k8s集羣部署五(建立Node節點kubeconfig文件)
在Master上面進行如下操做linux
先下載kubectl工具,放在/opt/kubernetes/bin中,下載地址https://github.com/zq2599/blog_demos/blob/master/k8s_tools/kubectl/linux/kubectl.zipgit
kubectl是kubernetes的客戶端工具。github
將其賦予可執行權限bootstrap
chmod 755 kubectlapi
建立 TLS Bootstrapping Token,執行如下命令app
export BOOTSTRAP_TOKEN=$(head -c 16 /dev/urandom | od -An -t x | tr -d ' ')
cat > token.csv <<EOF
${BOOTSTRAP_TOKEN},kubelet-bootstrap,10001,"system:kubelet-bootstrap"
EOFdom
查看該token工具
# cat token.csv
3fdae91637503dc355c1f09ca38fd147,kubelet-bootstrap,10001,"system:kubelet-bootstrap"3d
建立kubelet kubeconfig,建立kubeapi的對外訪問參數,該IP地址爲master的IPserver
export KUBE_APISERVER="https://172.18.98.48:6443"
cd /opt/kubernetes/ssl (如下設置操做不要更改目錄)
設置集羣參數
kubectl config set-cluster kubernetes \
--certificate-authority=./ca.pem \
--embed-certs=true \
--server=${KUBE_APISERVER} \
--kubeconfig=bootstrap.kubeconfig
查看證書信息
# cat bootstrap.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2akNDQXFhZ0F3SUJBZ0lVVzNuTnpycG9uN1JDL1h6ekVVNkFPUGxyRUxRd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pURUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbAphV3BwYm1jeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByCmRXSmxjbTVsZEdWek1CNFhEVEU1TURJeE5UQXpNak13TUZvWERUSTBNREl4TkRBek1qTXdNRm93WlRFTE1Ba0cKQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbGFXcHBibWN4RERBSwpCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByZFdKbGNtNWxkR1Z6Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBemFETzRlM04zbmVtRmZ5UXhnZlkKb2tvUTU4VDc5UmNHNEpDbjNpNHp3WFd1djhqdFVIUDlsMlFWSXlqeUFhQVZ6cktBd2swVFBBb2w4ZHFZM3BsdAoxUGlETWVQVy8yUTZUZkZIMHMva3hlYUxwMXdhWUtBYzJpMmR4RitldXFQUFlSaHIwYjl0dlE3djJLRU5LZ3BSClUzUjhLalB0SWQwdGpZbGt4VXgwSUhWcnFLaXVXYVpRNnhWa0paY0FKSlJNVHlpYnRUQWRjejhQOHl3cnBQaDQKQ2RWdHNPeUUzbTgwNUNGUWdDV2s2ZUNFWDFwczZKNWNDdVhpbWFOcXoya1hyZWt2em9abzVEQlNUaFE2M3VjOApwekJCemlNdWZ6SEFMNW1NTGkybXhtK3NuUnB1NWtZalJRa1BrOWxHTjBFMkRTendNdFp2eGJKbkhlWmQ5bUFTClVRSURBUUFCbzJZd1pEQU9CZ05WSFE4QkFmOEVCQU1DQVFZd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFqQWQKQmdOVkhRNEVGZ1FVYXNicGR5L2tPbkJDVjV0cEpUVlpPSURkYllZd0h3WURWUjBqQkJnd0ZvQVVhc2JwZHkvawpPbkJDVjV0cEpUVlpPSURkYllZd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJdmswc1Mwb0ZsaFQxeDJoRW5RCjVrcHVLUXI3R1BJNlUwNE1wbDg1cE1mWEg0bmdVbzAxbC8xbFJuaTg5MlhSNkhEZnBzcEwvb3p6ejFVY1ZzZFUKenNBZHVkRXR1aDJ1Vm1mNmk2aXVSMWZKeDJkQjE1dHhCeDd6cGpKSFNlTDZ3VjI4STc5WVNRby9XQVZOUVZuMQpaTEFsSm5NYS91VGZRWC9HSEp5ZHIwWWFpelEzWnFXTjZhZ3hGMEwwM0M0RHJaVUpYR0J1cFRoWGkwR1k1YXczClRpMS8vUXlXYnRUdDlTeklJYzFRbDl6VEFRUEdVU0JaWTBYWVJaRGIzR0FxMzdZS3piblhxdHlub25BTlBwM1UKRFJiVU8yRDNmSUZnUWlPK0NEV3MyWTQzWlRnaTN5cnFpM3NBOUx6dmsvOUpKNDg3S0V0V1RwTFpDSnhoall0aApPeFU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://172.18.98.48:6443
name: kubernetes
contexts: []
current-context: ""
kind: Config
preferences: {}
users: []
查看token
# echo ${BOOTSTRAP_TOKEN}
3fdae91637503dc355c1f09ca38fd147
設置客戶端認證參數
kubectl config set-credentials kubelet-bootstrap \
--token=${BOOTSTRAP_TOKEN} \
--kubeconfig=bootstrap.kubeconfig
# cat bootstrap.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2akNDQXFhZ0F3SUJBZ0lVVzNuTnpycG9uN1JDL1h6ekVVNkFPUGxyRUxRd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pURUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbAphV3BwYm1jeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByCmRXSmxjbTVsZEdWek1CNFhEVEU1TURJeE5UQXpNak13TUZvWERUSTBNREl4TkRBek1qTXdNRm93WlRFTE1Ba0cKQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbGFXcHBibWN4RERBSwpCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByZFdKbGNtNWxkR1Z6Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBemFETzRlM04zbmVtRmZ5UXhnZlkKb2tvUTU4VDc5UmNHNEpDbjNpNHp3WFd1djhqdFVIUDlsMlFWSXlqeUFhQVZ6cktBd2swVFBBb2w4ZHFZM3BsdAoxUGlETWVQVy8yUTZUZkZIMHMva3hlYUxwMXdhWUtBYzJpMmR4RitldXFQUFlSaHIwYjl0dlE3djJLRU5LZ3BSClUzUjhLalB0SWQwdGpZbGt4VXgwSUhWcnFLaXVXYVpRNnhWa0paY0FKSlJNVHlpYnRUQWRjejhQOHl3cnBQaDQKQ2RWdHNPeUUzbTgwNUNGUWdDV2s2ZUNFWDFwczZKNWNDdVhpbWFOcXoya1hyZWt2em9abzVEQlNUaFE2M3VjOApwekJCemlNdWZ6SEFMNW1NTGkybXhtK3NuUnB1NWtZalJRa1BrOWxHTjBFMkRTendNdFp2eGJKbkhlWmQ5bUFTClVRSURBUUFCbzJZd1pEQU9CZ05WSFE4QkFmOEVCQU1DQVFZd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFqQWQKQmdOVkhRNEVGZ1FVYXNicGR5L2tPbkJDVjV0cEpUVlpPSURkYllZd0h3WURWUjBqQkJnd0ZvQVVhc2JwZHkvawpPbkJDVjV0cEpUVlpPSURkYllZd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJdmswc1Mwb0ZsaFQxeDJoRW5RCjVrcHVLUXI3R1BJNlUwNE1wbDg1cE1mWEg0bmdVbzAxbC8xbFJuaTg5MlhSNkhEZnBzcEwvb3p6ejFVY1ZzZFUKenNBZHVkRXR1aDJ1Vm1mNmk2aXVSMWZKeDJkQjE1dHhCeDd6cGpKSFNlTDZ3VjI4STc5WVNRby9XQVZOUVZuMQpaTEFsSm5NYS91VGZRWC9HSEp5ZHIwWWFpelEzWnFXTjZhZ3hGMEwwM0M0RHJaVUpYR0J1cFRoWGkwR1k1YXczClRpMS8vUXlXYnRUdDlTeklJYzFRbDl6VEFRUEdVU0JaWTBYWVJaRGIzR0FxMzdZS3piblhxdHlub25BTlBwM1UKRFJiVU8yRDNmSUZnUWlPK0NEV3MyWTQzWlRnaTN5cnFpM3NBOUx6dmsvOUpKNDg3S0V0V1RwTFpDSnhoall0aApPeFU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://172.18.98.48:6443
name: kubernetes
