kubeadm init后发生了什么

来看看kubeadm init后发生了什么

Master上执行命令：

kubeadm init --token=102952.1a7dd4cc8d1f4cc5 --kubernetes-version $(kubeadm version -o short)

屏幕上打印出的日志：

[init] Using Kubernetes version: v1.14.0
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Activating the kubelet service
[certs] Using certificateDir folder "/etc/kubernetes/pki"----------------生成证书和密钥
[certs] Generating "front-proxy-ca" certificate and key----------------生成证书和密钥
[certs] Generating "front-proxy-client" certificate and key----------------生成证书和密钥
[certs] Generating "etcd/ca" certificate and key----------------生成证书和密钥
[certs] Generating "etcd/peer" certificate and key----------------生成证书和密钥
[certs] etcd/peer serving cert is signed for DNS names [controlplane localhost] and IPs [172.17.0.72 127.0.0.1 ::1]----------------生成证书和密钥
[certs] Generating "etcd/healthcheck-client" certificate and key----------------生成证书和密钥
[certs] Generating "etcd/server" certificate and key----------------生成证书和密钥
[certs] etcd/server serving cert is signed for DNS names [controlplane localhost] and IPs [172.17.0.72 127.0.0.1 ::1]----------------生成证书和密钥
[certs] Generating "apiserver-etcd-client" certificate and key----------------生成证书和密钥
[certs] Generating "ca" certificate and key----------------生成证书和密钥
[certs] Generating "apiserver" certificate and key----------------生成证书和密钥
[certs] apiserver serving cert is signed for DNS names [controlplane kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 172.17.0.72]----------------生成证书和密钥
[certs] Generating "apiserver-kubelet-client" certificate and key----------------生成证书和密钥
[certs] Generating "sa" key and public key----------------生成证书和密钥
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"---------------------生成静态pod，这些组件是静态的
[control-plane] Creating static Pod manifest for "kube-controller-manager"--------同上
[control-plane] Creating static Pod manifest for "kube-scheduler"--------------------同上
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"---同上
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s

 

[kubelet-check] Initial timeout of 40s passed.
[apiclient] All control plane components are healthy after 40.505180 seconds
[upload-config] storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace-----生成kube-system命名空间
[kubelet] Creating a ConfigMap "kubelet-config-1.14" in namespace kube-system with the configuration for the kubelets in the cluster-----在kube-system命名空间里生成configmap
[upload-certs] Skipping phase. Please see --experimental-upload-certs
[mark-control-plane] Marking the node controlplane as control-plane by adding the label "node-role.kubernetes.io/master=''"
[mark-control-plane] Marking the node controlplane as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: 102952.1a7dd4cc8d1f4cc5
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] creating the "cluster-info" ConfigMap in the "kube-public" namespace
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy

Your Kubernetes control-plane has initialized successfully!

kube-system里的pod：

controlplane $ kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-687445b8b7-ftp5v 1/1 Running 0 34m
calico-node-7mzdk 1/1 Running 1 34m
calico-node-z49z4 1/1 Running 0 34m
coredns-fb8b8dccf-9dwjd 1/1 Running 0 37m
coredns-fb8b8dccf-vk2b9 1/1 Running 0 37m
etcd-controlplane 1/1 Running 0 36m
kube-apiserver-controlplane 1/1 Running 0 36m
kube-controller-manager-controlplane 1/1 Running 0 36m
kube-proxy-44mlq 1/1 Running 0 37m
kube-proxy-nwt9d 1/1 Running 0 34m
kube-scheduler-controlplane 1/1 Running 1 36m