k8s apiserver配置

2021-06-03 19:02

阅读:541

标签:wing   ati   private   tran   ora   space   RKE   value   rgs   

接着上面的博客继续写

  pwd -> /etc/kubernetes/ssl

  cp /etc/etcd/ssl/etcd-1-71.* .

  cat apiserver  

###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#

# The address on the local server to listen to.
KUBE_API_ADDRESS="--bind-address=0.0.0.0 --insecure-bind-address=0.0.0.0"

# The port on the local server to listen on.
KUBE_API_PORT="--secure-port=6443 --insecure-port=8080"

# Port minions listen on
# KUBELET_PORT="--kubelet-port=10250"

# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=https://192.168.1.71:2379,https://192.168.1.72:2379,https://192.168.1.73:2379"

# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.0.0.0/12"

# default admission control policies
KUBE_ADMISSION_CONTROL="--enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota"

# Add your own!
KUBE_API_ARGS="--allow-privileged=true \
               --service-account-key-file=/etc/kubernetes/ssl/apiserver.key                --tls-cert-file=/etc/kubernetes/ssl/apiserver.pem                --tls-private-key-file=/etc/kubernetes/ssl/apiserver.key                --client-ca-file=/etc/kubernetes/ssl/ca.pem                --etcd-cafile=/etc/kubernetes/ssl/ca.pem                --etcd-certfile=/etc/kubernetes/ssl/etcd-1-71.pem                --etcd-keyfile=/etc/kubernetes/ssl/etcd-1-71.key                --token-auth-file=/etc/kubernetes/token.csv                --authorization-mode=RBAC                --kubelet-https=true                --apiserver-count=3                --default-not-ready-toleration-seconds=10                --default-unreachable-toleration-seconds=10                --delete-collection-workers=3                --enable-bootstrap-token-auth"

  注意上面修改配置文件路径  并进行验证

k8s apiserver配置

标签:wing   ati   private   tran   ora   space   RKE   value   rgs   

原文地址:https://www.cnblogs.com/S--S/p/10887522.html


评论


亲,登录后才可以留言!