generated from bing/readnotes
132 lines
3.4 KiB
Markdown
132 lines
3.4 KiB
Markdown
# kubeadm 配置示例
|
|
|
|
## 单ControlPlane节点
|
|
|
|
```yaml
|
|
# 配置kubelet使用systemd作为cgroups驱动
|
|
apiVersion: kubeadm.k8s.io/v1beta3
|
|
bootstrapTokens:
|
|
- groups:
|
|
- system:bootstrappers:kubeadm:default-node-token
|
|
token: lzt4rs.qj01ga221rmws3ip
|
|
ttl: 24h0m0s
|
|
usages:
|
|
- signing
|
|
- authentication
|
|
kind: InitConfiguration
|
|
localAPIEndpoint:
|
|
advertiseAddress: 192.168.0.20
|
|
bindPort: 6443
|
|
nodeRegistration:
|
|
criSocket: unix:///var/run/containerd/containerd.sock
|
|
imagePullPolicy: IfNotPresent
|
|
name: dev
|
|
taints:
|
|
- effect: NoSchedule
|
|
key: node-role.kubernetes.io/master
|
|
- effect: NoSchedule
|
|
key: node-role.kubernetes.io/control-plane
|
|
---
|
|
apiServer:
|
|
timeoutForControlPlane: 4m0s
|
|
apiVersion: kubeadm.k8s.io/v1beta3
|
|
certificatesDir: /etc/kubernetes/pki
|
|
clusterName: kubernetes
|
|
controlPlaneEndpoint: 192.168.0.20:6443
|
|
controllerManager: {}
|
|
dns: {}
|
|
etcd:
|
|
local:
|
|
dataDir: /var/lib/etcd
|
|
imageRepository: ccr.ccs.tencentyun.com/kgcrio
|
|
kind: ClusterConfiguration
|
|
kubernetesVersion: v1.24.1
|
|
networking:
|
|
dnsDomain: cluster.local
|
|
podSubnet: 10.244.0.0/16
|
|
serviceSubnet: 10.96.0.0/12
|
|
scheduler: {}
|
|
```
|
|
|
|
## 基于堆叠etcd的cluster
|
|
|
|
```yaml
|
|
# 配置kubelet使用systemd作为cgroups驱动
|
|
apiVersion: kubelet.config.k8s.io/v1beta1
|
|
kind: KubeletConfiguration
|
|
cgroupDriver: systemd
|
|
---
|
|
apiVersion: kubeadm.k8s.io/v1beta2
|
|
kind: ClusterConfiguration
|
|
kubernetesVersion: stable
|
|
imageRepository: registry.bing89.com/kubernetes
|
|
controlPlaneEndpoint: 192.168.0.200:8443
|
|
apiServer:
|
|
certSANs:
|
|
- "k8smaster1"
|
|
- "k8smaster2"
|
|
- "k8smaster3"
|
|
- "192.168.0.200"
|
|
- "192.168.0.201"
|
|
- "192.168.0.202"
|
|
- "192.168.0.203"
|
|
networking:
|
|
podSubnet: 10.244.0.0/16
|
|
|
|
---
|
|
#配置kubeproxy使用ipvs。似乎不配置也行
|
|
apiVersion: kubeproxy.config.k8s.io/v1alpha1
|
|
kind: KubeProxyConfiguration
|
|
mode: ipvs
|
|
EOF
|
|
```
|
|
|
|
## 基于外部etcd集群的cluster
|
|
|
|
```yaml
|
|
# 配置kubelet使用systemd作为cgroups驱动
|
|
apiVersion: kubelet.config.k8s.io/v1beta1
|
|
kind: KubeletConfiguration
|
|
cgroupDriver: systemd
|
|
---
|
|
apiVersion: kubeadm.k8s.io/v1beta2
|
|
kind: ClusterConfiguration
|
|
kubernetesVersion: stable
|
|
controlPlaneEndpoint: "192.168.0.200:8443"
|
|
imageRepository: registry.bing89.com/kubernetes
|
|
etcd:
|
|
external:
|
|
endpoints: ["https://192.168.0.211:2379","https://192.168.0.212:2379","https://192.168.0.213:2379"]
|
|
caFile: /etc/kubernetes/pki/etcd/ca.crt
|
|
certFile: /etc/kubernetes/pki/apiserver-etcd-client.crt
|
|
keyFile: /etc/kubernetes/pki/apiserver-etcd-client.key
|
|
apiServer:
|
|
certSANs: ["192.168.0.201","192.168.0.202","192.168.0.203"]
|
|
```
|
|
|
|
## 外部etcd集群配置
|
|
|
|
```yaml
|
|
# 配置kubelet使用systemd作为cgroups驱动
|
|
apiVersion: kubelet.config.k8s.io/v1beta1
|
|
kind: KubeletConfiguration
|
|
cgroupDriver: systemd
|
|
---
|
|
apiVersion: "kubeadm.k8s.io/v1beta2"
|
|
kind: ClusterConfiguration
|
|
imageRepository: registry.bing89.com/kubernetes
|
|
etcd:
|
|
local:
|
|
serverCertSANs:
|
|
- "192.168.0.211"
|
|
peerCertSANs:
|
|
- "192.168.0.211"
|
|
extraArgs:
|
|
initial-cluster: infra0=https://192.168.0.211:2380,infra1=https://192.168.0.212:2380,infra2=https://192.168.0.213:2380
|
|
initial-cluster-state: new
|
|
name: infra0
|
|
listen-peer-urls: https://192.168.0.211:2380
|
|
listen-client-urls: https://192.168.0.211:2379
|
|
advertise-client-urls: https://192.168.0.211:2379
|
|
initial-advertise-peer-urls: https://192.168.0.211:2380
|
|
``` |