1 K8S(kubernetes)       1.1 Kubernetes基础命令       1.2 Kubernetes快速部署       1.3 Kubernetes部署(Test)       1.4 资源对象Kind          1.4.1 Deployment对象             1.4.1.1 rollout          1.4.2 自动扩缩容       1.5 Kubernetes基本概念与术语          1.5.1 Master          1.5.2 Node       1.6 集群部署3 Master 2 node          1.6.1 kuber          1.6.2 kubernetes高可用集群验证

kubeadm join 192.168.0.28:6443 --token 6cogci.7mhh0n2dnp6ml9vc \ --discovery-token-ca-cert-hash sha256:75d4fecc46947ec483059b3af97527598595d7fa61d94b167cc75bdee14ec7c6 --control-plane 问题一 Please ensure that: * The cluster has a stable controlPlaneEndpoint address. * The certificates that must be shared among control plane instances are provided 查看一下 kubeadm-config.yaml kubectl -n kube-system get cm kubeadm-config -oyaml kubectl -n kube-system edit cm kubeadm-config controlPlaneEndpoint: 192.168.0.28:6443 问题二 failure loading certificate for CA: couldn't load the certificate file /etc/kubernetes/pki/ca.crt: open /etc/kubernetes/pki/ca.crt: no such file or directory master 2 mkdir -p /etc/kubernetes/pki/etcd scp root@192.168.0.28:/etc/kubernetes/pki/ca.crt /etc/kubernetes/pki/ scp root@192.168.0.28:/etc/kubernetes/pki/ca.key /etc/kubernetes/pki/ scp root@192.168.0.28:/etc/kubernetes/pki/sa.key /etc/kubernetes/pki/ scp root@192.168.0.28:/etc/kubernetes/pki/sa.pub /etc/kubernetes/pki/ scp root@192.168.0.28:/etc/kubernetes/pki/front-proxy-ca.crt /etc/kubernetes/pki/ scp root@192.168.0.28:/etc/kubernetes/pki/front-proxy-ca.key /etc/kubernetes/pki/ scp root@192.168.0.28:/etc/kubernetes/pki/etcd/ca.crt /etc/kubernetes/pki/etcd/ scp root@192.168.0.28:/etc/kubernetes/pki/etcd/ca.key /etc/kubernetes/pki/etcd/ scp root@192.168.0.28:/etc/kubernetes/admin.conf /etc/kubernetes/admin.conf 拷贝完成尝试加入集群 mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config node节点 scp root@192.168.0.28:/etc/kubernetes/admin.conf /etc/kubernetes/admin.conf 执行加入集群命令 安装配置可视化 kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.3.1/aio/deploy/recommended.yaml wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.3.1/aio/deploy/recommended.yaml kubectl apply -f recommended.yaml 将type: ClusterIP 改为 type: NodePort kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard kubectl get svc -A |grep kubernetes-dashboard 显示安全问题，谷歌浏览器 test-type --ignore-certificate-errors 创建权限账号 vi dash.yaml apiVersion: v1 kind: ServiceAccount metadata: name: admin-user namespace: kubernetes-dashboard --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: admin-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: admin-user namespace: kubernetes-dashboard kubectl apply -f dash.yaml 获取令牌 kubectl -n kubernetes-dashboard get secret $(kubectl -n kubernetes-dashboard get sa/admin-user -o jsonpath="{.secrets[0].name}") -o go-template="{{.data.token | base64decode}}" eyJhbGciOiJSUzI1NiIsImtpZCI6Il9ISlhMWFRRdWdPQVRvdnVrbnRVSGZMOThSenFlZnBTdG1ZSUJYSy1nYXMifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLW5uNHY1Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJmNWI2MmNkZC1hOGU5LTRhYTMtODZiMS1jNzE5OTg4OTExOTgiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.AqU_FOsY4dGFU7qN3dV20zf6TIts8qmv7p9E2Lv5z7pULABvN3ehmkzbypkq2Mw6g9nGMsdB3Xv2Q0q-OomsfWhCLEflUCyd1e83mV7D093m9jCXLAXlB_9qVcshte3QxI9det_YxWdeT5pEJWv-W5vhnooKtzSGpTxPA43BdzsOHrQ0y3DrtFrs1lgMGWtRKe_HE9AQbhMuU76aOQk77mEIFQDKQVHFWLb3E-SxTDbBKhnzJ6BhMcli8leXI3T9lZSe_Z__KbMxzi8qJF7J1VusmwDxRclKNfjt021oM0-8EgnDqDf3p5s9krmmJGR8NcGD_n8HyxVX9GfiOKjY8Q