在 Master01 上执行 kubeconfig.sh 脚本
- cd /opt/ssl
- #cat kubeconfig.sh
- # 创建 TLS Bootstrapping Token
- export BOOTSTRAP_TOKEN=$(head -c 16 /dev/urandom | od -An -t x | tr -d ' ')
- cat> token.CSV <<EOF
- ${
- BOOTSTRAP_TOKEN
- },kubelet-Bootstrap,10001,"system:kubelet-bootstrap"
- EOF
- #----------------------
- # 创建 kubelet bootstrapping kubeconfig
- export KUBE_APISERVER="https://10.50.182.69:6443"
- # 设置集群参数
- kubectl config set-cluster kubernetes --certificate-authority=./ca.pem --embed-certs=true --server=${
- KUBE_APISERVER
- } --kubeconfig=Bootstrap.kubeconfig
- # 设置客户端认证参数
- kubectl config set-credentials kubelet-Bootstrap --token=${
- BOOTSTRAP_TOKEN
- } --kubeconfig=Bootstrap.kubeconfig
- # 设置上下文参数
- kubectl config set-context default --cluster=kubernetes --user=kubelet-Bootstrap --kubeconfig=Bootstrap.kubeconfig
- # 设置默认上下文
- kubectl config use-context default --kubeconfig=Bootstrap.kubeconfig
- #----------------------
- # 创建 kube-proxy kubeconfig 文件
- kubectl config set-cluster kubernetes --certificate-authority=./ca.pem --embed-certs=true --server=${
- KUBE_APISERVER
- } --kubeconfig=kube-proxy.kubeconfig
- kubectl config set-credentials kube-proxy --client-certificate=./kube-proxy.pem --client-key=./kube-proxy-key.pem --embed-certs=true --kubeconfig=kube-proxy.kubeconfig
- kubectl config set-context default --cluster=kubernetes --user=kube-proxy --kubeconfig=kube-proxy.kubeconfig
- kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig
执行, 拷贝文件到 cfg:
- sh -x kubeconfig.sh
- cp -rf token.CSV Bootstrap.kubeconfig kube-proxy.kubeconfig /opt/kubernetes/cfg/
多 master, 需要将配置文件同步到其余几台 master 上.
来源: http://www.bubuko.com/infodetail-3047554.html