kubectl是Kubernetes集群的命令行工具,通過kubectl能夠對集群本身進行管理,並能夠在集群上進行容器化應用的安裝部署。
按照如下拓撲圖部署:
一、設置命令行自動補全功能
<code>[root@k8s-master ~]# source /usr/share/bash-completion/bash_completion
[root@k8s-master ~]# source /<code>
二、部署kubectl
<code>[root@k8s-master ~]# cd /usr/src/kubernetes/server/bin/
[root@k8s-master bin]# cp kubectl kubelet /usr/local/kubernetes/bin//<code>
1、創建管理員證書
(1)創建admin簽名文件
<code>[root@k8s-master ~]# cd /usr/local/kubernetes/ssl/
[root@k8s-master ssl]# vim admin-csr.json
添加:
{
"CN": "admin",
"hosts": [],
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"L": "BeiJing",
"ST": "BeiJing",
"O": "system:masters",
"OU": "System"
}
]
}/<code>
(2)生成證書和私鑰
<code>[root@k8s-master ssl]# cfssl gencert -ca=/usr/local/kubernetes/ssl/ca.pem -ca-key=/usr/local/kubernetes/ssl/ca-key.pem -config=/usr/local/kubernetes/ssl/ca-config.json -profile=kubernetes /usr/local/kubernetes/ssl/admin-csr.json | cfssljson -bare admin/<code>
2、創建admin.kubeconfig配置文件
<code>[root@k8s-master ~]# vim /usr/local/kubernetes/conf/env-admin.kubeconfig.sh
添加:
# 設置集群參數
kubectl config set-cluster kubernetes \\
--certificate-authority=/usr/local/kubernetes/ssl/ca.pem \\
--embed-certs=true \\
--server=https://192.168.1.3:6443 \\
--kubeconfig=/usr/local/kubernetes/conf/admin.kubeconfig
# 設置客戶端認證參數
kubectl config set-credentials admin \\
--client-certificate=/usr/local/kubernetes/ssl/admin.pem \\
--client-key=/usr/local/kubernetes/ssl/admin-key.pem \\
--embed-certs=true \\
--kubeconfig=/usr/local/kubernetes/conf/admin.kubeconfig
# 設置上下文參數
kubectl config set-context default \\
--cluster=kubernetes \\
--user=admin \\
--kubeconfig=/usr/local/kubernetes/conf/admin.kubeconfig
#設置默認上下文
kubectl config use-context default \\
--kubeconfig=/usr/local/kubernetes/conf/admin.kubeconfig
[root@k8s-master ~]# chmod +x /usr/local/kubernetes/conf/env-admin.kubeconfig.sh
[root@k8s-master ~]# /usr/local/kubernetes/conf/env-admin.kubeconfig.sh/<code>
3、配置config文件路徑
<code>[root@k8s-master ~]# mkdir -p $HOME/.kube
[root@k8s-master ~]# cp -i /usr/local/kubernetes/conf/admin.kubeconfig $HOME/.kube/config
[root@k8s-master ~]# chown $(id -u):$(id -g) $HOME/.kube/config/<code>
4、kubectl命令的操作使用
<code>[root@k8s-master ~]# kubectl get cs/<code>
<code>[root@k8s-master ~]# kubectl get cs,nodes/<code>
<code>[root@k8s-master ~]# kubectl get ns/<code>
閱讀更多 DoDo在線 的文章