Logo
活死人の行知路

kubeadm初始化集群工作流程

📅 | 📝 290 字
#K8S #kubernetes

Init 命令的初始化流程

kubeadm init 命令通过执行下列步骤来启动一个 Kubernetes Control Plane 节点。

  • Master 节点不处理任何与 Pod 和 Node 节点的任务,而是将任务调度到 Work Node 节点上去执行。
  1. 运行一系列的预检项来验证系统状态。一些检查项目仅仅触发警告,其它的则会被视为错误并且退出 kubeadm,除非问题得到解决或者用户指定了 --ignore-preflight-errors= 参数。
  2. 生成一个自签名的 CA 证书 (或者使用现有的证书,如果提供的话) 来为集群中的每一个组件建立身份标识。如果用户已经通过 --cert-dir 配置的证书目录 (默认为 /etc/kubernetes/pki) 提供了他们自己的 CA 证书以及/或者密钥,那么将会跳过这个步骤,正如文档使用自定义证书所述。
# ll /etc/kubernetes/pki/
apiserver.crt
apiserver-etcd-client.crt
apiserver-etcd-client.key
apiserver.key
apiserver-kubelet-client.crt
apiserver-kubelet-client.key
ca.crt
ca.key
etcd/
front-proxy-ca.crt
front-proxy-ca.key
front-proxy-client.crt
front-proxy-client.key
sa.key
sa.pub
  1. 将 kubeconfig 文件写入 /etc/kubernetes/ 目录,以便 kubelet、控制器管理器和调度器用来连接到 API 服务器,它们每一个都有自己的身份标识,同时生成一个名为 admin.conf 的独立的 kubeconfig 文件,用于管理操作。
# cat /etc/kubernetes/admin.conf
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJWlFlaVR2bkNBU0l3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TmpBMU1qY3dOelV3TkRCYUZ3MHpOakExTWpRd056VTFOREJhTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUM1RkVwTmpNT1d6c0U0VGQ3NjZXOVBNMllLUlVCOEJ0NTB4MllveVVZZzhIK1hwaG1FMU1lcWNlWlgKbEN3QUxiT2ZOSUFWYUQyNW9sTU95ODNjQzRrSlcyODBhanpHeDA3YWZoZHVDZWFicGc4RDNjSXpNMnBqVTVEZwpCTjh1OEh1T3ZKWXF3VE94YnM1YTNKNVVWbFVsQ285MWc2bXh0TDhxMmF5cnVISjkzRitoc0JGL0lUWVIwWFBuClZIVkYxNnI5WG55QUM4aFVYbjZhVjJOTWZMTkZJVm44VWdtL0VUL3dLT3k5Qi9ZdTNKUGxLbndwYmVjcm1pTEMKam9kTHFyaUEvS1RYMUFVK1U3UkdrVy9DTGlUSm4veUo5dHljL3pSSTlWSUtpNzhoUDJJYVBaaC9iU2dmQy9KQQpTUGdsczdYUmJuK0ZyWWprZS9JakxqZDJBTy94QWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJTUm80VTQ2VldhSnRBSURsVjdHRWlTSDlNbHZEQVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQlVkRDVVMFFvYgo0YWtTaVRicG5yNWlSSGN6bXpsUlBYV29QbkN1ZnJRNTRKWHVYVVVCN0c3bUd2QkRXTGRiNTNxV2xCOGZhZFJBCjlJdHp3Y3JhMjE1L2xzSVNYUnZLa2dVMDRhNXBxVUVMK1V0WU1kRDZxWG01RmdGSGt3eGVLdmM2Vm8wTkIxUloKYzlUUWtiZzZrVVpvaXNOaUZOT3pxWlhyMXU5SmtpL3doOVd5c21wWHhSdVVHVVlYa3ZWaXRVYlRjQTFnNHdOMQpoV1FseWR4QmUwL1FIN1Y2M0FCZnhjSHBVeUFxTElFTjZPSHVlTTZ0Qit0bnVXbFZ2TDNUZDJ2MkRTZktmaWVoCnltYXlCU0psU3djM0pPbFlPUC9adER4ZjlJODR1NCtaYVVUUG1VUHJxOTJLN0NOZDR4VmRseDZ6UzhZN1hEN0kKSTZNSXlpQ3FPMkx6Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
