|
|
楼主 |
发表于 2024-12-29 21:22:14
|
显示全部楼层
[root@k8s-master ~]# kubeadm config images list4 W, ]7 `- {, e) v- {
I1229 21:16:13.799696 2756 version.go:256] remote version is much newer: v1.32.0; falling back to: stable-1.28
! M/ N6 P6 Z" H! I" j* ^3 n0 C0 bregistry.k8s.io/kube-apiserver:v1.28.15
4 `% e% D ~( H. m% Xregistry.k8s.io/kube-controller-manager:v1.28.153 R9 p* o: ?4 S8 H2 h
registry.k8s.io/kube-scheduler:v1.28.15
4 d0 O3 T2 L0 @" jregistry.k8s.io/kube-proxy:v1.28.150 q2 S3 N; I% B+ P/ C' Q
registry.k8s.io/pause:3.9
) \- o- Z7 W/ C: |& Fregistry.k8s.io/etcd:3.5.9-0. Y" [) [: Q9 \* G8 b
registry.k8s.io/coredns/coredns:v1.10.1) ]4 l2 v- f) H0 L* H5 Z
[root@k8s-master ~]# kubeadm init --apiserver-advertise-address=192.168.8.190 --node-name=k8s-master --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.28.2 --service-cidr=192.182.22.0/20 --pod-network-cidr=192.172.21.0/20 --cri-socket=unix:///var/run/cri-dockerd.sock
. O x# ] l2 x( [[init] Using Kubernetes version: v1.28.2
/ [( G: ^, T) s& o2 H[preflight] Running pre-flight checks# d% K2 ^+ Y( Q" ]/ W5 }
[preflight] Pulling images required for setting up a Kubernetes cluster/ Z8 {' [. x1 P5 Z6 w* {1 j- y
[preflight] This might take a minute or two, depending on the speed of your internet connection
; `* }* W+ T! d1 ~( ~+ T[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
@; O" K8 M' y9 Y$ n, F[certs] Using certificateDir folder "/etc/kubernetes/pki"' R+ r9 P& r; e* H
[certs] Generating "ca" certificate and key+ h8 C! r& l" [ i' p
[certs] Generating "apiserver" certificate and key' M3 O' {! R$ {1 Y# W( j
[certs] apiserver serving cert is signed for DNS names [k8s-master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [192.182.16.1 192.168.8.190]
/ e, N0 l; Q) ]7 f1 T. Z# O' F. \$ `[certs] Generating "apiserver-kubelet-client" certificate and key
# \* D; m" A7 }4 [6 F[certs] Generating "front-proxy-ca" certificate and key, o$ P1 K9 n- h/ z% {* k: L) q, m
[certs] Generating "front-proxy-client" certificate and key- N5 ]4 F4 P$ p) ]
[certs] Generating "etcd/ca" certificate and key1 i9 \6 x R( A5 S
[certs] Generating "etcd/server" certificate and key9 M; g- Z. N/ n% p0 n* _4 V
[certs] etcd/server serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]. F* y! ?+ q: r" t9 H k( u
[certs] Generating "etcd/peer" certificate and key9 H2 v8 j; h; a0 A' s: V: I
[certs] etcd/peer serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]
" h2 O8 _/ T6 ]8 T" d7 t9 @2 a; V c3 R[certs] Generating "etcd/healthcheck-client" certificate and key
6 _- }) [9 r1 u4 R) I* h[certs] Generating "apiserver-etcd-client" certificate and key9 m- K9 R1 S h& o
[certs] Generating "sa" key and public key
1 [( ^4 _& I) E( y( R[kubeconfig] Using kubeconfig folder "/etc/kubernetes"; H- J3 J$ [+ l7 I1 |
[kubeconfig] Writing "admin.conf" kubeconfig file9 j& l& _& s+ l4 E# p s9 n/ O, u# `
[kubeconfig] Writing "kubelet.conf" kubeconfig file# Z6 I! X3 n: P+ F: V" c
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
% E# `2 F& f8 O4 Y# e' _6 _[kubeconfig] Writing "scheduler.conf" kubeconfig file
( q3 t- Y) l2 W) P[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
& l" n" j5 l7 }! B% f4 h2 K+ F, F. q[control-plane] Using manifest folder "/etc/kubernetes/manifests"1 O& k6 R" I D1 e4 R3 ]0 ]
