{"id":7181,"date":"2022-08-01T10:22:04","date_gmt":"2022-08-01T02:22:04","guid":{"rendered":"https:\/\/egonlin.com\/?p=7181"},"modified":"2022-08-01T10:26:48","modified_gmt":"2022-08-01T02:26:48","slug":"kubeadm%e9%83%a8%e7%bd%b2k8s%e9%9b%86%e7%be%a4","status":"publish","type":"post","link":"https:\/\/egonlin.com\/?p=7181","title":{"rendered":"kubeadm\u90e8\u7f72k8s\u96c6\u7fa4"},"content":{"rendered":"

\u89c4\u5212
\n\u4e09\u53f0\u673a\u5668
\n172.16.10.11 \u90e8\u7f72\u5355\u673a\u7248k8s\uff0c\u90e8\u7f72\u4e3bjenkins\u4e0e\u4e00\u4e2aagent
\n172.16.10.12 \u88f8\u90e8\u7f72gitlab
\n172.16.10.13 \u5145\u5f53\u5f00\u53d1\u4eba\u5458\u7684\u5f00\u53d1\u673a\uff0c\u7528\u4e8e\u4e0a\u4f20\u4ee3\u7801<\/p>\n

\u90e8\u7f72k8s\u96c6\u7fa4<\/h1>\n

\u5b98\u65b9\u6587\u6863\uff1a
\nhttps:\/\/kubernetes.io\/docs\/setup\/production-environment\/tools\/kubeadm\/install-kubeadm\/<\/a>
\nkubeadm\u90e8\u7f72k8s\u9ad8\u53ef\u7528\u96c6\u7fa4\u7684\u5b98\u65b9\u6587\u6863\uff1a
\nhttps:\/\/kubernetes.io\/docs\/setup\/production-environment\/tools\/kubeadm\/high-availability\/<\/a><\/p>\n

\uff081\uff09\u57fa\u672c\u914d\u7f6e<\/h2>\n

\u6ce8\u610f\uff1a
\n\u786e\u4fddCPU\u81f3\u5c112\u6838
\n\u5185\u5b58\u7684\u8bdd\u81f3\u5c111.5G\uff0c\u63a8\u83502-3G
\n

\"file\"<\/div><\/p>\n

\uff082\uff09\u5728\u6240\u6709\u4e3b\u673a\u6267\u884c\u5982\u4e0b\u64cd\u4f5c<\/h2>\n

1\u3001\u914d\u7f6e\u9759\u6001ip\u5730\u5740
\n\u7565
\n2\u3001 \u6bcf\u53f0\u4e3b\u673a\u90fd\u5173\u95edNetworkManager<\/p>\n

systemctl stop NetworkManager\nsystemctl disable NetworkManager<\/code><\/pre>\n
3\u3001\u6bcf\u53f0\u4e3b\u673a\u5747\u5173\u95edselinux\u4e0e\u9632\u706b\u5899<\/p>\n
sed -i 's\/SELINUX=enforcing\/SELINUX=disabled\/' \/etc\/sysconfig\/selinux\nsed -i 's\/SELINUX=enforcing\/SELINUX=disabled\/' \/etc\/selinux\/config\nsetenforce 0\nsystemctl stop firewalld.service\nsystemctl disable firewalld.service<\/code><\/pre>\n
4\u3001\u5173\u95edswap\u5206\u533a<\/p>\n
# Kubernetes 1.8\u5f00\u59cb\u8981\u6c42\u5173\u95ed\u7cfb\u7edf\u7684Swap\uff0c\u5982\u679c\u4e0d\u5173\u95ed\uff0c\u9ed8\u8ba4\u914d\u7f6e\u4e0bkubelet\u5c06\u65e0\u6cd5\u542f\u52a8,\u6240\u4ee5\u6211\u4eec\u6709\u4e24\u79cd\u5904\u7406\u65b9\u5f0f\uff0c\u91c7\u7528\u4e00\u79cd\u5373\u53ef\n\u65b9\u5f0f\u4e00\uff1a\u5173\u95edswap\u5206\u533a\nswapoff -a  # \u5148\u4e34\u65f6\u5173\u95ed\uff0c\u7acb\u5373\u751f\u6548\nsed -i 's\/.*swap.*\/#&\/' \/etc\/fstab # \u6ce8\u91ca\u6389swap\uff0c\u6c38\u4e45\u5173\u95ed\uff0c\u4fdd\u8bc1\u5373\u4fbf\u91cd\u542f\u4e3b\u673a\u4e5f\u4f1a\u751f\u6548\n\u00a0\n\u65b9\u5f0f\u4e8c\uff1a kubelet\u5ffd\u7565swap\necho 'KUBELET_EXTRA_ARGS="--fail-swap-on=false"' > \/etc\/sysconfig\/kubelet<\/code><\/pre>\n
5\u3001\u4e3a\u4e09\u53f0\u4e3b\u673a\u914d\u7f6e\u5404\u81ea\u7684\u4e3b\u673a\u540d<\/p>\n
hostnamectl set-hostname master\nhostnamectl set-hostname node01\nhostnamectl set-hostname node02<\/code><\/pre>\n
6\u3001\u6dfb\u52a0\u89e3\u6790<\/p>\n
cat >> \/etc\/hosts << EOF\n172.16.10.14 master\n172.16.10.15 node01\n172.16.10.16 node02\nEOF<\/code><\/pre>\n
7\u3001\u6bcf\u53f0\u673a\u5668\u5747\u4fee\u6539ssh\u914d\u7f6e<\/p>\n
\u52a0\u5feb\u8fdc\u7a0b\u94fe\u63a5\u901f\u5ea6\uff0c\u53ef\u9009\uff0c\u4f46\u5efa\u8bae\u505a\n\nsed -ri '\/#UseDNS yes\/c UseDNS no' \/etc\/ssh\/sshd_config\n \u200b\nsystemctl restart sshd<\/code><\/pre>\n
8\u3001\u505a\u514d\u5bc6\u767b\u5f55\uff08\u53ea\u6709\u4e3b\u8282\u70b9\u505a\uff0c\u6b64\u6b65\u4e3a\u5efa\u8bae\u6b65\u9aa4\uff0c\u975e\u5fc5\u987b\uff09<\/p>\n
[root@master ~]# ssh-keygen\n\n[root@master ~]# ssh-copy-id -i root@master\n[root@master ~]# ssh-copy-id -i root@node01\n[root@master ~]# ssh-copy-id -i root@node02<\/code><\/pre>\n
9\u3001\u66f4\u65b0\u7cfb\u7edf\u8f6f\u4ef6(\u6392\u9664\u5185\u6838)<\/p>\n
yum install epel-release -y && yum update -y --exclud=kernel*<\/code><\/pre>\n
10\u3001\u5b89\u88c5\u57fa\u7840\u5e38\u7528\u8f6f\u4ef6<\/p>\n
