kubernetes v1.18.2 二进制 双栈 kube-scheduler 部署

# 生效环境变量 部署etcd 时已经配置好
source  ./environment.sh
# 创建 Kubernetes Scheduler 配置文件
cat << EOF | tee ${HOST_PATH}/cfssl/k8s/k8s-scheduler.json
{
  "CN": "system:kube-scheduler",
  "hosts": [""], 
  "key": {
    "algo": "rsa",
    "size": 2048
  },
  "names": [
    {
      "C": "CN",
            "ST": "$CERT_ST",
            "L": "$CERT_L",
      "O": "system:kube-scheduler",
      "OU": "Kubernetes-manual"
    }
  ]
}
EOF
# 生成 Kubernetes Scheduler 证书和私钥
cfssl gencert \
    -ca=${HOST_PATH}/cfssl/pki/k8s/k8s-ca.pem \
    -ca-key=${HOST_PATH}/cfssl/pki/k8s/k8s-ca-key.pem \
    -config=${HOST_PATH}/cfssl/ca-config.json \
    -profile=${CERT_PROFILE} \
    ${HOST_PATH}/cfssl/k8s/k8s-scheduler.json | \
    cfssljson -bare ${HOST_PATH}/cfssl/pki/k8s/k8s-scheduler
# 配置kube-scheduler.kubeconfig
# 创建kube-scheduler kubeconfig 配置文件
# 设置集群参数
kubectl config set-cluster ${CLUSTER_NAME} \
--certificate-authority=${HOST_PATH}/cfssl/pki/k8s/k8s-ca.pem \
--embed-certs=true \
--server=${KUBE_APISERVER} \
--kubeconfig=${HOST_PATH}/kubeconfig/kube-scheduler.kubeconfig
# 设置客户端认证参数
kubectl config set-credentials system:kube-scheduler \
--client-certificate=${HOST_PATH}/cfssl/pki/k8s/k8s-scheduler.pem \
--embed-certs=true \
--client-key=${HOST_PATH}/cfssl/pki/k8s/k8s-scheduler-key.pem \
--kubeconfig=${HOST_PATH}/kubeconfig/kube-scheduler.kubeconfig
 # 设置上下文参数
kubectl config set-context ${CLUSTER_NAME} \
--cluster=${CLUSTER_NAME} \
--user=system:kube-scheduler \
--kubeconfig=${HOST_PATH}/kubeconfig/kube-scheduler.kubeconfig
# 设置默认上下文
kubectl config use-context ${CLUSTER_NAME} --kubeconfig=${HOST_PATH}/kubeconfig/kube-scheduler.kubeconfig
# 分发kubeconfig 及 证书文件到远程服务器
scp ./kubeconfig/kube-scheduler.kubeconfig 192.168.2.175:/apps/k8s/config
scp ./kubeconfig/kube-scheduler.kubeconfig 192.168.2.176:/apps/k8s/config
scp ./kubeconfig/kube-scheduler.kubeconfig 192.168.2.177:/apps/k8s/config

kube-scheduler 二进制文件准备

# 进入二进制所在文件夹
cd ${HOST_PATH}/kubernetes/server/bin
scp -r kube-scheduler 192.168.2.175:/apps/k8s/bin
scp -r kube-scheduler 192.168.2.176:/apps/k8s/bin
scp -r kube-scheduler 192.168.2.177:/apps/k8s/bin

kube-scheduler 配置文件

cd ${HOST_PATH}
# 创建 kube-scheduler
cat << EOF | tee kube-scheduler
KUBE_SCHEDULER_OPTS=" \\
                   --logtostderr=false \\
                   --address=:: \\
                   --leader-elect=true \\
                   --feature-gates=ServiceTopology=true,EndpointSlice=true,IPv6DualStack=true \\
                   --kubeconfig=/apps/k8s/config/kube-scheduler.kubeconfig \\
                   --authentication-kubeconfig=/apps/k8s/config/kube-scheduler.kubeconfig \\
                   --authorization-kubeconfig=/apps/k8s/config/kube-scheduler.kubeconfig \\
                   --alsologtostderr=true \\
                   --kube-api-qps=100 \\
                   --kube-api-burst=100 \\
                   --log-dir=/apps/k8s/log \\
                   --v=2"
EOF
# 分发配置文件所有节点配置文件一致
scp -r kube-scheduler 192.168.2.175:/apps/k8s/conf
scp -r kube-scheduler 192.168.2.176:/apps/k8s/conf
scp -r kube-scheduler 192.168.2.177:/apps/k8s/conf

