k8s 1.28高可用搭建 kube-proxy集群10
登录 / 注册
标签搜索
侧边栏壁纸
博主昵称
JustDoIt

  • 累计撰写 112 篇文章
  • 累计收到 4 条评论
k8s搭建 kubernetes

k8s 1.28高可用搭建 kube-proxy集群10

Just Do It
Just Do It
2023-11-22 / 0 评论 / 8 阅读 / 正在检测是否收录...

1 部署kube-proxy

1.1 创建kube-proxy证书请求文件

cat > kube-proxy-csr.json << "EOF"
{
  "CN": "system:kube-proxy",
  "key": {
    "algo": "rsa",
    "size": 2048
  },
  "names": [
    {
      "C": "CN",
      "ST": "Beijing",
      "L": "Beijing",
      "O": "kubemsb",
      "OU": "CN"
    }
  ]
}
EOF

1.2 生成证书

cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes kube-proxy-csr.json | cfssljson -bare kube-proxy

# ls kube-proxy*
kube-proxy.csr  kube-proxy-csr.json  kube-proxy-key.pem  kube-proxy.pem

1.3 创建kubeconfig文件

kubectl config set-cluster kubernetes --certificate-authority=ca.pem --embed-certs=true --server=https://192.168.31.100:6443 --kubeconfig=kube-proxy.kubeconfig

kubectl config set-credentials kube-proxy --client-certificate=kube-proxy.pem --client-key=kube-proxy-key.pem --embed-certs=true --kubeconfig=kube-proxy.kubeconfig

kubectl config set-context default --cluster=kubernetes --user=kube-proxy --kubeconfig=kube-proxy.kubeconfig

kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig

1.4 创建服务配置文件

cat > kube-proxy.yaml << "EOF"
apiVersion: kubeproxy.config.k8s.io/v1alpha1
bindAddress: 192.168.31.32
clientConnection:
  kubeconfig: /etc/kubernetes/kube-proxy.kubeconfig
clusterCIDR: 10.244.0.0/16
healthzBindAddress: 192.168.31.32:10256
kind: KubeProxyConfiguration
metricsBindAddress: 192.168.31.32:10249
mode: "ipvs"
EOF

1.5 创建服务启动管理文件

cat >  kube-proxy.service << "EOF"
[Unit]
Description=Kubernetes Kube-Proxy Server
Documentation=https://github.com/kubernetes/kubernetes
After=network.target

[Service]
WorkingDirectory=/var/lib/kube-proxy
ExecStart=/usr/local/bin/kube-proxy \
  --config=/etc/kubernetes/kube-proxy.yaml \
  --alsologtostderr=true \
  --logtostderr=false \
  --log-dir=/var/log/kubernetes \
  --v=2
Restart=on-failure
RestartSec=5
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
EOF

1.6 同步文件到集群工作节点主机

cp kubernetes/server/bin/kube-proxy /usr/local/bin/
cp kube-proxy*.pem /etc/kubernetes/ssl/
cp kube-proxy.kubeconfig kube-proxy.yaml /etc/kubernetes/
cp kube-proxy.service /usr/lib/systemd/system/

for i in k8s-master02 k8s-master03 k8s-node01 k8s-node02;do scp kubernetes/server/bin/kube-proxy $i:/usr/local/bin/;done
for i in k8s-master02 k8s-master03 k8s-node01 k8s-node02;do scp kube-proxy*.pem $i:/etc/kubernetes/ssl;done
for i in k8s-master02 k8s-master03 k8s-node01 k8s-node02;do scp kube-proxy.kubeconfig kube-proxy.yaml $i:/etc/kubernetes/;done
for i in k8s-master02 k8s-master03 k8s-node01 k8s-node02;do scp  kube-proxy.service $i:/usr/lib/systemd/system/;done

说明:
修改kube-proxy.yaml中IP地址为当前主机IP.

1.7 服务启动

mkdir -p /var/lib/kube-proxy

systemctl daemon-reload
systemctl enable --now kube-proxy

systemctl status kube-proxy
0
基础
版权属于: Just Do It
本文链接: https://www.wangmanyuan.com/archives/186/
作品采用: 署名-非商业性使用-相同方式共享 4.0 国际 (CC BY-NC-SA 4.0) 》许可协议授权
相关推荐
k8s 1.28高可用搭建CoreDns集群12
k8s 1.28高可用搭建CoreDns集群12
 k8s 1.28高可用搭建Calico集群11
k8s 1.28高可用搭建Calico集群11
 k8s 1.28高可用搭建 kubelet集群09
k8s 1.28高可用搭建 kubelet集群09
 k8s 1.28高可用搭建containerd集群08
k8s 1.28高可用搭建containerd集群08

评论

博主关闭了当前页面的评论