kubernetes V1.10.4 集群部署 (手动生成证书)
# kubeadm init --config config.yamlUsing Kubernetes version: v1.10.4
Using Authorization modes:
Running pre-flight checks.
: crictl not found in system path
Suggestion: go get github.com/kubernetes-incubator/cri-tools/cmd/crictl
Starting the kubelet service
Using the existing ca certificate and key.
Using the existing apiserver certificate and key.
Using the existing apiserver-kubelet-client certificate and key.
Using the existing sa key.
Using the existing front-proxy-ca certificate and key.
Using the existing front-proxy-client certificate and key.
Valid certificates and keys now exist in "/etc/kubernetes/pki"
Using existing up-to-date KubeConfig file: "/etc/kubernetes/admin.conf"
Using existing up-to-date KubeConfig file: "/etc/kubernetes/kubelet.conf"
Using existing up-to-date KubeConfig file: "/etc/kubernetes/controller-manager.conf"
Using existing up-to-date KubeConfig file: "/etc/kubernetes/scheduler.conf"
Wrote Static Pod manifest for component kube-apiserver to "/etc/kubernetes/manifests/kube-apiserver.yaml"
Wrote Static Pod manifest for component kube-controller-manager to "/etc/kubernetes/manifests/kube-controller-manager.yaml"
Wrote Static Pod manifest for component kube-scheduler to "/etc/kubernetes/manifests/kube-scheduler.yaml"
Waiting for the kubelet to boot up the control plane as Static Pods from directory "/etc/kubernetes/manifests".
This might take a minute or longer if the control plane images have to be pulled.
All control plane components are healthy after 15.506913 seconds
Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
Will mark node k8s01 as master by adding a label and a taint
Master k8s01 tainted and labelled with key/value: node-role.kubernetes.io/master=""
Using token: deed3a.b3542929fcbce0f0
Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
Creating the "cluster-info" ConfigMap in the "kube-public" namespace
Applied essential addon: kube-dns
Applied essential addon: kube-proxy
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f .yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
kubeadm join 172.16.50.131:6443 --token deed3a.b3542929fcbce0f0 --discovery-token-ca-cert-hash sha256:0334022c7eb4f2b20865f1784c64b1e81ad87761b9e8ffd50ecefabca5cfad5c
页:
[1]