    server: https://172.20.30.1:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
users:
- name: kubernetes-admin
  user:
    client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURLVENDQWhHZ0F3SUJBZ0lJWHZ2QVVhNTJXZkV3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TmpBMU1qY3dOelV3TkRCYUZ3MHlOekExTWpjd056VTFOREJhTUR3eApIekFkQmdOVkJBb1RGbXQxWW1WaFpHMDZZMngxYzNSbGNpMWhaRzFwYm5NeEdUQVhCZ05WQkFNVEVHdDFZbVZ5CmJtVjBaWE10WVdSdGFXNHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFEQUtYTGEKNEdZeUdqa0YvZ0xwRWdsdzk1OFNIKzR6aFp5WmM2bWlPQkRTNUNpdG9SdnJVRzcwbDJ4WWt3aW44SStKdDVORQpwcCsyYmlHT3pCZ3RRaTd2Yy9YcHhFdHEyYUtUTSthb29WYzVURzUyUGpsQUxNdDVIL0IwRWg5ZGs1L3NrdmVJCjhBbWlaYXhiSlBaZ3FQaDdmVkk0TUtEYTJ1WHEzZHBkNW9XNG53eHU4ZkJLWFZzUW42aElpMVhsM1d6akhXcHAKZ3dPdDczQTNzTW9XODB4RGowNHBLdDY0Z0JLcTh2TzNhZHAxQU53dkU2SndWdi85ZjNYRlFHbXB0cGUxTCtxNgo5QlhkZkljZVk1d0lxSFh2R0FLaWlmNkdUdS9OMVRXU3VhbGxFbWN3c1J3Z0pFYklQdDhJRmZZVlBraGgrV0VOCng0NkZuQnZydjliZlRqYUxBZ01CQUFHalZqQlVNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUsKQmdnckJnRUZCUWNEQWpBTUJnTlZIUk1CQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkpHamhUanBWWm9tMEFnTwpWWHNZU0pJZjB5VzhNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUMyS2dURW5raGw5TWg0MVl5V0p0bW5RL2VzCmFqK1lSOHZIZjFoNWQwYW12UXJ3NzJ6QzBlTUtPN05HeGlmL2NML2dsd1dCOTVWd2dyKzRzcDNwbGNOclZaRTIKM25DS1I1RTFKWjU4bE1tRlRDYjFrLzF5NHl1VkVhbkpJZXdhaUNaRm5UOWp5VzVxd1BIc2ZxWmJCRXlnQXVjUQozUVRvaFJzR25DT21sVk84QXNSa2dvMzUwYVI2clh2enMyaUk1NkdhZDhlTUZmZ29OTi9QU0YvWlZzaVVQZkhtCk85SHA5MWlwR1oveHVEY1NoMXlCVDRGWHhsTlZramUwbXNYeVNtd3h4K3ZlVHRzT1Rnd1E3VE1obDFwT3R3eTkKaHRYOVBUSEFGSUxvV2ZPbE9qOFVFV3NINkJEVTVzMHhQY2k1RkdsV2ZFRkFlMVk3V1pZZmJXL0JBanBFCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
