这篇文章整理以下Node节点的kubelet的安装与设定方法,本文以脚本的方式进行固化,内容仍然放在github的easypack上。
整体操作
kubelet的设定文件
[root@host131 shell]# cat /etc/k8s/kubelet.conf
KUBELET_OPTS="--logtostderr=true \
--v=4 \
--log-dir=/var/log/kubernetes \
--root-dir=/var/lib/kubelet \
--cert-dir=/etc/ssl/k8s \
--fail-swap-on=false \
--hostname-override=192.168.163.131 \
--bootstrap-kubeconfig=/etc/ssl/k8s/bootstrap.kubeconfig \
--kubeconfig=/etc/k8s/kubelet.kubeconfig \
--config=/etc/k8s/kubelet-config.yaml \
--pod-infra-container-image=gcr.io/google_containers/pause-amd64:3.1 \
--allow-privileged=true \
--event-qps=0 \
--kube-api-qps=1000 \
--kube-api-burst=2000 \
--registry-qps=0 \
--image-pull-progress-deadline=30m"
[root@host131 shell]#
config设定文件
从1.10开始,很多参数都需要在config指定的文件中进行设定,设定示例如下
[root@host131 shell]# cat /etc/k8s/kubelet-config.yaml
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
anonymous:
enabled: false
webhook:
enabled: true
x509:
clientCAFile: "/etc/ssl/ca/ca.pem"
authorization:
mode: Webhook
clusterDomain: "cluster.local"
clusterDNS:
- "10.0.0.2"
podCIDR: "172.200.0.0/16"
maxPods: 2000
serializeImagePulls: false
hairpinMode: promiscuous-bridge
cgroupDriver: cgroupfs
runtimeRequestTimeout: "15m"
rotateCertificates: true
serverTLSBootstrap: true
readOnlyPort: 0
port: 10250
address: "192.168.163.131"
[root@host131 shell]#
Systemd服务配置文件
[root@host131 shell]# cat /usr/lib/systemd/system/kubelet.service
[Unit]
Description=Kubernetes Kubelet Service
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=docker.service
Requires=docker.service
[Service]
WorkingDirectory=/var/lib/kubelet
EnvironmentFile=-/etc/k8s/kubelet.conf
ExecStart=/usr/local/bin/kubelet $KUBELET_OPTS
Restart=always
RestartSec=5
StartLimitInterval=0
[Install]
WantedBy=multi-user.target
[root@host131 shell]#
脚本示例
[