Ubuntu22.04 安装 Kubernetes
<p>一、安装docker.io</p><div class="cnblogs_code">
<pre>sudo apt install docker.io</pre>
</div>
<p>关闭swap:</p>
<p>swapoff -a</p>
<p>在文件/etc/fstab注释 :</p>
<p>#/swapfile none swap sw 0 0</p>
<p>二、安装k8s</p>
<p>1、安装问题1</p>
<div class="cnblogs_code">
<pre>Err:<span style="color: rgba(128, 0, 128, 1)">2</span> https:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">packages.cloud.google.com/apt kubernetes-xenial InRelease</span>
Could not connect to packages.cloud.google.com:<span style="color: rgba(128, 0, 128, 1)">443</span> (<span style="color: rgba(128, 0, 128, 1)">172.217</span>.<span style="color: rgba(128, 0, 128, 1)">160.78</span>), connection timed <span style="color: rgba(0, 0, 255, 1)">out</span></pre>
</div>
<p>解决:</p>
<div class="cnblogs_code">
<pre>https:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">packages.cloud.google.com/apt/doc/apt-key.gpg</span></pre>
</div>
<p> </p>
<p>上面链接手动下载,命令为kubernetes-archive-keyring.gpg</p>
<div class="cnblogs_code">
<pre>/usr/share/keyrings/kubernetes-archive-keyring.gpg</pre>
</div>
<p>2、安装源问题</p>
<div class="cnblogs_code">
<pre>Err:<span style="color: rgba(128, 0, 128, 1)">5</span> https:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">packages.cloud.google.com/apt kubernetes-xenial InRelease</span>
Could not connect to packages.cloud.google.com:<span style="color: rgba(128, 0, 128, 1)">443</span> (<span style="color: rgba(128, 0, 128, 1)">172.217</span>.<span style="color: rgba(128, 0, 128, 1)">160.110</span>), connection timed <span style="color: rgba(0, 0, 255, 1)">out</span><span style="color: rgba(0, 0, 0, 1)">
Fetched </span><span style="color: rgba(128, 0, 128, 1)">99.8</span> kB <span style="color: rgba(0, 0, 255, 1)">in</span> 39s (<span style="color: rgba(128, 0, 128, 1)">2</span>,<span style="color: rgba(128, 0, 128, 1)">578</span> B/<span style="color: rgba(0, 0, 0, 1)">s)
Reading package lists... Done
W: Failed to fetch http:</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">apt.kubernetes.io/dists/kubernetes-xenial/InReleaseCould not connect to packages.cloud.google.com:443 (172.217.160.110), connection timed out</span>
<span style="color: rgba(0, 0, 0, 1)">W: Some index files failed to download. They have been ignored, or old ones used instead.
root@ubuntu00:</span>/etc/apt# ls</pre>
</div>
<p>替换安装源</p>
<p>由</p>
<div class="cnblogs_code">
<pre>echo <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">deb https://apt.kubernetes.io/ kubernetes-xenial main</span><span style="color: rgba(128, 0, 0, 1)">"</span> | sudo tee /etc/apt/sources.list.d/kubernetes.list</pre>
</div>
<p>改为</p>
<div class="cnblogs_code">
<pre>echo <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main</span><span style="color: rgba(128, 0, 0, 1)">"</span> | sudo tee /etc/apt/sources.list.d/kubernetes.list</pre>
</div>
<p> </p>
<p>3、安装</p>
<div class="cnblogs_code">
<p>apt-get install kubelet=1.23.6-00<br>apt-get install kubeadm=1.23.6-00</p>
<p>apt-get install kubectl=1.23.6-00</p>
</div>
<p>4、设置节点名称</p>
<div class="cnblogs_code">
<pre>hostnamectl <span style="color: rgba(0, 0, 255, 1)">set</span>-hostname master</pre>
</div>
<p>在 /etc/hosts 添加主机名映射</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(128, 0, 128, 1)">192.168</span>.<span style="color: rgba(128, 0, 128, 1)">2.108</span> master</pre>
</div>
<p> </p>
<p>5、使用阿里云下载源</p>
<div class="cnblogs_code">
<pre>docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker pull registry.cn</span>-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker pull registry.cn</span>-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker pull registry.cn</span>-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker pull registry.cn</span>-hangzhou.aliyuncs.com/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span><span style="color: rgba(0, 0, 0, 1)">
docker pull registry.cn</span>-hangzhou.aliyuncs.com/google_containers/etcd:<span style="color: rgba(128, 0, 128, 1)">3.5</span>.<span style="color: rgba(128, 0, 128, 1)">1</span>-<span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">
docker pull registry.cn</span>-hangzhou.aliyuncs.com/google_containers/coredns:v1.<span style="color: rgba(128, 0, 128, 1)">8.6</span><span style="color: rgba(0, 0, 0, 1)">
docker tag registry.cn</span>-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span> k8s.gcr.io/kube-apiserver:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker rmi registry.cn</span>-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker tag registry.cn</span>-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span> k8s.gcr.io/kube-controller-manager:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker rmi registry.cn</span>-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker tag registry.cn</span>-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span> k8s.gcr.io/kube-scheduler:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker rmi registry.cn</span>-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker tag registry.cn</span>-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span> k8s.gcr.io/kube-proxy:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker rmi registry.cn</span>-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.<span style="color: rgba(128, 0, 128, 1)">23.8</span><span style="color: rgba(0, 0, 0, 1)">