    client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBd0NseTJ1Qm1NaG81QmY0QzZSSUpjUGVmRWgvdU00V2NtWE9wb2pnUTB1UW9yYUViCjYxQnU5SmRzV0pNSXAvQ1BpYmVUUkthZnRtNGhqc3dZTFVJdTczUDE2Y1JMYXRtaWt6UG1xS0ZYT1V4dWRqNDUKUUN6TGVSL3dkQklmWFpPZjdKTDNpUEFKb21Xc1d5VDJZS2o0ZTMxU09EQ2cydHJsNnQzYVhlYUZ1SjhNYnZIdwpTbDFiRUorb1NJdFY1ZDFzNHgxcWFZTURyZTl3TjdES0Z2Tk1RNDlPS1NyZXVJQVNxdkx6dDJuYWRRRGNMeE9pCmNGYi8vWDkxeFVCcHFiYVh0Uy9xdXZRVjNYeUhIbU9jQ0toMTd4Z0Nvb24raGs3dnpkVTFrcm1wWlJKbk1MRWMKSUNSR3lEN2ZDQlgyRlQ1SVlmbGhEY2VPaFp3YjY3L1czMDQyaXdJREFRQUJBb0lCQUZSdTRlU0NUT1VlMklkbApnT25mM3Y0Z0QyanJWc0tVcHFaV1IrYmJNNmsyVHhsYmZPVDhSb1I2TkVVRzlmcTBuSjBxYUM3MTk1ODA3TkhOCm82SGZQcmcvLzRGam1xK3NTTjdkSXpCZEUvSTlQeHY5WXpKcmZFd1FXSnJuaTVpV1VPS21BTlhPZ3EwMGQzTGsKM3N6QjhjeHcyRHVRUWwxbmFUYTFuRWsrRE90OVVra1VGNXFnUWYxcDBobTBIS1RwazhWSjdUaWpSM3BUaVdlQQpXZjVxMVFpN1cxMmE1V0paQ1hPVjlXditES2d0Ris1a2RZWDdxQ1JGUDZDeC9ERTF5bUpOUHhJckMvWlJKNE5kCitTdmxQZDNJS3lVRSt1b3NDQmVldENvWFVqNHhoWm9adG14c1dzZ0pFV2I2cm5WMVREK1lrS2NSSkNZSFpUVm8KMDNVT3VlRUNnWUVBL2YxT2pvL2VNbTluNXNqOEl4a09zRHlmaC9vaFdLRzF6NVplRzA3dVFidnlhUlVpRCtPNgpFK0RJUUtpaVZpS0tsdDBheWRFRU53NGRXZ3N3OWpaSFZwSW1RVENiYWhGc1pLOW1NeUJrQnZVcEJ6MFZJQjBnCkJVYVljL1pTWFFZUEdxVHI4OVVvdFhnbVlMYW03d254VUFzS0dMVVZuWm9vNzlMeUpkcDZnSGNDZ1lFQXdhN2EKTEtYb2pmWlo3dzQxV2d5NXdBbm5Yc1J3RWJKV1FZekorWk4wTlViKytFVzZWYnlTSFVKd0NKQTVhVS9adTRjaApxNTNhMnlTSXFDTk9HY1pGM1pvckx3RVFaS244ZEFwT0RtT2tDajM2Ykp4QkRzZmF5NkVadXlyZENVRkpVY2JYCm04OVpob2phQURoYzRQNUFpMWEyejNHdG5CUnJiVVdwcVRiZ2M0MENnWUFZby9oNUVEQUlTSktWNnkyNjRmVncKMTVES2lsT3QyNUpkMzBLbDk1Ulp3RGdXUmJ5V09ndVZYaHRQV296Vk9taWpsalBCSEl3Q0kxWnBvK2hPR3BuMQpKaHliK25FNWF4Tk8rVTA2N0l1SHVVVVB0TGRWOUQxbEJhSklyYjd6MDJDbnZ4UTlCWkw3ZC9xUksyY3FqWlpoCm81Q0pNUmcxdi96MHQweFNxODF5cFFLQmdRQy9ETUU5WlhKZUJuRno4Nm9BNTZpYW02cFV1cVJwY0diUlJoVTkKVUl4Q3VZTnNWeXVVd3V2R1hQQ3lJY0hmOWRvcXR3TXBqQTZFT0NkczQxWjQ2akdraEJ5d3d2WHV0aGJHU0J2eQo2YXE0UjZhc1YvMThuUHRmL2N1cDZvQWFUd0lKM29CenV6YnVGRFFtSDNMT3BUMzV0Rkdqa3RqVHF2akUwd0NtClgvRkxTUUtCZ1FDZ2Y2ZTVKY3pvK2pqbjI5aVR0a2MxbmtIL3ZRTktWc2N2cUN5bnNqRHJQUmdwY1g0SWdTaWUKZ05FcVFRcHJxVWJUeC9wVmR3RzZQYlYwMURib0FLbDVOVmJLOTNKMDFhdWdJUUJ5OEI0OWp1cmxyQ1dMa3pNYwpNWGY0TjJJU3N3aUxrRmt0MzFidERTMG1EQkdPMnB0L0NNSExSOEErREJJZmx6NExLcG1nUFE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=

配置中定义了 server 的地址。这个文件会拷贝到集群的 Work Node 节点:

