{"id":76570,"date":"2026-02-22T20:33:27","date_gmt":"2026-02-22T12:33:27","guid":{"rendered":"https:\/\/www.wsisp.com\/helps\/76570.html"},"modified":"2026-02-22T20:33:27","modified_gmt":"2026-02-22T12:33:27","slug":"%e4%bb%8e%e5%8d%95%e8%8a%82%e7%82%b9%e5%88%b0%e9%ab%98%e5%8f%af%e7%94%a8%ef%bc%9a%e6%88%91%e6%98%af%e5%a6%82%e4%bd%95%e4%b8%80%e6%ad%a5%e6%ad%a5%e6%90%ad%e5%bb%ba%e7%94%9f%e4%ba%a7%e7%ba%a7k8s","status":"publish","type":"post","link":"https:\/\/www.wsisp.com\/helps\/76570.html","title":{"rendered":"\u4ece\u5355\u8282\u70b9\u5230\u9ad8\u53ef\u7528\uff1a\u6211\u662f\u5982\u4f55\u4e00\u6b65\u6b65\u642d\u5efa\u751f\u4ea7\u7ea7K8s\u96c6\u7fa4\u7684"},"content":{"rendered":"

\u6700\u8fd1\u5728\u865a\u62df\u673a\u4e0a\u642d\u5efa\u4e86\u4e00\u5957\u57fa\u4e8eHAProxy + 3 Master + 2 Node\u7684K8s\u9ad8\u53ef\u7528\u96c6\u7fa4,\u8e29\u4e86\u4e0d\u5c11\u5751,\u4e5f\u6c89\u6dc0\u4e86\u4e00\u5957\u53ef\u590d\u7528\u7684\u90e8\u7f72\u811a\u672c\u3002\u4eca\u5929\u5c31\u628a\u6574\u4e2a\u8fc7\u7a0b\u548c\u811a\u672c\u5206\u4eab\u51fa\u6765,\u5e0c\u671b\u80fd\u5e2e\u5230\u6709\u540c\u6837\u9700\u6c42\u7684\u540c\u5b66\u3002<\/p>\n

\n

\u4e00\u3001\u96c6\u7fa4\u67b6\u6784\u8bbe\u8ba1<\/h3>\n

\u6211\u4eec\u7684\u76ee\u6807\u662f\u642d\u5efa\u4e00\u4e2a\u751f\u4ea7\u53ef\u7528\u7684K8s\u96c6\u7fa4,\u6838\u5fc3\u8bbe\u8ba1\u5982\u4e0b:<\/p>\n\n\u89d2\u8272\u8282\u70b9IP\u8bf4\u660e<\/tr>\n\n\n\n\n\n\n\n
HAProxy<\/td>\n192.168.56.102<\/td>\n\u4f5c\u4e3aAPI Server\u7684\u8d1f\u8f7d\u5747\u8861\u5165\u53e3,\u65e0\u9700\u5065\u5eb7\u68c0\u67e5<\/td>\n<\/tr>\n
Master<\/td>\n192.168.56.111<\/td>\n\u7b2c\u4e00\u4e2a\u63a7\u5236\u5e73\u9762\u8282\u70b9,\u751f\u6210etcd\u8bc1\u4e66\u548c\u96c6\u7fa4\u914d\u7f6e<\/td>\n<\/tr>\n
Master<\/td>\n192.168.56.112<\/td>\n\u52a0\u5165\u96c6\u7fa4\u7684\u63a7\u5236\u5e73\u9762\u8282\u70b9<\/td>\n<\/tr>\n
Master<\/td>\n192.168.56.113<\/td>\n\u52a0\u5165\u96c6\u7fa4\u7684\u63a7\u5236\u5e73\u9762\u8282\u70b9<\/td>\n<\/tr>\n
Node<\/td>\n192.168.56.114<\/td>\n\u5de5\u4f5c\u8282\u70b9<\/td>\n<\/tr>\n
Node<\/td>\n192.168.56.115<\/td>\n\u5de5\u4f5c\u8282\u70b9<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

