浏览此站
联系我们相册切换到窄版 Language

 找回密码
 注册
易陆发现论坛»论坛 docker社区 docker社区 部署k8s集群步骤 kubernetes实施步骤
返回列表 发新帖
查看: 71|回复: 9

部署k8s集群步骤 kubernetes实施步骤

[复制链接]
admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
发表于 2024-9-2 15:00:03 | 显示全部楼层 |阅读模式
购买主题 本主题需向作者支付 5 金钱 才能浏览
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-6 17:37:32 | 显示全部楼层
kubernetes的yum源+ L8 X, k! D5 a6 W/ a3 H" [
cat > /etc/yum.repos.d/kubernetes.repo <<EOF
1 ^/ O' G2 f% g& C$ i0 U' |, z! S[kubernetes]& v" R/ S1 g# L6 e9 _* v, j
name=kubernetes7 A$ `+ g; }% m$ J1 x: j& @
baseurl=http://172.24.21.35/centos/kubernetes/1 `5 Z5 Y5 z( Z# S2 P8 }
gpgcheck=0) L) M0 G9 r6 B8 E+ N# G8 W( Y
EOF& z% L5 k2 D4 u( ^2 S
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-9 10:37:01 | 显示全部楼层
kubeadm init --apiserver-advertise-address=172.24.21.55  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.28.0 --service-cidr=10.177.100.0/12 --pod-network-cidr=10.233.0.0/16  --cri-socket=unix:///var/run/cri-dockerd.sock [init] Using Kubernetes version: v1.28.0 [preflight] Running pre-flight checks         [WARNING Firewalld]: firewalld is active, please ensure ports [6443 10250] are open or your cluster may not function correctly         [WARNING HTTPProxy]: Connection to "https://172.24.21.55" uses proxy "http://172.24.118.199:3128". If that is not intended, adjust your proxy settings         [WARNING HTTPProxyCIDR]: connection to "10.177.100.0/12" uses proxy "http://172.24.118.199:3128". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration         [WARNING HTTPProxyCIDR]: connection to "10.233.0.0/16" uses proxy "http://172.24.118.199:3128". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration         [WARNING Hostname]: hostname "k8s-master" could not be reached         [WARNING Hostname]: hostname "k8s-master": lookup k8s-master on 114.114.114.114:53: read udp 172.24.21.55:51870->114.114.114.114:53: i/o timeout [preflight] Pulling images required for setting up a Kubernetes cluster [preflight] This might take a minute or two, depending on the speed of your internet connection [preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-9 10:42:18 | 显示全部楼层
--apiserver-advertise-address   #声明监听ip地址2 t7 S( k$ Z2 B9 E
--image-repository registry.aliyuncs.com/google_containers     #指定仓库
5 ~- l  Y7 J) z5 y7 L2 V' v--kubernetes-version   指定k8s的版本5 w0 Z, o  p8 e. C

* w9 H+ t1 v% j. g --service-cidr=10.177.100.0/12   #service网段1 l: W6 O5 R) q  o, U0 w1 N9 u  `4 r( M
--pod-network-cidr=10.233.0.0/16    #pod网段  ]! B; a3 Q" ?; V: m2 u
--cri-socket   指定docker的中间链接软件
2 i# s3 M& c  H  j8 Q
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-10 15:57:57 | 显示全部楼层
--kubernetes-version=v1.17.2
' N6 A& ]& y3 ^4 s; w' Z: ~3 m& N* S1 V1 k9 w5 u5 d( N
版本号,根据自己的情况更改,一般应该和 kubeadm 的版本一致/ b6 ^$ n: t$ {
' n5 h4 \# h& S* p+ t* w
通过如下命令获得3 D8 H# `2 O, N! p/ d

