7 {/ z" k[certs] Generating "front-proxy-ca" certificate and key
9 ]0 \" y( q, |8 ^( w$ U7 f[certs] Generating "front-proxy-client" certificate and key6 r+ I% o/ v4 I4 |
[certs] Generating "etcd/ca" certificate and key, E1 p6 X9 N. H/ S
[certs] Generating "etcd/server" certificate and key
# e1 m6 _8 k9 R3 }[certs] etcd/server serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]
& T  e! ?# s0 G, \6 h2 K0 M8 _. }[certs] Generating "etcd/peer" certificate and key! x: A; m! |! k2 z; D, f. N
[certs] etcd/peer serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]0 Y& i+ j$ O+ X; b( l2 p
[certs] Generating "etcd/healthcheck-client" certificate and key$ c1 l7 S2 i6 L) W: e  }
[certs] Generating "apiserver-etcd-client" certificate and key
; i3 r) K; q, \8 }[certs] Generating "sa" key and public key7 E% d9 c3 i1 v- x' E* m6 k
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"* ^1 D& g: ~9 s2 P, Q: Q0 v
[kubeconfig] Writing "admin.conf" kubeconfig file
7 \$ u1 U5 u- i/ y% |[kubeconfig] Writing "kubelet.conf" kubeconfig file
" n+ b& K5 {3 [- }/ O7 _[kubeconfig] Writing "controller-manager.conf" kubeconfig file
, z/ A$ p+ }) E$ I+ ~5 P( ]$ S[kubeconfig] Writing "scheduler.conf" kubeconfig file
  A: w  p# k6 |' n( Q$ m$ b- J2 T[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests", q# c" @+ Q, e" d) I- n) ]7 N3 ?3 U
[control-plane] Using manifest folder "/etc/kubernetes/manifests"! F' p' D& e; y7 X8 \3 o4 N
[control-plane] Creating static Pod manifest for "kube-apiserver"
, W7 F9 A  R  ~7 t) P! q" T[control-plane] Creating static Pod manifest for "kube-controller-manager"
0 p2 I/ V6 |; ~3 S% c) n' [[control-plane] Creating static Pod manifest for "kube-scheduler"* }+ H/ r1 Q3 e* w: U" F
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"5 V: _' d. S5 W+ S' h8 n0 h
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"$ _9 @+ F4 a7 d1 L3 ?4 Q
[kubelet-start] Starting the kubelet
& o1 T, ~0 j/ e0 B7 Q# O[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s7 m* ?& O( [* ?! t
[kubelet-check] Initial timeout of 40s passed.
  }  X) Q& a) p$ @
回复

