(7)kube-scheduler部署

创建相关目录

# 三台master
mkdir /k8s/kube-scheduler

生成证书

创建配置文件

cd /opt/k8s-playbook/ssl
vi kube-scheduler-csr.json
##########################################
{
    "CN": "system:kube-scheduler",
    "hosts": [
      "127.0.0.1",
      "192.168.104.61",
      "192.168.104.62",
      "192.168.104.63"
    ],
    "key": {
        "algo": "rsa",
        "size": 2048
    },
    "names": [
      {
        "C": "CN",
        "ST": "Shenzhen",
        "L": "Shenzhen",
        "O": "system:kube-scheduler",
        "OU": "magina"
      }
    ]
}
##########################################

生成

cfssl gencert -ca=ca.pem \
  -ca-key=ca-key.pem \
  -config=ca-config.json \
  -profile=kubernetes kube-scheduler-csr.json | cfssljson -bare kube-scheduler

分发

cp kube-scheduler*.pem /etc/k8s/cert/

scp kube-scheduler*.pem root@master-02:/etc/k8s/cert/
scp kube-scheduler*.pem root@master-03:/etc/k8s/cert/

创建kube-scheduler.kubeconfig

kubectl config set-cluster kubernetes \
  --certificate-authority=ca.pem \
  --embed-certs=true \
  --server="https://192.168.104.61:6443" \
  --kubeconfig=kube-scheduler.kubeconfig

kubectl config set-credentials system:kube-scheduler \
  --client-certificate=kube-scheduler.pem \
  --client-key=kube-scheduler-key.pem \
  --embed-certs=true \
  --kubeconfig=kube-scheduler.kubeconfig

kubectl config set-context system:kube-scheduler \
  --cluster=kubernetes \
  --user=system:kube-scheduler \
  --kubeconfig=kube-scheduler.kubeconfig

kubectl config use-context system:kube-scheduler --kubeconfig=kube-scheduler.kubeconfig

分发

cp kube-scheduler.kubeconfig /etc/k8s/

scp kube-controller-manager.kubeconfig root@master-02:/etc/k8s/
scp kube-controller-manager.kubeconfig root@master-03:/etc/k8s/

分别进入另外两台, 修改/etc/k8s/kube-scheduler.kubeconfig中的IP

创建kube-scheduler.yaml

vi kube-scheduler.yaml
##########################################
apiVersion: kubescheduler.config.k8s.io/v1alpha1
kind: KubeSchedulerConfiguration
bindTimeoutSeconds: 600
clientConnection:
  burst: 200
  kubeconfig: "/etc/k8s/kube-scheduler.kubeconfig"
  qps: 100
enableContentionProfiling: false
enableProfiling: true
hardPodAffinitySymmetricWeight: 1
healthzBindAddress: 192.168.104.61:10251
leaderElection:
  leaderElect: true
metricsBindAddress: 192.168.104.61:10251
##########################################

分发

cp kube-scheduler.yaml /etc/k8s/

scp kube-scheduler.yaml root@master-02:/etc/k8s/
scp kube-scheduler.yaml root@master-03:/etc/k8s/

分别进入另外两台, 修改/etc/k8s/kube-scheduler.yaml中的IP

创建kube-scheduler.service

vim /etc/systemd/system/kube-scheduler.service
##########################################
[Unit]
Description=Kubernetes Scheduler
Documentation=https://github.com/GoogleCloudPlatform/kubernetes

[Service]
WorkingDirectory=/k8s/kube-scheduler
ExecStart=/opt/k8s/bin/kube-scheduler \
  --config=/etc/k8s/kube-scheduler.yml \
  --bind-address=192.168.104.61 \
  --secure-port=10259 \
  --port=0 \
  --tls-cert-file=/etc/k8s/cert/kube-scheduler.pem \
  --tls-private-key-file=/etc/k8s/cert/kube-scheduler-key.pem \
  --authentication-kubeconfig=/etc/k8s/kube-scheduler.kubeconfig \
  --client-ca-file=/etc/k8s/cert/ca.pem \
  --requestheader-allowed-names="" \
  --requestheader-client-ca-file=/etc/k8s/cert/ca.pem \
  --requestheader-extra-headers-prefix="X-Remote-Extra-" \
  --requestheader-group-headers=X-Remote-Group \
  --requestheader-username-headers=X-Remote-User \
  --authorization-kubeconfig=/etc/k8s/kube-scheduler.kubeconfig \
  --logtostderr=true \
  --v=2
Restart=always
RestartSec=5
StartLimitInterval=0

[Install]
WantedBy=multi-user.target
##########################################

--bind-address: 每台master修改成自己的ip

复制二进制文件并启动

cd /opt/k8s-playbook/
cp kubernetes/server/bin/kube-scheduler /opt/k8s/bin/

前提是已将相关组件解压到/opt/k8s-playbook/

scp /opt/k8s/bin/kube-scheduler root@master-02:/opt/k8s/bin/
scp /opt/k8s/bin/kube-scheduler root@master-03:/opt/k8s/bin/

# 三台master分别执行
chmod +x /opt/k8s/bin/kube-scheduler

systemctl enable kube-scheduler
systemctl start kube-scheduler

验证

验证metrics接口

curl -s http://192.168.104.61:10251/metrics | head

验证leader

kubectl get endpoints kube-scheduler --namespace=kube-system -o yaml

展示评论