仰妍,免费婚恋网站,致命螺旋
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# for all_ip in ${all_ips[@]} 4 do 5 echo ">>> ${all_ip}" 6 scp kubernetes/server/bin/kube-proxy root@${all_ip}:/opt/k8s/bin/ 7 ssh root@${all_ip} "chmod +x /opt/k8s/bin/*" 8 done
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# cat > kube-proxy-csr.json <<eof 3 { 4 "cn": "system:kube-proxy", 5 "key": { 6 "algo": "rsa", 7 "size": 2048 8 }, 9 "names": [ 10 { 11 "c": "cn", 12 "st": "shanghai", 13 "l": "shanghai", 14 "o": "k8s", 15 "ou": "system" 16 } 17 ] 18 } 19 eof 20 #创建kube-scheduler的ca证书请求文件
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# cfssl gencert -ca=/opt/k8s/work/ca.pem \ 3 -ca-key=/opt/k8s/work/ca-key.pem -config=/opt/k8s/work/ca-config.json \ 4 -profile=kubernetes kube-proxy-csr.json | cfssljson -bare kube-proxy #生成ca密钥(ca-key.pem)和证书(ca.pem)
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# kubectl config set-cluster kubernetes \ 4 --certificate-authority=/opt/k8s/work/ca.pem \ 5 --embed-certs=true \ 6 --server=${kube_apiserver} \ 7 --kubeconfig=kube-proxy.kubeconfig 8 9 [root@k8smaster01 work]# kubectl config set-credentials kube-proxy \ 10 --client-certificate=kube-proxy.pem \ 11 --client-key=kube-proxy-key.pem \ 12 --embed-certs=true \ 13 --kubeconfig=kube-proxy.kubeconfig 14 15 [root@k8smaster01 work]# kubectl config set-context default \ 16 --cluster=kubernetes \ 17 --user=kube-proxy \ 18 --kubeconfig=kube-proxy.kubeconfig 19 20 [root@k8smaster01 work]# kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig 21 22 [root@k8smaster01 ~]# cd /opt/k8s/work 23 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 24 [root@k8smaster01 work]# for node_name in ${node_names[@]} 25 do 26 echo ">>> ${node_name}" 27 scp kube-proxy.kubeconfig root@${node_name}:/etc/kubernetes/ 28 done
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# cat > kube-proxy-config.yaml.template <<eof 3 kind: kubeproxyconfiguration 4 apiversion: kubeproxy.config.k8s.io/v1alpha1 5 clientconnection: 6 burst: 200 7 kubeconfig: "/etc/kubernetes/kube-proxy.kubeconfig" 8 qps: 100 9 bindaddress: ##all_ip## 10 healthzbindaddress: ##all_ip##:10256 11 metricsbindaddress: ##all_ip##:10249 12 enableprofiling: true 13 clustercidr: ${cluster_cidr} 14 hostnameoverride: ##all_name## 15 mode: "ipvs" 16 portrange: "" 17 kubeproxyiptablesconfiguration: 18 masqueradeall: false 19 kubeproxyipvsconfiguration: 20 scheduler: rr 21 excludecidrs: [] 22 eof
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# for (( i=0; i < 6; i++ )) 4 do 5 echo ">>> ${all_names[i]}" 6 sed -e "s/##all_name##/${all_names[i]}/" -e "s/##all_ip##/${all_ips[i]}/" kube-proxy-config.yaml.template > kube-proxy-config-${all_names[i]}.yaml.template 7 scp kube-proxy-config-${all_names[i]}.yaml.template root@${all_names[i]}:/etc/kubernetes/kube-proxy-config.yaml 8 done
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# cat > kube-proxy.service <<eof 4 [unit] 5 description=kubernetes kube-proxy server 6 documentation=https://github.com/googlecloudplatform/kubernetes 7 after=network.target 8 9 [service] 10 workingdirectory=${k8s_dir}/kube-proxy 11 execstart=/opt/k8s/bin/kube-proxy \\ 12 --config=/etc/kubernetes/kube-proxy-config.yaml \\ 13 --logtostderr=true \\ 14 --v=2 15 restart=on-failure 16 restartsec=5 17 limitnofile=65536 18 19 [install] 20 wantedby=multi-user.target 21 eof
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# for all_name in ${all_names[@]} 4 do 5 echo ">>> ${all_name}" 6 scp kube-proxy.service root@${all_name}:/etc/systemd/system/ 7 done #分发system
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# for all_ip in ${all_ips[@]} 4 do 5 echo ">>> ${all_ip}" 6 ssh root@${all_ip} "mkdir -p ${k8s_dir}/kube-proxy" 7 ssh root@${all_ip} "modprobe ip_vs_rr" 8 ssh root@${all_ip} "systemctl daemon-reload && systemctl enable kube-proxy && systemctl restart kube-proxy" 9 done #启动服务前必须先创建工作目录
1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh 2 [root@k8smaster01 ~]# for all_ip in ${all_ips[@]} 3 do 4 echo ">>> ${all_ip}" 5 ssh root@${all_ip} "systemctl status kube-proxy|grep active" 6 done
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# for all_ip in ${all_ips[@]} 4 do 5 echo ">>> ${all_ip}" 6 ssh root@${all_ip} "sudo netstat -lnpt|grep kube-prox" 7 done
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# for all_ip in ${all_ips[@]} 4 do 5 echo ">>> ${all_ip}" 6 ssh root@${all_ip} "/usr/sbin/ipvsadm -ln" 7 done
如对本文有疑问,请在下面进行留言讨论,广大热心网友会与你互动!! 点击进行留言回复
linux下文本编辑器vim的使用方法(复制、粘贴、替换、行号、撤销、多文件操作)
网友评论