kubernetes 1.8.4 to kubespray
阿新 • • 發佈:2019-02-05
cd kubespray/inventory/group_vars vi k8s-cluster.yml # k8s-cluster 為控制一些基礎資訊的配置檔案。 # all.yml 控制一些需要詳細配置的資訊 # 這裡開啟 kubelet_load_modules: true # API 負載均衡,否在預設都連線到第一臺master (坑爹) loadbalancer_apiserver_localhost: true # 修改 api 密碼 vi roles/kubespray-defaults/defaults/main.yaml kube_api_pwd: xxxx # 修改 flannel 網路的模式 預設是 vxlan 修改為 host-gw # 注 host-gw 模式 伺服器必須 二層互通 vi roles/network_plugin/flannel/defaults/main.yml flannel_backend_type: "vxlan" 修改 flannel_backend_type: "host-gw" ## 修改 證書過期時間 -days xxxx vi /opt/kubespray/roles/kubernetes/secrets/files/make-ssl.sh openssl req -x509 -new -nodes -key ca-key.pem -days 10000 -out ca.pem -subj "/CN=kube-ca" > /dev/null 2>&1 openssl x509 -req -in ${name}.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out ${name}.pem -days 3650 -extensions v3_req -extfile ${CONFIG} > /dev/null 2>&1 ## 修改所有 images 的地址為個人的倉庫地址 roles/download/defaults/main.yml roles/dnsmasq/templates/dnsmasq-autoscaler.yml.j2 roles/kubernetes-apps/ansible/defaults/main.yml sed -i 's/gcr\.io\/google_containers/jicki/g' roles/download/defaults/main.yml sed -i 's/gcr\.io\/google_containers/jicki/g' roles/dnsmasq/templates/dnsmasq-autoscaler.yml.j2 sed -i 's/gcr\.io\/google_containers/jicki/g' roles/kubernetes-apps/ansible/defaults/main.yml roles/download/defaults/main.yml roles/kubernetes-apps/local_volume_provisioner/defaults/main.yml sed -i 's/quay\.io\/coreos/jicki/g' roles/download/defaults/main.yml sed -i 's/quay\.io\/calico/jicki/g' roles/download/defaults/main.yml sed -i 's/quay\.io\/external_storage/jicki/g' roles/kubernetes-apps/local_volume_provisioner/defaults/main.yml