举报

1320503165

70

主题

73

回帖

1201

积分

网站编辑

积分
1201
发表于 2024-9-15 10:54:27 | 显示全部楼层
[root@kubernetes-master net]# kubeadm init --apiserver-advertise-address=192.168.8.190  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.28.0 --service-cidr=10.177.100.0/12 --pod-network-cidr=10.233.0.0/16  --cri-socket=unix:///var/run/cri-dockerd.sock  " p$ }3 {5 u# M0 x$ L, b
[init] Using Kubernetes version: v1.28.0  X8 j  [0 x  e9 J1 b
[preflight] Running pre-flight checks5 }# E2 @4 V  |0 ~  z7 N2 Y$ q
[preflight] Pulling images required for setting up a Kubernetes cluster) ?9 j6 d( Q1 ^. f! s2 t
[preflight] This might take a minute or two, depending on the speed of your internet connection& C; Z& d1 E5 w) A4 s
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
$ q$ @/ z- c+ t9 m3 J' S[certs] Using certificateDir folder "/etc/kubernetes/pki"* S& E% K; f8 p5 U
[certs] Generating "ca" certificate and key
: [7 b. ]+ e( h[certs] Generating "apiserver" certificate and key
+ k) O# h1 A6 A[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes-master kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.176.0.1 192.168.8.190]
. Y4 @  q6 F& t2 v* v1 v* L[certs] Generating "apiserver-kubelet-client" certificate and key) U5 r% i  K7 v! x; w$ I$ i
[certs] Generating "front-proxy-ca" certificate and key1 f6 u$ A8 z) {0 W8 q
[certs] Generating "front-proxy-client" certificate and key
2 C2 O1 i  {9 a7 n0 q; \[certs] Generating "etcd/ca" certificate and key  B. v* o. G0 G/ e9 x& x, H
[certs] Generating "etcd/server" certificate and key
, O! C) t- f+ [' m8 v, ^0 z; F0 u: U' @9 Y[certs] etcd/server serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]
0 B- U8 {% z2 }[certs] Generating "etcd/peer" certificate and key' \. C* L! j0 a3 ?5 x( L' I
[certs] etcd/peer serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]
# `' u0 H# i3 a/ _[certs] Generating "etcd/healthcheck-client" certificate and key
9 E) U8 G6 k. c7 D) b1 F5 A& U[certs] Generating "apiserver-etcd-client" certificate and key
; S; i5 a( ^2 Q: k( X! Y[certs] Generating "sa" key and public key
, P! K; \! m* R7 Z) f[kubeconfig] Using kubeconfig folder "/etc/kubernetes"+ k6 ^' o. I' f/ z4 w7 p$ U* w, m
[kubeconfig] Writing "admin.conf" kubeconfig file
  ~# P1 m  ]' X) l# X0 R[kubeconfig] Writing "kubelet.conf" kubeconfig file# P) J) {% E5 }# Z/ g+ y* T& N
[kubeconfig] Writing "controller-manager.conf" kubeconfig file& A2 A) I! V3 T6 R% G9 q& M
[kubeconfig] Writing "scheduler.conf" kubeconfig file
  i) F4 z* h3 _7 b[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
, G. [0 n: P3 y" ?" ?+ K4 t! V[control-plane] Using manifest folder "/etc/kubernetes/manifests"+ U0 ]. D, e. G! I/ u
[control-plane] Creating static Pod manifest for "kube-apiserver"' k8 n: d& d9 @" Z8 x, h
[control-plane] Creating static Pod manifest for "kube-controller-manager"
/ ~3 i3 v1 ]5 F1 w[control-plane] Creating static Pod manifest for "kube-scheduler"5 P( V( a+ d. y3 I; K9 ^& W; L
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"# I' r$ W' n1 S6 f
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"+ @! G- k* j7 M! d! ~, f
[kubelet-start] Starting the kubelet
6 n3 m1 N- d: k# _4 c* z' ^3 P[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
8 A# h/ |1 D6 r7 \) ~/ A, N* m[apiclient] All control plane components are healthy after 17.005335 seconds8 N  B  W- s$ K* S6 ~: ]5 j
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace4 S1 H! v% s( o( v9 i$ ^" m) z
[kubelet] Creating a ConfigMap "kubelet-config" in namespace kube-system with the configuration for the kubelets in the cluster
# W4 M' D$ R) i* u0 a% ], [[upload-certs] Skipping phase. Please see --upload-certs
6 K! e6 }- G, w4 y[mark-control-plane] Marking the node kubernetes-master as control-plane by adding the labels: [node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]
6 d. q7 s2 [1 v6 }# Q[mark-control-plane] Marking the node kubernetes-master as control-plane by adding the taints [node-role.kubernetes.io/control-plane:NoSchedule]
4 E3 g( N& L: V! K5 x8 Q6 z& ^" M[bootstrap-token] Using token: ajiqtj.xwpscuol7csse0d9& ^7 |6 l8 ~2 g6 S
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles' n/ P6 ?) G3 X& }( b9 U: w* e
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes
8 h& _$ U1 M* D- p' d. w3 F[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
% q% n1 ?2 I! z  ^" Z4 e; P$ c[bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
2 U2 w3 O% c: ~  ^" L2 \) d5 g[bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster  v( f& `9 x' Q, ^) I- P& g
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
7 d+ ^( M) G# {[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key+ q  C' i3 q; I
[addons] Applied essential addon: CoreDNS
( {8 z. d8 F, k: s[addons] Applied essential addon: kube-proxy
1 V  {( J9 q7 L& i) p
3 j& J) ]7 E' C+ j/ qYour Kubernetes control-plane has initialized successfully!. ^# [. S4 ~, @9 T3 R# Z. O