contexts: []
current-context: ""
kind: Config
preferences: {}
users:
- name: kubelet-bootstrap
user:
as-user-extra: {}
token: 3fdae91637503dc355c1f09ca38fd147
能夠看到token被設置進去了
設置上下文參數
kubectl config set-context default \
--cluster=kubernetes \
--user=kubelet-bootstrap \
--kubeconfig=bootstrap.kubeconfig
# cat bootstrap.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2akNDQXFhZ0F3SUJBZ0lVVzNuTnpycG9uN1JDL1h6ekVVNkFPUGxyRUxRd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pURUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbAphV3BwYm1jeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByCmRXSmxjbTVsZEdWek1CNFhEVEU1TURJeE5UQXpNak13TUZvWERUSTBNREl4TkRBek1qTXdNRm93WlRFTE1Ba0cKQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbGFXcHBibWN4RERBSwpCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByZFdKbGNtNWxkR1Z6Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBemFETzRlM04zbmVtRmZ5UXhnZlkKb2tvUTU4VDc5UmNHNEpDbjNpNHp3WFd1djhqdFVIUDlsMlFWSXlqeUFhQVZ6cktBd2swVFBBb2w4ZHFZM3BsdAoxUGlETWVQVy8yUTZUZkZIMHMva3hlYUxwMXdhWUtBYzJpMmR4RitldXFQUFlSaHIwYjl0dlE3djJLRU5LZ3BSClUzUjhLalB0SWQwdGpZbGt4VXgwSUhWcnFLaXVXYVpRNnhWa0paY0FKSlJNVHlpYnRUQWRjejhQOHl3cnBQaDQKQ2RWdHNPeUUzbTgwNUNGUWdDV2s2ZUNFWDFwczZKNWNDdVhpbWFOcXoya1hyZWt2em9abzVEQlNUaFE2M3VjOApwekJCemlNdWZ6SEFMNW1NTGkybXhtK3NuUnB1NWtZalJRa1BrOWxHTjBFMkRTendNdFp2eGJKbkhlWmQ5bUFTClVRSURBUUFCbzJZd1pEQU9CZ05WSFE4QkFmOEVCQU1DQVFZd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFqQWQKQmdOVkhRNEVGZ1FVYXNicGR5L2tPbkJDVjV0cEpUVlpPSURkYllZd0h3WURWUjBqQkJnd0ZvQVVhc2JwZHkvawpPbkJDVjV0cEpUVlpPSURkYllZd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJdmswc1Mwb0ZsaFQxeDJoRW5RCjVrcHVLUXI3R1BJNlUwNE1wbDg1cE1mWEg0bmdVbzAxbC8xbFJuaTg5MlhSNkhEZnBzcEwvb3p6ejFVY1ZzZFUKenNBZHVkRXR1aDJ1Vm1mNmk2aXVSMWZKeDJkQjE1dHhCeDd6cGpKSFNlTDZ3VjI4STc5WVNRby9XQVZOUVZuMQpaTEFsSm5NYS91VGZRWC9HSEp5ZHIwWWFpelEzWnFXTjZhZ3hGMEwwM0M0RHJaVUpYR0J1cFRoWGkwR1k1YXczClRpMS8vUXlXYnRUdDlTeklJYzFRbDl6VEFRUEdVU0JaWTBYWVJaRGIzR0FxMzdZS3piblhxdHlub25BTlBwM1UKRFJiVU8yRDNmSUZnUWlPK0NEV3MyWTQzWlRnaTN5cnFpM3NBOUx6dmsvOUpKNDg3S0V0V1RwTFpDSnhoall0aApPeFU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://172.18.98.48:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubelet-bootstrap
name: default
