node节点加入k8s集群
依赖此集群:https://blog.csdn.net/weixin_43707076/article/details/119282577
初始化操作
参考:https://blog.csdn.net/weixin_43707076/article/details/119282577
变化:
vi /etc/docker/daemon.json
{
"registry-mirrors":["https://rsbud4vc.mirror.aliyuncs.com","https://registry.docker-cn.com","https://docker.mirrors.ustc.edu.cn","https://dockerhub.azk8s.cn","http://hub-mirror.c.163.com","http://qtid6917.mirror.aliyuncs.com", "https://rncxm540.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"],
"storage-driver": "overlay2",
"insecure-registries": ["registry.access.redhat.com","quay.io","harbor.zq.com"],
"bip": "172.7.41.1/24", #改成172.7.41.1方便后期排错,出问题立马就知道是那台机器。
"live-restore": true
}
创建节点组件的安装目录
mkdir /etc/kubernetes/ssl -p
安装kubelet
将kubelet-bootstrap.kubeconfig、ca.pem、kubelet 、kube-proxy、kubelet.json、kubelet.service文件cp到bst-41相应的位置,并修改
[root@bst-30 ssl]# scp kubelet-bootstrap.kubeconfig root@10.4.7.41:/etc/kubernetes/
[root@bst-30 ssl]# scp ca.pem root@10.4.7.41:/etc/kubernetes/ssl/
[root@bst-30 bin]# scp kubelet kube-proxy root@10.4.7.41:/usr/local/bin/
root@10.4.7.41's password:
kubelet 100% 109MB 60.7MB/s 00:01
kube-proxy
#/etc/kubernetes/kubelet.json
{
"kind": "KubeletConfiguration",
"apiVersion": "kubelet.config.k8s.io/v1beta1",
"authentication": {
"x509": {
"clientCAFile": "/etc/kubernetes/ssl/ca.pem"
},
"webhook": {
"enabled": true,
"cacheTTL": "2m0s"
},
"anonymous": {
"enabled": false
}
},
"authorization": {
"mode": "Webhook",
"webhook": {
"cacheAuthorizedTTL": "5m0s",
"cacheUnauthorizedTTL": "30s"
}
},
"address": "10.4.7.41",
"port": 10250,
"readOnlyPort": 10255,
"cgroupDriver": "systemd",
"hairpinMode": "promiscuous-bridge",
"serializeImagePulls": false,
"featureGates": {
"RotateKubeletClientCertificate": true,
"RotateKubeletServerCertificate": true
},
"clusterDomain": "cluster.local.",
"clusterDNS": ["192.168.0.2"]
}
#/usr/lib/systemd/system/kubelet.service
[Unit]
Description=Kubernetes Kubelet
Documentation=https://github.com/kubernetes/kubernetes
After=docker.service
Requires=docker.service
[Service]
WorkingDirectory=/var/lib/kubelet
ExecStart=/usr/local/bin/kubelet \
--bootstrap-kubeconfig=/etc/kubernetes/kubelet-bootstrap.kubeconfig \
--cert-dir=/etc/kubernetes/ssl \
--kubeconfig=/etc/kubernetes/kubelet.kubeconfig \
--config=/etc/kubernetes/kubelet.json \
--network-plugin=cni \
--pod-infra-container-image=docker.io/dockub0314/pause:3.2 \
--alsologtostderr=true \
--logtostderr=false \
--log-dir=/var/log/kubernetes \
--v=2
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
mkdir /var/lib/kubelet
mkdir /var/log/kubernetes
启动并在主节点approve
systemctl start kubelet && systemctl enable kubelet
主节点查看
kubectl get csr
approve
kubectl certificate approve node-csr-lgKPUNtE3GjT3Pniy21hMbBLtAlGfl6zoToR1ndugYw
部署kube-proxy组件
将kube-proxy.kubeconfig复制到此节点
[root@bst-30 ssl]# scp kube-proxy.kubeconfig root@10.4.7.41:/etc/kubernetes/
创建配置文件
#/etc/kubernetes/kube-proxy.yaml
apiVersion: kubeproxy.config.k8s.io/v1alpha1
bindAddress: 10.4.7.41
clientConnection:
kubeconfig: /etc/kubernetes/kube-proxy.kubeconfig
clusterCIDR: 172.7.0.0/16
healthzBindAddress: 10.4.7.41:10256
kind: KubeProxyConfiguration
metricsBindAddress: 10.4.7.41:10249
mode: "ipvs"
创建启动文件
#/usr/lib/systemd/system/kube-proxy.service
[Unit]
Description=Kubernetes Kube-Proxy Server
Documentation=https://github.com/kubernetes/kubernetes
After=network.target
[Service]
WorkingDirectory=/var/lib/kube-proxy
ExecStart=/usr/local/bin/kube-proxy \
--config=/etc/kubernetes/kube-proxy.yaml \
--alsologtostderr=true \
--logtostderr=false \
--log-dir=/var/log/kubernetes \
--v=2
Restart=on-failure
RestartSec=5
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
mkdir -p /var/lib/kube-proxy
启动节点
systemctl start kube-proxy && systemctl enable kube-proxy
master节点查看
kubectl get node -o wide
部署busybox验证节点
[root@bst-30 yaml]# cat busybox.yaml
apiVersion: v1
kind: Pod
metadata:
name: busybox
namespace: default
spec:
containers:
- name: busybox
image: busybox:1.28
command:
- sleep
- "3600"
imagePullPolicy: IfNotPresent
restartPolicy: Always
kubectl create -f busybox.yaml