[control-plane] Creating static Pod manifest for "kube-apiserver", C1 ?0 e) x4 L& V/ y
[control-plane] Creating static Pod manifest for "kube-controller-manager"+ v" W2 `( L; l2 P: s$ T. l8 q7 f/ ^
[control-plane] Creating static Pod manifest for "kube-scheduler"" r2 ~9 D; y5 ]+ x+ p
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"0 X9 K( j' i4 _% t( n, v
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"6 U9 P4 [, z# K* @: w# [
[kubelet-start] Starting the kubelet2 z, \( S; y% c: ]: ~" B. N% W
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s3 P, o: w9 U" s2 G$ R; ^
[apiclient] All control plane components are healthy after 10.503849 seconds5 W( p) C/ a5 E: n
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace2 U( f. y/ L- D7 ?$ j, `2 y
[kubelet] Creating a ConfigMap "kubelet-config" in namespace kube-system with the configuration for the kubelets in the cluster
0 F l ^" @+ ?; F[upload-certs] Skipping phase. Please see --upload-certs; U2 B6 n8 F t: t S6 J
[mark-control-plane] Marking the node k8s-master as control-plane by adding the labels: [node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]
' Q5 m2 n ] s: {. ][mark-control-plane] Marking the node k8s-master as control-plane by adding the taints [node-role.kubernetes.io/control-plane:NoSchedule]
8 ?% z" K8 k: o: K[bootstrap-token] Using token: gz21hk.okzfsa63qkqquxwr8 ]+ K6 I5 P4 Z4 h8 N6 x9 m+ c1 Y
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles# X: A" T4 p- e0 J, O/ i
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes7 ]. v* A- H* E( e' s- J
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
+ |/ R& r$ h y6 U[bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
) K7 g* ?5 o1 c) x. L: E[bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster+ I4 A+ y! y( `1 d
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace2 y+ X4 q: E( P# {: d1 l
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
( y- t! B0 s5 h0 [, T[addons] Applied essential addon: CoreDNS
$ s7 e# J! ?/ m2 N% V[addons] Applied essential addon: kube-proxy# ^$ h# ]8 M- ]% B7 I$ V2 y2 N
: {& o( z: q: u: v0 b
Your Kubernetes control-plane has initialized successfully!3 B* ?# h) q$ o+ g$ k
H$ C1 e- J( I
To start using your cluster, you need to run the following as a regular user:+ t4 T) ^! s& A/ Y
% M* z) W( M) J( s+ C mkdir -p $HOME/.kube" R" ] S' G5 X# f
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
8 K/ E* Y) x: k* o& b; H4 o sudo chown $(id -u):$(id -g) $HOME/.kube/config
# M3 o" P% g; t8 `/ T p0 ?3 b4 v/ A+ {6 S
Alternatively, if you are the root user, you can run:
6 n! n, F* n' c8 f8 W- K) O/ _# L
; P3 n) O. H( O- r export KUBECONFIG=/etc/kubernetes/admin.conf5 K$ F `! m( b" P: b
& `& t- j$ t- Q, s; ?, T
You should now deploy a pod network to the cluster.% ^& E, |2 b8 o1 ?7 x
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
7 ]4 L+ r4 @6 I; h! m https://kubernetes.io/docs/conce ... inistration/addons/
. R6 |- p+ Z8 f$ ~& r1 |" _6 ?) T6 I2 ]! X
Then you can join any number of worker nodes by running the following on each as root:3 I. s$ w2 y9 M0 Z
2 a' N* |+ B- e' O V
kubeadm join 192.168.8.190:6443 --token gz21hk.okzfsa63qkqquxwr \
$ ^9 @# y0 a6 `+ h+ j& n; S3 H \. y5 K --discovery-token-ca-cert-hash sha256:5aeba3bb6d94b76440997cbc4ee9c2ef8a791211a7da0abb39a75142a040bc00
2 ?. H0 o& r9 _2 _. \* Z |
|
发表于 2024-12-29 21:21:46