\u5173\u952e\u914d\u7f6e:<\/p>\n

    \n
  • Pod\u7f51\u6bb5:192.156.32.0\/20<\/li>\n
  • Service\u7f51\u6bb5:192.168.48.0\/24<\/li>\n
  • \u6240\u6709\u8282\u70b9\u5f3a\u5236\u4f7f\u7528enp0s8\u7f51\u5361IP<\/li>\n
  • \u4f7f\u7528containerd\u4f5c\u4e3a\u5bb9\u5668\u8fd0\u884c\u65f6<\/li>\n
  • \u4f7f\u7528Calico\u4f5c\u4e3a\u7f51\u7edc\u63d2\u4ef6<\/li>\n<\/ul>\n
    \n

    \u4e8c\u3001\u90e8\u7f72\u811a\u672c\u5408\u96c6<\/h3>\n

    1. 01-deploy-haproxy.sh(\u4fee\u590dHAProxy\u542f\u52a8\u95ee\u9898)<\/h4>\n

    #!\/bin\/bash<\/span>
    \nset<\/span> -euo pipefail<\/p>\n

    # \u914d\u7f6e\u9879<\/span>
    \nHAPROXY_NODE_IP<\/span>=<\/span>"192.168.56.102"<\/span>
    \nMASTER_NODES<\/span>=<\/span>(<\/span>"192.168.56.111"<\/span> "192.168.56.112"<\/span> "192.168.56.113"<\/span>)<\/span>
    \nK8S_API_PORT<\/span>=<\/span>6443<\/span>
    \nHAPROXY_PORT<\/span>=<\/span>6443<\/span><\/p>\n

    # \u5b89\u88c5haproxy<\/span>
    \napt<\/span> update -y &&<\/span> apt<\/span> install<\/span> -y haproxy net-tools ||<\/span> true<\/span><\/p>\n

    # \u5907\u4efd\u539f\u6709\u914d\u7f6e<\/span>
    \nmv<\/span> \/etc\/haproxy\/haproxy.cfg \/etc\/haproxy\/haproxy.cfg.bak$(<\/span>date<\/span> +%Y%m%d%H%M%S)<\/span><\/span> ||<\/span> true<\/span><\/p>\n

    # \u751f\u6210haproxy\u914d\u7f6e<\/span>
    \ncat<\/span> ><\/span> \/etc\/haproxy\/haproxy.cfg <<<\/span> EOF
    \nglobal
    \n log \/dev\/log local0
    \n log \/dev\/log local1 notice
    \n chroot \/var\/lib\/haproxy
    \n stats socket \/run\/haproxy\/admin.sock mode 660 level admin expose-fd listeners
    \n stats timeout 30s
    \n user haproxy
    \n group haproxy
    \n daemon
    \n maxconn 2000<\/p>\n

    defaults
    \n log global
    \n mode tcp
    \n option tcplog
    \n option dontlognull
    \n timeout connect 5000
    \n timeout client 50000
    \n timeout server 50000
    \n errorfile 400 \/etc\/haproxy\/errors\/400.http
    \n errorfile 403 \/etc\/haproxy\/errors\/403.http
    \n errorfile 408 \/etc\/haproxy\/errors\/408.http
    \n errorfile 500 \/etc\/haproxy\/errors\/500.http
    \n errorfile 502 \/etc\/haproxy\/errors\/502.http
    \n errorfile 503 \/etc\/haproxy\/errors\/503.http
    \n errorfile 504 \/etc\/haproxy\/errors\/504.http<\/p>\n

    frontend k8s-api-frontend
    \n bind ${HAPROXY_NODE_IP}<\/span>:${HAPROXY_PORT}<\/span>
    \n default_backend k8s-api-backend<\/p>\n

    backend k8s-api-backend
    \n mode tcp
    \n balance roundrobin
    \n option tcp-check
    \n # \u4fee\u590d:fall 0 rise 0 \u6539\u4e3a fall 3 rise 2,\u4fdd\u8bc1HAProxy\u80fd\u542f\u52a8
    \nEOF<\/span><\/p>\n

