Skip to content

Commit

Permalink
修改apiserver参数兼容安装 v1.8.x
Browse files Browse the repository at this point in the history
  • Loading branch information
jmgao1983 committed Jun 10, 2018
1 parent 32e5a3f commit e072b53
Show file tree
Hide file tree
Showing 6 changed files with 59 additions and 1 deletion.
1 change: 0 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
down/*
!down/download.sh
bin/*
!bin/VERSION.md
hosts
*.crt
*.pem
3 changes: 3 additions & 0 deletions example/hosts.allinone.example
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,9 @@
#集群部署模式:allinone, single-master, multi-master
DEPLOY_MODE=allinone

#集群主版本号,目前支持: v1.8, v1.9, v1.10
K8S_VER="v1.10"

#集群 MASTER IP
MASTER_IP="192.168.1.1"
KUBE_APISERVER="https://{{ MASTER_IP }}:6443"
Expand Down
3 changes: 3 additions & 0 deletions example/hosts.m-masters.example
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,9 @@
#集群部署模式:allinone, single-master, multi-master
DEPLOY_MODE=multi-master

#集群主版本号,目前支持: v1.8, v1.9, v1.10
K8S_VER="v1.10"

#集群 MASTER IP即 LB节点VIP地址,为区别与默认apiserver端口,设置VIP监听的服务端口8443
MASTER_IP="192.168.1.10"
KUBE_APISERVER="https://{{ MASTER_IP }}:8443"
Expand Down
3 changes: 3 additions & 0 deletions example/hosts.s-master.example
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,9 @@
#集群部署模式:allinone, single-master, multi-master
DEPLOY_MODE=single-master

#集群主版本号,目前支持: v1.8, v1.9, v1.10
K8S_VER="v1.10"

#集群 MASTER IP
MASTER_IP="192.168.1.1"
KUBE_APISERVER="https://{{ MASTER_IP }}:6443"
Expand Down
6 changes: 6 additions & 0 deletions roles/kube-master/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,12 @@
template: src=kube-apiserver.service.j2 dest=/etc/systemd/system/kube-apiserver.service
tags: upgrade_k8s, restart_master

# 为兼容之前的模式,需特别对v1.8版本重新配置kube-apiserver的systemd unit文件
- name: 创建kube-apiserver v1.8的systemd unit文件
template: src=kube-apiserver-{{ K8S_VER }}.service.j2 dest=/etc/systemd/system/kube-apiserver.service
tags: upgrade_k8s, restart_master
when: "K8S_VER is defined and K8S_VER == 'v1.8'"

- name: 创建kube-controller-manager的systemd unit文件
template: src=kube-controller-manager.service.j2 dest=/etc/systemd/system/kube-controller-manager.service
tags: upgrade_k8s, restart_master
Expand Down
44 changes: 44 additions & 0 deletions roles/kube-master/templates/kube-apiserver-v1.8.service.j2
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
[Unit]
Description=Kubernetes API Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=network.target

[Service]
ExecStart={{ bin_dir }}/kube-apiserver \
--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota,NodeRestriction \
--bind-address={{ inventory_hostname }} \
--insecure-bind-address=127.0.0.1 \
--authorization-mode=Node,RBAC \
--kubelet-https=true \
--kubelet-client-certificate={{ ca_dir }}/kubernetes.pem \
--kubelet-client-key={{ ca_dir }}/kubernetes-key.pem \
--anonymous-auth=false \
--basic-auth-file={{ ca_dir }}/basic-auth.csv \
--enable-bootstrap-token-auth \
--token-auth-file={{ ca_dir }}/token.csv \
--service-cluster-ip-range={{ SERVICE_CIDR }} \
--service-node-port-range={{ NODE_PORT_RANGE }} \
--tls-cert-file={{ ca_dir }}/kubernetes.pem \
--tls-private-key-file={{ ca_dir }}/kubernetes-key.pem \
--client-ca-file={{ ca_dir }}/ca.pem \
--service-account-key-file={{ ca_dir }}/ca-key.pem \
--etcd-cafile={{ ca_dir }}/ca.pem \
--etcd-certfile={{ ca_dir }}/kubernetes.pem \
--etcd-keyfile={{ ca_dir }}/kubernetes-key.pem \
--etcd-servers={{ ETCD_ENDPOINTS }} \
--enable-swagger-ui=true \
--apiserver-count=3 \
--allow-privileged=true \
--audit-log-maxage=30 \
--audit-log-maxbackup=3 \
--audit-log-maxsize=100 \
--audit-log-path=/var/lib/audit.log \
--event-ttl=1h \
--v=2
Restart=on-failure
RestartSec=5
Type=notify
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

0 comments on commit e072b53

Please sign in to comment.