yum install wget expect vim net-tools ntp bash-completion ipvsadm ipset jq iptables conntrack sysstat libseccomp -y\n\n# \u5176\u4ed6\uff08\u9009\u505a\uff09\nyum -y install python-setuptools python-pip gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel \\\nzlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel zip unzip ncurses ncurses-devel curl curl-devel e2fsprogs \\\ne2fsprogs-devel krb5-devel libidn libidn-devel openssl openssh openssl-devel nss_ldap openldap openldap-devel openldap-clients \\\nopenldap-servers libxslt-devel libevent-devel ntp libtool-ltdl bison libtool vim-enhanced python wget lsof iptraf strace lrzsz \\\nkernel-devel kernel-headers pam-devel tcl tk cmake ncurses-devel bison setuptool popt-devel net-snmp screen perl-devel \\\npcre-devel net-snmp screen tcpdump rsync sysstat man iptables sudo libconfig git  bind-utils \\\ntmux elinks numactl iftop bwm-ng net-tools expect<\/code><\/pre>\n
11\u3001\u66f4\u65b0\u7cfb\u7edf\u5185\u6838\uff08docker \u5bf9\u7cfb\u7edf\u5185\u6838\u8981\u6c42\u6bd4\u8f83\u9ad8\uff0c\u6700\u597d\u4f7f\u75284.4+\uff09\uff0c\u975e\u5fc5\u987b\u64cd\u4f5c\uff0c\u63a8\u8350\u505a
\n\u4e00\u822c\u6765\u8bf4\uff0c\u53ea\u6709\u4ecehttps:\/\/www.kernel.org\/ \u4e0b\u8f7d\u5e76\u7f16\u8bd1\u5b89\u88c5\u7684\u5185\u6838\u624d\u662f\u5b98\u65b9\u5185\u6838,\u53ef\u4ee5\u770b\u51fa\u76ee\u524d\u7684\u7a33\u5b9a\u7248\u7248\u672c\u4e3a5.18.10
\n
\"file\"<\/div>
\n\u4e0d\u8fc7\uff0c\u5927\u591a\u6570 Linux \u53d1\u884c\u7248\u63d0\u4f9b\u81ea\u884c\u7ef4\u62a4\u7684\u5185\u6838\uff0c\u53ef\u4ee5\u901a\u8fc7 yum \u6216 rpm \u7b49\u5305\u7ba1\u7406\u7cfb\u7edf\u5347\u7ea7\u3002
\nELRepo\u662f\u4e00\u4e2a\u4e3aLinux\u63d0\u4f9b\u9a71\u52a8\u7a0b\u5e8f\u548c\u5185\u6838\u6620\u50cf\u7684\u5b58\u50a8\u5e93\uff0c\u8fd9\u91cc\u7684\u5347\u7ea7\u65b9\u6848\u5c31\u662f\u91c7\u7528ELRepo\u63d0\u4f9b\u7684\u5185\u6838\u901a\u9053\u3002
\nELRepo\u5b98\u7f51\uff1ahttp:\/\/elrepo.org\/tiki\/tiki-index.php<\/a><\/p>\n
# 1\u3001\u5347\u7ea7\u7cfb\u7edf\u5185\u6838\n\n#\u67e5\u770b yum \u4e2d\u53ef\u5347\u7ea7\u7684\u5185\u6838\u7248\u672c\nyum list kernel --showduplicates\n#\u5982\u679clist\u4e2d\u6709\u9700\u8981\u7684\u7248\u672c\u53ef\u4ee5\u76f4\u63a5\u6267\u884c update \u5347\u7ea7\uff0c\u591a\u6570\u662f\u6ca1\u6709\u7684\uff0c\u6240\u4ee5\u8981\u6309\u4ee5\u4e0b\u6b65\u9aa4\u64cd\u4f5c\n\n#\u5bfc\u5165ELRepo\u8f6f\u4ef6\u4ed3\u5e93\u7684\u516c\u5171\u79d8\u94a5\nrpm --import https:\/\/www.elrepo.org\/RPM-GPG-KEY-elrepo.org\n\n#Centos7\u7cfb\u7edf\u5b89\u88c5ELRepo\nyum -y install https:\/\/www.elrepo.org\/elrepo-release-7.el7.elrepo.noarch.rpm\n#Centos8\u7cfb\u7edf\u5b89\u88c5ELRepo\n#yum -y install https:\/\/www.elrepo.org\/elrepo-release-8.el8.elrepo.noarch.rpm\n\n#\u67e5\u770bELRepo\u63d0\u4f9b\u7684\u5185\u6838\u7248\u672c\nyum --disablerepo="*" --enablerepo="elrepo-kernel" list available\n\n#kernel-lt\uff1a\u8868\u793alongterm\uff0c\u5373\u957f\u671f\u652f\u6301\u7684\u5185\u6838\uff1b\u5f53\u524d\u4e3a5.4.\n#kernel-ml\uff1a\u8868\u793amainline\uff0c\u5373\u5f53\u524d\u4e3b\u7ebf\u7684\u5185\u6838\uff1b\u5f53\u524d\u4e3a5.17.\n#\u5b89\u88c5\u4e3b\u7ebf\u5185\u6838\nyum --enablerepo=elrepo-kernel install kernel-ml.x86_64 -y\n\n#\u67e5\u770b\u7cfb\u7edf\u53ef\u7528\u5185\u6838\uff0c\u5e76\u8bbe\u7f6e\u542f\u52a8\u9879\nsudo awk -F\\' '$1=="menuentry " {print i++ " : " $2}' \/etc\/grub2.cfg\n\n#0 : CentOS Linux (5.17.1-1.el7.elrepo.x86_64) 7 (Core)\n#1 : CentOS Linux (3.10.0-1160.53.1.el7.x86_64) 7 (Core)\n#2 : CentOS Linux (3.10.0-1160.el7.x86_64) 7 (Core)\n#3 : CentOS Linux (0-rescue-20220208145000711038896885545492) 7 (Core)\n\n#\u6307\u5b9a\u5f00\u673a\u542f\u52a8\u5185\u6838\u7248\u672c\ngrub2-set-default 0 # \u6216\u8005 grub2-set-default 'CentOS Linux (5.17.1-1.el7.elrepo.x86_64) 7 (Core)'\n\n#\u751f\u6210 grub \u914d\u7f6e\u6587\u4ef6\ngrub2-mkconfig -o \/boot\/grub2\/grub.cfg\n\n#\u67e5\u770b\u5f53\u524d\u9ed8\u8ba4\u542f\u52a8\u7684\u5185\u6838\ngrubby --default-kernel\n\n#\u91cd\u542f\u7cfb\u7edf\uff0c\u9a8c\u8bc1\nuname -r<\/code><\/pre>\n
8\u3001\u914d\u7f6entp\u670d\u52a1\uff0c\u4fdd\u8bc1\u96c6\u7fa4\u670d\u52a1\u5668\u65f6\u95f4\u7edf\u4e00(\u7edf\u4e00\u65f6\u95f4\u975e\u5e38\u91cd\u8981\uff0c\u5fc5\u987b\u8981\u505a)<\/p>\n