docker tag registry.cn</span>-hangzhou.aliyuncs.com/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> k8s.gcr.io/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span><span style="color: rgba(0, 0, 0, 1)">
docker rmi registry.cn</span>-hangzhou.aliyuncs.com/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span><span style="color: rgba(0, 0, 0, 1)">
docker tag registry.cn</span>-hangzhou.aliyuncs.com/google_containers/etcd:<span style="color: rgba(128, 0, 128, 1)">3.5</span>.<span style="color: rgba(128, 0, 128, 1)">1</span>-<span style="color: rgba(128, 0, 128, 1)">0</span> k8s.gcr.io/etcd:<span style="color: rgba(128, 0, 128, 1)">3.5</span>.<span style="color: rgba(128, 0, 128, 1)">1</span>-<span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">
docker rmi registry.cn</span>-hangzhou.aliyuncs.com/google_containers/etcd:<span style="color: rgba(128, 0, 128, 1)">3.5</span>.<span style="color: rgba(128, 0, 128, 1)">1</span>-<span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">
docker tag registry.cn</span>-hangzhou.aliyuncs.com/google_containers/coredns:v1.<span style="color: rgba(128, 0, 128, 1)">8.6</span> k8s.gcr.io/coredns/coredns:v1.<span style="color: rgba(128, 0, 128, 1)">8.6</span><span style="color: rgba(0, 0, 0, 1)">
docker rmi registry.cn</span>-hangzhou.aliyuncs.com/google_containers/coredns:v1.<span style="color: rgba(128, 0, 128, 1)">8.6</span> </pre>
</div>
<p> </p>
<p>6.修改配置</p>
<div class="cnblogs_code">
<pre>kubeadm config print init-defaults > kubeadm.conf</pre>
</div>
<p>修改 kubeadm.conf</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">bootstrapTokens:
</span>-<span style="color: rgba(0, 0, 0, 1)"> groups:
</span>- system:bootstrappers:kubeadm:<span style="color: rgba(0, 0, 255, 1)">default</span>-node-<span style="color: rgba(0, 0, 0, 1)">token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
</span>-<span style="color: rgba(0, 0, 0, 1)"> signing
</span>-<span style="color: rgba(0, 0, 0, 1)"> authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: </span><span style="color: rgba(128, 0, 128, 1)">192.168</span>.<span style="color: rgba(128, 0, 128, 1)">2.108# 修改</span><span style="color: rgba(0, 0, 0, 1)">
bindPort: </span><span style="color: rgba(128, 0, 128, 1)">6443</span><span style="color: rgba(0, 0, 0, 1)">
nodeRegistration:
criSocket: </span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/run/<span style="color: rgba(0, 0, 0, 1)">dockershim.sock
imagePullPolicy: IfNotPresent
name: master# 修改
taints: </span><span style="color: rgba(0, 0, 255, 1)">null</span>
---<span style="color: rgba(0, 0, 0, 1)">
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io</span>/<span style="color: rgba(0, 0, 0, 1)">v1beta3
certificatesDir: </span>/etc/kubernetes/<span style="color: rgba(0, 0, 0, 1)">pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
local:
dataDir: </span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/lib/<span style="color: rgba(0, 0, 0, 1)">etcd
imageRepository: registry.cn</span>-hangzhou.aliyuncs.com/<span style="color: rgba(0, 0, 0, 1)">google_containers # 修改
kind: ClusterConfiguration
kubernetesVersion: </span><span style="color: rgba(128, 0, 128, 1)">1.23</span>.<span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">
networking:
dnsDomain: cluster.local<br> podSubnet: 10.244.0.0/16 # 新增
serviceSubnet: </span><span style="color: rgba(128, 0, 128, 1)">10.96</span>.<span style="color: rgba(128, 0, 128, 1)">0.0</span>/<span style="color: rgba(128, 0, 128, 1)">12</span><span style="color: rgba(0, 0, 0, 1)">
scheduler: {}</span></pre>
</div>
<p>7、初始化</p>
<div class="cnblogs_code">
<pre>kubeadm init --config=kubeadm.conf</pre>
</div>
<p>产生日志</p>
<div class="cnblogs_code">
<pre> Using Kubernetes version: v1.<span style="color: rgba(128, 0, 128, 1)">23.0</span><span style="color: rgba(0, 0, 0, 1)">
Running pre</span>-<span style="color: rgba(0, 0, 0, 1)">flight checks
Pulling images required </span><span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> setting up a Kubernetes cluster
This might take a minute or two, depending on the speed of your internet connection
You can also perform </span><span style="color: rgba(0, 0, 255, 1)">this</span> action <span style="color: rgba(0, 0, 255, 1)">in</span> beforehand <span style="color: rgba(0, 0, 255, 1)">using</span> <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">kubeadm config images pull</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
Using certificateDir folder </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/pki</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">ca</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">apiserver</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
apiserver serving cert </span><span style="color: rgba(0, 0, 255, 1)">is</span> signed <span style="color: rgba(0, 0, 255, 1)">for</span> DNS names and IPs [<span style="color: rgba(128, 0, 128, 1)">10.96</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span> <span style="color: rgba(128, 0, 128, 1)">192.168</span>.<span style="color: rgba(128, 0, 128, 1)">2.108</span><span style="color: rgba(0, 0, 0, 1)">]