# A/ S' N" f2 |kubeadm version! ?! K( K: x1 w% g) u3 w) N
& x5 E) d8 s- Z- B
输出的 GitVersion:"v1.20.4" 就是版本号了
2 H5 H' ~& l6 O7 s5 w: I  ^5 _" T) t) ?9 k9 K! C
--pod-network-cidr=10.244.0.0/16
% o% [5 f+ A1 Z4 c
! h. }$ X$ p0 a; b) ^' i1 C​ pod 使用的网络,可以自定义,这个根据自己的情况修改,不修改也可以4 R8 ~6 U0 P) Y+ U- V) K
+ c8 g/ U8 P% c$ \5 k; P5 F4 Z
​ 好像是固定的* A. S- D/ y9 ~4 x. \
+ K1 z: l. H/ ]* @! [
--apiserver-advertise-address=192.168.1.2005 y: x9 m# N* G% C3 L! f0 e. Q9 U3 @; v
​ master 节点的有效 IP 或者可以被解析的 DNS 名称,需要是 master 节点的有效网卡地址,比如 ens33, eth0 等。
" i  h8 a* T, F, w
8 ?2 P- C& s' a% f. R--ignore-preflight-errors=Swap
4 q3 o- O/ L6 b% s+ y% J1 m​ 忽略检查 Swap 时候的报错
& R! W/ c9 u" o: O
0 q# b& m' e% ~$ ]! |! K--control-plane-endpoint- H' {; N' X4 K4 t, X0 f8 n

# G3 O8 H/ A: @负载均衡的地址,支持dns解析名或者IP,添加该选项后支持高可用,如果使用dns 记得该dns一定要可以被解析7 Z  \0 F* I! x) u( H

% L+ X/ T9 _# v  ^9 Q; A; [--upload-certs( k" [3 \5 J  j, r, N* A5 P

3 b) x& o* Z$ `# b. Y2 G1 n: V* l配合高可用使用,可以自动上传证书- C- N% N/ t, O! J; P9 c8 {3 Z
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-10 17:12:32 | 显示全部楼层
vim deploy-kubeadm.yml
5 [+ x- x4 }: R6 [( e8 k3 I, Q& C---$ ?8 l% p1 }6 m7 p& A. D
- name: Deploy  kubeadm  kubelet kubectl% o* z% ]2 g/ x+ f) r+ L1 C6 U
  hosts: k8s
6 A, H1 N( `, D. v+ B8 l  gather_facts: no
9 n# R2 Y) X2 j+ v% Q8 ~! D  vars:: X* C9 }$ Y% U" n: I. i7 Y3 N
    pkg_dir: /kubeadm-pkg
0 n/ D1 b+ O. o* P    pkg_names: ["kubelet", "kubeadm", "kubectl"]
* V, S" K  {. s" t' L* ]6 w2 V, h3 I' T% g" d" l/ a
    # 变量 download_host 需要手动设置& {! |! S5 j6 X$ ^
    # 且值需要是此 playbook 目标主机中的一个* M! z, u7 y5 x' i
    # 需要写在 inventory 文件中的名称! @: Y  F7 y) g9 j  j) z
    download_host: "master"
3 q- D6 p9 u# c& @/ m    local_pkg_dir: "{{ playbook_dir }}/{{ download_host }}") C- W# M! @$ M  X3 L- U% b

( }. E2 v( R! a2 V2 b2 M& f  tasks:
' p+ `- J/ V/ b2 t, n7 a! d    - name: 测试使用 -e 是否设置并覆盖了变量
1 P4 r, q7 ^, z1 Z$ n      debug:( V% s' m* f0 i" n2 E. o1 i9 ]
        msg: "{{ local_pkg_dir }} {{ download_host }}"1 p# `1 @4 f. q& n6 a- R& a) D
      tags:
/ x# L- f3 B# O5 g3 ^        - deploy& V$ R4 m( {4 c& w: G; k/ _6 t2 f$ L
        - test" U9 s( m( f' ^( E; @* F