# \u5927\u524d\u63d0\uff1achrony\u670d\u52a1\u7aef\u5ba2\u6237\u7aef\u914d\u7f6e\u5b8c\u540e\uff0c\u91cd\u542fchronyd\u670d\u52a1\u5373\u53ef\u5feb\u901f\u5b8c\u6210\u65f6\u95f4\u540c\u6b65\uff0c\u5728\u8fd9\u4e4b\u540e\u5c31\u4e0d\u8981\u518d\u624b\u52a8\u53bb\u4fee\u6539\u65f6\u95f4\u4e86\uff0c\u4e00\u5207\u8ba9\u65f6\u95f4\u670d\u52a1\u5668\u81ea\u5df1\u53bb\u540c\u6b65\n\n# ====================>chrony\u670d\u52a1\u7aef\uff1amaster\u8282\u70b9<====================\n\n# 1\u3001\u5b89\u88c5\nyum -y install chrony\n\u200b\n# 2\u3001\u4fee\u6539\u914d\u7f6e\u6587\u4ef6\nmv \/etc\/chrony.conf \/etc\/chrony.conf.bak\n\u200b\ncat > \/etc\/chrony.conf << EOF\nserver ntp1.aliyun.com iburst minpoll 4 maxpoll 10\nserver ntp2.aliyun.com iburst minpoll 4 maxpoll 10\nserver ntp3.aliyun.com iburst minpoll 4 maxpoll 10\nserver ntp4.aliyun.com iburst minpoll 4 maxpoll 10\nserver ntp5.aliyun.com iburst minpoll 4 maxpoll 10\nserver ntp6.aliyun.com iburst minpoll 4 maxpoll 10\nserver ntp7.aliyun.com iburst minpoll 4 maxpoll 10\ndriftfile \/var\/lib\/chrony\/drift\nmakestep 10 3\nrtcsync\nallow 0.0.0.0\/0\nlocal stratum 10\nkeyfile \/etc\/chrony.keys\nlogdir \/var\/log\/chrony\nstratumweight 0.05\nnoclientlog\nlogchange 0.5\n\nEOF\n\u200b\n# 4\u3001\u542f\u52a8chronyd\u670d\u52a1\nsystemctl restart chronyd.service # \u6700\u597d\u91cd\u542f\uff0c\u8fd9\u6837\u65e0\u8bba\u539f\u6765\u662f\u5426\u542f\u52a8\u90fd\u53ef\u4ee5\u91cd\u65b0\u52a0\u8f7d\u914d\u7f6e\nsystemctl enable chronyd.service\nsystemctl status chronyd.service\n\n====================>chrony\u5ba2\u6237\u7aef\uff1a\u5176\u4ed6\u8282\u70b9\uff0c\u5b8c\u5168\u4e00\u6837\u7684\u914d\u7f6e\u4e0e\u64cd\u4f5c<====================\n\n# \u4e0b\u8ff0\u6b65\u9aa4\u4e00\u6b21\u6027\u7c98\u8d34\u5230\u6bcf\u4e2a\u5ba2\u6237\u7aef\u6267\u884c\u5373\u53ef\n# 1\u3001\u5b89\u88c5chrony\nyum -y install chrony\n# 2\u3001\u9700\u6539\u5ba2\u6237\u7aef\u914d\u7f6e\u6587\u4ef6\nmv \/etc\/chrony.conf \/etc\/chrony.conf.bak\ncat > \/etc\/chrony.conf << EOF\nserver master iburst\ndriftfile \/var\/lib\/chrony\/drift\nmakestep 10 3\nrtcsync\nlocal stratum 10\nkeyfile \/etc\/chrony.key\nlogdir \/var\/log\/chrony\nstratumweight 0.05\nnoclientlog\nlogchange 0.5\n\nEOF\n# 3\u3001\u542f\u52a8chronyd\nsystemctl restart chronyd.service\nsystemctl enable chronyd.service\nsystemctl status chronyd.service\n\n# 4\u3001\u9a8c\u8bc1\nchronyc sources -v<\/code><\/pre>\n
7\u3001\u5b89\u88c5docker<\/p>\n
# 1\u3001\u9009\u505a\uff0c\u5378\u8f7d\u4e4b\u524d\u7684docker\nyum -y remove docker \\\ndocker-client \\\ndocker-client-latest \\\ndocker-common \\\ndocker-latest \\\ndocker-latest-logrotate \\\ndocker-logrotate \\\ndocker-selinux \\\ndocker-engine-selinux \\\ndocker-engine\n\n# 2\u3001\u5b89\u88c5docker\u6240\u9700\u5b89\u88c5\u5305\nyum install -y yum-utils device-mapper-persistent-data lvm2\nyum-config-manager --add-repo http:\/\/mirrors.aliyun.com\/docker-ce\/linux\/centos\/docker-ce.repo\nyum install docker-ce -y\n\n# 3\u3001\u542f\u52a8\u5e76\u8bbe\u7f6e\u5f00\u673a\u542f\u52a8\nsystemctl start docker && systemctl enable docker && systemctl status docker\n\n# 4\u3001\u57fa\u672c\u914d\u7f6e\ncat > \/etc\/docker\/daemon.json << EOF\n{\n"exec-opts": ["native.cgroupdriver=systemd"],\n"registry-mirrors":["https:\/\/reg-mirror.qiniu.com\/"],\n"live-restore":true\n}\nEOF\n# 5\u3001\u91cd\u542f\nsystemctl restart docker && docker info<\/code><\/pre>\n
8\u3001\u62c9\u53d6\u955c\u50cf\uff08\u518d\u6b21\u5f3a\u8c03\uff0c\u6bcf\u53f0\u673a\u5668\u90fd\u9700\u8981\u64cd\u4f5c\uff09
\nkubeadm\u90e8\u7f72\u65f6\u4f1a\u53bb\u6307\u5b9a\u7684\u5730\u5740\u62c9\u53d6\u955c\u50cf\uff0c\u8be5\u5730\u5740\u5728\u5899\u5916\u65e0\u6cd5\u8bbf\u95ee\uff0c\u6240\u4ee5\u6211\u4eec\u4ece\u963f\u91cc\u4e91\u62c9\u53d6\uff0c\u5e76tag\u4e3a\u6307\u5b9a\u7684\u5730\u5740\u5373\u53ef<\/p>\n
