注意:在生成 admin 客戶端證書的目錄來運行本部分的指令。
每一個 kubeconfig 都需要一個 Kuberntes API Server 地址。爲了保證高可用,這裏將使用 API Servers 前端外部負載均衡器的 IP 地址。
KUBERNETES_PUBLIC_ADDRESS=$(gcloud compute addresses describe kubernetes-the-hard-way \
--region $(gcloud config get-value compute/region) \
--format 'value(address)')
kubectl config set-cluster kubernetes-the-hard-way \
--certificate-authority=ca.pem \
--embed-certs=true \
--server=https://${KUBERNETES_PUBLIC_ADDRESS}:6443
kubectl config set-credentials admin \
--client-certificate=admin.pem \
--client-key=admin-key.pem
kubectl config set-context kubernetes-the-hard-way \
--cluster=kubernetes-the-hard-way \
--user=admin
kubectl config use-context kubernetes-the-hard-way
kubectl get componentstatuses
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-2 Healthy {"health": "true"}
etcd-0 Healthy {"health": "true"}
etcd-1 Healthy {"health": "true"}
NAME STATUS ROLES AGE VERSION
worker-0 Ready <none> 2m30s v1.18.6
worker-1 Ready <none> 2m30s v1.18.6
worker-2 Ready <none> 2m30s v1.18.6