8 ]- |! Q( L$ v* N" J  C: ?    - name: "只需要给 {{ download_host }}安装仓库文件"
+ {& Q% u; ]9 L' [9 d( `8 ?      when: inventory_hostname == download_host
9 H0 C( {2 B6 v5 B      copy:- r- ^8 q) V( U
        src: file/kubernetes.repo
9 d6 T, Z! e, d+ `: r$ f6 W* C$ Q        dest: /etc/yum.repos.d/kubernetes.repo2 Q% M' a% [! x2 v
      tags:
0 e5 ?! L" Y' D+ E9 G* k# C  p        - deploy
+ M9 _9 W+ l/ v% h6 O! X
4 Y- d5 }7 K' W; n0 k    - name: 创建存放 rmp 包的目录
/ O; R4 g7 E9 M  `' Y5 L- d: f      when: inventory_hostname == download_host5 Y  {7 c" E) d& Y' C/ c& B, N
      file:
+ f' ]+ D" \  {! ^. f        path: "{{ pkg_dir }}"; X1 z% ^$ q( i2 _
        state: directory6 F& |  D! M% d: Z$ w2 B: d+ ]
      tags:
# v* `7 H. L1 ?& w' y# C# |        - deploy2 |0 |$ N0 V8 O$ I& r; X1 l5 K
: N5 n  W, @3 G3 M4 c- o7 {, e$ B( g
    - name:  下载软件包2 w$ Q1 |, J% Q$ ]# t6 V& U- n
      when: inventory_hostname == download_host8 i. A: E( p7 M9 g" K) _, d7 S
      yum:; n+ L4 S" R# f7 D! f) @0 R
        name: "{{ pkg_names }}"
2 J/ j3 i' T! y% X/ B  B$ y6 v        download_only: yes
) ]  O8 Y& J  L* S! q        download_dir: "{{ pkg_dir }}"
5 A% G9 N$ l9 Z; l4 m) H      tags:0 g' `" G! N* k* s5 B/ ]7 e2 I
        - deploy- P+ P. l3 Y/ s8 t
" O( e8 z+ Z+ f  a8 T6 P3 {
    - name: 获取下载目录 "{{ pkg_dir }}" 中的文件列表$ O7 n5 q3 B* C6 ^, ~" h( h$ ^
      when: inventory_hostname == download_host
. e( n& g+ q; q/ X      shell: ls -1 "{{ pkg_dir }}"2 B( K% m3 k7 b0 g5 z4 j
      register: files
- Z  ]7 B9 ~8 _: a# d      tags:: z+ D% r3 q  b; L1 n: O0 N# Y
        - deploy7 h5 u8 G* U% m
/ q( O! n9 t+ V$ X# x
    - name: 把远程主机下载的软件包传输到 ansible 本地
3 ?, Y/ o  b, U; H      when: inventory_hostname == download_host
1 J: ~3 @+ m& H6 x      fetch:
3 ]0 E1 E8 ]# k        src: "{{ pkg_dir }}/{{ item }}"/ ^) U. B0 o1 Y! f7 v" p
        dest: ./0 ~1 X# f+ G& W2 y; f
      loop: "{{files.stdout_lines}}"
. Q& K8 Y  I! |  E      tags:) t0 J0 m' A6 O# d/ Q- E
        - deploy
9 g2 `6 J" F. e: n1 u
6 k- i! o6 o. h    - name: 传输 rpm 包到远程节点
8 u8 c  Z( o. L+ O- V2 F3 n' S" x      when: inventory_hostname != download_host
( `; \5 j# s; N" L2 @. t  Q      copy:
: t8 e# I% J. Q$ ~4 {' F        src: "{{ local_pkg_dir }}{{ pkg_dir }}"
* Y) \, p2 x( @9 P8 n5 y        dest: "/"
, s2 ]0 V0 y4 H4 W2 k5 \5 c      tags:
( M; c. f# M1 S/ y  y; F7 h        - deploy) ~% B' }& m) l9 q& S7 D8 `
; `+ T5 C4 B6 }
    - name: 正在执行从本地安装软件包% f5 T2 t% a& g+ ]
      shell:
. J  H( R* q; I        cmd: yum -y localinstall *
2 P2 G' {9 @1 s' V$ S9 x        chdir: "{{ pkg_dir }}"/ ?, Y7 P- G+ D
        warn: no, o; q; Q1 z, |3 q! m0 p# j  s! w
      async: 600
3 H# T6 S7 R2 S% H      poll: 0
, z  ?9 v: n% u7 _+ W8 S  n      register: yum_info3 B7 G' B& i0 Y2 h) x3 O" Q. b( f( O! t
      tags:
! K- k; g" g# z. A6 ~        - deploy7 m/ i9 v9 O, A0 x. A% @0 h6 o
9 }5 j' x0 ]4 f' k3 e. b3 t; f
    - name: 打印安装结果# n1 ]* o; E; R( H& J& H
      debug: var=yum_info.ansible_job_id
" u  F% _% d* u5 w      tags:
5 J5 s+ \( b2 v5 C2 U, k" i$ J# d        - deploy
+ G3 a$ y- a- g9 k8 p# b' L0 u9 l, d: R. _1 e5 ]+ T+ y