current-context: ""
kind: Config
preferences: {}
users:
- name: kubelet-bootstrap
user:
as-user-extra: {}
token: 3fdae91637503dc355c1f09ca38fd147
咱們能夠看到context被設置進去了
設置默認上下文
kubectl config use-context default --kubeconfig=bootstrap.kubeconfig
# cat bootstrap.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2akNDQXFhZ0F3SUJBZ0lVVzNuTnpycG9uN1JDL1h6ekVVNkFPUGxyRUxRd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pURUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbAphV3BwYm1jeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByCmRXSmxjbTVsZEdWek1CNFhEVEU1TURJeE5UQXpNak13TUZvWERUSTBNREl4TkRBek1qTXdNRm93WlRFTE1Ba0cKQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbGFXcHBibWN4RERBSwpCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByZFdKbGNtNWxkR1Z6Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBemFETzRlM04zbmVtRmZ5UXhnZlkKb2tvUTU4VDc5UmNHNEpDbjNpNHp3WFd1djhqdFVIUDlsMlFWSXlqeUFhQVZ6cktBd2swVFBBb2w4ZHFZM3BsdAoxUGlETWVQVy8yUTZUZkZIMHMva3hlYUxwMXdhWUtBYzJpMmR4RitldXFQUFlSaHIwYjl0dlE3djJLRU5LZ3BSClUzUjhLalB0SWQwdGpZbGt4VXgwSUhWcnFLaXVXYVpRNnhWa0paY0FKSlJNVHlpYnRUQWRjejhQOHl3cnBQaDQKQ2RWdHNPeUUzbTgwNUNGUWdDV2s2ZUNFWDFwczZKNWNDdVhpbWFOcXoya1hyZWt2em9abzVEQlNUaFE2M3VjOApwekJCemlNdWZ6SEFMNW1NTGkybXhtK3NuUnB1NWtZalJRa1BrOWxHTjBFMkRTendNdFp2eGJKbkhlWmQ5bUFTClVRSURBUUFCbzJZd1pEQU9CZ05WSFE4QkFmOEVCQU1DQVFZd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFqQWQKQmdOVkhRNEVGZ1FVYXNicGR5L2tPbkJDVjV0cEpUVlpPSURkYllZd0h3WURWUjBqQkJnd0ZvQVVhc2JwZHkvawpPbkJDVjV0cEpUVlpPSURkYllZd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJdmswc1Mwb0ZsaFQxeDJoRW5RCjVrcHVLUXI3R1BJNlUwNE1wbDg1cE1mWEg0bmdVbzAxbC8xbFJuaTg5MlhSNkhEZnBzcEwvb3p6ejFVY1ZzZFUKenNBZHVkRXR1aDJ1Vm1mNmk2aXVSMWZKeDJkQjE1dHhCeDd6cGpKSFNlTDZ3VjI4STc5WVNRby9XQVZOUVZuMQpaTEFsSm5NYS91VGZRWC9HSEp5ZHIwWWFpelEzWnFXTjZhZ3hGMEwwM0M0RHJaVUpYR0J1cFRoWGkwR1k1YXczClRpMS8vUXlXYnRUdDlTeklJYzFRbDl6VEFRUEdVU0JaWTBYWVJaRGIzR0FxMzdZS3piblhxdHlub25BTlBwM1UKRFJiVU8yRDNmSUZnUWlPK0NEV3MyWTQzWlRnaTN5cnFpM3NBOUx6dmsvOUpKNDg3S0V0V1RwTFpDSnhoall0aApPeFU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://172.18.98.48:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubelet-bootstrap
name: default
current-context: default
kind: Config
preferences: {}
users:
