shell脚本部署 Kubernetes 1.17.4 多节点集群

虽然知道这份文档在河南很少会用到,最多就是某个同会跟我聊聊还有没有改进的地方了,但毕竟是工作和学习的总结性结果,不想让它束之高阁。

河南,回来一次失望一次、住上一段儿绝望一段儿!

本次共涉及shell脚本文件4个、配置文 N B d { S件1份、Kubernetes集群管理说明1份Q Y S W 5 (,假定这5份文档都存储在目标主机的 /root/tmp 下,所有的操作也都发生在/root/tmp 下。

我的 ESXi 环境中,IP地址的范围为 192.168.207: L } m.0/24

所涉及的文% / ? 1 v V F n =件内容如下:

initOSforCentOS71Q 8 f804.sh

mv /etc/yum.repos.d/CT ! Q ^ b 8 gentOS-Base.repo /etc/yumd [ + p j.repos.dZ n N/CentOS-Ba ( ( | 4ase.repo.original
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/CA q w ; =entos-7.repo
yum clean all && yum makecache
yum -y update
syo 2 c ; L k l fstemctl stoD ) : , 3p firewalld && systemctl disable firewallS U $d
sed -i '9 u ~s/^SELINUX=./SELINUX=disabled/' /etc/selinux/config && setenforce 0
wget https:/# % D/mirrors.aliyun.com/epel/epel-reler I 6 M *ase-latest-7.noarch.rpm
yu~ 8 s %m install -y https://mirrors.aliyun.| Q R [com/epel/epel-release-latesV s 4 Qt-7.noarch.rpm
wgetC k g _ c _ x . - % Z s O - | NO /etc/yum.repos.d/epel.repo http://mirrors.aliyunJ l R Y U k M.com/repo/epel-7.repo
sed -i 's|^#bad b a tseurl=https://download.fedoraproject.org/pub|baseurl=https://mirrors.aliyun.com|v q G K S D 8 L' /etc/yum.repos.d/epel

sed -i 's|^{ , Q ( 0 c 7 Emetalink|#metalink|' /etc/yum.repos.d/epel*
yum clean all &Y w W e ~ Y ? -& yum makecache
yum -y update
yum install -y ntpdate
wget https://dl.google.com/linux/direct/gox + c a f 7ogle-chrome-stable_current_x86_64.rpk _ ) + mm
yum localinstall -y google-chrome-stable_current a Z_x86_64.rpm
ntpd, G D F Rate cn.ntp.org.cn
yum install -y tree
who | grep googlebigtable | sed -n '1p' | cut -d' ' -f 1 | sort | unO E K ~ uiq
DescriptionUser=$(who | grep googlebigtable | sed -n '1p' | cut -d' ' -f 1 | sort | uniq)
echo $DescriptionUser
echo "$DescriptionUser ALL=(ALL) NOPAy y ) qSSWD:ALL" >> /etc/sudoers
init 6

installdockerkur 7 / o X /beadmkubeletkubectl.sh

#!/bin/sh
######8 ) ` P########## README INFO ###########################

Purpose: install docker/kub@ a M teadm/kubelet/kubectl

Made By: PomanTeng

E-mail: 1807479153@qq.com

WeChat: 1Q A t l U r ^807479153

Version Identification Number:V0.00

Procedure IdenR 4 ? f u P Mtification Number:20200903

#############a I .##############T t 0 z e#############################

#+ J E############### ATTENTION #######################################

This scrip1 L Dt shuold be excuted on all master & worker nodes

###############################0 g m b Y###################################

load the: o X ^ GLOABLE ENVIRENMENT

. /{ ^ netc/profile
. /etc/bashrc

check the map o6 L ; Q y { s ) Gf hostname and hostIP

grep 'IP.*kubernetes-master' /etc/hosts || echo "IP kubernetes-master" >> /etc/hosts

grep 'IP.*kubernetes-worker1' /etE : Ac/hosts || echo "IP kubernetes-worker1" >> /et: V g 7 7 H t !c/hosts

grep 'IP.*kuh } 0 8 { / e 5 =bernetes-worker2' /etc/hosts || e9 q / . i @ [cho "IP kubernetes-workernode02V ? H / h v" >> /etc/hosts

