当前位置:网站首页>Kubernetes binary installation (v1.20.16) (V) verifying master deployment

Kubernetes binary installation (v1.20.16) (V) verifying master deployment

2022-06-11 13:16:00 Look, future

List of articles

condition

The book follows :kubernetes Binary installation (v1.20.16)( Four ) Deploy master Stopped for a day without updating , Because something happened , In the process of investigation .

Check the status of cluster components

Generate connection cluster certificate configuration 

cd /opt/TLS/k8s/ssl
cat > admin-csr.json <<EOF
{
  "CN": "admin",
  "hosts": [],
  "key": {
    "algo": "rsa",
    "size": 2048
  },
  "names": [
    {
      "C": "CN",
      "L": "BeiJing",
      "ST": "BeiJing",
      "O": "system:masters",
      "OU": "System"
    }
  ]
}
EOF

Generate connection Certificate 

[[email protected] ssl]# cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes admin-csr.json | cfssljson -bare admin
....
​
# View generated certificates 
[[email protected] ssl]# ll admin*
-rw-r--r-- 1 root root 1009 Apr  3 14:52 admin.csr
-rw-r--r-- 1 root root  229 Apr  3 14:52 admin-csr.json
-rw------- 1 root root 1679 Apr  3 14:52 admin-key.pem
-rw-r--r-- 1 root root 1399 Apr  3 14:52 admin.pem

Generate kubeconfig file 

cd /opt/TLS/k8s/cfg
​
#  Set cluster parameters 
kubectl config set-cluster kubernetes \
  --certificate-authority=/opt/kubernetes/ssl/ca.pem \
  --embed-certs=true \
  --server=https://192.168.190.147:6443 \
  --kubeconfig=/opt/TLS/k8s/cfg/config
​
#  Set the client authentication parameters 
kubectl config set-credentials cluster-admin \
  --client-certificate=/opt/TLS/k8s/ssl/admin.pem \
  --client-key=/opt/TLS/k8s/ssl/admin-key.pem \
  --embed-certs=true \
  --kubeconfig=/opt/TLS/k8s/cfg/config
​
# Setting context parameters 
kubectl config set-context default \
  --cluster=kubernetes \
  --user=cluster-admin \
  --kubeconfig=/opt/TLS/k8s/cfg/config
​
# Setting the default context 
kubectl config use-context default --kubeconfig=/opt/TLS/k8s/cfg/config

Distribute documents 

mkdir /root/.kube
scp /opt/TLS/k8s/cfg/config /root/.kube/config

Check the cluster component status 

# adopt kubectl Tool to view the current cluster component status 
[[email protected] cfg]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME                 STATUS    MESSAGE             ERROR
scheduler            Healthy   ok
etcd-0               Healthy   {"health":"true"}
controller-manager   Healthy   ok
etcd-2               Healthy   {"health":"true"}
etcd-1               Healthy   {"health":"true"}
​
# Output the above information to explain Master The node component is working properly

I added one in the process of troubleshooting apiserver Externally accessible client certificate , And then redeployed it . So if your deployment has failed so far , Send me a private message in time , There is still no problem with the tutorial .

原网站

版权声明
本文为[Look, future]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/162/202206111252038469.html

边栏推荐

猜你喜欢

随机推荐