K8S-API-SEVER 启动脚本

Published on with 0 views and 0 comments
 1#!/bin/bash
 2/opt/kubernetes/server/bin/kube-apiserver 
 3# 是否打印错误信息
 4--logtostderr false 
 5# 日志级别
 6--v 2 
 7# 日志目录
 8--log-dir /opt/kubernetes/logs 
 9# etcd的地址
10--etcd-servers https://192.168.111.119:2379,https://192.168.111.99:2379,https://192.168.111.109:2379 
11# 本服务,APIServer的地址
12--bind-address 192.168.111.119 
13# 本服务端口
14--secure-port 6443 
15# 广播地址
16--advertise-address 192.168.111.119 
17# 是否 使用超级管理员权限创建容器
18--allow-privileged true 
19# 启动Service时生成的虚拟网段
20--service-cluster-ip-range 10.0.0.0/24
21# 开启插件 
22--enable-admission-plugins NamespaceLifecycle,LimitRanger,ServiceAccount,ResourceQuota,NodeRestriction 
23# 授权模式
24--authorization-mode RBAC,Node 
25# 实现基于token自动颁发证书
26--enable-bootstrap-token-auth true 
27# 颁发证书的token
28--token-auth-file /opt/kubernetes/cfg/token.csv 
29# service端口范围
30--service-node-port-range 30000-32767 
31--kubelet-client-certificate /opt/ssl/k8sca/etcd.pem 
32--kubelet-client-key /opt/ssl/k8sca/etcd-key.pem 
33--tls-cert-file /opt/ssl/k8sca/etcd.pem 
34--tls-private-key-file /opt/ssl/k8sca/etcd-key.pem 
35--client-ca-file /opt/ssl/k8sca/ca.pem 
36--service-account-key-file /opt/ssl/k8sca/ca-key.pem 
37--etcd-cafile /opt/ssl/k8sca/ca.pem 
38--etcd-certfile /opt/ssl/k8sca/etcd.pem 
39--etcd-keyfile /opt/ssl/k8sca/etcd-key.pem 
40# log的最大限度配置
41--audit-log-maxage 30 
42--audit-log-maxbackup 3 
43--audit-log-maxsize 100 
44--audit-log-path /opt/kubernetes/k8s-audit.log
45

标题:K8S-API-SEVER 启动脚本
作者:fe
地址:https://blog.eiyouhe.com/articles/2020/03/23/1584932305152.html