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">apiserver-kubelet-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">front-proxy-ca</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">front-proxy-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/ca</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/server</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
etcd</span>/server serving cert <span style="color: rgba(0, 0, 255, 1)">is</span> signed <span style="color: rgba(0, 0, 255, 1)">for</span> DNS names and IPs [<span style="color: rgba(128, 0, 128, 1)">192.168</span>.<span style="color: rgba(128, 0, 128, 1)">2.108</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span> ::<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">]
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/peer</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
etcd</span>/peer serving cert <span style="color: rgba(0, 0, 255, 1)">is</span> signed <span style="color: rgba(0, 0, 255, 1)">for</span> DNS names and IPs [<span style="color: rgba(128, 0, 128, 1)">192.168</span>.<span style="color: rgba(128, 0, 128, 1)">2.108</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span> ::<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">]
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/healthcheck-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">apiserver-etcd-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">sa</span><span style="color: rgba(128, 0, 0, 1)">"</span> key and <span style="color: rgba(0, 0, 255, 1)">public</span><span style="color: rgba(0, 0, 0, 1)"> key
Using kubeconfig folder </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">admin.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">controller-manager.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">scheduler.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file
Writing kubelet environment file with flags to file <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/var/lib/kubelet/kubeadm-flags.env</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Writing kubelet configuration to file <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/var/lib/kubelet/config.yaml</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Starting the kubelet
Using manifest folder <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/manifests</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating <span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-apiserver</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating <span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-controller-manager</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating <span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-scheduler</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating </span><span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> local etcd <span style="color: rgba(0, 0, 255, 1)">in</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/manifests</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Waiting <span style="color: rgba(0, 0, 255, 1)">for</span> the kubelet to boot up the control plane <span style="color: rgba(0, 0, 255, 1)">as</span> <span style="color: rgba(0, 0, 255, 1)">static</span> Pods <span style="color: rgba(0, 0, 255, 1)">from</span> directory <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/manifests</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">. This can take up to 4m0s
All control plane components are healthy after </span><span style="color: rgba(128, 0, 128, 1)">4.003269</span><span style="color: rgba(0, 0, 0, 1)"> seconds
Storing the configuration used <span style="color: rgba(0, 0, 255, 1)">in</span> ConfigMap <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubeadm-config</span><span style="color: rgba(128, 0, 0, 1)">"</span> <span style="color: rgba(0, 0, 255, 1)">in</span> the <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-system</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> Namespace
Creating a ConfigMap </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet-config-1.23</span><span style="color: rgba(128, 0, 0, 1)">"</span> <span style="color: rgba(0, 0, 255, 1)">in</span> <span style="color: rgba(0, 0, 255, 1)">namespace</span> kube-system with the configuration <span style="color: rgba(0, 0, 255, 1)">for</span> the kubelets <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> the cluster
NOTE: The </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet-config-1.23</span><span style="color: rgba(128, 0, 0, 1)">"</span> naming of the kubelet ConfigMap <span style="color: rgba(0, 0, 255, 1)">is</span> deprecated. Once the UnversionedKubeletConfigMap feature gate graduates to Beta the <span style="color: rgba(0, 0, 255, 1)">default</span> name will become just <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet-config</span><span style="color: rgba(128, 0, 0, 1)">"</span>. Kubeadm upgrade will handle <span style="color: rgba(0, 0, 255, 1)">this</span><span style="color: rgba(0, 0, 0, 1)"> transition transparently.