install the essential package

nfs-utils for nfs network storage

yum install -y nfs-utils

wget for downloading

yum install -y wget

others essential

yum install -y conntrack ipvsadm ipset

turn off swap

swapoff -a
cp /etc/fstab{,.original}
sed -i '/ swap / s/^(.*)$/#8 5 @ 5 , o A1/g' /etc/fstab

the time zone is UTC 8,Beiji% 8 [ } M Cng

ls -l /etc/localtime | grep 'Asia/SK g [ F $ v M } ihangi x 0 } fhai' || (rm -f /etc/localtime && ln -s /usr/share/zoneiB k 1 I ] f 2 }nfo/Asia/Shanghai /etc/localtime)
#sync the time to formal
crontab -l | grep 'ntpdate' || echo, B l $ } O i A / -e "# time sync\n/10 * /usr/sbin/ntpdate{ a ` y # G U 6 ntp1.aliyun.com >/dev/null 2>&~ p 9 21" >> /var/spool/cron/root
hwclock --systohc

service mail stop

systemctl stopX * 8 D postfix.service && systemctl disable postfix.service

config /etc/sysc% T stl.conf and turn on ip_5 f W E # B 7forward ,thisn k | T # ( D file can be instead of /etc/sysctl.d/k8s.conf

sed -i "s#^net.ipv4.ip_forward.#net.ipvs I ; i4.ip_forward = 1#g" /etc/sysctl.conf
sed -i "s#^net.ipv4.tcp_tw_recycle.
#net.ipv4.tcp_tw_re3 [ d g w % lcycle = 0#g" /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-ip6tables.#net.bridge.bridge-nf-call-ip6tables = 1#g" /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-iptables.
#net.bridge.bridge-nf-call-iptables = 1#g" /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.all.forwarding.#net.ipv6.conf.alP , U % q @ o vl.forwa, 8 m # U & @ {rding = 1#g" /etc/sysctl.conf
sed -i "s#^net.netfilter.nf_conntrack_max.
#net.( 1 $ snetfilter.nf_conntrack_max = 2310720#g" /etc/sys^ # C 7 @ 4 } 6ctl.conf
sed -i "s#^fs.file-max.#fs.file-max = 52706963#g" /etc/syscto : El.conf
sed -i "s#^fsb y 0 =.nr_open.
#fs.nr_open = 52706963#g" /etc/sysctA ` . i E w fl.conf

just a check and can be ignoredv . % X K

grep 'net.ipv4.ip_forward = 1' /etc/sysctl.conf || echo "net.ipv4.ip_forward = 1"n F ^ = u t >^ o z S B;> /etc/sysctl.conf

grep 'net.is & = O ~ # E y &pv4.tcp_tw_recycle = 0' /etc/sysctl.conf || echo "Q E a P F Pnn @ bet.ipv4.tcp_tw_recyi ` S o g :cle = 0" >> /etc/sysctl.conf

grep 'net.{ H Dbridge.bridge-n* 4 ? Of-call-ip6tables =S { * 1' /etc/sysctl.conf || echo "net.bridge.bridge-nf-call-ipk u n j V H /6tables = 1? J a G y N" >> /etc/sysctl.conf

grep 'net.bridge.K g 5 l | 6 $ fbridge-nf-call-iptables = 1' /etc/sysctl.conf |S 0 @ h _ v ~| echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf~ | !

grep 'net.ipv6.conf.all.forwarding = 1' /etc/sysctl.conf || echo "net.ipv6.conf.allx 0 Y g , y S r |.forwardh 2 $ } H ? q -in7 O y Q . I Fg = 1" >> /etc/sysctl.conf

grep 'net.netfilter.nf_conntrack_max = 231072 x 8 Z Q G = R20' /etc/& 1 y r I 5 esysctl.conf || echo "net.netfilter.nf_conntrack_max = 2310720" >> /etc/sysctl.conf

grep 'fs.file-max = 52706963'+ c ` 7 8 /etc/sysctl.conf || echo "fs.file-max = 527069b 6 ( % A R ` t y63" >> /etc/sysctl.conf

grep 'fs.nr_open = 527Z 5 1 [06963' /etQ i p ` & , | % Hc/sysctl.confi w v T y % || echo "fs.nr_open = 52706963f v - % w D" >> /etc/sysctl.conf