#1\u3001=====>\u7f16\u5199\u811a\u672c\ncat > dockpullImages1.18.1.sh << EOF\n#!\/bin\/bash\n##\u6240\u9700\u8981\u7684\u955c\u50cf\u540d\u5b57\n#k8s.gcr.io\/kube-apiserver:v1.18.1\n#k8s.gcr.io\/kube-controller-manager:v1.18.1\n#k8s.gcr.io\/kube-scheduler:v1.18.1\n#k8s.gcr.io\/kube-proxy:v1.18.1\n#k8s.gcr.io\/pause:3.2\n#k8s.gcr.io\/etcd:3.4.3-0\n#k8s.gcr.io\/coredns:1.6.7\n###\u62c9\u53d6\u955c\u50cf\ndocker pull registry.cn-hangzhou.aliyuncs.com\/google_containers\/kube-apiserver:v1.18.1\ndocker pull registry.cn-hangzhou.aliyuncs.com\/google_containers\/kube-controller-manager:v1.18.1\ndocker pull registry.cn-hangzhou.aliyuncs.com\/google_containers\/kube-scheduler:v1.18.1\ndocker pull registry.cn-hangzhou.aliyuncs.com\/google_containers\/kube-proxy:v1.18.1\ndocker pull registry.cn-hangzhou.aliyuncs.com\/google_containers\/pause:3.2\ndocker pull registry.cn-hangzhou.aliyuncs.com\/google_containers\/etcd:3.4.3-0\ndocker pull registry.cn-hangzhou.aliyuncs.com\/google_containers\/coredns:1.6.7\n###\u4fee\u6539tag\ndocker tag registry.cn-hangzhou.aliyuncs.com\/google_containers\/kube-apiserver:v1.18.1 k8s.gcr.io\/kube-apiserver:v1.18.1\ndocker tag registry.cn-hangzhou.aliyuncs.com\/google_containers\/kube-controller-manager:v1.18.1 k8s.gcr.io\/kube-controller-manager:v1.18.1\ndocker tag registry.cn-hangzhou.aliyuncs.com\/google_containers\/kube-scheduler:v1.18.1 k8s.gcr.io\/kube-scheduler:v1.18.1\ndocker tag registry.cn-hangzhou.aliyuncs.com\/google_containers\/kube-proxy:v1.18.1 k8s.gcr.io\/kube-proxy:v1.18.1\ndocker tag registry.cn-hangzhou.aliyuncs.com\/google_containers\/pause:3.2 k8s.gcr.io\/pause:3.2\ndocker tag registry.cn-hangzhou.aliyuncs.com\/google_containers\/etcd:3.4.3-0 k8s.gcr.io\/etcd:3.4.3-0\ndocker tag registry.cn-hangzhou.aliyuncs.com\/google_containers\/coredns:1.6.7 k8s.gcr.io\/coredns:1.6.7\n\nEOF\n\n# 2\u3001\u5728\u6240\u6709\u8282\u70b9\u6267\u884c\u8be5\u811a\u672c\nsh dockpullImages1.18.1.sh<\/code><\/pre>\n
9\u3001\u5b89\u88c5kubelet\u3001kubeadm \u548c kubectl\uff08\u6240\u6709\u8282\u70b9\u6267\u884c\uff09
\nkubelet \u8fd0\u884c\u5728 Cluster \u6240\u6709\u8282\u70b9\u4e0a\uff0c\u8d1f\u8d23\u542f\u52a8 Pod \u548c\u5bb9\u5668\u3002
\nkubeadm \u7528\u4e8e\u521d\u59cb\u5316 Cluster\u3002
\nkubectl \u662f Kubernetes \u547d\u4ee4\u884c\u5de5\u5177\u3002\u901a\u8fc7 kubectl \u53ef\u4ee5\u90e8\u7f72\u548c\u7ba1\u7406\u5e94\u7528\uff0c\u67e5\u770b\u5404\u79cd\u8d44\u6e90\uff0c\u521b\u5efa\u3001\u5220\u9664\u548c\u66f4\u65b0\u5404\u79cd\u7ec4\u4ef6\u3002<\/p>\n
cat <<EOF > \/etc\/yum.repos.d\/kubernetes.repo\n[kubernetes]\nname=Kubernetes\nbaseurl=https:\/\/mirrors.aliyun.com\/kubernetes\/yum\/repos\/kubernetes-el7-x86_64\nenabled=1\ngpgcheck=1\nrepo_gpgcheck=1\ngpgkey=https:\/\/mirrors.aliyun.com\/kubernetes\/yum\/doc\/yum-key.gpg https:\/\/mirrors.aliyun.com\/kubernetes\/yum\/doc\/rpm-package-key.gpg\nEOF\n\nsed -ri 's\/gpgcheck=1\/gpgcheck=0\/g' \/etc\/yum.repos.d\/kubernetes.repo <\/code><\/pre>\n
\u5728\u6240\u6709\u8282\u70b9\u5b89\u88c5<\/p>\n
1.\u5b89\u88c5\nyum makecache fast\n# yum install -y kubelet kubeadm kubectl ipvsadm  #\u6ce8\u610f\uff0c\u8fd9\u6837\u9ed8\u8ba4\u662f\u4e0b\u8f7d\u6700\u65b0\u7248\u672cv1.22.2\n======================================================================\n[root@master ~]# yum install -y kubelet-1.18.1-0.x86_64 kubeadm-1.18.1-0.x86_64 kubectl-1.18.1-0.x86_64 ipvsadm \n\n2.\u52a0\u8f7dipvs\u76f8\u5173\u5185\u6838\u6a21\u5757\nyum install -y conntrack-tools ipvsadm ipvsadmin ipset conntrack libseccomp \n\n\u5982\u679c\u91cd\u65b0\u5f00\u673a\uff0c\u9700\u8981\u91cd\u65b0\u52a0\u8f7d\uff08\u53ef\u4ee5\u5199\u5728 \/etc\/rc.local \u4e2d\u5f00\u673a\u81ea\u52a8\u52a0\u8f7d\uff09\nmodprobe ip_vs\nmodprobe ip_vs_rr\nmodprobe ip_vs_wrr\nmodprobe ip_vs_sh\n#modprobe nf_conntrack_ipv4 # \u5982\u679c\u662f3.x\u5185\u6838\uff0c\u90a3\u4e48\u5e94\u8be5\u52a0\u8f7d\u8fd9\u4e00\u6837\nmodprobe nf_conntrack # \u5982\u679c\u662f\u9ad8\u7248\u672c\u5185\u6838\u6bd4\u59825.x\uff0c\u90a3\u4e48\u5e94\u8be5\u52a0\u8f7d\u8fd9\u4e2a\u3002\u5728\u9ad8\u7248\u672c\u5185\u6838\u5df2\u7ecf\u628anf_conntrack_ipv4\u66ff\u6362\u4e3anf_conntrack\u4e86\u3002\n\n3.\u7f16\u8f91\u6587\u4ef6\u6dfb\u52a0\u5f00\u673a\u542f\u52a8\ncat >> \/etc\/rc.local << EOF\nmodprobe ip_vs\nmodprobe ip_vs_rr\nmodprobe ip_vs_wrr\nmodprobe ip_vs_sh\nmodprobe nf_conntrack\n#modprobe nf_conntrack_ipv4\n\nEOF\n\nchmod +x \/etc\/rc.local\n\n\u91cd\u542f\u670d\u52a1\u5668   reboot\n\n4.