Skipping phase. Please see --upload-<span style="color: rgba(0, 0, 0, 1)">certs
Marking the node master <span style="color: rgba(0, 0, 255, 1)">as</span> control-plane by adding the labels:
Marking the node master <span style="color: rgba(0, 0, 255, 1)">as</span> control-plane by adding the taints
Using token: abcdef.0123456789abcdef
Configuring bootstrap tokens, cluster-<span style="color: rgba(0, 0, 0, 1)">info ConfigMap, RBAC Roles
configured RBAC rules to allow Node Bootstrap tokens to <span style="color: rgba(0, 0, 255, 1)">get</span><span style="color: rgba(0, 0, 0, 1)"> nodes
configured RBAC rules to allow Node Bootstrap tokens to post CSRs <span style="color: rgba(0, 0, 255, 1)">in</span> order <span style="color: rgba(0, 0, 255, 1)">for</span> nodes to <span style="color: rgba(0, 0, 255, 1)">get</span> <span style="color: rgba(0, 0, 255, 1)">long</span><span style="color: rgba(0, 0, 0, 1)"> term certificate credentials
configured RBAC rules to allow the csrapprover controller automatically approve CSRs <span style="color: rgba(0, 0, 255, 1)">from</span><span style="color: rgba(0, 0, 0, 1)"> a Node Bootstrap Token
configured RBAC rules to allow certificate rotation <span style="color: rgba(0, 0, 255, 1)">for</span> all node client certificates <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> the cluster
Creating the <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">cluster-info</span><span style="color: rgba(128, 0, 0, 1)">"</span> ConfigMap <span style="color: rgba(0, 0, 255, 1)">in</span> the <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-public</span><span style="color: rgba(128, 0, 0, 1)">"</span> <span style="color: rgba(0, 0, 255, 1)">namespace</span><span style="color: rgba(0, 0, 0, 1)">
Updating <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/kubelet.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> to point to a rotatable kubelet client certificate and key
Applied essential addon: CoreDNS
Applied essential addon: kube</span>-<span style="color: rgba(0, 0, 0, 1)">proxy
Your Kubernetes control</span>-plane has initialized successfully!<span style="color: rgba(0, 0, 0, 1)">
To start </span><span style="color: rgba(0, 0, 255, 1)">using</span> your cluster, you need to run the following <span style="color: rgba(0, 0, 255, 1)">as</span><span style="color: rgba(0, 0, 0, 1)"> a regular user:
mkdir </span>-p $HOME/<span style="color: rgba(0, 0, 0, 1)">.kube
sudo cp </span>-i /etc/kubernetes/admin.conf $HOME/.kube/<span style="color: rgba(0, 0, 0, 1)">config
sudo chown $(id </span>-u):$(id -g) $HOME/.kube/<span style="color: rgba(0, 0, 0, 1)">config
Alternatively, </span><span style="color: rgba(0, 0, 255, 1)">if</span><span style="color: rgba(0, 0, 0, 1)"> you are the root user, you can run:
export KUBECONFIG</span>=/etc/kubernetes/<span style="color: rgba(0, 0, 0, 1)">admin.conf
You should now deploy a pod network to the cluster.