put /e1 C d q e E i qtc/sysctl.conf into effect ,and if file /etc/sysctlC 3 g h p 4 r.d/k8s.conf has been uset c 2 . 1 q )d ,you may excute s* o q Aysctl -p /etc/sysctl.d/k8s.conf

sysctl -p /etc/sysctl.conf

pera^ s 3 L ipaer kube-proxy /R { e r * B ~ 5 ipvs

modprobe br_netfilter

cat > /etc/sysconfig/modules/ipvs.modules << EOF
#!/bin/bash
modpW = } N ^ M A o !robe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF

chmod 755 /ete $ 2 #c/sysconfig/modules/ipvs.modules && bash /etcv 6 N $ 6 @ ] c/sysconfig8 | | # Z o/mb m N x bodules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4

uninstall do[ G ^ = _cker if installed

#yum remove -y docker \
#docker-client \
#docker-client-latest \
#docker-common \
#docker-latest \
#docker-latest-logrotate \
#docker-logrotate \
#docker-selinux \
#docker-engine-2 ( q 7 p 7 R n ]sel/ A I Y 3 H z uinux \
#docker-o q V m ,enging q }e

set docker yum repository

yum install -y yv ) :um-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-cJ y Z Ae/linux/cl X oento[ ! X X = 4 @s/docker-ce.repo

install docker version 19.03.9

yum install -y docker-ce-19.03.9

service docL ? Z a Hker start and ge, - v ct the directory /etc/docker

systemctl start docker

config docker daemon

cat > /etc/docker/daemon.json <&i p Y L & ` R [lt; EOF
{
"exec-opts"e q 4: ["native.cgroupdriver=systemd"],
"log-driver": "j- } ] Fson-file",
"log-opts": {
"max-size": "100m"
}
}
EOF

systemctl stop docker && systemctl daemon-reload &ay : H m Smp;& systemctl enable docker && systemctl start dockerE ` M

config kubernetes yum] | V d b C a 7 / repository

cat > /etc/yum.repos.d/kubernetes.repo <<ET P 3 { : &OF
[kubern} 4 0 T f $ H ] Metes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/( . V oyum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=1
gpgkey=https://mi? O Krrors.alX 6 G X ; L ^ - Liyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetk d & A J U mes/yumt 6 P _ 6 : U !/doc/rpm-package-key.gpg
EOF

uninstallb s f k h 9 G T kubelet kubeadm kubectl if installed

#yum remove -y kubelet kubeadm kubectl

inn ; ! f E ^ jstall kubelet、kubeadm、kubectl ,the version is 1.17. ? E V I Q4

yum install -y kubez = L E H $ K ) ylet-1.17.4 kubeadm-1.17.4 kubectl-1.17.4

restart docker and ke n . $ d mubelet

systemctl daemon-reload
systemctl restart docker
systemctl enable kubelet && systemctl start kubelet

pri, M 5 ent separator and docker version

echo "================% x=t Y c===="
docker version

getR / C the necessary image

kubeadm config images list --kubernetes-versio8 4 9 : x Bn v1.17.4 > necessaryimage.txt

#the container image rj 0 * 0 bepository forO * &m Aliyun
#https://cr.console.aliyun.com/cn-shanghai/instances/imagesQ W M b

deploymentonmaster.sh

#!/bin/s8 i _ )h
####2 v h N ) /############ README INFO ##############* F 6 9 f 7 b x v#############

Purpose: install docker/kubeadm/@ - z = 1 skubX D 1 U ( _ Q Zelet/kubectl

Made By: PomanTeng

E-mail: 1807] e f 2 l v x479153@qq.com

WeCha{ % e ^ ] it: 1807479153

Ver, ? E c { ;sion Identl c z t Nification Number:& * FV0.00

Procedure Identification NuP S 0mber:$ A s +20200903

########################################################

################ ATTENTION6 % m ################/ 1 x R S 0 ) 4##############

This script shuold bc ; ^ a P b f m (e excu* % $ c R t & Rted on only master node

