kubernetes v1.18.2 二进制双栈 kube-proxy 部署

2021-03-10 12:27

阅读:712

标签:profile   targe   client   注释   sage   rem   reload   clust   flag   

签发 kube-proxy 证书
# 生效环境变量 部署etcd 时已经配置好
source  ./environment.sh
 #创建kube-proxy 证书配置
cat 

kube-proxy 二进制文件准备

# 进入二进制所在文件夹
cd ${HOST_PATH}/kubernetes/server/bin
scp -r kube-proxy 192.168.2.175:/apps/k8s/bin
scp -r kube-proxy 192.168.2.176:/apps/k8s/bin
scp -r kube-proxy 192.168.2.177:/apps/k8s/bin
scp -r kube-proxy 192.168.2.187:/apps/k8s/bin
scp -r kube-proxy 192.168.2.185:/apps/k8s/bin

kube-proxy 配置文件

# 创建 kube-proxy
# 192.168.2.175 配置
ssh 192.168.2.175
cat 

创建 kube-proxy systemd文件

cat 

kube-proxy 启动

# 刷新service
ssh  192.168.2.175 systemctl daemon-reload
ssh  192.168.2.176 systemctl daemon-reload
ssh  192.168.2.177 systemctl daemon-reload
ssh  192.168.2.185 systemctl daemon-reload
ssh  192.168.2.187 systemctl daemon-reload
# 设置开机启动
ssh  192.168.2.175 systemctl enable kube-proxy.service
ssh  192.168.2.176 systemctl enable kube-proxy.service
ssh  192.168.2.177 systemctl enable kube-proxy.service
ssh  192.168.2.185 systemctl enable kube-proxy.service
ssh  192.168.2.187 systemctl enable kube-proxy.service
# 启动 kube-proxy
ssh  192.168.2.175 systemctl  start kube-proxy.service
ssh  192.168.2.176 systemctl  start kube-proxy.service
ssh  192.168.2.177 systemctl  start kube-proxy.service
ssh  192.168.2.185 systemctl  start kube-proxy.service
ssh  192.168.2.187 systemctl  start kube-proxy.service
# 查看启动状态
ssh  192.168.2.175 systemctl  status kube-proxy.service
ssh  192.168.2.176 systemctl  status kube-proxy.service
ssh  192.168.2.177 systemctl  status kube-proxy.service
ssh  192.168.2.185 systemctl  status kube-proxy.service
ssh  192.168.2.187 systemctl  status kube-proxy.service

验证 kube-proxy

# ssh 任意节点
[root@k8s-master-1 conf]# ip a| grep  kube-ipvs0
3: kube-ipvs0:  mtu 1500 qdisc noop state DOWN group default
    inet 10.66.0.1/32 brd 10.66.0.1 scope global kube-ipvs0
[root@k8s-master-1 conf]#  ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.66.0.1:443 rr
  -> 192.168.2.175:5443           Masq    1      1          0
  -> 192.168.2.176:5443           Masq    1      0          0
  -> 192.168.2.177:5443           Masq    1      1          0
[root@k8s-master-1 conf]#  ipvsadm -ln -c
IPVS connection entries
pro expire state       source             virtual            destination
TCP 14:37  ESTABLISHED 10.66.0.1:24590    10.66.0.1:443      192.168.2.175:5443
TCP 14:37  ESTABLISHED 10.66.0.1:24592    10.66.0.1:443      192.168.2.177:5443
[root@k8s-master-1 conf]# curl -k https://10.66.0.1:443
{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {

  },
  "status": "Failure",
  "message": "Unauthorized",
  "reason": "Unauthorized",
  "code": 401
}[root@k8s-master-1 conf]#
# 能够正常访问返回

kubernetes v1.18.2 二进制双栈 kube-proxy 部署

标签:profile   targe   client   注释   sage   rem   reload   clust   flag   

原文地址:https://blog.51cto.com/juestnow/2493344


评论


亲,登录后才可以留言!