Run </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubectl apply -f .yaml</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> with one of the options listed at:
https:</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">kubernetes.io/docs/concepts/cluster-administration/addons/</span>
<span style="color: rgba(0, 0, 0, 1)">
Then you can join any number of worker nodes by running the following on each </span><span style="color: rgba(0, 0, 255, 1)">as</span><span style="color: rgba(0, 0, 0, 1)"> root:
kubeadm join </span><span style="color: rgba(128, 0, 128, 1)">192.168</span>.<span style="color: rgba(128, 0, 128, 1)">2.108</span>:<span style="color: rgba(128, 0, 128, 1)">6443</span> --<span style="color: rgba(0, 0, 0, 1)">token abcdef.0123456789abcdef \
</span>--discovery-token-ca-cert-hash sha256:df36cdfb3397daeacdb335d0eca894fa69a93ba1782daf10e814d1b1f76a87c5 </pre>
</div>
<p>token 下面登录有用到 abcdef.0123456789abcdef</p>
<p> </p>
<p>8、配置静态ip</p>
<p>修改之前动态:</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">network:
version: </span><span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">
renderer: NetworkManager</span></pre>
</div>
<p> </p>
<p>ubuntu 22.04版本:</p>
<div class="cnblogs_code">
<pre>➜~ cat /etc/netplan/<span style="color: rgba(128, 0, 128, 1)">01</span>-network-manager-<span style="color: rgba(0, 0, 0, 1)">all.yaml
# Let NetworkManager manage all devices on </span><span style="color: rgba(0, 0, 255, 1)">this</span><span style="color: rgba(0, 0, 0, 1)"> system
network:
version: </span><span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">
ethernets:
enp0s3:
dhcp4: no
dhcp6: no
addresses:
</span>- <span style="color: rgba(128, 0, 128, 1)">192.168</span>.<span style="color: rgba(128, 0, 128, 1)">2.108</span>/<span style="color: rgba(128, 0, 128, 1)">24</span><span style="color: rgba(0, 0, 0, 1)">
routes:
</span>- to: <span style="color: rgba(0, 0, 255, 1)">default</span><span style="color: rgba(0, 0, 0, 1)">
via: </span><span style="color: rgba(128, 0, 128, 1)">192.168</span>.<span style="color: rgba(128, 0, 128, 1)">2.1</span><span style="color: rgba(0, 0, 0, 1)">
nameservers:
addresses:
</span>- <span style="color: rgba(128, 0, 128, 1)">114.114</span>.<span style="color: rgba(128, 0, 128, 1)">114.114</span>
- <span style="color: rgba(128, 0, 128, 1)">8.8</span>.<span style="color: rgba(128, 0, 128, 1)">8.8</span><span style="color: rgba(0, 0, 0, 1)">
renderer: networkd</span></pre>
</div>
<p>ubuntu 20.04/18.04版本:</p>
<div class="cnblogs_code">
<pre># Let NetworkManager manage all devices on <span style="color: rgba(0, 0, 255, 1)">this</span><span style="color: rgba(0, 0, 0, 1)"> system
network:
version: </span><span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">
ethernets:
enp0s3:
dhcp4: no
addresses: [</span><span style="color: rgba(128, 0, 128, 1)">192.168</span>.<span style="color: rgba(128, 0, 128, 1)">2.108</span>/<span style="color: rgba(128, 0, 128, 1)">24</span><span style="color: rgba(0, 0, 0, 1)">]
optional: </span><span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">
gateway4: </span><span style="color: rgba(128, 0, 128, 1)">192.168</span>.<span style="color: rgba(128, 0, 128, 1)">2.1</span><span style="color: rgba(0, 0, 0, 1)">
nameservers:
addresses: [</span><span style="color: rgba(128, 0, 128, 1)">114.114</span>.<span style="color: rgba(128, 0, 128, 1)">114.114</span>, <span style="color: rgba(128, 0, 128, 1)">8.8</span>.<span style="color: rgba(128, 0, 128, 1)">8.8</span><span style="color: rgba(0, 0, 0, 1)">]
renderer: networkd</span></pre>
</div>
<p>最后执行:</p>
<div class="cnblogs_code">
<pre>netplan apply</pre>
</div>
<p>这样IP就不会随着每次启动服务器变化</p>
<p> 参考: https://blog.csdn.net/qq_36393978/article/details/124868232</p>
<p>9. 安装flannel</p>
<p><code>kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml</code></p>
<p> </p>
<p>kubectl get pods --all-namespaces</p>
<p>出现问题:</p>
<p>1) Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes")</p>
<p>2) The connection to the server localhost:8080 was refused - did you specify the right host or port?</p>
<p> 问题解决:</p>
<p>https://kubernetes.io/zh-cn/docs/setup/production-environment/tools/kubeadm/troubleshooting-kubeadm/</p>
<ul>
<li>
<p>使用如下方法取消设置 <code>KUBECONFIG</code> 环境变量的值:</p>
<div class="highlight">
<pre><code class="language-shell" data-lang="shell">unset KUBECONFIG