# cat /etc/kubernetes/admin.conf
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJWlFlaVR2bkNBU0l3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TmpBMU1qY3dOelV3TkRCYUZ3MHpOakExTWpRd056VTFOREJhTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUM1RkVwTmpNT1d6c0U0VGQ3NjZXOVBNMllLUlVCOEJ0NTB4MllveVVZZzhIK1hwaG1FMU1lcWNlWlgKbEN3QUxiT2ZOSUFWYUQyNW9sTU95ODNjQzRrSlcyODBhanpHeDA3YWZoZHVDZWFicGc4RDNjSXpNMnBqVTVEZwpCTjh1OEh1T3ZKWXF3VE94YnM1YTNKNVVWbFVsQ285MWc2bXh0TDhxMmF5cnVISjkzRitoc0JGL0lUWVIwWFBuClZIVkYxNnI5WG55QUM4aFVYbjZhVjJOTWZMTkZJVm44VWdtL0VUL3dLT3k5Qi9ZdTNKUGxLbndwYmVjcm1pTEMKam9kTHFyaUEvS1RYMUFVK1U3UkdrVy9DTGlUSm4veUo5dHljL3pSSTlWSUtpNzhoUDJJYVBaaC9iU2dmQy9KQQpTUGdsczdYUmJuK0ZyWWprZS9JakxqZDJBTy94QWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJTUm80VTQ2VldhSnRBSURsVjdHRWlTSDlNbHZEQVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQlVkRDVVMFFvYgo0YWtTaVRicG5yNWlSSGN6bXpsUlBYV29QbkN1ZnJRNTRKWHVYVVVCN0c3bUd2QkRXTGRiNTNxV2xCOGZhZFJBCjlJdHp3Y3JhMjE1L2xzSVNYUnZLa2dVMDRhNXBxVUVMK1V0WU1kRDZxWG01RmdGSGt3eGVLdmM2Vm8wTkIxUloKYzlUUWtiZzZrVVpvaXNOaUZOT3pxWlhyMXU5SmtpL3doOVd5c21wWHhSdVVHVVlYa3ZWaXRVYlRjQTFnNHdOMQpoV1FseWR4QmUwL1FIN1Y2M0FCZnhjSHBVeUFxTElFTjZPSHVlTTZ0Qit0bnVXbFZ2TDNUZDJ2MkRTZktmaWVoCnltYXlCU0psU3djM0pPbFlPUC9adER4ZjlJODR1NCtaYVVUUG1VUHJxOTJLN0NOZDR4VmRseDZ6UzhZN1hEN0kKSTZNSXlpQ3FPMkx6Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
    server: https://172.20.30.1:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
users:
- name: kubernetes-admin
  user:
    client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURLVENDQWhHZ0F3SUJBZ0lJWHZ2QVVhNTJXZkV3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TmpBMU1qY3dOelV3TkRCYUZ3MHlOekExTWpjd056VTFOREJhTUR3eApIekFkQmdOVkJBb1RGbXQxWW1WaFpHMDZZMngxYzNSbGNpMWhaRzFwYm5NeEdUQVhCZ05WQkFNVEVHdDFZbVZ5CmJtVjBaWE10WVdSdGFXNHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFEQUtYTGEKNEdZeUdqa0YvZ0xwRWdsdzk1OFNIKzR6aFp5WmM2bWlPQkRTNUNpdG9SdnJVRzcwbDJ4WWt3aW44SStKdDVORQpwcCsyYmlHT3pCZ3RRaTd2Yy9YcHhFdHEyYUtUTSthb29WYzVURzUyUGpsQUxNdDVIL0IwRWg5ZGs1L3NrdmVJCjhBbWlaYXhiSlBaZ3FQaDdmVkk0TUtEYTJ1WHEzZHBkNW9XNG53eHU4ZkJLWFZzUW42aElpMVhsM1d6akhXcHAKZ3dPdDczQTNzTW9XODB4RGowNHBLdDY0Z0JLcTh2TzNhZHAxQU53dkU2SndWdi85ZjNYRlFHbXB0cGUxTCtxNgo5QlhkZkljZVk1d0lxSFh2R0FLaWlmNkdUdS9OMVRXU3VhbGxFbWN3c1J3Z0pFYklQdDhJRmZZVlBraGgrV0VOCng0NkZuQnZydjliZlRqYUxBZ01CQUFHalZqQlVNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUsKQmdnckJnRUZCUWNEQWpBTUJnTlZIUk1CQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkpHamhUanBWWm9tMEFnTwpWWHNZU0pJZjB5VzhNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUMyS2dURW5raGw5TWg0MVl5V0p0bW5RL2VzCmFqK1lSOHZIZjFoNWQwYW12UXJ3NzJ6QzBlTUtPN05HeGlmL2NML2dsd1dCOTVWd2dyKzRzcDNwbGNOclZaRTIKM25DS1I1RTFKWjU4bE1tRlRDYjFrLzF5NHl1VkVhbkpJZXdhaUNaRm5UOWp5VzVxd1BIc2ZxWmJCRXlnQXVjUQozUVRvaFJzR25DT21sVk84QXNSa2dvMzUwYVI2clh2enMyaUk1NkdhZDhlTUZmZ29OTi9QU0YvWlZzaVVQZkhtCk85SHA5MWlwR1oveHVEY1NoMXlCVDRGWHhsTlZramUwbXNYeVNtd3h4K3ZlVHRzT1Rnd1E3VE1obDFwT3R3eTkKaHRYOVBUSEFGSUxvV2ZPbE9qOFVFV3NINkJEVTVzMHhQY2k1RkdsV2ZFRkFlMVk3V1pZZmJXL0JBanBFCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
    client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBd0NseTJ1Qm1NaG81QmY0QzZSSUpjUGVmRWgvdU00V2NtWE9wb2pnUTB1UW9yYUViCjYxQnU5SmRzV0pNSXAvQ1BpYmVUUkthZnRtNGhqc3dZTFVJdTczUDE2Y1JMYXRtaWt6UG1xS0ZYT1V4dWRqNDUKUUN6TGVSL3dkQklmWFpPZjdKTDNpUEFKb21Xc1d5VDJZS2o0ZTMxU09EQ2cydHJsNnQzYVhlYUZ1SjhNYnZIdwpTbDFiRUorb1NJdFY1ZDFzNHgxcWFZTURyZTl3TjdES0Z2Tk1RNDlPS1NyZXVJQVNxdkx6dDJuYWRRRGNMeE9pCmNGYi8vWDkxeFVCcHFiYVh0Uy9xdXZRVjNYeUhIbU9jQ0toMTd4Z0Nvb24raGs3dnpkVTFrcm1wWlJKbk1MRWMKSUNSR3lEN2ZDQlgyRlQ1SVlmbGhEY2VPaFp3YjY3L1czMDQyaXdJREFRQUJBb0lCQUZSdTRlU0NUT1VlMklkbApnT25mM3Y0Z0QyanJWc0tVcHFaV1IrYmJNNmsyVHhsYmZPVDhSb1I2TkVVRzlmcTBuSjBxYUM3MTk1ODA3TkhOCm82SGZQcmcvLzRGam1xK3NTTjdkSXpCZEUvSTlQeHY5WXpKcmZFd1FXSnJuaTVpV1VPS21BTlhPZ3EwMGQzTGsKM3N6QjhjeHcyRHVRUWwxbmFUYTFuRWsrRE90OVVra1VGNXFnUWYxcDBobTBIS1RwazhWSjdUaWpSM3BUaVdlQQpXZjVxMVFpN1cxMmE1V0paQ1hPVjlXditES2d0Ris1a2RZWDdxQ1JGUDZDeC9ERTF5bUpOUHhJckMvWlJKNE5kCitTdmxQZDNJS3lVRSt1b3NDQmVldENvWFVqNHhoWm9adG14c1dzZ0pFV2I2cm5WMVREK1lrS2NSSkNZSFpUVm8KMDNVT3VlRUNnWUVBL2YxT2pvL2VNbTluNXNqOEl4a09zRHlmaC9vaFdLRzF6NVplRzA3dVFidnlhUlVpRCtPNgpFK0RJUUtpaVZpS0tsdDBheWRFRU53NGRXZ3N3OWpaSFZwSW1RVENiYWhGc1pLOW1NeUJrQnZVcEJ6MFZJQjBnCkJVYVljL1pTWFFZUEdxVHI4OVVvdFhnbVlMYW03d254VUFzS0dMVVZuWm9vNzlMeUpkcDZnSGNDZ1lFQXdhN2EKTEtYb2pmWlo3dzQxV2d5NXdBbm5Yc1J3RWJKV1FZekorWk4wTlViKytFVzZWYnlTSFVKd0NKQTVhVS9adTRjaApxNTNhMnlTSXFDTk9HY1pGM1pvckx3RVFaS244ZEFwT0RtT2tDajM2Ykp4QkRzZmF5NkVadXlyZENVRkpVY2JYCm04OVpob2phQURoYzRQNUFpMWEyejNHdG5CUnJiVVdwcVRiZ2M0MENnWUFZby9oNUVEQUlTSktWNnkyNjRmVncKMTVES2lsT3QyNUpkMzBLbDk1Ulp3RGdXUmJ5V09ndVZYaHRQV296Vk9taWpsalBCSEl3Q0kxWnBvK2hPR3BuMQpKaHliK25FNWF4Tk8rVTA2N0l1SHVVVVB0TGRWOUQxbEJhSklyYjd6MDJDbnZ4UTlCWkw3ZC9xUksyY3FqWlpoCm81Q0pNUmcxdi96MHQweFNxODF5cFFLQmdRQy9ETUU5WlhKZUJuRno4Nm9BNTZpYW02cFV1cVJwY0diUlJoVTkKVUl4Q3VZTnNWeXVVd3V2R1hQQ3lJY0hmOWRvcXR3TXBqQTZFT0NkczQxWjQ2akdraEJ5d3d2WHV0aGJHU0J2eQo2YXE0UjZhc1YvMThuUHRmL2N1cDZvQWFUd0lKM29CenV6YnVGRFFtSDNMT3BUMzV0Rkdqa3RqVHF2akUwd0NtClgvRkxTUUtCZ1FDZ2Y2ZTVKY3pvK2pqbjI5aVR0a2MxbmtIL3ZRTktWc2N2cUN5bnNqRHJQUmdwY1g0SWdTaWUKZ05FcVFRcHJxVWJUeC9wVmR3RzZQYlYwMURib0FLbDVOVmJLOTNKMDFhdWdJUUJ5OEI0OWp1cmxyQ1dMa3pNYwpNWGY0TjJJU3N3aUxrRmt0MzFidERTMG1EQkdPMnB0L0NNSExSOEErREJJZmx6NExLcG1nUFE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
root@vm-1:~#
root@vm-1:~# cat /etc/kubernetes/kubelet.conf
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJWlFlaVR2bkNBU0l3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TmpBMU1qY3dOelV3TkRCYUZ3MHpOakExTWpRd056VTFOREJhTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUM1RkVwTmpNT1d6c0U0VGQ3NjZXOVBNMllLUlVCOEJ0NTB4MllveVVZZzhIK1hwaG1FMU1lcWNlWlgKbEN3QUxiT2ZOSUFWYUQyNW9sTU95ODNjQzRrSlcyODBhanpHeDA3YWZoZHVDZWFicGc4RDNjSXpNMnBqVTVEZwpCTjh1OEh1T3ZKWXF3VE94YnM1YTNKNVVWbFVsQ285MWc2bXh0TDhxMmF5cnVISjkzRitoc0JGL0lUWVIwWFBuClZIVkYxNnI5WG55QUM4aFVYbjZhVjJOTWZMTkZJVm44VWdtL0VUL3dLT3k5Qi9ZdTNKUGxLbndwYmVjcm1pTEMKam9kTHFyaUEvS1RYMUFVK1U3UkdrVy9DTGlUSm4veUo5dHljL3pSSTlWSUtpNzhoUDJJYVBaaC9iU2dmQy9KQQpTUGdsczdYUmJuK0ZyWWprZS9JakxqZDJBTy94QWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJTUm80VTQ2VldhSnRBSURsVjdHRWlTSDlNbHZEQVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQlVkRDVVMFFvYgo0YWtTaVRicG5yNWlSSGN6bXpsUlBYV29QbkN1ZnJRNTRKWHVYVVVCN0c3bUd2QkRXTGRiNTNxV2xCOGZhZFJBCjlJdHp3Y3JhMjE1L2xzSVNYUnZLa2dVMDRhNXBxVUVMK1V0WU1kRDZxWG01RmdGSGt3eGVLdmM2Vm8wTkIxUloKYzlUUWtiZzZrVVpvaXNOaUZOT3pxWlhyMXU5SmtpL3doOVd5c21wWHhSdVVHVVlYa3ZWaXRVYlRjQTFnNHdOMQpoV1FseWR4QmUwL1FIN1Y2M0FCZnhjSHBVeUFxTElFTjZPSHVlTTZ0Qit0bnVXbFZ2TDNUZDJ2MkRTZktmaWVoCnltYXlCU0psU3djM0pPbFlPUC9adER4ZjlJODR1NCtaYVVUUG1VUHJxOTJLN0NOZDR4VmRseDZ6UzhZN1hEN0kKSTZNSXlpQ3FPMkx6Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
    server: https://172.20.30.1:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: system:node:vm-1
  name: system:node:vm-1@kubernetes
current-context: system:node:vm-1@kubernetes
kind: Config
users:
- name: system:node:vm-1
  user:
    client-certificate: /var/lib/kubelet/pki/kubelet-client-current.pem
    client-key: /var/lib/kubelet/pki/kubelet-client-current.pem
  1. 为 API 服务器、控制器管理器和调度器生成静态 Pod 的清单文件。静态 Pod 的清单文件被写入到 /etc/kubernetes/manifests 目录;kubelet 会监视这个目录以便在系统启动的时候创建 Pod。 一旦Control Plane的 Pod 都运行起来,kubeadm init 的工作流程就继续往下执行。
  • 静态mod是不会自动扩容的
# ll /etc/kubernetes/manifests
etcd.yaml
kube-apiserver.yaml
kube-controller-manager.yaml
kube-scheduler.yaml
  1. 对Control Plane节点应用 labels 和 taints 标记以便不会在它上面运行其它的工作负载。
  2. 生成令牌以便其它节点以后可以使用这个令牌向Control Plane节点注册自己。
  3. Kubeadm 会创建 configmap,提供添加节点所需要的信息。
kubectl get configmap
kubectl describe configmap kubeadm-config -n kube-system

# 查看k8s系统空间服务
# kubectl get po -n kube-system
NAME                           READY   STATUS    RESTARTS   AGE
coredns-bbdc5fdf6-gf5bx        1/1     Running   0          97m
coredns-bbdc5fdf6-jhlpq        1/1     Running   0          97m
etcd-vm-1                      1/1     Running   0          98m
kube-apiserver-vm-1            1/1     Running   0          98m
kube-controller-manager-vm-1   1/1     Running   0          98m
kube-proxy-c9qbk               1/1     Running   0          58m
kube-proxy-pk66m               1/1     Running   0          55m
kube-proxy-q6tqc               1/1     Running   0          97m
kube-scheduler-vm-1            1/1     Running   0          98m

# 查看某个服务
kubectl describe pod kube-proxy-c9qbk -n kube-system