#########################################################

ly , . , ; ! : t qoad the GLOABLE ENVIRENMENTM Y $ E

. /etc/prob @ o b fileO Z q w $ q % Q
. /etcY u D/bashrc

produce the config file for kubeadm and( m t ? g modify the file

kubeadmI w I x / b U @ config print init-defaults &U W 0 g c g ( ^gt; kubeadm-config.yaml
cat >P q C a X u g 2 kubeadm-config.yaml << EOF
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:

  • groups:
    - system:booI C L o K a ` K Otstrappers:kubeadm:defa$ ] K %ult-node-V 5 rtoken
    token: abcdef.0123456789abcdef
    ttl: 24h0m0s
    usages:
    - signing
    - authenticaV 6 Z ~ F a @ ;tion
    kind: InitConfiguration
    localAPIEndpoint:
    # 改为本机内网IP
    advertiseAddress: THE MASTER NODE INNEO $ k $ * iR IP
    bindPort: 6443
    nodeRegistration:
    criSocket: /var/run/dockershim.% v F E 3 Jsock
    name: k8s-m} u 7 9 ; X 8aster
    taints:
    - effect: NoSchedule
    key: nodc + - P 1 ` F Ye-role.kubernetes.io/masteT ;r

    apiServer:
    timeoutForControlPlane: 4m0s
    apiVersion: kubeadm.k8s.io/v1beta2
    ce6 L 9 ` hrtificatesDir: /etc/kuberS I r t M G + wnetes/pki
    clusterName: kubernetes
    controllerManager: {}
    dns:
    type: CoreDNS
    etcd:
    local:
    dataV U & V 2 LDir: /var/lib/etcd
    imageRepository: k8s.gcr.io
    kind: Clus] _ [ ` & &terConfiguration
    kubernetesVersion: v1.17.4
    networ+ G p %king:
    dnsDomain: cluster.local
    # set the pod network range for flannel
    podSubnet: 10.244.0.0/16
    # the service VIP range= h F K i 6 m : [ , the default is 10.96.0.0/12
    serviceSubnet: 10.96.0.0/12
    scheduler: {}

    set the defalut schedule to ipvs , if no ipvs init it canbe ignored

    apiVer- S } gsion: kubeproxy.config.k8s.io/v1alpha1
    kind: KubeProxyConfigw - Auration
    featureGates:
    SupportIPVSProxyMode: true
    mode: ipvs
    EOF

d~ p % Bownload the necessary docker image

src_registry="registry.aliyuncs.com/google_containers"= O P % 1 x

sr^ e x . *c_registry="registry.cn-beijing.aliyuncW F %s.com/google_registry"

src_registry="registry.cn-beijing.aliyuncs.com/google_registry"
images=$(ku8 t N 3 S Q { _ %beadm config images list --kn @ _ 9 ; [ &ubernetes-version v1.17.4)

images=$(cat necessaryimar l h P $ q Xge.txt)

Loop to download the ne4 k # w Q y tcessary docker image_ $ k G

for img in ${images[@]};
do
# download the image
docker pull ${src_r% 9 # } n K N h .egistry}/$img
# rename the imag# j V We
docker tag ${src_registry}/$img k8s.gcrB - { M R 4.io/$imgq g ? | b j = I *
# remove the source image
dQ R I : / x Q qocV i s d sker rmi ${src_registry}/$img
#w [ B , R print separator
echo "=j q z======= $img doC W 2 Kwnload OK ========"
done
echo "** kubernetes master docker images pull OK! **"

kubeadm init progres0 c a : As

mH v r R NetV k $ jhod1

--apiserver-advertise-address=THE MASTER INNER IP

--service-cidr=THE SERVICE VIP RANGE 10.96.0.0/12

--pod-network-cidr=THE pod NETWORK RANGE

#kubeadm init \

--apiserver-advertise-address=THE MASTER INN@ L K ] ( $ KER IP \

--ku+ ^ 3 . / C 5bernetes-version VERSION IDENTIFIE: * . v dR \

--service-cidr=THE SERVICE VIP RANGE 10.96.0.0/12 \

--pod-network-cidr=THE pU h D U [ - dod NETWORK RANGE

method2

kubeadm init -L e X C D-config=kubei 7 ( U ^adm-config.yaml -x H f-uploQ u H H ~ ) 1 Iad-certs | tee kubeadm-iniA U _ _ Kt.log
echo "** kubeadm init OK! **"