</code></pre>
</div>
<p>或者将其设置为默认的 <code>KUBECONFIG</code> 位置:</p>
<div class="highlight">
<pre><code class="language-shell" data-lang="shell">export KUBECONFIG=/etc/kubernetes/admin.conf
</code></pre>
</div>
</li>
<li>
<p>另一个方法是覆盖 <code>kubeconfig</code> 的现有用户 "管理员":</p>
<div class="highlight">
<pre><code class="language-shell" data-lang="shell">mv$HOME/.kube $HOME/.kube.bak
mkdir $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config</code></pre>
</div>
</li>
</ul>
<p> 正常:</p>
<p><img src="https://img2022.cnblogs.com/blog/301579/202207/301579-20220703220049828-1775566367.png" alt="" loading="lazy"></p>
<p> 10、安装dashboard</p>
<p>https://github.com/kubernetes/dashboard</p>
<p>kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.6.0/aio/deploy/recommended.yaml</p>
<div class="highlight highlight-source-shell notranslate position-relative overflow-auto">
<pre>kubectl proxy</pre>
<div> </div>
<div class="zeroclipboard-container position-absolute right-0 top-0"> 访问地址:</div>
<div class="zeroclipboard-container position-absolute right-0 top-0">http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/</div>
<div class="zeroclipboard-container position-absolute right-0 top-0"> </div>
<div class="zeroclipboard-container position-absolute right-0 top-0">token登录:</div>
<div class="zeroclipboard-container position-absolute right-0 top-0">abcdef.0123456789abcdef</div>
</div>
<p>重新获取dashboard token, 获取</p>
<pre><span>deployment-controller-token-m64x2 组件token</span></pre>
<div class="cnblogs_code">
<pre>root@master:~# kubectl -n kube-system <span style="color: rgba(0, 0, 255, 1)">get</span><span style="color: rgba(0, 0, 0, 1)"> secret
NAME TYPE DATA AGE
attachdetach</span>-controller-token-srb2r kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
bootstrap</span>-signer-token-b9krc kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
certificate</span>-controller-token-88htd kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
clusterrole</span>-aggregation-controller-token-dgqtv kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
coredns</span>-token-8lsr4 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
cronjob</span>-controller-token-4l7wz kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
daemon</span>-<span style="color: rgba(0, 0, 255, 1)">set</span>-controller-token-j9m55 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
</span><span style="color: rgba(0, 0, 255, 1)">default</span>-token-n72vg kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
deployment</span>-controller-token-m64x2 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
disruption</span>-controller-token-v92lq kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
endpoint</span>-controller-token-4g6sn kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
endpointslice</span>-controller-token-f9q5k kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
endpointslicemirroring</span>-controller-token-wv87c kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
ephemeral</span>-volume-controller-token-xhqpg kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
expand</span>-controller-token-zfk7s kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
generic</span>-garbage-collector-token-q4b82 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
horizontal</span>-pod-autoscaler-token-s75jq kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
job</span>-controller-token-5vpgv kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
kube</span>-proxy-token-m9sll kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
</span><span style="color: rgba(0, 0, 255, 1)">namespace</span>-controller-token-wv5n7 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
node</span>-controller-token-6x8mx kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
persistent</span>-volume-binder-token-sbrp8 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
pod</span>-garbage-collector-token-kkccv kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
pv</span>-protection-controller-token-bfpwz kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
pvc</span>-protection-controller-token-hz6sq kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
replicaset</span>-controller-token-p8mv8 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
