目的

使用DaemonSet部署运行kube-proxy

部署kube-proxy

生成kubeconfig

  1. kubectl config set-cluster kubernetes \
  2.   --certificate-authority=ca.pem \
  3.   --embed-certs=true \
  4.   --server=https://master.k8s.com \
  5.   --kubeconfig=kube-proxy.kubeconfig
  6. kubectl config set-credentials kube-proxy \
  7.   --client-certificate=kube-proxy.pem \
  8.   --client-key=kube-proxy-key.pem \
  9.   --embed-certs=true \
  10.   --kubeconfig=kube-proxy.kubeconfig
  11. kubectl config set-context default \
  12.   --cluster=kubernetes \
  13.   --user=kube-proxy \
  14.   --kubeconfig=kube-proxy.kubeconfig
  15. kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig

创建 kube-proxy 使用的deamonset 文件

创建yaml文件:kube-proxy.yaml

  1. apiVersion: extensions/v1beta1
  2. kind: DaemonSet
  3. metadata:
  4.   name: kube-proxy
  5.   namespace: kube-system
  6.   labels:
  7.     k8s-app: kube-proxy
  8.     version: 1.9.0
  9.     kubernetes.io/cluster-service: "true"
  10. spec:
  11.   template:
  12.     metadata:
  13.       labels:
  14.         k8s-app: kube-proxy
  15.         version: 1.9.0
  16.         kubernetes.io/cluster-service: "true"
  17.     spec:
  18.       tolerations:
  19.       - key: node-role.kubernetes.io/master
  20.         effect: NoSchedule
  21.       restartPolicy: Always
  22.       hostNetwork: true
  23.       containers:
  24.       - name: kube-proxy
  25.         image: hub.k8s.com/google-containers/kube-proxy:v1.9.0
  26.         command:
  27.         - kube-proxy
  28.         - --bind-address=0.0.0.0
  29.         - --kubeconfig=/var/kube-proxy/kube-proxy.kubeconfig
  30.         - --cluster-cidr=10.254.0.0/16
  31.         - --proxy-mode=iptables
  32.         - --masquerade-all
  33.         - --logtostderr=true
  34.         - --v=2
  35.         env:
  36.         - name: TZ
  37.           value: UTC-8
  38.         livenessProbe:
  39.           httpGet:
  40.             scheme: HTTP
  41.             host: 127.0.0.1
  42.             port: 10256
  43.             path: /healthz
  44.           initialDelaySeconds: 15
  45.           timeoutSeconds: 15
  46.         securityContext:
  47.           privileged: true
  48.         volumeMounts:
  49.         - name: dbus
  50.           mountPath: /var/run/dbus
  51.           readOnly: false
  52.         - name: config
  53.           mountPath: /var/kube-proxy
  54.           readOnly: true
  55.         - name: lib
  56.           mountPath: /lib/modules
  57.           readOnly: false
  58.         ports:
  59.         - containerPort: 10256
  60.           protocol: TCP
  61.       volumes:
  62.       - name: dbus
  63.         hostPath:
  64.           path: /var/run/dbus
  65.       - name: config
  66.         secret:
  67.           secretName: kube-proxy-kubeconfig
  68.       - name: lib
  69.         hostPath:
  70.           path: /lib/modules

应用

我们使用kubectl应用配置

  1. shell># kubectl create -f kube-proxy.yaml

验证

  1. shell># kubectl describe  ds kube-proxy --namespace=kube-system

输出如下信息

  1. Name:           kube-proxy
  2. Selector:       k8s-app=kube-proxy,kubernetes.io/cluster-service=true,version=1.9.0
  3. Node-Selector:  <none>
  4. Labels:         k8s-app=kube-proxy
  5.                 kubernetes.io/cluster-service=true
  6.                 version=1.9.0
  7. Annotations:    <none>
  8. Desired Number of Nodes Scheduled: 3
  9. Current Number of Nodes Scheduled: 3
  10. Number of Nodes Scheduled with Up-to-date Pods: 3
  11. Number of Nodes Scheduled with Available Pods: 3
  12. Number of Nodes Misscheduled: 0
  13. Pods Status:  3 Running / 0 Waiting / 0 Succeeded / 0 Failed
  14. Pod Template:
  15.   Labels:  k8s-app=kube-proxy
  16.            kubernetes.io/cluster-service=true
  17.            version=1.9.0
  18.   Containers:
  19.    kube-proxy:
  20.     Image:  hub.k8s.com/google-containers/kube-proxy:v1.9.0
  21.     Port:   10256/TCP
  22.     Command:
  23.       kube-proxy
  24.       --bind-address=0.0.0.0
  25.       --kubeconfig=/var/kube-proxy/kube-proxy.kubeconfig
  26.       --hostname-override=Master3.k8s.com
  27.       --cluster-cidr=10.254.0.0/16
  28.       --proxy-mode=iptables
  29.       --masquerade-all
  30.       --logtostderr=true
  31.       --v=2
  32.     Liveness:  http-get http://127.0.0.1:10256/healthz delay=15s timeout=15s period=10s #success=1 #failure=3
  33.     Environment:
  34.       TZ:  UTC-8
  35.     Mounts:
  36.       /lib/modules from lib (rw)
  37.       /var/kube-proxy from config (ro)
  38.       /var/run/dbus from dbus (rw)
  39.   Volumes:
  40.    dbus:
  41.     Type:          HostPath (bare host directory volume)
  42.     Path:          /var/run/dbus
  43.     HostPathType:  
  44.    config:
  45.     Type:        Secret (a volume populated by a Secret)
  46.     SecretName:  kube-proxy-kubeconfig
  47.     Optional:    false
  48.    lib:
  49.     Type:          HostPath (bare host directory volume)
  50.     Path:          /lib/modules
  51.     HostPathType:  
  52. Events:            <none>

结束