\u914d\u7f6e\uff1a\n\u914d\u7f6e\u8f6c\u53d1\u76f8\u5173\u53c2\u6570\uff0c\u5426\u5219\u53ef\u80fd\u4f1a\u51fa\u9519\ncat <<EOF >  \/etc\/sysctl.d\/k8s.conf\nnet.bridge.bridge-nf-call-ip6tables = 1\nnet.bridge.bridge-nf-call-iptables = 1\nvm.swappiness=0\nEOF\n\n5.\u4f7f\u914d\u7f6e\u751f\u6548\nsysctl --system\n\n6.\u5982\u679cnet.bridge.bridge-nf-call-iptables\u62a5\u9519\uff0c\u52a0\u8f7dbr_netfilter\u6a21\u5757\n# modprobe br_netfilter\n# sysctl -p \/etc\/sysctl.d\/k8s.conf\n\n7.\u67e5\u770b\u662f\u5426\u52a0\u8f7d\u6210\u529f\n[root@master ~]# lsmod | grep ip_vs\nip_vs_sh               16384  0 \nip_vs_wrr              16384  0 \nip_vs_rr               16384  0 \nip_vs                 159744  6 ip_vs_rr,ip_vs_sh,ip_vs_wrr\nnf_conntrack          151552  5 xt_conntrack,nf_nat,nf_conntrack_netlink,xt_MASQUERADE,ip_vs\nnf_defrag_ipv6         24576  2 nf_conntrack,ip_vs\nlibcrc32c              16384  4 nf_conntrack,nf_nat,xfs,ip_vs<\/code><\/pre>\n
10\u3001\u542f\u52a8kubelet<\/p>\n
#1.\u914d\u7f6ekubelet\u4f7f\u7528pause\u955c\u50cf\n#\u914d\u7f6e\u53d8\u91cf\uff1a\nsystemctl start docker && systemctl enable docker\nDOCKER_CGROUPS=$(docker info | grep 'Cgroup Driver' | cut -d' ' -f4)\necho $DOCKER_CGROUPS\n\n#\u8fd9\u4e2a\u662f\u4f7f\u7528\u56fd\u5185\u7684\u6e90\u3002-###\u6ce8\u610f\u6211\u4eec\u4f7f\u7528\u8c37\u6b4c\u7684\u955c\u50cf--\u64cd\u4f5c\u4e0b\u9762\u7684\u7b2c3\u6807\u9898\n#2.\u914d\u7f6ekubelet\u7684cgroups\ncat >\/etc\/sysconfig\/kubelet<<EOF\nKUBELET_EXTRA_ARGS="--cgroup-driver=$DOCKER_CGROUPS --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com\/google_containers\/pause-amd64:3.2"\nEOF\n\n#cat >\/etc\/sysconfig\/kubelet<<EOF\n#KUBELET_EXTRA_ARGS="--cgroup-driver=cgroupfs --pod-infra-container-image=k8s.gcr.io\/pause:3.2"\n#EOF<\/code><\/pre>\n
\u542f\u52a8<\/p>\n
systemctl daemon-reload\nsystemctl enable kubelet && systemctl restart kubelet\n\n# \u6ce8\u610f\u5728\u8fd9\u91cc\u4f7f\u7528 # systemctl status kubelet\uff0c\u4f60\u4f1a\u53d1\u73b0\u62a5\u9519\u8bef\u4fe1\u606f\uff1b\n# 7\u6708 10 23:28:36 master systemd[1]: Unit kubelet.service entered failed state.\n# 7\u6708 10 23:28:36 master systemd[1]: kubelet.service failed.\n\n#\u8fd0\u884c # journalctl -xefu kubelet \u547d\u4ee4\u67e5\u770bsystemd\u65e5\u5fd7\u4f1a\u53d1\u73b0\u63d0\u793a\u7f3a\u5c11\u4e00\u4e9b\u95ee\u9898\u4ef6\n#\u8fd9\u4e2a\u9519\u8bef\u5728\u8fd0\u884ckubeadm init \u751f\u6210CA\u8bc1\u4e66\u540e\u4f1a\u88ab\u81ea\u52a8\u89e3\u51b3\uff0c\u6b64\u5904\u53ef\u5148\u5ffd\u7565\u3002\n#\u7b80\u5355\u5730\u8bf4\u5c31\u662f\u5728kubeadm init \u4e4b\u524dkubelet\u4f1a\u4e0d\u65ad\u91cd\u542f\u3002<\/code><\/pre>\n
11\u3001\u521d\u59cb\u5316master<\/p>\n
kubeadm init \\\n--kubernetes-version=v1.18.1 \\\n--service-cidr=10.96.0.0\/12 \\\n--pod-network-cidr=10.244.0.0\/16 \\\n--apiserver-advertise-address=172.16.10.14 \\\n--ignore-preflight-errors=Swap<\/code><\/pre>\n
\u6ce8\u610f\u4fee\u6539apiserver-advertise-address\u4e3amaster\u8282\u70b9ip
\n\u53c2\u6570\u89e3\u91ca\uff1a<\/p>\n
\u2013kubernetes-version: \u7528\u4e8e\u6307\u5b9ak8s\u7248\u672c\uff1b\n\u2013apiserver-advertise-address\uff1a\u7528\u4e8e\u6307\u5b9akube-apiserver\u76d1\u542c\u7684ip\u5730\u5740,\u5c31\u662f master\u672c\u673aIP\u5730\u5740\u3002\n\u2013pod-network-cidr\uff1a\u7528\u4e8e\u6307\u5b9aPod\u7684\u7f51\u7edc\u8303\u56f4\uff1b 10.244.0.0\/16\n\u2013service-cidr\uff1a\u7528\u4e8e\u6307\u5b9aSVC\u7684\u7f51\u7edc\u8303\u56f4\uff1b\n\u2013image-repository: \u6307\u5b9a\u963f\u91cc\u4e91\u955c\u50cf\u4ed3\u5e93\u5730\u5740<\/code><\/pre>\n
\u770b\u5230\u4ee5\u4e0b\u4fe1\u606f\u8868\u793a\u5b89\u88c5\u6210\u529f<\/p>\n
Your Kubernetes control-plane has initialized successfully!\n\nTo start using your cluster, you need to run the following as a regular user:\n\n  mkdir -p $HOME\/.kube\n  sudo cp -i \/etc\/kubernetes\/admin.conf $HOME\/.kube\/config\n  sudo chown $(id -u):$(id -g) $HOME\/.kube\/config\n\nYou should now deploy a pod network to the cluster.\nRun "kubectl apply -f [podnetwork].yaml" with one of the options listed at:\n  https:\/\/kubernetes.io\/docs\/concepts\/cluster-administration\/addons\/\n\nThen you can join any number of worker nodes by running the following on each as root:\n\nkubeadm join 172.16.10.14:6443 --token n3mvgw.56ul27rjtox7fr3n \\\n    --discovery-token-ca-cert-hash sha256:b93e84284d278e4056ee5a1b0370a20f49a1878df8a3492f5f855e2d5141e6e7 <\/code><\/pre>\n