+ [7 d: }8 K6 V" ?+ ^# 查看kubernetes依赖的镜像, R* T1 b7 `( w3 c, k
kubeadm config images list& k6 B0 V/ s& \  @) t( c
, _: k9 |8 @6 z- u3 L( i
# 不支持高可用的集群初始化
/ k% e* M: V; L# e3 Y7 [) b# _7 ukubeadm init --kubernetes-version=v1.20.4 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.9.29.112 --ignore-preflight-errors=Swap( u: q! k2 n% E+ K2 n
) R/ ?& c  D  K0 c& @  c- e
# 支持高可用的集群初始化9 l% m  @& H1 V' J
kubeadm init --kubernetes-version=v1.20.4 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=masterIP --control-plane-endpoint=kube-lab  --ignore-preflight-errors=Swap --upload-certs) S+ Z% E8 F9 w* ^# I

0 }9 R  L% x% J3 E" K5 }$ r: Y5 ^- ~8 @! V/ I+ a
# 初始化成功后,会有以下信息,复制后直接在node节点使用即可加入集群/ Q! F1 a2 [9 ~  F
kubeadm join 10.9.29.112:6443 --token en6s67.08rnsg20dc5t8z4n \
; z' A6 L. J$ b, O% }4 x    --discovery-token-ca-cert-hash sha256:7d034842b9ee7a6b17d9ce7088839f4570da1c61b29922f28e72b855c10003cc
" r; e2 V) s4 P7 c( `5 n. N! b
" ]$ d, Z! o) `8 N3 b! Z) {+ k# 如果是高可用,还会有一条,这个使用后会添加一个master进入集群/ T# n; m) h& h8 m: x& @2 k
kubeadm join kub-lab:6443 --token s2ccws.tzb7v4olicidp032 \$ A" v  ?8 l' c0 T
    --discovery-token-ca-cert-hash sha256:29a2b437f79c5e4958c3d73e6c64fe0a4df24f0f3bcabd5ced28392d7a882e10 \
$ |' y: E' ^" T; w+ o% F; Z" M    --control-plane --certificate-key c0a9a1c4a067b20dca95447f809d95c973220244c740a47f71d5302e0a759ea7
& \: |. y; K6 g/ B) E6 K$ g
4 A9 J4 t, o6 V5 t3 w* l9 ?: E
回复

举报

1320503165

70

主题

73

回帖

1201

积分

网站编辑

积分
1201
发表于 2024-9-14 11:01:25 | 显示全部楼层
cat > /etc/docker/daemon.json <<EOF
, F) _" n1 X; e* g/ _5 `{5 g! n" w# [& z- A& R
"registry-mirrors":[- Q' x* p2 y  F6 T- p1 v8 Q
"https://docker.m.daocloud.io",0 }0 ?  N8 _! O
"https://huecher.io",0 H; E% X8 C/ v3 O2 r- w
"https://dockerhub.timeweb.cloud",
! P, _) [$ P6 f& c5 x"https://noohub.ru",
8 I3 Z2 Y5 X) T6 G' q"https://docker.aws19527.cn"
! L! e% |4 w, Y( t( h]4 {+ O6 Z( A* e" k2 `
}  s+ {( z4 {9 C$ f' X; T; B. h( W
EOF
回复

