kubeadm中怎么創建單個主節點集群
這篇文章將為大家詳細講解有關kubeadm中怎么創建單個主節點集群����,文章內容質量較高����,因此小編分享給大家做個參考�����,希望大家閱讀完這篇文章后對相關知識有一定的了解���。
kubeadm成熟度
| Area | Maturity Level |
|---|
| Command line UX | GA |
| Implementation | GA |
| Config file API | beta |
| CoreDNS | GA |
| kubeadm alpha subcommands | alpha |
| High availability | alpha |
| DynamicKubeletConfig | alpha |
| Self-hosting | alpha |
kubeadm的總體特征狀態為GA�����。 一些子特性�,如配置文件API�,仍在積極開發中�����。 隨著工具的發展�,創建集群的實現可能略有變化��,但總體實現應該相當穩定��。 根據定義�,kubeadm alpha下的任何命令都在alpha級別上受支持�。
安裝預備工作
安裝kubeadm
kubeadmin安裝查看https://my.oschina.net/jennerlo/blog/3007440
初始化master
master是控制面板組件運行的機器����,包括etcd(集群數據庫)和API服務器(kubectl CLI與之通信)����。
選擇pod網絡附加組件����,并驗證是否需要將任何參數傳遞給kubeadm初始化���。 根據您選擇的第三方供應商�,您可能需要將 --pod-network-cidr 設置為特定于供應商的值�����。 查看安裝pod網絡附加組件����。
(可選)除非另外有指定����,kubeadm使用與默認網關關聯的網絡接口來廣告master的IP�。
要使用不同的網絡接口�����, 執行 kubeadm init 時要指定 --apiserver-advertise-address=<ip-address> 參數���。 要使用IPv6尋址部署IPv6 Kubernetes集群����,必須指定IPv6地址�,例如 --apiserver-advertise-address=fd00::101
(可選)在 kubeadm init 之前運行 kubeadm config images pull ��,以驗證與 gcr.io registries 的連接����。
初始化命令:
kubeadm init <args>
更多信息
有關kubeadm init參數的更多信息�����,請查看 kubeadm參考指南�����。
獲取配置選項的完整列表���, 請參閱配置文件文檔
要自定義控制面板組件�,包括可選的IPv6分配到控制面板組件和etcd服務器的活動探針�,為每個組件提供額外的參數�����,如自定義參數中所述���。
要再次運行kubeadm init�����,必須首先拆毀集群���。
如果您將具有不同體系結構的節點加入到集群中�����,請為節點上的kube-proxy和kube-dns創建單獨的Deployment或DaemonSet�。 這是因為這些組件的Docker鏡像目前不支持多架構����。
kubeadm init 首先運行一系列預檢查���,以確保機器已經準備好運行Kubernetes���。 這些預檢查拋出警告并在錯誤時退出�。 kubeadm init 然后下載并安裝集群控制平面組件�。 這可能需要幾分鐘����。輸出應該是這樣的:
[init] Using Kubernetes version: vX.Y.Z
[preflight] Running pre-flight checks
[kubeadm] WARNING: starting in 1.8, tokens expire after 24 hours by default (if you require a non-expiring token use --token-ttl 0)
[certificates] Generated ca certificate and key.
[certificates] Generated apiserver certificate and key.
[certificates] apiserver serving cert is signed for DNS names [kubeadm-master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.138.0.4]
[certificates] Generated apiserver-kubelet-client certificate and key.
[certificates] Generated sa key and public key.
[certificates] Generated front-proxy-ca certificate and key.
[certificates] Generated front-proxy-client certificate and key.
[certificates] Valid certificates and keys now exist in "/etc/kubernetes/pki"
[kubeconfig] Wrote KubeConfig file to disk: "admin.conf"
[kubeconfig] Wrote KubeConfig file to disk: "kubelet.conf"
[kubeconfig] Wrote KubeConfig file to disk: "controller-manager.conf"
[kubeconfig] Wrote KubeConfig file to disk: "scheduler.conf"
[controlplane] Wrote Static Pod manifest for component kube-apiserver to "/etc/kubernetes/manifests/kube-apiserver.yaml"
[controlplane] Wrote Static Pod manifest for component kube-controller-manager to "/etc/kubernetes/manifests/kube-controller-manager.yaml"
[controlplane] Wrote Static Pod manifest for component kube-scheduler to "/etc/kubernetes/manifests/kube-scheduler.yaml"
[etcd] Wrote Static Pod manifest for a local etcd instance to "/etc/kubernetes/manifests/etcd.yaml"
[init] Waiting for the kubelet to boot up the control plane as Static Pods from directory "/etc/kubernetes/manifests"
[init] This often takes around a minute; or longer if the control plane images have to be pulled.
[apiclient] All control plane components are healthy after 39.511972 seconds
[uploadconfig] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[markmaster] Will mark node master as master by adding a label and a taint
[markmaster] Master master tainted and labelled with key/value: node-role.kubernetes.io/master=""
[bootstraptoken] Using token: <token>
[bootstraptoken] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstraptoken] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstraptoken] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run (as a regular user):
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the addon options listed at:
http://kubernetes.io/docs/admin/addons/
You can now join any number of machines by running the following on each node
as root:
kubeadm join --token <token> <master-ip>:<master-port> --discovery-token-ca-cert-hash sha256:<hash>
要使kubectl為非root用戶環境下工作�,請運行這些命令:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
如果是root用戶����,則可以運行:
export KUBECONFIG=/etc/kubernetes/admin.conf
token用于主節點和連接節點之間的相互身份驗證���。 這里包含的token是機密的���。確保它的安全性��,因為任何具有此token的人都可以將經過身份驗證的節點添加到集群中��。
關于kubeadm中怎么創建單個主節點集群就分享到這里了���,希望以上內容可以對大家有一定的幫助�����,可以學到更多知識����。如果覺得文章不錯�,可以把它分享出去讓更多的人看到��。
