|
|
楼主 |
发表于 2024-12-29 21:22:14
|
显示全部楼层
[root@k8s-master ~]# kubeadm config images list
* W* x; u! ~) `9 J! ?$ d2 @9 \I1229 21:16:13.799696 2756 version.go:256] remote version is much newer: v1.32.0; falling back to: stable-1.280 F. `2 l* ^' P& q
registry.k8s.io/kube-apiserver:v1.28.15) g9 s* S7 y( e q. n- Q% ^! `
registry.k8s.io/kube-controller-manager:v1.28.15" a- j K/ N. f8 {0 \: m
registry.k8s.io/kube-scheduler:v1.28.15+ B6 G9 a0 d. r: z# L
registry.k8s.io/kube-proxy:v1.28.15
& i2 u9 p3 H- j6 T' z$ i# {, Vregistry.k8s.io/pause:3.9
$ q2 k5 ~( w) i ^6 K# O0 K8 lregistry.k8s.io/etcd:3.5.9-01 {( t9 Y' q* h! |
registry.k8s.io/coredns/coredns:v1.10.1
- j$ b7 A' C) e4 ^$ o[root@k8s-master ~]# kubeadm init --apiserver-advertise-address=192.168.8.190 --node-name=k8s-master --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.28.2 --service-cidr=192.182.22.0/20 --pod-network-cidr=192.172.21.0/20 --cri-socket=unix:///var/run/cri-dockerd.sock+ M9 w" ~( N$ Y1 S; l7 E5 T
[init] Using Kubernetes version: v1.28.2
% Q; U& I6 k* G$ M[preflight] Running pre-flight checks. U( `- H. Z& ^; x
[preflight] Pulling images required for setting up a Kubernetes cluster9 l. Z" i- O& a: n$ B
[preflight] This might take a minute or two, depending on the speed of your internet connection
# f H' N; z: R6 s& `/ H[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'& A' _' d" ?' H' Q# b \
[certs] Using certificateDir folder "/etc/kubernetes/pki"0 ~3 p. G! G- e2 k$ P
[certs] Generating "ca" certificate and key
* g( }( b$ O' _% M# l, ^; w[certs] Generating "apiserver" certificate and key: ^' H7 K A. z" n z0 T8 v8 @
[certs] apiserver serving cert is signed for DNS names [k8s-master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [192.182.16.1 192.168.8.190]
- J) z5 \1 f. t0 s; e[certs] Generating "apiserver-kubelet-client" certificate and key
8 R" X6 [, p* k1 M. H$ V+ U: R3 a[certs] Generating "front-proxy-ca" certificate and key8 A9 f0 z; a8 ?$ S# t
[certs] Generating "front-proxy-client" certificate and key
) ^! J4 R# T, s- }$ |[certs] Generating "etcd/ca" certificate and key7 D1 D! R. `; v1 |6 P' K
[certs] Generating "etcd/server" certificate and key
" ~5 Y1 W; B g+ f3 V; g[certs] etcd/server serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]& ]5 I f* V. |- Y) k7 C
[certs] Generating "etcd/peer" certificate and key
4 |" K- P$ p/ u$ Y9 r- {3 g[certs] etcd/peer serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.8.190 127.0.0.1 ::1]
' M# {" A8 F+ n7 P[certs] Generating "etcd/healthcheck-client" certificate and key
' i- t* R# x0 P# d8 g[certs] Generating "apiserver-etcd-client" certificate and key
# ]! k! L! R1 t( a+ k q[certs] Generating "sa" key and public key. d, D- R' g. L v# {6 F- H4 O9 l
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"7 \7 z1 b; d/ r1 c4 _; |
[kubeconfig] Writing "admin.conf" kubeconfig file
1 }9 b1 E5 [! J[kubeconfig] Writing "kubelet.conf" kubeconfig file
$ |5 q( V& Y) }9 j6 v# u[kubeconfig] Writing "controller-manager.conf" kubeconfig file3 U- Y" d+ Y6 ~, F
[kubeconfig] Writing "scheduler.conf" kubeconfig file
8 x, S9 J4 e3 e; N4 f7 i+ F[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
% Y0 a, x6 y6 I1 J[control-plane] Using manifest folder "/etc/kubernetes/manifests"- l( \, P0 b( R. p
[control-plane] Creating static Pod manifest for "kube-apiserver"" L4 u+ ^( _( [* e) w) s3 h* ]) _