\u6210\u529f\u540e\u6ce8\u610f\u6700\u540e\u4e00\u4e2a\u547d\u4ee4\uff0c\u8fd9\u4e2ajoin\u547d\u4ee4\u53ef\u4ee5\u7528\u6765\u6dfb\u52a0\u8282\u70b9\u3002
\n\u6ce8\u610f\u4fdd\u6301\u597dkubeadm join\uff0c\u540e\u9762\u4f1a\u7528\u5230\u7684\u3002
\n\u5982\u679c\u521d\u59cb\u5316\u5931\u8d25\uff0c\u8bf7\u4f7f\u7528\u5982\u4e0b\u4ee3\u7801\u6e05\u9664\u540e\u91cd\u65b0\u521d\u59cb\u5316<\/p>\n
# kubeadm reset<\/code><\/pre>\n
12\u3001\u6309\u7167\u63d0\u793a\u914d\u7f6ekubectl<\/p>\n
  mkdir -p $HOME\/.kube\n  sudo cp -i \/etc\/kubernetes\/admin.conf $HOME\/.kube\/config\n  sudo chown $(id -u):$(id -g) $HOME\/.kube\/config\n\n# \u67e5\u770b\n  mkdir -p $HOME\/.kube\n  sudo cp -i \/etc\/kubernetes\/admin.conf $HOME\/.kube\/config\n  sudo chown $(id -u):$(id -g) $HOME\/.kube\/config<\/code><\/pre>\n
13\u3001\u914d\u7f6e\u4f7f\u7528\u7f51\u7edc\u63d2\u4ef6
\n\u8981\u8ba9 Kubernetes Cluster \u80fd\u591f\u5de5\u4f5c\uff0c\u5fc5\u987b\u5b89\u88c5 Pod \u7f51\u7edc\uff0c\u5426\u5219 Pod \u4e4b\u95f4\u65e0\u6cd5\u901a\u4fe1\u3002
\nKubernetes \u652f\u6301\u591a\u79cd\u7f51\u7edc\u65b9\u6848\uff0c\u8fd9\u91cc\u6211\u4eec\u5148\u4f7f\u7528 flannel\uff0c\u540e\u9762\u8fd8\u4f1a\u8ba8\u8bba Canal\u3002
\nflannel.yaml<\/p>\n
---\napiVersion: policy\/v1beta1\nkind: PodSecurityPolicy\nmetadata:\n  name: psp.flannel.unprivileged\n  annotations:\n    seccomp.security.alpha.kubernetes.io\/allowedProfileNames: docker\/default\n    seccomp.security.alpha.kubernetes.io\/defaultProfileName: docker\/default\n    apparmor.security.beta.kubernetes.io\/allowedProfileNames: runtime\/default\n    apparmor.security.beta.kubernetes.io\/defaultProfileName: runtime\/default\nspec:\n  privileged: false\n  volumes:\n  - configMap\n  - secret\n  - emptyDir\n  - hostPath\n  allowedHostPaths:\n  - pathPrefix: "\/etc\/cni\/net.d"\n  - pathPrefix: "\/etc\/kube-flannel"\n  - pathPrefix: "\/run\/flannel"\n  readOnlyRootFilesystem: false\n  # Users and groups\n  runAsUser:\n    rule: RunAsAny\n  supplementalGroups:\n    rule: RunAsAny\n  fsGroup:\n    rule: RunAsAny\n  # Privilege Escalation\n  allowPrivilegeEscalation: false\n  defaultAllowPrivilegeEscalation: false\n  # Capabilities\n  allowedCapabilities: ['NET_ADMIN', 'NET_RAW']\n  defaultAddCapabilities: []\n  requiredDropCapabilities: []\n  # Host namespaces\n  hostPID: false\n  hostIPC: false\n  hostNetwork: true\n  hostPorts:\n  - min: 0\n    max: 65535\n  # SELinux\n  seLinux:\n    # SELinux is unused in CaaSP\n    rule: 'RunAsAny'\n---\nkind: ClusterRole\napiVersion: rbac.authorization.k8s.io\/v1\nmetadata:\n  name: flannel\nrules:\n- apiGroups: ['extensions']\n  resources: ['podsecuritypolicies']\n  verbs: ['use']\n  resourceNames: ['psp.flannel.unprivileged']\n- apiGroups:\n  - ""\n  resources:\n  - pods\n  verbs:\n  - get\n- apiGroups:\n  - ""\n  resources:\n  - nodes\n  verbs:\n  - list\n  - watch\n- apiGroups:\n  - ""\n  resources:\n  - nodes\/status\n  verbs:\n  - patch\n---\nkind: ClusterRoleBinding\napiVersion: rbac.authorization.k8s.io\/v1\nmetadata:\n  name: flannel\nroleRef:\n  apiGroup: rbac.authorization.k8s.io\n  kind: ClusterRole\n  name: flannel\nsubjects:\n- kind: ServiceAccount\n  name: flannel\n  namespace: kube-system\n---\napiVersion: v1\nkind: ServiceAccount\nmetadata:\n  name: flannel\n  namespace: kube-system\n---\nkind: ConfigMap\napiVersion: v1\nmetadata:\n  name: kube-flannel-cfg\n  namespace: kube-system\n  labels:\n    tier: node\n    app: flannel\ndata:\n  cni-conf.json: |\n    {\n      "name": "cbr0",\n      "cniVersion": "0.3.1",\n      "plugins": [\n        {\n          "type": "flannel",\n          "delegate": {\n            "hairpinMode": true,\n            "isDefaultGateway": true\n          }\n        },\n        {\n          "type": "portmap",\n          "capabilities": {\n            "portMappings": true\n          }\n        }\n      ]\n    }\n  net-conf.json: |\n    {\n      "Network": "10.244.0.0\/16",\n      "Backend": {\n        "Type": "vxlan"\n      }\n    }\n---\napiVersion: apps\/v1\nkind: DaemonSet\nmetadata:\n  name: kube-flannel-ds\n  namespace: kube-system\n  labels:\n    tier: node\n    app: flannel\nspec:\n  selector:\n    matchLabels:\n      app: flannel\n  template:\n    metadata:\n      labels:\n        tier: node\n        app: flannel\n    spec:\n      affinity:\n        nodeAffinity:\n          requiredDuringSchedulingIgnoredDuringExecution:\n            nodeSelectorTerms:\n            - matchExpressions:\n              - key: kubernetes.io\/os\n                operator: In\n                values:\n                - linux\n      hostNetwork: true\n      priorityClassName: system-node-critical\n      tolerations:\n      - operator: Exists\n        effect: NoSchedule\n      serviceAccountName: flannel\n      initContainers:\n      - name: install-cni\n        image: registry.cn-hangzhou.aliyuncs.com\/alvinos\/flanned:v0.13.1-rc1\n        command:\n        - cp\n        args:\n        - -f\n        - \/etc\/kube-flannel\/cni-conf.json\n        - \/etc\/cni\/net.d\/10-flannel.conflist\n        volumeMounts:\n        - name: cni\n          mountPath: \/etc\/cni\/net.d\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      containers:\n      - name: kube-flannel\n        image: registry.cn-hangzhou.aliyuncs.com\/alvinos\/flanned:v0.13.1-rc1\n        command:\n        - \/opt\/bin\/flanneld\n        args:\n        - --ip-masq\n        - --kube-subnet-mgr\n        resources:\n          requests:\n            cpu: "100m"\n            memory: "50Mi"\n          limits:\n            cpu: "100m"\n            memory: "50Mi"\n        securityContext:\n          privileged: false\n          capabilities:\n            add: ["NET_ADMIN", "NET_RAW"]\n        env:\n        - name: POD_NAME\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.name\n        - name: POD_NAMESPACE\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.namespace\n        volumeMounts:\n        - name: run\n          mountPath: \/run\/flannel\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      volumes:\n      - name: run\n        hostPath:\n          path: \/run\/flannel\n      - name: cni\n        hostPath:\n          path: \/etc\/cni\/net.d\n      - name: flannel-cfg\n        configMap:\n          name: kube-flannel-cfg<\/code><\/pre>\n
\u90e8\u7f72flannel<\/p>\n
kubectl apply -f flannel.yaml<\/code><\/pre>\n
\u67e5\u770b<\/p>\n
[root@master ~]# kubectl get nodes\nNAME     STATUS   ROLES    AGE     VERSION\nmaster   Ready    master   6m49s   v1.18.1\n\n[root@master ~]# kubectl  get pods -n kube-system\nNAME                             READY   STATUS    RESTARTS   AGE\ncoredns-66bff467f8-mtrkv         1\/1     Running   0          3m57s\ncoredns-66bff467f8-qhwv4         1\/1     Running   0          3m57s\netcd-master                      1\/1     Running   0          4m9s\nkube-apiserver-master            1\/1     Running   0          4m9s\nkube-controller-manager-master   1\/1     Running   0          4m9s\nkube-flannel-ds-b25g6            1\/1     Running   0          32s\nkube-proxy-gkqjv                 1\/1     Running   0          3m57s\nkube-scheduler-master            1\/1     Running   0          4m9s<\/code><\/pre>\n
14\u3001\u6dfb\u52a0node01\u4e0enode02
\n\u5728\u6240\u6709node\u8282\u70b9\u6267\u884c\uff0c\u767b\u5f55\u5230node\u8282\u70b9\uff0c\u786e\u4fdd\u5df2\u7ecf\u5b89\u88c5\u4e86docker\u548ckubeadm\uff0ckubelet\uff0ckubectl<\/p>\n
\u5982\u679c\u62a5\u9519\u5f00\u542fip\u8f6c\u53d1\uff1a\n# sysctl -w net.ipv4.ip_forward=1\n\n\u5728\u6240\u6709node\u8282\u70b9\u64cd\u4f5c\uff0c\u6b64\u547d\u4ee4\u4e3a\u521d\u59cb\u5316master\u6210\u529f\u540e\u8fd4\u56de\u7684\u7ed3\u679c\nkubeadm join 172.16.10.14:6443 --token n3mvgw.56ul27rjtox7fr3n \\\n    --discovery-token-ca-cert-hash sha256:b93e84284d278e4056ee5a1b0370a20f49a1878df8a3492f5f855e2d5141e6e7 \n\n# \u5728master\u8282\u70b9\u67e5\u770b\uff0c\u6700\u5f00\u59cb\u4e24\u4e2a\u52a0\u5165\u7684\u8282\u70b9\u662fNoReady\uff0c\u8fc7\u4e00\u4f1a\u540e\u5904\u4e8eReady\u72b6\u6001\n[root@master ~]# kubectl get nodes\nNAME     STATUS   ROLES    AGE     VERSION\nmaster   Ready    master   7m45s   v1.18.1\nnode01   Ready    <none>   25s     v1.18.1\nnode02   Ready    <none>   22s     v1.18.1<\/code><\/pre>\n
