|NO.Z.00058|——————————|^^ 部署 ^^|——|KuberNetes&二进制部署.V11|3台Server|——|kube-node|kubelet配置|

一、node节点组件配置:复制证书
### --- 从k8s-master01节点复制证书到node节点
~~~     # 进入证书目录下

[root@k8s-master01 ~]# cd /etc/kubernetes/
~~~     # 将需要的证书复制到node节点下

[root@k8s-master01 kubernetes]# for NODE in k8s-node01 k8s-node02; do
     ssh $NODE mkdir -p /etc/kubernetes/pki /etc/etcd/ssl /etc/etcd/ssl
     for FILE in etcd-ca.pem etcd.pem etcd-key.pem; do
       scp /etc/etcd/ssl/$FILE $NODE:/etc/etcd/ssl/
     done
     for FILE in pki/ca.pem pki/ca-key.pem pki/front-proxy-ca.pem bootstrap-kubelet.kubeconfig; do
       scp /etc/kubernetes/$FILE $NODE:/etc/kubernetes/${FILE}
 done
 done
~~~     注:输出结果: 
etcd-ca.pem                                                                                                                                                   100% 1367     1.0MB/s   00:00    
etcd.pem                                                                                                                                                      100% 1501   714.6KB/s   00:00    
etcd-key.pem                                                                                                                                                  100% 1675     1.0MB/s   00:00    
ca.pem                                                                                                                                                        100% 1411   743.0KB/s   00:00    
ca-key.pem                                                                                                                                                    100% 1675   568.5KB/s   00:00    
front-proxy-ca.pem                                                                                                                                            100% 1143   688.8KB/s   00:00    
bootstrap-kubelet.kubeconfig                                                                                                                                  100% 2299   699.6KB/s   00:00    
etcd-ca.pem                                                                                                                                                   100% 1367   395.6KB/s   00:00    
etcd.pem                                                                                                                                                      100% 1501   297.7KB/s   00:00    
etcd-key.pem                                                                                                                                                  100% 1675   573.1KB/s   00:00    
ca.pem                                                                                                                                                        100% 1411   233.9KB/s   00:00    
ca-key.pem                                                                                                                                                    100% 1675   213.3KB/s   00:00    
front-proxy-ca.pem                                                                                                                                            100% 1143   345.0KB/s   00:00    
bootstrap-kubelet.kubeconfig
二、kubelet配置
### --- 所有node节点创建配置需要目录
~~~     创建node节点部署目录

[root@k8s-master01 ~]# mkdir -p /var/lib/kubelet /var/log/kubernetes /etc/systemd/system/kubelet.service.d /etc/kubernetes/manifests/
### --- 所有node节点配置kubelet service
~~~     创建kubelet.service配置文件

[root@k8s-master01 ~]# vim  /usr/lib/systemd/system/kubelet.service
[Unit]
Description=Kubernetes Kubelet
Documentation=https://github.com/kubernetes/kubernetes
After=docker.service
Requires=docker.service

[Service]
ExecStart=/usr/local/bin/kubelet

Restart=always
StartLimitInterval=0
RestartSec=10

[Install]
WantedBy=multi-user.target
### --- 所有节点10-kubelet.conf配置文件下配置kubelet.service参数
~~~     所有节点10-kubelet.conf下配置kubelet.service参数

[root@k8s-master01 ~]# vim /etc/systemd/system/kubelet.service.d/10-kubelet.conf
[Service]
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.kubeconfig --kubeconfig=/etc/kubernetes/kubelet.kubeconfig"
Environment="KUBELET_SYSTEM_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin"
Environment="KUBELET_CONFIG_ARGS=--config=/etc/kubernetes/kubelet-conf.yml --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:3.2"
Environment="KUBELET_EXTRA_ARGS=--node-labels=node.kubernetes.io/node='' "
ExecStart=
ExecStart=/usr/local/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_SYSTEM_ARGS $KUBELET_EXTRA_ARGS
三、创建kubelet配置文件
### --- 创建kubelet配置文件

~~~     注意:如果更改了k8s的service网段,需要更改kubelet-conf.yml 的clusterDNS:配置,
~~~     改成k8s Service网段的第十个地址,比如10.96.0.10
### --- 创建kubelet.conf配置文件

[root@k8s-master01 ~]# vim /etc/kubernetes/kubelet-conf.yml
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
address: 0.0.0.0
port: 10250
readOnlyPort: 10255
authentication:
  anonymous:
    enabled: false
  webhook:
    cacheTTL: 2m0s
    enabled: true
  x509:
    clientCAFile: /etc/kubernetes/pki/ca.pem
authorization:
  mode: Webhook
  webhook:
    cacheAuthorizedTTL: 5m0s
    cacheUnauthorizedTTL: 30s
cgroupDriver: systemd
cgroupsPerQOS: true
clusterDNS:
- 10.96.0.10
clusterDomain: cluster.local
containerLogMaxFiles: 5
containerLogMaxSize: 10Mi
contentType: application/vnd.kubernetes.protobuf
cpuCFSQuota: true
cpuManagerPolicy: none
cpuManagerReconcilePeriod: 10s
enableControllerAttachDetach: true
enableDebuggingHandlers: true
enforceNodeAllocatable:
- pods
eventBurst: 10
eventRecordQPS: 5
evictionHard:
  imagefs.available: 15%
  memory.available: 100Mi
  nodefs.available: 10%
  nodefs.inodesFree: 5%
evictionPressureTransitionPeriod: 5m0s
failSwapOn: true
fileCheckFrequency: 20s
hairpinMode: promiscuous-bridge
healthzBindAddress: 127.0.0.1
healthzPort: 10248
httpCheckFrequency: 20s
imageGCHighThresholdPercent: 85
imageGCLowThresholdPercent: 80
imageMinimumGCAge: 2m0s
iptablesDropBit: 15
iptablesMasqueradeBit: 14
kubeAPIBurst: 10
kubeAPIQPS: 5
makeIPTablesUtilChains: true
maxOpenFiles: 1000000
maxPods: 110
nodeStatusUpdateFrequency: 10s
oomScoreAdj: -999
podPidsLimit: -1
registryBurst: 10
registryPullQPS: 5
resolvConf: /etc/resolv.conf
rotateCertificates: true
runtimeRequestTimeout: 2m0s
serializeImagePulls: true
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 4h0m0s
syncFrequency: 1m0s
volumeStatsAggPeriod: 1m0s
四、启动服务并查看状态
### --- 启动所有节点kubelet并设置开机自启动
~~~     启动kubelet服务并设置开机自启动

[root@k8s-master01 ~]# systemctl daemon-reload
[root@k8s-master01 ~]# systemctl enable --now kubelet
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
### --- 查看系统日志

~~~     此时系统日志/var/log/messages
~~~     Unable to update cni config: no networks found in /etc/cni/net.d 
~~~     显示只有如下信息为正常
### --- 查看集群状态

[root@k8s-master01 ~]# kubectl get node
NAME           STATUS     ROLES    AGE   VERSION
k8s-master01   NotReady   <none>   66s   v1.20.6
k8s-node01     NotReady   <none>   62s   v1.20.6
k8s-node02     NotReady   <none>   17s   v1.20.6

 

 

 

 

 

 

 

 
 
Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart
                                                                                                                                                   ——W.S.Landor
 

 

posted on 2022-03-29 13:32  yanqi_vip  阅读(26)  评论(0)    收藏  举报

导航