创建 kube-scheduler systemd文件

cat << EOF | tee kube-scheduler.service
[Unit]
Description=Kubernetes Scheduler
Documentation=https://github.com/kubernetes/kubernetes

[Service]
LimitNOFILE=65535
LimitNPROC=65535
LimitCORE=infinity
LimitMEMLOCK=infinity

EnvironmentFile=-/apps/k8s/conf/kube-scheduler
ExecStart=/apps/k8s/bin/kube-scheduler \$KUBE_SCHEDULER_OPTS
Restart=on-failure
RestartSec=5
User=k8s

[Install]
WantedBy=multi-user.target
EOF
# 上传启动文件到服务器
scp  kube-scheduler.service 192.168.2.175:/usr/lib/systemd/system
scp  kube-scheduler.service 192.168.2.176:/usr/lib/systemd/system
scp  kube-scheduler.service 192.168.2.176:/usr/lib/systemd/system

kube-scheduler 启动准备

# 给/apps/k8s k8s 用户权限
ssh  192.168.2.175 chown -R k8s:root /apps/k8s
ssh  192.168.2.176 chown -R k8s:root /apps/k8s
ssh  192.168.2.177 chown -R k8s:root /apps/k8s

kube-scheduler

# 刷新service
ssh  192.168.2.175 systemctl daemon-reload
ssh  192.168.2.176 systemctl daemon-reload
ssh  192.168.2.177 systemctl daemon-reload
# 设置开机启动
ssh  192.168.2.175 systemctl enable kube-scheduler.service
ssh  192.168.2.176 systemctl enable kube-scheduler.service
ssh  192.168.2.177 systemctl enable kube-scheduler.service
# 启动 kube-apiserver
ssh  192.168.2.175 systemctl  start kube-scheduler.service
ssh  192.168.2.176 systemctl  start kube-scheduler.service
ssh  192.168.2.177 systemctl  start kube-scheduler.service
# 查看启动状态
ssh  192.168.2.175 systemctl  status kube-scheduler.service
ssh  192.168.2.176 systemctl  status kube-scheduler.service
ssh  192.168.2.177 systemctl  status kube-scheduler.service

验证 kube-scheduler 是否启动成功

root@Qist:/tmp/sss# kubectl get cs
NAME                 STATUS    MESSAGE             ERROR
controller-manager   Healthy   ok
scheduler            Healthy   ok
etcd-0               Healthy   {"health":"true"}
etcd-1               Healthy   {"health":"true"}
etcd-2               Healthy   {"health":"true"}
# 查看 kube-scheduler  master 节点 
root@Qist:/tmp/ipv6# kubectl -n kube-system get endpoints kube-scheduler -o yaml
apiVersion: v1
kind: Endpoints
metadata:
  annotations:
    control-plane.alpha.kubernetes.io/leader: '{"holderIdentity":"k8s-master-3_a636a9bb-4c6c-4d5b-858a-fa1c83560246","leaseDurationSeconds":15,"acquireTime":"2020-05-07T08:27:58Z","renewTime":"2020-05-07T12:15:15Z","leaderTransitions":2}'
  creationTimestamp: "2020-05-07T08:25:19Z"
  managedFields:
  - apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .: {}
          f:control-plane.alpha.kubernetes.io/leader: {}
    manager: kube-scheduler
    operation: Update
    time: "2020-05-07T12:15:15Z"
  name: kube-scheduler
  namespace: kube-system
  resourceVersion: "38797"
  selfLink: /api/v1/namespaces/kube-system/endpoints/kube-scheduler
  uid: 7283675e-fc8a-4483-8f09-4e27841009a8
     #  kube-scheduler  master k8s-master-3 节点