[control-plane] Creating static Pod manifest for "kube-controller-manager"5 ], e5 Q. q, b/ s" l1 j- l
[control-plane] Creating static Pod manifest for "kube-scheduler"
4 ^ L. G9 C1 `% y# K[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
* e- M2 r' ?5 Y6 o[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
1 p9 D3 H4 A" k" `[kubelet-start] Starting the kubelet
( R0 n* M/ L- g. d9 Z3 `[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
R1 ~6 e" X1 H" Q4 f: R% b% J$ I9 j[apiclient] All control plane components are healthy after 10.503849 seconds( x' l# g2 C6 L7 {: [
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
2 H4 l& z6 n! g/ C* e. J2 ^* d0 w[kubelet] Creating a ConfigMap "kubelet-config" in namespace kube-system with the configuration for the kubelets in the cluster; N: S# _/ M2 u) _/ }; Y; j( E1 L3 S
[upload-certs] Skipping phase. Please see --upload-certs. ^8 K, |, b2 K
[mark-control-plane] Marking the node k8s-master as control-plane by adding the labels: [node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]0 J/ U3 i1 J1 I; S" g
[mark-control-plane] Marking the node k8s-master as control-plane by adding the taints [node-role.kubernetes.io/control-plane:NoSchedule]7 v1 N+ u, @4 U1 b( L3 |
[bootstrap-token] Using token: gz21hk.okzfsa63qkqquxwr
k$ E, _3 p# ]3 B- G1 _' R% Y[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles' ]: W. y3 I! _( E+ _0 N
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes
1 v. X2 b6 V2 [$ z[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
7 t8 K2 Q. j2 a: @/ ?[bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token( p; e$ `7 ~$ |& C, u. y
[bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
& C1 m5 c% u9 B- y[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace8 w$ j- O- J% @5 U. P9 W, z+ L
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
4 ^# ^) s9 m0 E- F* Q[addons] Applied essential addon: CoreDNS0 ?3 [4 v- j! F/ W _
[addons] Applied essential addon: kube-proxy3 m5 N$ f6 U& I1 y8 [
x; k: e) N0 tYour Kubernetes control-plane has initialized successfully!
! v( \# D' I" }' ?; ]; g: {- A0 i% g* X" K& H# N& S9 o% X
To start using your cluster, you need to run the following as a regular user:% ~6 V2 K8 D3 ~/ I. i# g$ C0 E
& g( Y$ U9 _: ~8 x6 Y
mkdir -p $HOME/.kube
8 Q) |; m& |" @+ z. @* } `% S+ T sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config, u# ~4 b; O9 A- ?- ~
sudo chown $(id -u):$(id -g) $HOME/.kube/config
% U- J& \$ w3 T, F" p0 V& ^3 m- m+ H1 j+ ~! h1 C+ X
Alternatively, if you are the root user, you can run:
' [& G' ` I d" O/ Z! V9 y0 _) F$ C1 U; t4 G" p! W
export KUBECONFIG=/etc/kubernetes/admin.conf
& G L% l2 N* m% C! b0 L$ n" D9 S+ C4 \4 q, f
You should now deploy a pod network to the cluster., w1 D4 o1 H: d/ k& S) f
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
5 F- A! C! L6 x- W& ^* y" A' D https://kubernetes.io/docs/conce ... inistration/addons/
4 {8 v z1 v4 W8 Q; L6 R# E9 X! d7 y: @9 n, S/ B n5 S5 h+ D
Then you can join any number of worker nodes by running the following on each as root:
: N0 U/ [! y5 o1 w' c! Q0 D M% s% Z1 ]: s' O$ a0 S4 w5 C- h
kubeadm join 192.168.8.190:6443 --token gz21hk.okzfsa63qkqquxwr \2 b* ]; |0 S8 B. E9 c; f# t
--discovery-token-ca-cert-hash sha256:5aeba3bb6d94b76440997cbc4ee9c2ef8a791211a7da0abb39a75142a040bc00
* T* s, e/ u7 P6 A C |
|
发表于 2024-12-29 21:21:46