搭建二进制k8s kubelet 的注意事项
配置文件bootstrap.kubeconfigapiVersion: v1clusters:- cluster:certificate-authority: /usr/local/bin/kubernetes/ssl/ca.pemserver: https://10.26.170.35:6443name: kubernetescontexts:- context:cluster: kuberne
·
配置文件
- bootstrap.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority: /usr/local/bin/kubernetes/ssl/ca.pem
server: https://10.26.170.35:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubelet-bootstrap
name: default
current-context: default
kind: Config
preferences: {}
users:
- name: kubelet-bootstrap
user:
token: 5610ce0fcbba028f4586f6987b6196d9
【注】:
- certificate-authority 可用 certificate-authority-data 替代不过不再是路径,而是具体的证书内容
- server 里内容必须是 https://xxxx 少了会报 try setting KUBERNETES_MASTER environment variable
- current-context 内容最好用 default替代 而不是用 “”
- token 必须与 kube-apiserver 服务器的 token.csv 文件中的 token 保持一致
- certificate-authority其中的证书与 apiserver中用到的 ca.pem 证书一致即可, kubelet-config.yml 也是如此
2.kubelet-config.yml
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
address: 0.0.0.0
port: 10250
readOnlyPort: 10255
cgroupDriver: cgroupfs
clusterDNS:
- 10.0.0.2
clusterDomain: cluster.local
failSwapOn: false
authentication:
anonymous:
enabled: false
webhook:
cacheTTL: 2m0s
enabled: true
x509:
clientCAFile: /usr/local/bin/kubernetes/ssl/ca.pem
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 5m0s
cacheUnauthorizedTTL: 30s
evictionHard:
imagefs.available: 15%
memory.available: 100Mi
nodefs.available: 10%
nodefs.inodesFree: 5%
maxOpenFiles: 1000000
maxPods: 110
3.kubelet.conf
KUBELET_OPTS="--logtostderr=false \
--v=2 \
--log-dir=/usr/local/bin/kubernetes/logs \
--hostname-override=k8s-node2 \
--network-plugin=cni \
--kubeconfig=/usr/local/bin/kubernetes/cfg/kubelet.kubeconfig \
--bootstrap-kubeconfig=/usr/local/bin/kubernetes/cfg/bootstrap.kubeconfig \
--config=/usr/local/bin/kubernetes/cfg/kubelet-config.yml \
--cert-dir=/usr/local/bin/kubernetes/ssl \
--pod-infra-container-image=lizhenliang/pause-amd64:3.0"
【注】
- hostname-override 为自定义名,勿重复
- kubeconfig 中的内容为空路径,会自动生成,后面用于连接 apiserver
4.kubelet.service
[Unit]
Description=Kubernetes Kubelet
After=docker.service
[Service]
EnvironmentFile=/usr/local/bin/kubernetes/cfg/kubelet.conf
ExecStart=/usr/local/bin/kubernetes/bin/kubelet $KUBELET_OPTS
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
如启动不成功且内容一直是 ExecStart =/usr/bin/kubelet ,修改 kubelet .conf 也不生效。
解决办法;
- 进入 /usr/lib/systemd/system 目录
- 查看是否拥有 kubelet.service.d 文件夹,如存在,删除或重名为其他昵称,再次 daemon-reload ,stop 再 restart 即可
具体步骤就不概述了,如需要,评论或私信我再补充,欢迎交流
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献1条内容
所有评论(0)