标签:node 00 k8s kubernetes 部署 master01 proxy kube
[CloudNative:KuberNetes&二进制部署.V13] [Applications.KuberNetes][|DevOps|k8s|**5节点**|二进制1.20|kubernetes-node组件配置|——|kubelet|kube-proxy|]
一、kube-proxy配置
### --- kube-proxy注意事项
~~~ # 注意,如果不是高可用集群,192.168.1.20:8443改为master01的地址,
~~~ # 8443改为apiserver的端口,默认是6443二、创建kube-proxy服务
### --- 创建kube-proxy服务
~~~ # 创建kube-proxy服务;以下操作在Master01执行
[root@k8s-master01 ~]# cd /root/k8s-ha-install~~~ # 创建ServiceAccount
[root@k8s-master01 k8s-ha-install]# kubectl -n kube-system create serviceaccount kube-proxy
~~~ 输出结果:
serviceaccount/kube-proxy created~~~ # 创建ClusterRoleBinding
[root@k8s-master01 k8s-ha-install]# kubectl create clusterrolebinding system:kube-proxy --clusterrole system:node-proxier --serviceaccount kube-system:kube-proxy
~~~ 输出结果:
clusterrolebinding.rbac.authorization.k8s.io/system:kube-proxy created~~~ # 创建cluster
[root@k8s-master01 k8s-ha-install]# SECRET=$(kubectl -n kube-system get sa/kube-proxy \
--output=jsonpath='{.secrets[0].name}')
[root@k8s-master01 k8s-ha-install]# JWT_TOKEN=$(kubectl -n kube-system get secret/$SECRET \
--output=jsonpath='{.data.token}' | base64 -d)
[root@k8s-master01 k8s-ha-install]# PKI_DIR=/etc/kubernetes/pki
[root@k8s-master01 k8s-ha-install]# K8S_DIR=/etc/kubernetes
[root@k8s-master01 k8s-ha-install]# kubectl config set-cluster kubernetes --certificate-authority=/etc/kubernetes/pki/ca.pem --embed-certs=true --server=https://192.168.1.20:8443 --kubeconfig=${K8S_DIR}/kube-proxy.kubeconfig
~~~ 输出结果:
Cluster "kubernetes" set.~~~ # 创建user
[root@k8s-master01 k8s-ha-install]# kubectl config set-credentials kubernetes --token=${JWT_TOKEN} --kubeconfig=/etc/kubernetes/kube-proxy.kubeconfig
~~~ 输出结果:
User "kubernetes" set.~~~ # 创建context
[root@k8s-master01 k8s-ha-install]# kubectl config set-context kubernetes --cluster=kubernetes --user=kubernetes --kubeconfig=/etc/kubernetes/kube-proxy.kubeconfig
~~~ 输出结果:
Context "kubernetes" created.~~~ # 创建context
[root@k8s-master01 k8s-ha-install]# kubectl config use-context kubernetes --kubeconfig=/etc/kubernetes/kube-proxy.kubeconfig
~~~ 输出结果:
Switched to context "kubernetes". ### --- 修改pod的网段
~~~ # 查看pod的网段
~~~ 注:修改pod的网段
~~~ 注:如果更改了集群Pod的网段,需要更改kube-proxy/kube-proxy.conf的clusterCIDR: 172.16.0.0/12参数为pod的网段。
[root@k8s-master01 ~]# vim kube-proxy/kube-proxy.conf
clusterCIDR: 172.16.0.0/12### --- 在master01将kube-proxy的systemd Service文件发送到其他节点;将配置文件发送到其它节点
~~~ # 将kube-proxy配置文件发送到k8s-master节点
[root@k8s-master01 k8s-ha-install]# for NODE in k8s-master01 k8s-master02 k8s-master03; do
scp ${K8S_DIR}/kube-proxy.kubeconfig $NODE:/etc/kubernetes/kube-proxy.kubeconfig
scp kube-proxy/kube-proxy.conf $NODE:/etc/kubernetes/kube-proxy.conf
scp kube-proxy/kube-proxy.service $NODE:/usr/lib/systemd/system/kube-proxy.service
done
~~~ 注:输出结果:
kube-proxy.kubeconfig 100% 3120 1.6MB/s 00:00
kube-proxy.conf 100% 813 143.0KB/s 00:00
kube-proxy.service 100% 288 16.4KB/s 00:00
kube-proxy.kubeconfig 100% 3120 473.7KB/s 00:00
kube-proxy.conf 100% 813 210.8KB/s 00:00
kube-proxy.service 100% 288 106.8KB/s 00:00
kube-proxy.kubeconfig 100% 3120 506.0KB/s 00:00
kube-proxy.conf 100% 813 185.6KB/s 00:00
kube-proxy.service ~~~ # 将kube-proxy配置文件发送到k8s-node节点
[root@k8s-master01 k8s-ha-install]# for NODE in k8s-node01 k8s-node02; do
scp /etc/kubernetes/kube-proxy.kubeconfig $NODE:/etc/kubernetes/kube-proxy.kubeconfig
scp kube-proxy/kube-proxy.conf $NODE:/etc/kubernetes/kube-proxy.conf
scp kube-proxy/kube-proxy.service $NODE:/usr/lib/systemd/system/kube-proxy.service
done
~~~ 注:输出结果:
kube-proxy.kubeconfig 100% 3120 322.1KB/s 00:00
kube-proxy.conf 100% 813 118.2KB/s 00:00
kube-proxy.service 100% 288 54.6KB/s 00:00
kube-proxy.kubeconfig 100% 3120 515.4KB/s 00:00
kube-proxy.conf 100% 813 185.4KB/s 00:00
kube-proxy.service### --- 所有节点启动kube-proxy并设置开机自启动
### --- 所有节点启动kube-proxy
[root@k8s-master01 k8s-ha-install]# systemctl daemon-reload
[root@k8s-master01 k8s-ha-install]# systemctl enable --now kube-proxy
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-proxy.service to /usr/lib/systemd/system/kube-proxy.service.### --- 查看kube-proxy状态
[root@k8s-master01 k8s-ha-install]# systemctl status kube-proxy
Active: active (running) since Wed 2021-05-12 21:10:55 CST; 14s ago===============================END===============================
Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart ——W.S.Landor
来自为知笔记(Wiz)
标签:node,00,k8s,kubernetes,部署,master01,proxy,kube 来源: https://www.cnblogs.com/yanqivip/p/16071223.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。