kubernetes1.13之后的kubeadm init config

时间:2021-08-15 04:12:40

1、kubernetes1.13之后kubeadm开始GA,由于1.13的kube-proxy有bug,删除ipvs的地方总是导致kube-proxy挂掉,所以建议直接用1.13.2,这个版本解决了bug。

!Fix race condition introduced by graceful termination which can lead to a deadlock in kube-proxy

!Support graceful termination with IPVS when deleting a service

!kube-proxy in IPVS mode will stop initiating connections to terminating pods for services with sessionAffinity set

kubeadm的配置文件较之前有了一些改变,版本变成了v1beta1,虽然目前老的版本在1.13里也是可用的,但是1.14就会废弃掉,所以建议直接使用新的config进行初始化

下面给出我的1.13.2版本使用的kubeadm  init config:

cat  kubeadm-13.yaml

---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
mode: "ipvs"
---
apiVersion: kubeadm.k8s.io/v1beta1
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: "10.4.9.210"
dns:
type: CoreDNS
imageRepository: k8s.gcr.io
kind: ClusterConfiguration
kubernetesVersion: v1.13.2
networking:
dnsDomain: cluster.local
podSubnet: 192.244.0.0/
serviceSubnet: 192.96.0.0/
apiServer:
timeoutForControlPlane: 4m0s
certSANs:
- 10.4.73.110
- 10.4.68.77
- 10.4.83.248
- ku13-
- ku13-
- ku13-
- 127.0.0.1
- localhost
- 10.4.9.210
controllerManager:
extraArgs:
address: 0.0.0.0
scheduler:
extraArgs:
address: 0.0.0.0
etcd:
external:
endpoints:
- https://10.4.73.110:2379
- https://10.4.68.77:2379
- https://10.4.83.248:2379
caFile: /etc/kubernetes/ssl/ca.pem
certFile: /etc/etcd/ssl/etcd.pem
keyFile: /etc/etcd/ssl/etcd-key.pem

kubeadm1.13+ 支持的configuration types:

apiVersion: kubeadm.k8s.io/v1beta1
kind: InitConfiguration apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration apiVersion: kubeadm.k8s.io/v1beta1
kind: JoinConfiguration

具体变动参考:

https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1

https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md#changelog-since-v1131