- name: kubelet-bootstrap
user:
as-user-extra: {}
token: 3fdae91637503dc355c1f09ca38fd147
current-context被設置成了default
建立kube-proxy kubeconfig文件
kubectl config set-cluster kubernetes \
--certificate-authority=./ca.pem \
--embed-certs=true \
--server=${KUBE_APISERVER} \
--kubeconfig=kube-proxy.kubeconfig
# cat kube-proxy.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2akNDQXFhZ0F3SUJBZ0lVVzNuTnpycG9uN1JDL1h6ekVVNkFPUGxyRUxRd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pURUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbAphV3BwYm1jeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByCmRXSmxjbTVsZEdWek1CNFhEVEU1TURJeE5UQXpNak13TUZvWERUSTBNREl4TkRBek1qTXdNRm93WlRFTE1Ba0cKQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbGFXcHBibWN4RERBSwpCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByZFdKbGNtNWxkR1Z6Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBemFETzRlM04zbmVtRmZ5UXhnZlkKb2tvUTU4VDc5UmNHNEpDbjNpNHp3WFd1djhqdFVIUDlsMlFWSXlqeUFhQVZ6cktBd2swVFBBb2w4ZHFZM3BsdAoxUGlETWVQVy8yUTZUZkZIMHMva3hlYUxwMXdhWUtBYzJpMmR4RitldXFQUFlSaHIwYjl0dlE3djJLRU5LZ3BSClUzUjhLalB0SWQwdGpZbGt4VXgwSUhWcnFLaXVXYVpRNnhWa0paY0FKSlJNVHlpYnRUQWRjejhQOHl3cnBQaDQKQ2RWdHNPeUUzbTgwNUNGUWdDV2s2ZUNFWDFwczZKNWNDdVhpbWFOcXoya1hyZWt2em9abzVEQlNUaFE2M3VjOApwekJCemlNdWZ6SEFMNW1NTGkybXhtK3NuUnB1NWtZalJRa1BrOWxHTjBFMkRTendNdFp2eGJKbkhlWmQ5bUFTClVRSURBUUFCbzJZd1pEQU9CZ05WSFE4QkFmOEVCQU1DQVFZd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFqQWQKQmdOVkhRNEVGZ1FVYXNicGR5L2tPbkJDVjV0cEpUVlpPSURkYllZd0h3WURWUjBqQkJnd0ZvQVVhc2JwZHkvawpPbkJDVjV0cEpUVlpPSURkYllZd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJdmswc1Mwb0ZsaFQxeDJoRW5RCjVrcHVLUXI3R1BJNlUwNE1wbDg1cE1mWEg0bmdVbzAxbC8xbFJuaTg5MlhSNkhEZnBzcEwvb3p6ejFVY1ZzZFUKenNBZHVkRXR1aDJ1Vm1mNmk2aXVSMWZKeDJkQjE1dHhCeDd6cGpKSFNlTDZ3VjI4STc5WVNRby9XQVZOUVZuMQpaTEFsSm5NYS91VGZRWC9HSEp5ZHIwWWFpelEzWnFXTjZhZ3hGMEwwM0M0RHJaVUpYR0J1cFRoWGkwR1k1YXczClRpMS8vUXlXYnRUdDlTeklJYzFRbDl6VEFRUEdVU0JaWTBYWVJaRGIzR0FxMzdZS3piblhxdHlub25BTlBwM1UKRFJiVU8yRDNmSUZnUWlPK0NEV3MyWTQzWlRnaTN5cnFpM3NBOUx6dmsvOUpKNDg3S0V0V1RwTFpDSnhoall0aApPeFU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://172.18.98.48:6443
name: kubernetes
contexts: []
current-context: ""
kind: Config
preferences: {}
users: []
咱們看到kube-proxy.kubeconfig跟bootstrap.kubeconfig是差很少的
將以前存儲證書文件的kube-proxy.pem,kube-proxy-key.pem拷入到/opt/kubernetes/ssl