举报

1320503165

70

主题

73

回帖

1201

积分

网站编辑

积分
1201
发表于 2024-9-14 17:07:25 | 显示全部楼层
kubeadm init --apiserver-advertise-address=192.168.8.190  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.28.0 --service-cidr=10.177.100.0/12 --pod-network-cidr=10.233.0.0/16  --cri-socket=unix:///var/run/cri-dockerd.sock  
; W% D! c. g; g, \3 u4 P& ?, m/ k[init] Using Kubernetes version: v1.28.0
8 U! y0 w9 B& l2 L0 }- E* c[preflight] Running pre-flight checks
% @! O1 `2 ?7 r  H- J% i[preflight] Pulling images required for setting up a Kubernetes cluster
, q! ]9 s9 P8 g0 H; ]  z# N[preflight] This might take a minute or two, depending on the speed of your internet connection& X; M  x4 y4 z- T6 `9 b' B8 q$ P
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
5 g& o8 w0 O; w) }' |8 y+ vW0914 17:05:50.073955    7690 checks.go:835] detected that the sandbox image "registry.k8s.io/pause:3.6" of the container runtime is inconsistent with that used by kubeadm. It is recommended that using "registry.aliyuncs.com/google_containers/pause:3.9" as the CRI sandbox image.4 N+ f9 l+ O0 n
[certs] Using certificateDir folder "/etc/kubernetes/pki"8 Z  H- _5 p" N, J2 p
[certs] Generating "ca" certificate and key% e' q( [* X8 `& \9 V. Q0 {8 k
[certs] Generating "apiserver" certificate and key6 u. h8 E( E. m( r
[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes-master kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.176.0.1 192.168.8.190]
- ^# B1 N6 R2 k4 ?, F& ]! M" l[certs] Generating "apiserver-kubelet-client" certificate and key  J7 {" a2 k: x) I
[certs] Generating "front-proxy-ca" certificate and key% d* i3 w+ w0 y+ O, Z4 r
[certs] Generating "front-proxy-client" certificate and key
' i3 ^9 H7 N; w9 P  _0 C[certs] Generating "etcd/ca" certificate and key
- l* U9 Z3 V" C3 k' p! z[certs] Generating "etcd/server" certificate and key/ P4 F3 }8 V  `! o; R) K
[certs] etcd/server serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]' z7 O4 x; y( w
[certs] Generating "etcd/peer" certificate and key3 U$ w4 F( K5 P' k
[certs] etcd/peer serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]( H0 o2 K7 f6 I4 ~# v4 i, t4 A/ A
[certs] Generating "etcd/healthcheck-client" certificate and key
& R; E" x& M1 Q8 q[certs] Generating "apiserver-etcd-client" certificate and key, _& g8 @: z7 l. k; I6 x
[certs] Generating "sa" key and public key9 P8 L; h! I" l: s0 o0 m( N5 Y
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"6 p: {* E& h7 V  V
[kubeconfig] Writing "admin.conf" kubeconfig file
5 G2 Y7 ?: u4 E0 ^7 ~4 N9 @7 ?[kubeconfig] Writing "kubelet.conf" kubeconfig file' ^& b3 d7 r. w# [
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
  T( M; m7 Y5 w4 _$ @: k3 \! K[kubeconfig] Writing "scheduler.conf" kubeconfig file
+ M' y* b, J7 y& @# Z[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
' Z- `: T1 L  |8 @6 n[control-plane] Using manifest folder "/etc/kubernetes/manifests"; A" E% ]. {7 ]" W
[control-plane] Creating static Pod manifest for "kube-apiserver"2 M4 L; h1 c- J0 J+ Y
[control-plane] Creating static Pod manifest for "kube-controller-manager"
( i3 x/ b6 M! L( A[control-plane] Creating static Pod manifest for "kube-scheduler"9 x6 L) g& g# d' w. `5 r6 \. F( e
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env") @8 O6 D$ o4 @- a
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"- R) V7 ]. S- {. B
[kubelet-start] Starting the kubelet
* R/ b5 ]6 t- A. H; ^* a6 S[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s( a5 Q4 B/ W$ p" b
[kubelet-check] Initial timeout of 40s passed.
. x% O* R1 j$ S# D% t
回复