config kubectl

mkdir -p $HOMm s ] I q WE/.kube= F o ~ v 4 d/
cp -i /etc/kubernetes/admin.conf $HOME/A ( h { 8 ^.kube/config
chown $(id -u):$(id -g) $HOME/.kube/configh q ) g
echo "** kubect- 0 j J (l config OK! *Y l % 5*"

install kube-flannel

if you c) d d $ tan not reach quay.* 7io ,please

d7 U Pocker pull ${src_registry}/flannel:v0.12.0-amd64
docker tag ${src_registry}/flannel:v0.12.0-amd64 quay.io/coreos/flannel:v0.12.0-a+ + 9 m ;md64
docker rmi ${src_registry}/flannel:v0.12.0-amd64

you may also download kube-flannel.yml to apply: https://github.com/coE B ? ] , ereos/flannel/blob/v0.12.0/Documentation/kube-flannel.yml

wget https://raw.githubusercontent.com/coreos/flannel/v0.12.0/Documentation/kube-flannel.yml

kubectl apU [ S q Pply -f kube-flannel.yml

echoE D [ R A A "** kube-flannel network OK! **"

check pods status

ech% 5 @ o ) qo "** kubectl= h x 8 K G 6 P get pods --all-namespaces -o wide **"

kubB Q gectl get pods -A -o wide

kubectl get pods --all-namespaces -o wide
echo "** kubectl get nodes **] { `"
kubectl ge* 2 :t nodes
echo "** 获得 join 命令参数 **"
kubeadm token create --pK 1 Z / V erint-join-command

kubeadm token create --print-j: Y M % 4 * yoin-command > joinmessage.txt

ifconfig

kubectl get nodes
kubectl gei F L q 2 t xt nodes -o wide
kubectl get pods -A -o wide

download Das. a Bhboard

src_registry="registry.cn-beijing.aliyuncs.com/google_registry"
images=(( t 2
dashboard:v2.0.0-rc6
metrics-scraper:v1.0.3
)

Loop to download the necessary docker image

for img in ${images[@]};
do
# download the image
docker pull ${src_registry}/$img
# rename the image
docker tag ${src_registry}/I 9 : I n$img kubernetesui/$img
# remove the source imagw } %e
docker rmi ${src_registry}/$img
# print separator
echg W x ~ 4 b g , qo "==R V ] H R====== $img download OK ========"
doneH A { /
echo "** k8s dashboard dockI D _ 5 U l Qer images OK! **"

wget https://raw.q R 7 6 ygithubusercontent.com/kub* : ernetes/dashboard/v2.0.s r b 2 [0-rc6/aio/deplo/ ( A 5 wy/recommended.yaml
cat >Q Y 2 V r recommended.yaml << EOF
………………
kind: Service
api. 6 S bVersion: v1
metadaT L S S 3 } 5 1 qta:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-das& + + K R (hboard
spec:
# EDIT
type: NodePort
ports:
- port: 443
targetPort: 8443
# EDIT
nodePort: 30001
seleR J - E q n Kctor:
k8s-app: kubernetes-dashboard
………………
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
containers:
- name: kubernetes-dasR & 6 o z /hboard
image: kuberY g vnetesui/dashboard:v2.0.0-rc6
# MODIFY
#imagePullPolicy: Always
imagePullPolicy: If4 7 ANotPresent
………………
spec:
containers:
- name: dV 2 W M , 8 X 9 nashboard-metrics-scraper@ i 5 4 ,
imR ( B 0age: kubernetesui/metrics-scraper:v1.0.3
# ADD
imagePullPolicy: IfNotPresenu q B d R U h ! Ft
EOF

kubectl apply -f recommended.yaml

config token for Dashboard

kubectl apply -f account.yaml

deploymentonworker.sh

#!/bin/sh
################ Rv 9 Z j $ OEADME INFO ##########################} R X H#

Purpose: install docker/kubeadm/kubelet/kubectl

Made By: f g 3 e n d PomanTeng

E-mail: 18074* H o a 0 1 | S7914 % /53@qq.com

WeChat: 1807479153

Version I# ` W q 6 & 6 I odentification Number:V0.00

Procedure Identification Number:20200903

########################################################

########I H m z#####Q o k m % L u r #### ATTENTION ###############################