給kube-proxy設置證書
kubectl config set-credentials kube-proxy \
--client-certificate=./kube-proxy.pem \
--client-key=./kube-proxy-key.pem \
--embed-certs=true \
--kubeconfig=kube-proxy.kubeconfig
再來看一下kube-proxy.kubeconfig文件
# cat kube-proxy.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2akNDQXFhZ0F3SUJBZ0lVVzNuTnpycG9uN1JDL1h6ekVVNkFPUGxyRUxRd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pURUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbAphV3BwYm1jeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByCmRXSmxjbTVsZEdWek1CNFhEVEU1TURJeE5UQXpNak13TUZvWERUSTBNREl4TkRBek1qTXdNRm93WlRFTE1Ba0cKQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbGFXcHBibWN4RERBSwpCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByZFdKbGNtNWxkR1Z6Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBemFETzRlM04zbmVtRmZ5UXhnZlkKb2tvUTU4VDc5UmNHNEpDbjNpNHp3WFd1djhqdFVIUDlsMlFWSXlqeUFhQVZ6cktBd2swVFBBb2w4ZHFZM3BsdAoxUGlETWVQVy8yUTZUZkZIMHMva3hlYUxwMXdhWUtBYzJpMmR4RitldXFQUFlSaHIwYjl0dlE3djJLRU5LZ3BSClUzUjhLalB0SWQwdGpZbGt4VXgwSUhWcnFLaXVXYVpRNnhWa0paY0FKSlJNVHlpYnRUQWRjejhQOHl3cnBQaDQKQ2RWdHNPeUUzbTgwNUNGUWdDV2s2ZUNFWDFwczZKNWNDdVhpbWFOcXoya1hyZWt2em9abzVEQlNUaFE2M3VjOApwekJCemlNdWZ6SEFMNW1NTGkybXhtK3NuUnB1NWtZalJRa1BrOWxHTjBFMkRTendNdFp2eGJKbkhlWmQ5bUFTClVRSURBUUFCbzJZd1pEQU9CZ05WSFE4QkFmOEVCQU1DQVFZd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFqQWQKQmdOVkhRNEVGZ1FVYXNicGR5L2tPbkJDVjV0cEpUVlpPSURkYllZd0h3WURWUjBqQkJnd0ZvQVVhc2JwZHkvawpPbkJDVjV0cEpUVlpPSURkYllZd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJdmswc1Mwb0ZsaFQxeDJoRW5RCjVrcHVLUXI3R1BJNlUwNE1wbDg1cE1mWEg0bmdVbzAxbC8xbFJuaTg5MlhSNkhEZnBzcEwvb3p6ejFVY1ZzZFUKenNBZHVkRXR1aDJ1Vm1mNmk2aXVSMWZKeDJkQjE1dHhCeDd6cGpKSFNlTDZ3VjI4STc5WVNRby9XQVZOUVZuMQpaTEFsSm5NYS91VGZRWC9HSEp5ZHIwWWFpelEzWnFXTjZhZ3hGMEwwM0M0RHJaVUpYR0J1cFRoWGkwR1k1YXczClRpMS8vUXlXYnRUdDlTeklJYzFRbDl6VEFRUEdVU0JaWTBYWVJaRGIzR0FxMzdZS3piblhxdHlub25BTlBwM1UKRFJiVU8yRDNmSUZnUWlPK0NEV3MyWTQzWlRnaTN5cnFpM3NBOUx6dmsvOUpKNDg3S0V0V1RwTFpDSnhoall0aApPeFU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://172.18.98.48:6443
name: kubernetes
contexts: []
current-context: ""
kind: Config
preferences: {}
users:
- name: kube-proxy
user:
as-user-extra: {}
