k8s-06-一键部署node节点

1.master节点创建用户角色 否则node节点没法写入文件

kubectl create clusterrolebinding kubelet-bootstrap --clusterrole=system:node-bootstrapper --user=kubelet-bootstrap

2.master节点分发到node节点配置文件

scp  kube-proxy.kubeconfig  bootstrap.kubeconfig   192.168.56.12:/opt/kubernetes/cfg/

scp  kube-proxy.kubeconfig  bootstrap.kubeconfig   192.168.56.11:/opt/kubernetes/cfg/

3.下载node节点的kubelet和 kube-proxy

 kubelet在官网k8s的 clinet二进制包中

  kube-proxy在官网k8s的 node二进制包中

4.部署kubelet 生成 启动文件和配置文件

#!/bin/bash

NODE_ADDRESS=${1:-"192.168.56.11"}
DNS_SERVER_IP=${2:-"10.10.10.2"}

cat <<EOF >/opt/kubernetes/cfg/kubelet

KUBELET_OPTS="--logtostderr=true \\
--v=4 \\
--address=${NODE_ADDRESS} \\
--hostname-override=${NODE_ADDRESS} \\
--kubeconfig=/opt/kubernetes/cfg/kubelet.kubeconfig \\
--experimental-bootstrap-kubeconfig=/opt/kubernetes/cfg/bootstrap.kubeconfig \\
--cert-dir=/opt/kubernetes/ssl \\
--allow-privileged=true \\
--cluster-dns=${DNS_SERVER_IP} \\
--cluster-domain=cluster.local \\
--fail-swap-on=false \\
--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0"

EOF

cat <<EOF >/usr/lib/systemd/system/kubelet.service
[Unit]
Description=Kubernetes Kubelet
After=docker.service
Requires=docker.service

[Service]
EnvironmentFile=-/opt/kubernetes/cfg/kubelet
ExecStart=/opt/kubernetes/bin/kubelet \$KUBELET_OPTS
Restart=on-failure
KillMode=process

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl enable kubelet
systemctl restart kubelet

5.部署kube-proxy

[root@k8s-node1 node]# cat  proxy.sh 
#!/bin/bash

NODE_ADDRESS=${1:-"192.168.56.11"}

cat <<EOF >/opt/kubernetes/cfg/kube-proxy

KUBE_PROXY_OPTS="--logtostderr=true \
--v=4 \
--hostname-override=${NODE_ADDRESS} \
--kubeconfig=/opt/kubernetes/cfg/kube-proxy.kubeconfig"

EOF

cat <<EOF >/usr/lib/systemd/system/kube-proxy.service
[Unit]
Description=Kubernetes Proxy
After=network.target

[Service]
EnvironmentFile=-/opt/kubernetes/cfg/kube-proxy
ExecStart=/opt/kubernetes/bin/kube-proxy \$KUBE_PROXY_OPTS
Restart=on-failure

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl enable kube-proxy
systemctl restart kube-proxy

6.master几点允许node节点

[root@k8s-master ssl]# kubectl  get csr 
NAME                                                   AGE       REQUESTOR           CONDITION
node-csr-fJx0WsD4Jir_BpTgHGlGDa_UXkZUx2Bsl18nLPhg9eg   6m        kubelet-bootstrap   Pending
[root@k8s-master ssl]# kubectl  get csr 
NAME                                                   AGE       REQUESTOR           CONDITION
node-csr-fJx0WsD4Jir_BpTgHGlGDa_UXkZUx2Bsl18nLPhg9eg   6m        kubelet-bootstrap   Approved,Issued
[root@k8s-master ssl]# kubectl  get node
NAME            STATUS    ROLES     AGE       VERSION
192.168.56.11   Ready     <none>    19s       v1.9.0
[root@k8s-master ssl]#

7.另外一个节点一样的操作

8.可以看出可以了

[root@k8s-master ssl]# kubectl   certificate   approve node-csr-4icMjocRy1f6gUk209l0_PInK7G-bEXi-IKiIP7fbyw 

certificatesigningrequest "node-csr-4icMjocRy1f6gUk209l0_PInK7G-bEXi-IKiIP7fbyw" approved

[root@k8s-master ssl]# kubectl  get node 

NAME            STATUS     ROLES     AGE       VERSION

192.168.56.11   Ready      <none>    3m        v1.9.0

192.168.56.12   NotReady   <none>    3s        v1.9.0

[root@k8s-master ssl]# kubectl  get node 

NAME            STATUS     ROLES     AGE       VERSION

192.168.56.11   Ready      <none>    3m        v1.9.0

192.168.56.12   NotReady   <none>    9s        v1.9.0

[root@k8s-master ssl]# kubectl  get node 

NAME            STATUS    ROLES     AGE       VERSION

192.168.56.11   Ready     <none>    3m        v1.9.0

192.168.56.12   Ready     <none>    11s       v1.9.0

[root@k8s-master ssl]#