本文開始部署kubernetes node.

在所有node服務器創建目錄。

mkdir -p /etc/kubernetes/pki

拷貝master節點的ca-key.pem, ca.pem到/etc/kubernetes/pki/

拷貝master節點的bootstrap.conf到/etc/kubernetes/

下載kubelet

wget?https://storage.googleapis.com/kubernetes-release/release/v1.8.4/bin/linux/amd64/kubelet -o /usr/local/bin/kubelet

chmod +x /usr/local/bin/kubelet

下載CNI

mkdir -p /opt/cni/bin

cd /opt/cni/bin

wget?https://github.com/containernetworking/plugins/releases/download/v0.6.0/cni-plugins-amd64-v0.6.0.tgz

下載完成后解壓到bin目錄

創建目錄

mkdir -p /var/lib/kubelet

mkdir -p /var/log/kubernetes

mkdir -p /etc/manifests

mkdir -p /etc/systemd/system/kubelet.service.d/

下載node的kubelet.service文件到/lib/systemd/system/

下載node的10-kubelet.conf到/etc/systemd/system/kubelet.service.d/

kubelet.service

[Unit] Description=kubelet: The Kubernetes Node Agent Documentation=http://kubernetes.io/docs/[Service] ExecStart=/usr/local/bin/kubelet Restart=on-failure StartLimitInterval=0 RestartSec=10[Install] WantedBy=multi-user.target

10-kubelet.conf

[Service] Environment="KUBELET_KUBECONFIG_ARGS=--address=0.0.0.0 --port=10250 --kubeconfig=/etc/kubernetes/kubelet.conf --bootstrap-kubeconfig=/etc/kubernetes/bootstrap.conf" Environment="KUBE_LOGTOSTDERR=--logtostderr=true --v=0" Environment="KUBELET_SYSTEM_PODS_ARGS=--pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true --anonymous-auth=false" Environment="KUBELET_POD_CONTAINER=--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:3.0" Environment="KUBELET_NETWORK_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin" Environment="KUBELET_DNS_ARGS=--cluster-dns=10.96.0.10 --cluster-domain=cluster.local" Environment="KUBELET_AUTHZ_ARGS=--authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/ca.pem" Environment="KUBELET_CADVISOR_ARGS=--cadvisor-port=0" Environment="KUBELET_CERTIFICATE_ARGS=--rotate-certificates=true --cert-dir=/var/lib/kubelet/pki" Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false --serialize-image-pulls=false" Environment="KUBE_NODE_LABEL=--node-labels=node-role.kubernetes.io/node=true" ExecStart= ExecStart=/usr/local/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBE_LOGTOSTDERR $KUBELET_POD_CONTAINER $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ_ARGS $KUBELET_EXTRA_ARGS $KUBE_NODE_LABEL
systemctl enable kubelet

systemctl start kubelet

接下來在master節點對node節點進行授權

kubectl create clusterrolebinding kubelet-bootstrap --clusterrole=system:node-bootstrapper --user=kubelet-bootstrap

kubectl get csr | awk '/Pending/ {print $1}' | xargs kubectl certificate approve

看到以上界面說明添加成功。

接下來安裝kube-proxy

在master節點生成kube-proxy私鑰和證書

/etc/kubernetes/pki/kube-proxy-csr.json

{"CN":"system:kube-proxy","key":{"algo":"rsa","size":2048},"names":[{"C":"CN","ST":"Shanghai","L":"Shanghai","O":"system:kube-proxy","OU":"Kubernetes-manual"}]} cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes kube-proxy-csr.json | cfssljson -bare kube-proxy

生成kubeconfig文件kube-proxy.conf

kubectl config set-cluster kubernetes --certificate-authority=ca.pem --embed-certs=true --server="https://10.0.0.210:6443" --kubeconfig=../kube-proxy.conf
kubectl config set-credentials system:kube-proxy --client-key=kube-proxy-key.pem --client-certificate=kube-proxy.pem --embed-certs=true --kubeconfig=../kube-proxy.conf
kubectl config set-context system:kube-proxy@kubernetes --cluster=kubernetes --user=system:kube-proxy --kubeconfig=../kube-proxy.conf
kubectl config use-context system:kube-proxy@kubernetes --kubeconfig=../kube-proxy.conf

把pki/kube-proxy.pem和pki/kube-proxy-key.pem拷貝到每臺node的/etc/kubernetes/pki/下面

把kube-proxy.conf拷貝到每臺node的/etc/kubernetes/下面

接下來，在master節點通過kubectl來創建kube-proxy daemon

mkdir -p /etc/kubernetes/addons

cd /etc/kubernetes/addons

kube-proxy.yml

apiVersion: v1 kind: ServiceAccount metadata:name: kube-proxylabels:k8s-app: kube-proxykubernetes.io/cluster-service: "true"addonmanager.kubernetes.io/mode: Reconcilenamespace: kube-system --- apiVersion: extensions/v1beta1 kind: DaemonSet metadata:name: kube-proxylabels:k8s-app: kube-proxykubernetes.io/cluster-service: "true"addonmanager.kubernetes.io/mode: Reconcilenamespace: kube-system spec:selector:matchLabels:k8s-app: kube-proxytemplateGeneration: 1updateStrategy:rollingUpdate:maxUnavailable: 1type: RollingUpdatetemplate:metadata:labels:k8s-app: kube-proxyannotations:scheduler.alpha.kubernetes.io/critical-pod: ''spec:serviceAccountName: kube-proxyhostNetwork: truecontainers:- name: kube-proxyimage: registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy-amd64:v1.8.4command:- kube-proxy- --v=0- --logtostderr=true- --kubeconfig=/run/kube-proxy.conf- --cluster-cidr=10.244.0.0/16- --proxy-mode=iptablesimagePullPolicy: IfNotPresentsecurityContext:privileged: truevolumeMounts:- mountPath: /run/kube-proxy.confname: kubeconfigreadOnly: true- mountPath: /etc/kubernetes/pkiname: k8s-certsreadOnly: truednsPolicy: ClusterFirstrestartPolicy: AlwaysterminationGracePeriodSeconds: 30volumes:- hostPath:path: /etc/kubernetes/kube-proxy.conftype: FileOrCreatename: kubeconfig- hostPath:path: /etc/kubernetes/pkitype: DirectoryOrCreatename: k8s-certs

kubectl apply -f kube-proxy.yml

kubernetes node安裝完成。

總結

以上是生活随笔為你收集整理的kubernetes1.8.4 安装指南 -- 7. kubernetes node安装的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。