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQzakNDQXNhZ0F3SUJBZ0lVWXJMMUxEK09hOUtQbHZpd1E4TUd0RnBlemVJd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pURUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbAphV3BwYm1jeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByCmRXSmxjbTVsZEdWek1CNFhEVEU1TURJeE5UQTJNREl3TUZvWERUSTVNREl4TWpBMk1ESXdNRm93YkRFTE1Ba0cKQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFXcHBibWN4RURBT0JnTlZCQWNUQjBKbGFXcHBibWN4RERBSwpCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUm93R0FZRFZRUURFeEZ6ZVhOMFpXMDZhM1ZpClpTMXdjbTk0ZVRDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2wyNURFRzBwTEYKbzhpa3BOY01pTG5YZFVRenQwWFRiVGFpejlmS1lXNkc4UGJEaXN5NzBYOHh2czRJb29lV0V3N0c0ajRvNkprUApNS1g3RU94VWNPTGRHdktRcE1lRmtheXBGWXMxWEZwbytLNG80VjdGeHZlZngzRmhnM2pvTXN5Z0syTkI1UXpnCjh3TGdpMWh6aXFFYjhNdkx1elc0dXBjYVhpT05oZENMaEIydHIyQnI0YW1NeVJEdEdJNzhjQThqR3hTb0oxaXMKaE9KR2hWNTJFUmxPZFErYlZCZUd2a0hSMlBkajVVUWFnU1d0S2pBN3RJQjI1Ly9YaUs1SWo4U05ZeE8wSEJjdgpFeHZ2LzZySWdtRlp5bVh2bWpiUEdRekgwNG1zRkdtNlpNZDY2YXRoTkhFY0lZUE8zT0lIQjY3bXVPek8rRWhUCk4rUTlwdnMrNlJNQ0F3RUFBYU4vTUgwd0RnWURWUjBQQVFIL0JBUURBZ1dnTUIwR0ExVWRKUVFXTUJRR0NDc0cKQVFVRkJ3TUJCZ2dyQmdFRkJRY0RBakFNQmdOVkhSTUJBZjhFQWpBQU1CMEdBMVVkRGdRV0JCUS8zd1hGQlVpUQpDUDhQeUJ2WEJFZmErS2lURURBZkJnTlZIU01FR0RBV2dCUnF4dWwzTCtRNmNFSlhtMmtsTlZrNGdOMXRoakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQUhkL0dsZ050SzdUb2FsVnRGU1hnVDlCRGswU09YTG0vckY1NnRnMEcKS3VvcjJKaStUL2pvSDRQVEdLb1Vpd3E3S0k5amFUdFhWVmpVdnk0SzFjNVJOb0szQjJhdzB2NVI5ZEo4NmhONQo4SFZ0ZUFVSEUvU0Exeld2dCtFelI2eG5mRy9ucE9tS2NMYTVVZC9wb1VuVTZjMGlLdTRHSlBSRXlaK3dmclJCCjNxTFhyY05Ib2ZsdTNnOStCYlgzV1diOU1WVDBCbmkxajI0c1JvanliTjc0YXAybXExU01mVWVRcU9PeW9TVXcKcm1yVCt1K1RaZDZQQ29JZ1V4QW1BQTRMZ3dZZzBjSDdnbDZHQVV0OGI2WnZCb3VSUVNnOE9wQnYxZFIxekNkRQo1K1d4Rk13enk4aHlGTFkxS3V0TFgrK3hiUGUzOG0xMnlrWlRzQkgvdStCWmpRPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcFFJQkFBS0NBUUVBcVhia01RYlNrc1dqeUtTazF3eUl1ZGQxUkRPM1JkTnROcUxQMThwaGJvYnc5c09LCnpMdlJmekcremdpaWg1WVREc2JpUGlqb21ROHdwZnNRN0ZSdzR0MGE4cENreDRXUnJLa1ZpelZjV21qNHJpamgKWHNYRzk1L0hjV0dEZU9neXpLQXJZMEhsRE9EekF1Q0xXSE9Lb1J2d3k4dTdOYmk2bHhwZUk0MkYwSXVFSGEydgpZR3ZocVl6SkVPMFlqdnh3RHlNYkZLZ25XS3lFNGthRlhuWVJHVTUxRDV0VUY0YStRZEhZOTJQbFJCcUJKYTBxCk1EdTBnSGJuLzllSXJraVB4STFqRTdRY0Z5OFRHKy8vcXNpQ1lWbktaZSthTnM4WkRNZlRpYXdVYWJwa3gzcnAKcTJFMGNSd2hnODdjNGdjSHJ1YTQ3TTc0U0ZNMzVEMm0rejdwRXdJREFRQUJBb0lCQVFDWG9xelpPYk9lWlg4QwpnR0NIbE0yYkRUSC9EdytGU1lSR0NUVlZiOS95MklneEpoUEMwcVRJM2FoUUQrWHUwTmpJdGltbldVK1g5Y0dnCkk2R205bi8wWDhoSEdDcDU1Z2pOcUphQWRBVHBXVmg3N2xTTFN3bVlkYjR1dEFUQ1lYTmpLa2Jva0FQMm5DcVcKZm5ueGNhR3dPNklobVhFd3h0VWZkQmFjVlh4UmQ3QTZPaVg2R21qY0ZhQzNWdjJiSC8zYTMzUWNkRkRmZWlPRgo0eEdKWVcvWlQ1aFJua2tSbjVhYXZOVE15ZVZySFhDd0Z5aU0ydDJ3TzVxb0Npd05qWVhZV2dOa2Q3bnRuTnB1CmNzOWFDY1NRSUJKakFtRWhpK3Y5NzIyeTlub3FiTnRRMC9kaU5BcVhIbENTam40UXFkQ1JMVUx2TThUNWRXeXIKM2F4QWtPUGhBb0dCQU1WUG9OOHczRFJVT091ZW91NlEwckxUb2d4emxvTXY3bW9FWEg1clVlRzJoWmhMSUpEcwpHcXZxTVVMdkVKazh5aE1tUlRDSmUweTQ4MlBJNkZ0Z2JUd3F1WjFDQkZmNTJrMG1uMGlhVXgvZUd3Wnh6NUlRCjdBNndybzVlWkVtTWhGS2NTVEV1ZC92NTQ0aUxNdEJYc2lkZzltUC9mVll0dXZzaWVPVFNlNkxaQW9HQkFOdmUKM1R6SHVQR3RUcVB5N3NYckVmcGZHQzk3N3pFZkF3eUJIRUkvbGRKYXVuZDNQak9aTDBrcjA1eVpqOFEvenZFaApPTVhlT3dVNE83b05GNHhuRzhXMHhZUW16TGRWMmhPK3l6cURnRlN1N3BxNjZHeUFkUVBma0NUQ0VtRmRPb1FpCmxyRnV2a0xIMXJMbDhtZHU1QVg3blkvWm91SHlxcFNhSHEvSGtKL0xBb0dBZHZJdDlONnJvUkEwMERYdDJ3dUwKT1NyRHdlWGNrbkZPdExLMFg3R3F4dnNWUmwzajMvbTFpblhBQkszQnY5OFpvcm1yZERzdERXOWhxb0h2TVViTQpFejFlY0NMZ0kza0gxUUszZXprdGEwU2wzaGkySFVQK1NrelFyaHJSTWxWM1g2Vy9xZHB0a29WdVdWNHczOUErCkllY2VJZUpmV0podzQveEFEUkdtWHVFQ2dZRUFnM3FUNWNLdzc2UnBRRlVIUDhkQUt1NHVza1owVkhWdEIwODEKck5BRk1aTWJxbERlRzFEaEcrcGZVbWZwdHJ0SmJwd2xMUDJsWVl1cys2YlVqQnNrV21ldExVZGVaOHVvNnVITworYUNsWHY1MHBJWmNjbldtZzdodW8reUJ2VU5ZdUtkT1liQU5paldpUjd5RjVpQkRydWcxNGsyTXYzeXpVTVdRCjBDQ1FkVjBDZ1lFQXJmajB3VllpbE1KN3k0MDk1YXhLODhjcXp4K0pFdnFjS0xpWVZEQ3NTMGZxMmRmNlVtdVIKTzYwY0VyT0FTNEc3dFpPSDVlSXBXYXd1VHhjVlJMSExEaitrNWFCUnFXSmZrZ2NBb1JGUW9EQVd2UXhWaG10Zwp2MDZSeFczN3hsVDZnTEdveU9xK21CMTdVOEp2UXd5aEc0WlFoY05kUkQyUVlHTWQ4TFFWT29RPQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
設置上下文
kubectl config set-context default \
--cluster=kubernetes \
--user=kube-proxy \
--kubeconfig=kube-proxy.kubeconfig
設置默認上下文
kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig
能夠將以上全部命令存入到kubeconfig.sh,放在/opt/kubernetes/ssl
設置可執行權限chmod 755 kubeconfig.sh
- 1. k8s集羣部署七(部署Node節點組件)
- 2. Kubernetes集羣部署之五node節點部署
- 3. 使用Kubeadm建立k8s集羣之節點部署(三十一)
- 4. 三 node節點部署k8s組件
- 5. 二進制部署K8s集羣第11節Node節點之kubelet部署
- 6. 二進制部署K8s集羣第12節Node節點之kube-proxy部署
- 7. k8s集羣———etcd-三節點部署
- 8. k8s集羣部署六(部署master節點組件)
- 9. 6、Kubernetes_V1.10集羣部署-node-部署節點組件
- 10. k8s部署篇之node節點部署(k8s篇四)
- 更多相關文章...
- • Swarm 集羣管理 - Docker教程
- • XML DOM 創建節點 - XML DOM 教程
- • 使用阿里雲OSS+CDN部署前端頁面與加速靜態資源
- • RxJava操作符(五)Error Handling
-
每一个你不满意的现在,都有一个你没有努力的曾经。