凡是2020年以前发布的Breeze版本,请在部署完集群之后在三台master节点,手动执行以下命令替换/etc/kubernetes/kubelet.conf的内嵌证书 (updateKubelet.sh):
vi updateKubelet.sh
#!/bin/bash
TIME_STRING=`date "+%Y-%m-%d-%H-%M-%S"`
cd /etc/kubernetes/cp -p /etc/kubernetes/kubelet.conf /etc/kubernetes/kubelet.conf.$TIME_STRING
sed -i 's#client-certificate-data:.*$#client-certificate: /var/lib/kubelet/pki/kubelet-client-current.pem#g' kubelet.confsed -i 's#client-key-data:.*$#client-key: /var/lib/kubelet/pki/kubelet-client-current.pem#g' kubelet.conf
systemctl restart kubelet
另外,三台master主机上,添加一个crontab的脚本文件,脚本每半年执行一次,生成一个新的有效期为1年的配置文件,脚本如下:
vi /etc/kubernetes/breeze-k8s-half-year-crontab.sh
#!/bin/bash
TIME_STRING=`date "+%Y-%m-%d-%H-%M-%S"`
cd /etc/kubernetes/
mv admin.conf admin.conf.$TIME_STRING
mv controller-manager.conf controller-manager.conf.$TIME_STRING
mv scheduler.conf scheduler.conf.$TIME_STRING
kubeadm init phase kubeconfig admin
kubeadm init phase kubeconfig controller-manager
kubeadm init phase kubeconfig scheduler
#如果是 > = 3个master节点的使用此替换脚本
sed -i 's#server: https:.*$#server: https://127.0.0.1:6444#g' admin.conf
sed -i 's#server: https:.*$#server: https://127.0.0.1:6444#g' controller-manager.confs
sed -i 's#server: https:.*$#server: https://127.0.0.1:6444#g' scheduler.conf
#如果是1个master节点的使用此替换脚本
sed -i 's#server: https:.*$#server: https://127.0.0.1:6443#g' admin.conf
sed -i 's#server: https:.*$#server: https://127.0.0.1:6443#g' controller-manager.conf
sed -i 's#server: https:.*$#server: https://127.0.0.1:6443#g' scheduler.confcp -f /etc/kubernetes/admin.conf $HOME/.kube/configchown $(id -u):$(id -g) $HOME/.kube/config
#restart controller-manager and scheduler
docker ps|grep kube-controller-manager|awk '{print $1}'|xargs docker stop
docker ps|grep kube-scheduler|awk '{print $1}'|xargs docker stop
比如我们将上述脚本保存为/etc/kubernetes/breeze-k8s-half-year-crontab.sh,则可以执行命令crontab -e后编辑如下内容保存即可:
crontab -e
SHELL=/bin/bash #如果存在则不需要
PATH=/sbin:/bin:/usr/sbin:/usr/bin #如果存在则不需要
# 每年的1月1日和7月1日的0:00会执行该脚本0 0 1 1,7 * /etc/kubernetes/breeze-k8s-half-year-crontab.sh #新增需要执行脚本的时间及脚本路径
# 每半年会执行该脚本0 1 1 */6 * /etc/kubernetes/breeze-k8s-half-year-crontab.sh #新增需要执行脚本的时间及脚本路径
评论区