举报

1320503165

70

主题

73

回帖

1201

积分

网站编辑

积分
1201
发表于 2024-9-15 10:54:27 | 显示全部楼层
[root@kubernetes-master net]# kubeadm init --apiserver-advertise-address=192.168.8.190  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.28.0 --service-cidr=10.177.100.0/12 --pod-network-cidr=10.233.0.0/16  --cri-socket=unix:///var/run/cri-dockerd.sock  
0 I5 H" W" V* x; Y$ @, ~1 K[init] Using Kubernetes version: v1.28.0
1 l7 b- t1 M2 ~8 c9 W3 t& ^[preflight] Running pre-flight checks
$ ]+ f8 z1 o6 q! G0 v8 ~% @[preflight] Pulling images required for setting up a Kubernetes cluster6 G6 P( |+ a) K8 F; p, c
[preflight] This might take a minute or two, depending on the speed of your internet connection
4 B- }1 z! [" S: v6 |9 P3 d[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
! W7 H, Q  U% n' C8 ?' ^2 p2 ][certs] Using certificateDir folder "/etc/kubernetes/pki"8 |8 M3 Y8 R8 V8 [" M9 v* N
[certs] Generating "ca" certificate and key. W2 M/ d3 x5 }6 H" E: f
[certs] Generating "apiserver" certificate and key
. Z5 ]8 v. ?2 _% B8 E$ ?. `: x[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes-master kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.176.0.1 192.168.8.190]
$ ]* T" v+ V& x2 K5 S( z3 z( [[certs] Generating "apiserver-kubelet-client" certificate and key
, Q$ H1 c( w1 t7 O7 v( J[certs] Generating "front-proxy-ca" certificate and key2 \# q( n! f* n) [0 `
[certs] Generating "front-proxy-client" certificate and key
' {% j1 l. q/ o. r. }) U; `[certs] Generating "etcd/ca" certificate and key
' B7 B, }5 g9 g' O2 v[certs] Generating "etcd/server" certificate and key) M. \* X. ?5 V1 z& C/ I
[certs] etcd/server serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]2 S# l& B- ~$ J% C
[certs] Generating "etcd/peer" certificate and key
6 y- c$ K$ w" D, Q1 }[certs] etcd/peer serving cert is signed for DNS names [kubernetes-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]' T1 }& z$ I1 D4 L$ E2 _$ t
[certs] Generating "etcd/healthcheck-client" certificate and key5 f1 u/ l% u$ l' s! b2 D/ s% [
[certs] Generating "apiserver-etcd-client" certificate and key! h5 E! ]- X/ _7 N2 D9 f
[certs] Generating "sa" key and public key7 t0 [& x+ z4 X0 s0 S) T0 }& H' D  v
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"2 E; I6 |- @6 t: \9 t# c# b4 A
[kubeconfig] Writing "admin.conf" kubeconfig file% Z3 q) V! j' {  N% `( M8 b
[kubeconfig] Writing "kubelet.conf" kubeconfig file
+ D8 a* V+ h6 Z$ ]$ x[kubeconfig] Writing "controller-manager.conf" kubeconfig file. g8 y  a/ ^$ i8 d  T' `
[kubeconfig] Writing "scheduler.conf" kubeconfig file
' N- v* G" A6 M. [$ E, _; p[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
1 Z+ u5 k2 D# x& }$ u+ p9 W* v[control-plane] Using manifest folder "/etc/kubernetes/manifests"/ R1 M5 S2 i5 x6 x
[control-plane] Creating static Pod manifest for "kube-apiserver"
$ e! }, p/ q" j# f+ w$ O[control-plane] Creating static Pod manifest for "kube-controller-manager"# }4 r, H, H; @1 i1 @% U( I9 O
[control-plane] Creating static Pod manifest for "kube-scheduler"4 M" O+ @4 M9 L
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"+ G+ O( S8 `, m5 _' T
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
* M5 t9 g8 E8 g, y& W& D[kubelet-start] Starting the kubelet
- _8 V" @: ?6 R: G  n[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s5 O' R, ?9 H3 g* x1 Z6 ^; }
[apiclient] All control plane components are healthy after 17.005335 seconds9 ~% `6 o. L9 Q& ^4 D2 B* Z
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace% A5 Z% u" [; C1 u
[kubelet] Creating a ConfigMap "kubelet-config" in namespace kube-system with the configuration for the kubelets in the cluster
, Z- K$ `! v2 O: Y. ~6 @- {[upload-certs] Skipping phase. Please see --upload-certs  \( {% L7 L, n
[mark-control-plane] Marking the node kubernetes-master as control-plane by adding the labels: [node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]) {6 |9 M5 j3 e" f; r% N. z4 z
[mark-control-plane] Marking the node kubernetes-master as control-plane by adding the taints [node-role.kubernetes.io/control-plane:NoSchedule]4 L& }3 ?: h3 X" _* U. b) V
[bootstrap-token] Using token: ajiqtj.xwpscuol7csse0d9
8 c& P- `& d! E! F  h[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
: b0 Y/ G$ G$ f2 p[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes
  k# ?) H7 W& J- @8 x* y+ @  X[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials5 F% R  k- o! A. ^& q: W
[bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
/ i3 S7 X& u' Q, r. n) [- h; E4 A[bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
2 X& U" ]0 d  `. O* c[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace& K3 C1 F, B0 k, ^4 q, R, y+ O
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key3 b2 {; {; P- D7 F
[addons] Applied essential addon: CoreDNS
4 [0 W, G( k$ L2 ^$ P% y; J' f[addons] Applied essential addon: kube-proxy
1 X8 B$ s" c* y( H
, y7 E2 _5 o$ D5 F4 c* J- G4 TYour Kubernetes control-plane has initialized successfully!" L6 E' L7 d! ]* J  _