This script shuold be excuted on only worker nodes

##########################################################

load the GLOABLE ENVIRENMENT

. /etc/profile| 5 2 # ?
. /etc/bashrc

######################################) s j 7 ? i * $#########

download the necessary docker4 # A - e w e g image

src_registry=} I 5 m M o E O ."registry.aliyuncs.com/google_containers"

src_registry="registry.cn-beijing.aliyuncs.{ b dcom/google_registry"

images=$(kubeadm config images list --kuberX q # ! v * } % knete1 [ 5 ,s-version v1.17.4)

copy the file necessaryimage.txt from master node to worker node

scp root@MASTERIP:/roe - s u * ; not/tmp /root/tmp
io 1 images=$(cat necessaryimaT ? _ [ ; q D 2ge.txt)

Loop to download the necessary docker image

for img in ${images[@g D b P]};
do
# download tm q 7 @ K |he image
docker pull ${src_registry}/$img
# rename the image
docker tag ${src_registry}/$imgs K ( K D E N Q b k8s.gcr.io/$img
# rel % N ? N l Tmove the source image
docker rmi ${src_registry}/$img
# print separator
echo "F x K 1 S======== $img download OK ========"
done
echoE _ j 8 [ Q & } e "** kubernetes worker docker images pull OK! **"

install kube-flannel

if you can not reach quay.io ,please

docker pull ${src_registry}/flannel:v0.12.0-amd64
docker tag ${src_registry}/flann1 5 %el:v0.12.0-amd64 quay.io/coreos/flannel:v0.12.0-amd64
dw s m @ ,ocker rmi ${src_registry}/flannel:v0.12.0-amd64

you may also download kube-flannel.yml to apply: https://github.com/coreos/flannel/blob/v0.12.0/Q v | E E w v GDocumentation/kube-flannel.yml

w_ g 1 # {get https://raw.githuj 6 Wbusercos u = antent.com/coreos/fp ~ 6lannel/v0.12.0/Documentation/kube-flannep i $ & * X ` R cl.yml

kubectl apply -f kube-flannel.i X . r qyml

echo "** kube-flannel network OK! **h 9 h 1 F }"

download Dashboard

src_registry="registry.cn-beijing.aliyuncs.com/google_registh } k o F * hry"
images=(
dashboard:v2.0.0-rc6
metrics-scraper:v1.0.3
)

Loop to download the necessary docker image

for img in $i d { B{images[@]};
do
# download the image
docker pull ${src_registry}/$img
# rename the image
docker tag ${src_registrh / $ r I Xy}/$img kubernetesui/$img
# remove the source image
docker, V E W S c rmi ${src_registry}/$img
# print separator
ec2 # B ; 3 A : *ho F m N L Y P j @"======== $img downl9 s I % c , noad OK ========"
done
ec) J ( 4 {ha = W } J io "** k8s dashboard docker images OK! **"

account.yaml

Create Service Account

apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system

Create ClusterRoleBinding

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-Y z a w ] Q wuser
roleRef:
apiGroup: rbac( 7 W R 7.authorization.k! r = , -8s.io
ki[ ? 6 P ` 3nd: ClusterRole
name: clh P I U Q W =uster-admin
subjez C W $ cts:

  • kind: ServiceAccount
    name: admin-user
    namespace: kube-system

kubernetesClusterManage.txt

excute on master node

kubectl get nodes
kubectl get nodes -o wide
kubectl get pods -A -o wide
kubectl version

#########E M ! `#### REMOVE A WORKER NODE #############

excute on target nodO j j 2 @ 5 Se

kubeadm reset

excute on master node

kubectl delete node TARGET NODE IDENTIFIER

############# START DASHBOARD ####W S G v L#########

excute on master node

kubectl get pods -A -o wide
kubectl get pods -n kubernetes-dashboard -o wide
kubectl get service$ w & q 2 as --all-namespaces
kubectl get services --namespace=kubernetes-dashboard

httpsh p i://MASTERIP:30001/

############# TOKE[ 8 ? b YN FOR DASHBOARD #############

excute on master node

kubectl get clusterrolebii o ~ Nnding
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

shell脚本部署 Kubernetes 1.17.4 多节点集群