replication</span>-controller-token-dmxm7 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
resourcequota</span>-controller-token-lff72 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
root</span>-ca-cert-publisher-token-nfkv5 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
service</span>-account-controller-token-9zsvf kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
service</span>-controller-token-zmg8n kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
statefulset</span>-controller-token-jwzw6 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
token</span>-cleaner-token-xh98r kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
ttl</span>-after-finished-controller-token-ndvw4 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
ttl</span>-controller-token-ljm5h kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
root@master:</span>~# kubectl -n kube-system <span style="color: rgba(0, 0, 255, 1)">get</span> secret |<span style="color: rgba(0, 0, 0, 1)"> grep controller
attachdetach</span>-controller-token-srb2r kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
certificate</span>-controller-token-88htd kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
clusterrole</span>-aggregation-controller-token-dgqtv kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
cronjob</span>-controller-token-4l7wz kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
daemon</span>-<span style="color: rgba(0, 0, 255, 1)">set</span>-controller-token-j9m55 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
deployment</span>-controller-token-m64x2 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
disruption</span>-controller-token-v92lq kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
endpoint</span>-controller-token-4g6sn kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
endpointslice</span>-controller-token-f9q5k kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
endpointslicemirroring</span>-controller-token-wv87c kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
ephemeral</span>-volume-controller-token-xhqpg kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
expand</span>-controller-token-zfk7s kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
job</span>-controller-token-5vpgv kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
</span><span style="color: rgba(0, 0, 255, 1)">namespace</span>-controller-token-wv5n7 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
node</span>-controller-token-6x8mx kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
pv</span>-protection-controller-token-bfpwz kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
pvc</span>-protection-controller-token-hz6sq kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
replicaset</span>-controller-token-p8mv8 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
replication</span>-controller-token-dmxm7 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
resourcequota</span>-controller-token-lff72 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
service</span>-account-controller-token-9zsvf kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
service</span>-controller-token-zmg8n kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
statefulset</span>-controller-token-jwzw6 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
ttl</span>-after-finished-controller-token-ndvw4 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
ttl</span>-controller-token-ljm5h kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
root@master:</span>~# kubectl -n kube-system <span style="color: rgba(0, 0, 255, 1)">get</span> secret | grep deployement-<span style="color: rgba(0, 0, 0, 1)">controller
root@master:</span>~# kubectl -n kube-system <span style="color: rgba(0, 0, 255, 1)">get</span> secret |<span style="color: rgba(0, 0, 0, 1)"> grep deployement
root@master:</span>~# kubectl -n kube-system <span style="color: rgba(0, 0, 255, 1)">get</span> secret deployment-controller-token-<span style="color: rgba(0, 0, 0, 1)">m64x2
NAME TYPE DATA AGE
deployment</span>-controller-token-m64x2 kubernetes.io/service-account-token <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 27h
root@master:</span>~# kubectl -n kube-system describe secret deployment-controller-token-<span style="color: rgba(0, 0, 0, 1)">m64x2
