7. k8s二进制集群之Kube ApiServer部署

发布于:2025-02-10 ⋅ 阅读:(44) ⋅ 点赞:(0)

继续上一篇文章《k8s二进制集群之各节点部署》下面介绍一下各节点的部署与配置。

创建kube工作目录(仅在主节点上创建即可)

mkdir -p /etc/kubernetes/
mkdir -p /etc/kubernetes/ssl
mkdir -p /var/log/kubernetes

同样在我们的部署主机上创建apiserver证书请求文件

需要替换成你自己的节点ip和证书信息

cat > kube-apiserver-csr.json <<"EOF"
{
 "CN": "kubernetes",
 "hosts": [
  "127.0.0.1",
  "192.168.3.41",
  "192.168.3.42",
  "192.168.3.43",
  "192.168.3.100",
  "10.96.0.1",
  "kubernetes",
  "kubernetes.default",
  "kubernetes.default.svc",
  "kubernetes.default.svc.cluster",
  "kubernetes.default.svc.cluster.local"
 ],
 "key": {
  "algo": "rsa",
  "size": 2048
 },
 "names": [{
  "C":"CN",
  "ST":"zhejiang",
  "L":"hangzhou",
  "O":"eyinfo",
  "OU":"CN"
 }]
}
EOF

根据证书文件生成apiserver证书

cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes kube-apiserver-csr.json | cfssljson -bare kube-apiserver
#输出结果
2024/07/17 20:07:16 [INFO] generate received request
2024/07/17 20:07:16 [INFO] received CSR
2024/07/17 20:07:16 [INFO] generating key: rsa-2048
2024/07/17 20:07:17 [INFO] encoded CSR
2024/07/17 20