kube-scheduler 部署
Scheduler 负责将 Pod 调度到合适的 Worker 节点,根据资源需求、亲和性规则、污点容忍等因素做出调度决策。
部署流程
所有 Master 组件的部署流程类似:
- 签发证书
- 设置 kubeconfig 上下文
- 同步证书到其他 Master 节点
- 创建 systemd 服务并启动
证书生成
# 创建证书配置
cat > scheduler-csr.json << EOF
{
"CN": "system:kube-scheduler",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"ST": "Beijing",
"L": "Beijing",
"O": "system:kube-scheduler",
"OU": "Kubernetes-manual"
}
]
}
EOF
# 生成证书
cfssl gencert \
-ca=/etc/kubernetes/pki/ca.pem \
-ca-key=/etc/kubernetes/pki/ca-key.pem \
-config=ca-config.json \
-profile=kubernetes \
scheduler-csr.json | cfssljson -bare /etc/kubernetes/pki/scheduler
bash
创建 kubeconfig
# 设置集群信息
kubectl config set-cluster kubernetes \
--certificate-authority=/etc/kubernetes/pki/ca.pem \
--embed-certs=true \
--server=https://192.168.4.213:6443 \
--kubeconfig=/etc/kubernetes/scheduler.kubeconfig
# 设置用户凭证
kubectl config set-credentials system:kube-scheduler \
--client-certificate=/etc/kubernetes/pki/scheduler.pem \
--client-key=/etc/kubernetes/pki/scheduler-key.pem \
--embed-certs=true \
--kubeconfig=/etc/kubernetes/scheduler.kubeconfig
# 设置上下文
kubectl config set-context system:kube-scheduler@kubernetes \
--cluster=kubernetes \
--user=system:kube-scheduler \
--kubeconfig=/etc/kubernetes/scheduler.kubeconfig
# 使用上下文
kubectl config use-context system:kube-scheduler@kubernetes \
--kubeconfig=/etc/kubernetes/scheduler.kubeconfig
bash
服务配置文件
cat > /etc/kubernetes/kube-scheduler.conf << EOF
KUBE_SCHEDULER_OPTS=" \
--kubeconfig=/etc/kubernetes/scheduler.kubeconfig \
--leader-elect=true \
--v=2"
EOF
bash
systemd 服务文件
# /usr/lib/systemd/system/kube-scheduler.service
[Unit]
Description=Kubernetes Scheduler
Documentation=https://github.com/kubernetes/kubernetes
[Service]
EnvironmentFile=-/etc/kubernetes/kube-scheduler.conf
ExecStart=/usr/local/bin/kube-scheduler $KUBE_SCHEDULER_OPTS
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
ini
启动和验证
systemctl daemon-reload
systemctl enable --now kube-scheduler
systemctl status kube-scheduler
# 验证组件状态
kubectl get componentstatuses
# 或
kubectl get cs
bash
将证书和配置文件同步到其他 Master 节点后,重复启动步骤。
↑