15\u3001kubeadm init\u521b\u5efa\u5b8c\u96c6\u7fa4\u540e\uff0c\u6709pod\u4e00\u76f4\u662fpending\u72b6\u6001<\/p>\n
kubectl describe pod\u5982\u679c\u53d1\u73b0\u95ee\u9898\n3 node(s) had taints that the pod didn't tolerate.\n\u00a0\nkubernetes\u51fa\u4e8e\u5b89\u5168\u8003\u8651\u9ed8\u8ba4\u60c5\u51b5\u4e0b\u65e0\u6cd5\u5728master\u8282\u70b9\u4e0a\u90e8\u7f72pod\uff0c\u4e8e\u662f\u7528\u4e0b\u9762\u65b9\u6cd5\u53bb\u6389master\u8282\u70b9\u7684\u6c61\u70b9\uff1a\nkubectl taint nodes --all node-role.kubernetes.io\/master-<\/code><\/pre>\n
16\u3001\u4e86\u89e3\uff1a<\/p>\n
# 1\u3001\u79fb\u9664node\u65b9\u6cd5\n kubectl drain node02 --delete-local-data --force --ignore-daemonsets\n kubectl delete nodes node02\n\n# 2\u3001\u6dfb\u52a0\u5df2\u5220\u9664\u8282\u70b9\n\n\u524d\u63d0\uff1atoken\u672a\u5931\u6548\n\n\u5982\u679c\u8fd9\u4e2a\u65f6\u5019\u518d\u60f3\u6dfb\u52a0\u8fdb\u6765\u8fd9\u4e2anode\uff0c\u9700\u8981\u6267\u884c\u4e24\u6b65\u64cd\u4f5c\n\n\u7b2c\u4e00\u6b65\uff1a\u505c\u6389kubelet(\u9700\u8981\u6dfb\u52a0\u8fdb\u6765\u7684\u8282\u70b9\u64cd\u4f5c)\n\n[root@node02 ~]# systemctl stop kubelet\n\n\u7b2c\u4e8c\u6b65\uff1a\u5220\u9664\u76f8\u5173\u6587\u4ef6\n\n[root@node02 ~]# rm -rf \/etc\/kubernetes\/*\n\n\u7b2c\u4e09\u6b65\uff1a\u6dfb\u52a0\u8282\u70b9\n\n\u56e0\u4e3a\u4e4b\u524d\u7684token\u8fd8\u6709\u6548\uff0c\u6211\u8fd9\u91cc\u5e76\u6ca1\u6709\u8d85\u51fatoken\u7684\u6709\u6548\u671f\uff1b\u76f4\u63a5\u6267\u884c\u52a0\u5165\u96c6\u7fa4\u7684\u547d\u4ee4\u5373\u53ef\uff1b\nkubeadm join 172.16.10.14:6443 --token n3mvgw.56ul27rjtox7fr3n \\\n    --discovery-token-ca-cert-hash sha256:b93e84284d278e4056ee5a1b0370a20f49a1878df8a3492f5f855e2d5141e6e7 \n\n# 3\u3001\u5fd8\u8bb0token\u4e86\uff0c\u600e\u4e48\u529e\uff0c\u5728master\u8282\u70b9\n[root@master ~]# kubeadm token list  # \u53ef\u4ee5\u62ff\u5230token\u503c\uff0c\u7136\u540e\u518d\u7528openssl\u89e3\u6790\u51fahash\u503c\u5c31\u884c\nTOKEN                     TTL         EXPIRES                     USAGES                   DESCRIPTION                                                EXTRA GROUPS\nn3mvgw.56ul27rjtox7fr3n   23h         2022-07-11T23:32:18+08:00   authentication,signing   The default bootstrap token generated by 'kubeadm init'.   system:bootstrappers:kubeadm:default-node-token\n[root@master ~]# openssl x509 -pubkey -in \/etc\/kubernetes\/pki\/ca.crt | openssl rsa -pubin -outform der 2>\/dev\/null | openssl dgst -sha256 -hex | sed 's\/^.* \/\/'\nb93e84284d278e4056ee5a1b0370a20f49a1878df8a3492f5f855e2d5141e6e7\n\n\u7136\u540e\u91cd\u65b0\u62fc\u63a5\u547d\u4ee4kubeadm join\u5c31\u884c\n\nkubeadm join 172.16.10.14:6443 --token n3mvgw.56ul27rjtox7fr3n     --discovery-token-ca-cert-hash sha256:b93e84284d278e4056ee5a1b0370a20f49a1878df8a3492f5f855e2d5141e6e7<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
\u89c4\u5212 \u4e09\u53f0\u673a\u5668 172.16.10.11 \u90e8\u7f72\u5355\u673a\u7248k8s\uff0c\u90e8\u7f72\u4e3bjenkins\u4e0e\u4e00\u4e2aagent 172.16 […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[412],"tags":[],"_links":{"self":[{"href":"https:\/\/egonlin.com\/index.php?rest_route=\/wp\/v2\/posts\/7181"}],"collection":[{"href":"https:\/\/egonlin.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/egonlin.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/egonlin.com\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/egonlin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7181"}],"version-history":[{"count":0,"href":"https:\/\/egonlin.com\/index.php?rest_route=\/wp\/v2\/posts\/7181\/revisions"}],"wp:attachment":[{"href":"https:\/\/egonlin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7181"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/egonlin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7181"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/egonlin.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7181"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}