Name: deployment</span>-controller-token-<span style="color: rgba(0, 0, 0, 1)">m64x2
Namespace: kube</span>-<span style="color: rgba(0, 0, 0, 1)">system
Labels: </span><none><span style="color: rgba(0, 0, 0, 1)">
Annotations:kubernetes.io</span>/service-account.name: deployment-<span style="color: rgba(0, 0, 0, 1)">controller
kubernetes.io</span>/service-account.uid: 33e9b6e5-127f-<span style="color: rgba(128, 0, 128, 1)">4431</span>-<span style="color: rgba(128, 0, 128, 1)">8250</span>-<span style="color: rgba(0, 0, 0, 1)">b4430c5a28cb
Type:kubernetes.io</span>/service-account-<span style="color: rgba(0, 0, 0, 1)">token
Data
</span>====<span style="color: rgba(0, 0, 0, 1)">
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IjdrUTNsVFpBc21WamdmeWtBSk4wcDJRQWlYTVFZd1kzRTlfc0Y1WjFDQ0EifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkZXBsb3ltZW50LWNvbnRyb2xsZXItdG9rZW4tbTY0eDIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVwbG95bWVudC1jb250cm9sbGVyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMzNlOWI2ZTUtMTI3Zi00NDMxLTgyNTAtYjQ0MzBjNWEyOGNiIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRlcGxveW1lbnQtY29udHJvbGxlciJ9.X5YA68bwELziyQSRcUeJ1SdXsHFfkJbR0O5nuiLfjM7MGYfrwDGJ47uYgKqUB</span>-REN-eY7Dad1_LgvZH5MbQuhGvE6MLtM6b65BZ_ap9IZtt60u9f0IcPFVGHwpS_ERkalRus-f3XK8vL42C6YLAK_k3lcfiHFjeKr8pgGChN-V7tOVq8zh6y1iN7u_K0ZjTbT1JAwp8DZ9LxRvVe4bZ727X0KhPD2kfORrcgqdQwglj9j7fLrPWaQsdPEDZ-<span style="color: rgba(0, 0, 0, 1)">zmOyLucmFQbynE8UnArZMVn4y1KJH1aNU1ACMve7S8NeGfqKa6wdewgA5x9lLynbxDY3nNxPD4_ivTms5jE5LsYjew
ca.crt: </span><span style="color: rgba(128, 0, 128, 1)">1099</span><span style="color: rgba(0, 0, 0, 1)"> bytes
</span><span style="color: rgba(0, 0, 255, 1)">namespace</span>:<span style="color: rgba(128, 0, 128, 1)">11</span><span style="color: rgba(0, 0, 0, 1)"> bytes
root@master:</span>~# </pre>
</div>
<p>11, 添加节点</p>
<p>另外启动一个ubuntu 节点,命名为 node01</p>
<p>按1-5步骤安装 kubectl kubeadm kubelet</p>
<p>修改为静态ip</p>
<p>12、在master节点创建token</p>
<div class="cnblogs_code">
<pre>kubeadm token create</pre>
</div>
<div class="cnblogs_code">
<pre>root@master:~<span style="color: rgba(0, 0, 0, 1)"># kubeadm token list
TOKEN TTL EXPIRES USAGES DESCRIPTION EXTRA GROUPS
amek9z.4jznc1u5hkgb5n3r 23h </span><span style="color: rgba(128, 0, 128, 1)">2023</span>-<span style="color: rgba(128, 0, 128, 1)">03</span>-15T15:<span style="color: rgba(128, 0, 128, 1)">48</span>:43Z authentication,signing <none> system:bootstrappers:kubeadm:<span style="color: rgba(0, 0, 255, 1)">default</span>-node-token</pre>
</div>
<p>可以看到token 为 amek9z.4jznc1u5hkgb5n3r , 时效为24h</p>
<p>13、创建discovery-token-ca-cert-hash</p>
<p>在master上创建</p>
<div class="cnblogs_code">
<pre>openssl x509 -pubkey -<span style="color: rgba(0, 0, 255, 1)">in</span> /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der <span style="color: rgba(128, 0, 128, 1)">2</span>>/dev/<span style="color: rgba(0, 0, 255, 1)">null</span> | openssl dgst -sha256 -hex | sed <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">s/^.* //</span><span style="color: rgba(128, 0, 0, 1)">'<br><br>8f0bc0744acdbee8d548f1f34fe120bf630def1c36382a232f02f8ba36d610c5<br></span></pre>
</div>
<p> </p>
<p>14、节点node01 join 集群</p>
<p>在节点node01执行</p>
<div class="cnblogs_code">
<pre>root@node01:~# kubeadm join <span style="color: rgba(128, 0, 128, 1)">192.168</span>.<span style="color: rgba(128, 0, 128, 1)">1.108</span>:<span style="color: rgba(128, 0, 128, 1)">6443</span> --token amek9z.4jznc1u5hkgb5n3r --discovery-token-ca-cert-hash sha256:8f0bc0744acdbee8d548f1f34fe120bf630def1c36382a232f02f8ba36d610c5</pre>
</div>
<p>如无异常,需要等待一会,节点状态才能从notReady转化为Ready状态</p>
<p>15、master节点查看节点</p>
<div class="cnblogs_code">
<pre>root@master:~# kubectl <span style="color: rgba(0, 0, 255, 1)">get</span><span style="color: rgba(0, 0, 0, 1)"> nodes
NAME STATUS ROLES AGE VERSION
master Ready control</span>-plane,master 177d v1.<span style="color: rgba(128, 0, 128, 1)">23.6</span><span style="color: rgba(0, 0, 0, 1)">
node01 Ready </span><none> 22m v1.<span style="color: rgba(128, 0, 128, 1)">23.6</span></pre>
</div>
<p> </p>
<p>至此,集群搭建完毕</p>
<p> </p>
<p>参考:</p>
<p>https://skyao.io/learning-kubernetes/docs/installation/kubeadm/join.html</p>
<p>https://segmentfault.com/a/1190000012755243</p><br><br>
来源:https://www.cnblogs.com/zhuangzebo/p/16380513.html
頁:
[1]