一、在master節點上編寫生成kubeconfig文件腳本:
vim /root/scripts/kubeconfig.sh
#!/bin/bash
#下載kubectl命令
version=curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt
wget https://storage.googleapis.com/kubernetes-release/release/${version}/bin/linux/amd64/kubectl
mv kubectl /opt/kubernetes/bin/
chmod 755 /opt/kubernetes/bin/kubectl
rm -rf /usr/local/bin/kubectl
ln -s /opt/kubernetes/bin/kubectl /usr/local/bin/
#創建TLS Bootstrapping Token
export BOOTSTRAP_TOKEN=$(head -c 16 /dev/urandom | od -An -t x | tr -d ’ ')
cat > /opt/kubernetes/cfg/token.csv <<EOF
${BOOTSTRAP_TOKEN},kubelet-bootstrap,10001,“system:kubelet-bootstrap”
EOF
#創建kubelet bootstrapping kubeconfig
export KUBE_APISERVER=“https://192.168.1.250:6443”
#設置集羣參數
cd /opt/kubernetes/ssl/
kubectl config set-cluster kubernetes
–certificate-authority=ca.pem
–embed-certs=true
–server=${KUBE_APISERVER}
–kubeconfig=bootstrap.kubeconfig
#設置客戶端認證參數
kubectl config set-credentials kubelet-bootstrap
–token=${BOOTSTRAP_TOKEN}
–kubeconfig=bootstrap.kubeconfig
#設置上下文參數
kubectl config set-context default
–cluster=kubernetes
–user=kubelet-bootstrap
–kubeconfig=bootstrap.kubeconfig
#設置默認上下文
kubectl config use-context default --kubeconfig=bootstrap.kubeconfig
#創建kube-proxy kubeconfig文件:(步驟和上面類似)
kubectl config set-cluster kubernetes
–certificate-authority=ca.pem
–embed-certs=true
–server=${KUBE_APISERVER}
–kubeconfig=kube-proxy.kubeconfig
kubectl config set-credentials kube-proxy
–client-certificate=kube-proxy.pem
–client-key=kube-proxy.pem
–embed-certs=true
–kubeconfig=kube-proxy.kubeconfig
kubectl config set-context default
–cluster=kubernetes
–user=kube-proxy
–kubeconfig=kube-proxy.kubeconfig
kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig
#將剛纔生成的kubeconfig配置文件從master節點拷貝到node節點上
cd /opt/kubernetes/ssl
scp *.kubeconfig 192.168.1.75:/opt/kubernetes/cfg/
scp *.kubeconfig 192.168.1.76:/opt/kubernetes/cfg/
scp *.kubeconfig 192.168.1.77:/opt/kubernetes/cfg/
二、執行腳本:
sh /root/scripts/kubeconfig.sh