; v; _. }( J  o4 K0 P& lTo start using your cluster, you need to run the following as a regular user:
2 \) |* |- J1 s2 a8 c" _" ^+ p; d
  mkdir -p $HOME/.kube
0 p* N/ v& k  ^" `1 A  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  h6 ~; ?: y" e+ _" h  sudo chown $(id -u):$(id -g) $HOME/.kube/config4 P) ]6 g! Z3 H8 G0 Q( k, C# }
/ S  u/ J1 x3 l
Alternatively, if you are the root user, you can run:
1 [6 a" V  h8 a6 R; N1 Y: {$ i. x1 b
$ ?& K+ ]( `: W2 u0 ?- z  export KUBECONFIG=/etc/kubernetes/admin.conf1 z9 w, T6 C, G* Z# U  g4 X1 y
4 X1 ^, B" x' K4 j* v4 T' z8 q
You should now deploy a pod network to the cluster.
' H: C; r9 u0 `9 TRun "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
' d6 M2 z" R, k9 i, U5 r. E$ ~. ]  https://kubernetes.io/docs/conce ... inistration/addons/2 [# p- X, Z* R3 f
4 |+ @0 `; q! }5 Q
Then you can join any number of worker nodes by running the following on each as root:
7 x: z5 A( {0 m- ~& G8 z) j5 Z5 F; h- ^6 [. i  Y+ D; N$ s& p
kubeadm join 192.168.8.190:6443 --token ajiqtj.xwpscuol7csse0d9 \
0 T& R4 Q3 `8 v5 N. y        --discovery-token-ca-cert-hash sha256:87ab51d4f77f290e00c0060990eb5efa886752e39b2e74721d96d2c41bb92699
" C$ e+ w0 |/ b- z% C  u[root@kubernetes-master net]# / ?; m9 Z3 _! O/ \0 r& z6 |2 K
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-15 15:03:28 | 显示全部楼层
# 安装ipset和ipvsadm% a, x3 }4 L4 _# h: z! G0 {
        yum install ipset ipvsadmin -y
$ Z1 P5 t. z, E9 _  d7 E' k8 t# 添加需要加载的模块写入脚本文件9 @% y- f5 i4 T* n- V9 p
cat <<EOF > /etc/sysconfig/modules/ipvs.modules
, u9 n2 r) P8 [0 b#!/bin/bash
& A* u7 o" {6 G& g) mmodprobe -- ip_vs! U, U2 S5 G- T  j
modprobe -- ip_vs_rr
* N( k0 g* C! c) c1 ^/ ~; w2 H2 Imodprobe -- ip_vs_wrr
& u* V# k& v0 Zmodprobe -- ip_vs_sh
3 C4 e! U( Q6 n, Q5 jmodprobe -- nf_conntrack_ipv4
- P8 a: O4 l3 n. c6 J6 ~# dEOF! G" C% w9 L7 V0 L8 j! U% L
# 为脚本文件添加执行权限/ A2 S5 Y) @3 G
        chmod +x /etc/sysconfig/modules/ipvs.modules
5 @5 V: |0 T1 W6 h8 `# 执行脚本文件
1 U! h9 T8 E' v/ m# q         /bin/bash /etc/sysconfig/modules/ipvs.modules
5 d3 s( V9 f! t3 P# 查看对应的模块是否加载成功
' T  ?- G. K. w: O. K( v        lsmod | grep -e ip_vs -e nf_conntrack_ipv4
' s) C, ~5 ~# d$ a. k- G0 d. G
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

返回首页|Archiver|手机版|小黑屋|易陆发现技术论坛 ( 蜀ICP备2026014127号-1 )

GMT+8, 2026-6-12 01:37 , Processed in 0.038041 second(s), 31 queries .

Powered by Discuz! X5.0

© 2001-2026 Discuz! Team.

快速回复 返回顶部 返回列表