10.部署Node节点

# 配置和启动 Flanneld

    # yum 安装 Flanneld

        [10.0.3.113,10.0.3.114,10.0.3.115]

yum install -y flannel

    # 创建 Flanneld 的 systemd unit 文件

        [10.0.3.113,10.0.3.114,10.0.3.115]

cat << EOF > /usr/lib/systemd/system/flanneld.service
[Unit]
Description=Flanneld overlay address etcd agent
After=network.target
After=network-online.target
Wants=network-online.target
After=etcd.service
Before=docker.service
[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/flanneld
EnvironmentFile=-/etc/sysconfig/docker-network
ExecStart=/usr/bin/flanneld-start \\
  -etcd-endpoints=\${ETCD_ENDPOINTS} \\
  -etcd-prefix=\${ETCD_PREFIX} \\
  \$FLANNEL_OPTIONS
ExecStartPost=/usr/libexec/flannel/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
Restart=on-failure
[Install]
WantedBy=multi-user.target
RequiredBy=docker.service
EOF

     # 创建 /etc/sysconfig/flanneld 文件

         [10.0.3.113,10.0.3.114,10.0.3.115]

cat << EOF > /etc/sysconfig/flanneld
ETCD_ENDPOINTS="https://10.0.3.122:2379,https://10.0.3.123:2379,https://10.0.3.124:2379"
ETCD_PREFIX="/kube-centos/network"
FLANNEL_OPTIONS="-etcd-cafile=/etc/kubernetes/ssl/ca.pem \\
    -etcd-certfile=/etc/kubernetes/ssl/kubernetes.pem \\
    -etcd-keyfile=/etc/kubernetes/ssl/kubernetes-key.pem"
EOF


    # 在etcd中创建网络配置

        [10.0.3.122]

etcdctl --endpoints=https://10.0.3.122:2379,https://10.0.3.123:2379,https://10.0.3.124:2379 \
  --ca-file=/etc/kubernetes/ssl/ca.pem \
  --cert-file=/etc/kubernetes/ssl/kubernetes.pem \
  --key-file=/etc/kubernetes/ssl/kubernetes-key.pem \
  mkdir /kube-centos/network
etcdctl --endpoints=https://10.0.3.122:2379,https://10.0.3.123:2379,https://10.0.3.124:2379 \
  --ca-file=/etc/kubernetes/ssl/ca.pem \
  --cert-file=/etc/kubernetes/ssl/kubernetes.pem \
  --key-file=/etc/kubernetes/ssl/kubernetes-key.pem \
  mk /kube-centos/network/config '{"Network":"172.30.0.0/16","SubnetLen":24,"Backend":{"Type":"vxlan"}}'

    # 启动flannel 

         [10.0.3.113,10.0.3.114,10.0.3.115]

systemctl daemon-reload 
systemctl start flanneld 
systemctl status flanneld


# yum 安装和启动 docker

     [10.0.3.113,10.0.3.114,10.0.3.115]

yum install -y docker 
systemctl start docker


# 安装和配置 kubelet

    # kubelet 启动时向 kube-apiserver 发送 TLS bootstrapping 请求,需要先将 bootstrap token 文件中的 kubelet-bootstrap 用户赋予 system:node-bootstrapper cluster 角色(role), 然后 kubelet 才能有权限创建认证请求(certificate signing requests):

cd /etc/kubernetes
kubectl create clusterrolebinding kubelet-bootstrap \
  --clusterrole=system:node-bootstrapper \
  --user=kubelet-bootstrap

    # --user=kubelet-bootstrap 是在 /etc/kubernetes/token.csv 文件中指定的用户名,同时也写入了 /etc/kubernetes/bootstrap.kubeconfig 文件;


    # 下载最新的 kubelet 和 kube-proxy 二进制文件

         [10.0.3.113,10.0.3.114,10.0.3.115]

cd /tmp
wget https://dl.k8s.io/v1.6.0/kubernetes-server-linux-amd64.tar.gz
tar -xzvf kubernetes-server-linux-amd64.tar.gz
cd kubernetes
tar -xzvf  kubernetes-src.tar.gz
cp -r ./server/bin/{kube-proxy,kubelet} /usr/local/bin/
cd .. 
rm -rf kubernetes  kubernetes-server-linux-amd64.tar.gz

    # 创建 Flanneld 的 systemd unit 文件

cat << EOF > /usr/lib/systemd/system/kubelet.service
[Unit]
Description=Kubernetes Kubelet Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=docker.service
Requires=docker.service
[Service]
WorkingDirectory=/var/lib/kubelet
EnvironmentFile=-/etc/kubernetes/kubelet
ExecStart=/usr/local/bin/kubelet \\
            \$KUBE_LOGTOSTDERR \\
            \$KUBE_LOG_LEVEL \\
            \$KUBELET_API_SERVER \\
            \$KUBELET_ADDRESS \\
            \$KUBELET_PORT \\
            \$KUBELET_HOSTNAME \\
            \$KUBE_ALLOW_PRIV \\
            \$KUBELET_POD_INFRA_CONTAINER \\
            \$KUBELET_ARGS
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF

    # 创建 /var/lib/kubelet 文件

cat << EOF > /etc/kubernetes/kubelet
KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBELET_API_SERVER="--api-servers=https://10.0.3.116:6443"
KUBELET_ADDRESS="--address=${HOST_IP}"
KUBELET_HOSTNAME="--hostname-override=${HOST_IP}"
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
KUBELET_ARGS="--cgroup-driver=systemd \\
--cluster-dns=10.254.0.2 \\
--experimental-bootstrap-kubeconfig=/etc/kubernetes/bootstrap.kubeconfig \\
--kubeconfig=/etc/kubernetes/kubelet.kubeconfig \\
--require-kubeconfig \\
--cert-dir=/etc/kubernetes/ssl \\
--cluster-domain=cluster.local \\
--hairpin-mode promiscuous-bridge \\
--serialize-image-pulls=false"
EOF

    # 创建 /var/lib/kubelet 目录

mkdir -p /var/lib/kubelet

   # 创建 /var/lib/kubelet 目录

cp ~/.kube/config /etc/kubernetes/kubelet.kubeconfig

  # 启动kublet

systemctl daemon-reload 
systemctl enable kubelet 
systemctl start kubelet 
systemctl status kubelet


# 配置 kube-proxy

cat << EOF > /usr/lib/systemd/system/kube-proxy.service
[Unit]
Description=Kubernetes Kube-Proxy Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=network.target
[Service]
EnvironmentFile=-/etc/kubernetes/config
EnvironmentFile=-/etc/kubernetes/proxy
ExecStart=/usr/local/bin/kube-proxy \\
        \$KUBE_LOGTOSTDERR \\
        \$KUBE_LOG_LEVEL \\
        \$KUBE_MASTER \\
        \$KUBE_PROXY_ARGS
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
EOF



cat << EOF > /etc/kubernetes/proxy
KUBE_PROXY_ARGS="--bind-address=${HOST_IP} \\
--hostname-override=${HOST_IP} \\
--kubeconfig=/etc/kubernetes/kube-proxy.kubeconfig \\
--cluster-cidr=10.254.0.0/16"
EOF



systemctl daemon-reload
systemctl enable kube-proxy
systemctl start kube-proxy
systemctl status kube-proxy








标签: none

添加新评论