; s  G! W3 h" g" h7 w* ETo start using your cluster, you need to run the following as a regular user:. i% w* {3 k7 T( ]" O
! x0 J, ~# U+ U! ?
  mkdir -p $HOME/.kube
0 W3 P$ h. c* A6 J% ~  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config0 e( ?# g: I0 i% D7 v3 {, ]4 i& B; q; Y
  sudo chown $(id -u):$(id -g) $HOME/.kube/config
- ?: p' B: a8 u3 U  x5 @7 |+ Z' w- s8 t* v  N
Alternatively, if you are the root user, you can run:0 p8 f1 a! w; `  ~) m0 j' d; W
2 D) f3 v0 G8 ]6 G6 s+ L% x
  export KUBECONFIG=/etc/kubernetes/admin.conf
5 D' U8 d3 w: [* b# `+ X4 z: t# c0 e2 c0 Q' [2 f0 `0 K
You should now deploy a pod network to the cluster.
# W. D1 U$ k/ IRun "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
8 D2 y% _/ ^) T( W( T: A& G4 O  https://kubernetes.io/docs/conce ... inistration/addons/2 x! n5 Y$ T$ D9 K+ h. v3 _

0 H9 c7 f# t' A/ VThen you can join any number of worker nodes by running the following on each as root:
; _+ m  e% {8 _+ e' O
6 `: a/ m  \) ]  y' lkubeadm join 192.168.8.190:6443 --token ajiqtj.xwpscuol7csse0d9 \  j$ n7 n! r0 b* y* }; O8 S
        --discovery-token-ca-cert-hash sha256:87ab51d4f77f290e00c0060990eb5efa886752e39b2e74721d96d2c41bb92699
+ `* i2 V5 N2 Z, p/ K$ o* @[root@kubernetes-master net]# % A; c/ u" ~7 J) _" X0 y
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2024-9-15 15:03:28 | 显示全部楼层
# 安装ipset和ipvsadm( \# @5 X4 ~; T2 j" b0 E" V
        yum install ipset ipvsadmin -y
' l* _. j" w+ g# 添加需要加载的模块写入脚本文件( a3 U$ @' {9 O; g
cat <<EOF > /etc/sysconfig/modules/ipvs.modules/ P5 O4 \9 m9 V# o) S
#!/bin/bash7 {/ P3 J; W: x7 O% E7 X
modprobe -- ip_vs
9 p! p  U/ b, i( t  Imodprobe -- ip_vs_rr
# F& u/ y% J0 O  @modprobe -- ip_vs_wrr
! Z8 k4 n$ S: `/ J2 {7 Z, W3 ymodprobe -- ip_vs_sh. P/ V) _8 f- h4 `  M3 g
modprobe -- nf_conntrack_ipv4' X$ W5 V, J# P' w1 b( k
EOF: @% c+ ]* }2 j1 ?$ p
# 为脚本文件添加执行权限& V! F! g1 |6 {  j
        chmod +x /etc/sysconfig/modules/ipvs.modules
* }+ r/ X2 \+ e# 执行脚本文件
- O$ ], z, W* y" t         /bin/bash /etc/sysconfig/modules/ipvs.modules: Q$ a. s( U( w' x* e( q  F% Q5 u9 [. r
# 查看对应的模块是否加载成功" x) r6 K" C- {  b0 B6 c4 @$ c
        lsmod | grep -e ip_vs -e nf_conntrack_ipv4
7 M$ N# ]5 o' q, h9 [/ D
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

返回首页|Archiver|手机版|小黑屋|易陆发现技术论坛 ( 蜀ICP备2026014127号-1 )

GMT+8, 2026-6-12 04:53 , Processed in 0.063992 second(s), 31 queries .

Powered by Discuz! X5.0

© 2001-2026 Discuz! Team.

快速回复 返回顶部 返回列表