1.1 部署并分发k8s程序文件
cd /server/tools/
tar xf kubernetes-server-linux-amd64.tar.gz
scp kubernetes/server/bin/{kube-apiserver,kube-controller-manager,kube-scheduler,kubectl} 192.168.10.161:/opt/kubernetes/bin/
scp kubernetes/server/bin/{kube-apiserver,kube-controller-manager,kube-scheduler,kubectl} 192.168.10.162:/opt/kubernetes/bin/
scp kubernetes/server/bin/{kubelet,kube-proxy,kubectl,kubeadm} 192.168.10.163:/opt/kubernetes/bin/
scp kubernetes/server/bin/{kubelet,kube-proxy,kubectl,kubeadm} 192.168.10.164:/opt/kubernetes/bin/
1.2 创建kubectl.kubeconfig配置文件
cd /etc/ssl/ kubectl config set-cluster kubernetes \ --certificate-authority=/opt/kubernetes/ssl/ca.pem \ --embed-certs=true \ --server=https://192.168.10.160:8443 \ # 此处为master节点的VIP --kubeconfig=kubectl.kubeconfig kubectl config set-credentials admin \ --client-certificate=/opt/kubernetes/ssl/admin.pem \ --client-key=/opt/kubernetes/ssl/admin-key.pem \ --embed-certs=true \ --kubeconfig=kubectl.kubeconfig kubectl config set-context kubernetes \ --cluster=kubernetes \ --user=admin \ --kubeconfig=kubectl.kubeconfig kubectl config use-context kubernetes --kubeconfig=kubectl.kubeconfig
- 说明:
- --certificate-authority:验证 kube-apiserver 证书的根证书
- --client-certificate、--client-key:刚生成的admin 证书和私钥,连接 kube-apiserver 时使用
- --embed-certs=true:将pem 和 admin.pem 证书内容嵌入到生成的 kubectl.kubeconfig 文件中(不加时,写入的是证书文件路径)
1.3 分发配置文件
mkdir -p ~/.kube # 所有k8s节点创建此目录 scp kubectl.kubeconfig 192.168.10.161:~/.kube/config scp kubectl.kubeconfig 192.168.10.162:~/.kube/config scp kubectl.kubeconfig 192.168.10.163:~/.kube/config scp kubectl.kubeconfig 192.168.10.164:~/.kube/config
- 说明:
- 如果执行 kubectl 命令式时输出如下错误信息,则说明使用的~/.kube/config 文件不对,请切换到正确的账户后再执行该命令:
The connection to the server localhost:8080 was refused - did you specify the right host or port
我的微信
如果有技术上的问题可以扫一扫我的微信
