generated from bing/readnotes
3.4 KiB
3.4 KiB
kubeadm 配置示例
单ControlPlane节点
# 配置kubelet使用systemd作为cgroups驱动
apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: lzt4rs.qj01ga221rmws3ip
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.0.20
bindPort: 6443
nodeRegistration:
criSocket: unix:///var/run/containerd/containerd.sock
imagePullPolicy: IfNotPresent
name: dev
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: 192.168.0.20:6443
controllerManager: {}
dns: {}
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: ccr.ccs.tencentyun.com/kgcrio
kind: ClusterConfiguration
kubernetesVersion: v1.24.1
networking:
dnsDomain: cluster.local
podSubnet: 10.244.0.0/16
serviceSubnet: 10.96.0.0/12
scheduler: {}
基于堆叠etcd的cluster
# 配置kubelet使用systemd作为cgroups驱动
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd
---
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: stable
imageRepository: registry.bing89.com/kubernetes
controlPlaneEndpoint: 192.168.0.200:8443
apiServer:
certSANs:
- "k8smaster1"
- "k8smaster2"
- "k8smaster3"
- "192.168.0.200"
- "192.168.0.201"
- "192.168.0.202"
- "192.168.0.203"
networking:
podSubnet: 10.244.0.0/16
---
#配置kubeproxy使用ipvs。似乎不配置也行
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
mode: ipvs
EOF
基于外部etcd集群的cluster
# 配置kubelet使用systemd作为cgroups驱动
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd
---
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: stable
controlPlaneEndpoint: "192.168.0.200:8443"
imageRepository: registry.bing89.com/kubernetes
etcd:
external:
endpoints: ["https://192.168.0.211:2379","https://192.168.0.212:2379","https://192.168.0.213:2379"]
caFile: /etc/kubernetes/pki/etcd/ca.crt
certFile: /etc/kubernetes/pki/apiserver-etcd-client.crt
keyFile: /etc/kubernetes/pki/apiserver-etcd-client.key
apiServer:
certSANs: ["192.168.0.201","192.168.0.202","192.168.0.203"]
外部etcd集群配置
# 配置kubelet使用systemd作为cgroups驱动
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd
---
apiVersion: "kubeadm.k8s.io/v1beta2"
kind: ClusterConfiguration
imageRepository: registry.bing89.com/kubernetes
etcd:
local:
serverCertSANs:
- "192.168.0.211"
peerCertSANs:
- "192.168.0.211"
extraArgs:
initial-cluster: infra0=https://192.168.0.211:2380,infra1=https://192.168.0.212:2380,infra2=https://192.168.0.213:2380
initial-cluster-state: new
name: infra0
listen-peer-urls: https://192.168.0.211:2380
listen-client-urls: https://192.168.0.211:2379
advertise-client-urls: https://192.168.0.211:2379
initial-advertise-peer-urls: https://192.168.0.211:2380