    # \u6dfb\u52a0master\u8282\u70b9\u5230backend<\/span>
    \nfor<\/span> master<\/span> in<\/span> "${MASTER_NODES[<\/span>@]<\/span>}<\/span>"<\/span>;<\/span> do<\/span>
    \n cat<\/span> >><\/span> \/etc\/haproxy\/haproxy.cfg <<<\/span> EOF
    \n server master-${master\/<\/span>\/<\/span>.\/<\/span>-}<\/span> ${master}<\/span>:${K8S_API_PORT}<\/span> check inter 2000 fall 3 rise 2
    \nEOF<\/span>
    \ndone<\/span><\/p>\n

    # \u91cd\u542fhaproxy\u5e76\u8bbe\u7f6e\u5f00\u673a\u81ea\u542f<\/span>
    \nsystemctl daemon-reload
    \nsystemctl enable<\/span> –now haproxy
    \nsystemctl restart haproxy<\/p>\n

    # \u9a8c\u8bc1haproxy\u72b6\u6001<\/span>
    \nif<\/span> systemctl is-active –quiet haproxy;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[32mHAProxy\u90e8\u7f72\u6210\u529f,\u76d1\u542c\u5730\u5740: ${HAPROXY_NODE_IP}<\/span>:${HAPROXY_PORT}<\/span>\\\\033<\/span>[0m"<\/span>
    \nelse<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31mHAProxy\u542f\u52a8\u5931\u8d25\\\\033<\/span>[0m"<\/span>
    \n systemctl status haproxy –no-pager
    \n exit<\/span> 1<\/span>
    \nfi<\/span><\/p>\n

    \u4fee\u590d\u70b9:\u5c06fall 0 rise 0\u6539\u4e3afall 3 rise 2,\u89e3\u51b3HAProxy\u542f\u52a8\u5931\u8d25\u95ee\u9898\u3002<\/p>\n

    \n

    2. 02-clean-k8s-env.sh(\u6e05\u7406K8s\u6b8b\u7559)<\/h4>\n

    #!\/bin\/bash<\/span>
    \nset<\/span> -euo pipefail<\/p>\n

    echo<\/span> "\u5f00\u59cb\u6e05\u7406K8s\u96c6\u7fa4\u6b8b\u7559\u8d44\u6e90…"<\/span><\/p>\n

    # \u505c\u6b62\u670d\u52a1<\/span>
    \nsystemctl stop kubelet containerd haproxy ||<\/span> true<\/span>
    \npkill<\/span> -9 kubelet containerd ||<\/span> true<\/span><\/p>\n

    # \u5378\u8f7d\u6302\u8f7d\u5377<\/span>
    \necho<\/span> "\u5378\u8f7dK8s\u76f8\u5173\u6302\u8f7d\u5377…"<\/span>
    \nmount<\/span> |<\/span> grep<\/span> -E "\/run\/containerd|\/var\/lib\/kubelet|\/var\/lib\/containerd|\/opt\/cni"<\/span> |<\/span> awk<\/span> '{print $3}'<\/span> |<\/span> xargs<\/span> -r umount<\/span> -lf ||<\/span> true<\/span><\/p>\n

    # \u5220\u9664\u76ee\u5f55\u548c\u6587\u4ef6<\/span>
    \necho<\/span> "\u5220\u9664K8s\u76f8\u5173\u76ee\u5f55\/\u6587\u4ef6…"<\/span>
    \nrm<\/span> -rf \/run\/containerd \/var\/lib\/containerd \/etc\/containerd \\\\<\/span>
    \n \/etc\/kubernetes \/var\/lib\/kubelet \/var\/lib\/cni \/opt\/cni\/bin \\\\<\/span>
    \n \/run\/kubelet\/* \/root\/.kube \/etc\/systemd\/system\/kubelet.service* \\\\<\/span>
    \n \/etc\/default\/kubelet \/tmp\/k8s-bin ||<\/span> true<\/span><\/p>\n

    # \u5220\u9664\u4e8c\u8fdb\u5236\u6587\u4ef6<\/span>
    \nrm<\/span> -f \/usr\/bin\/kubeadm \/usr\/bin\/kubelet \/usr\/bin\/kubectl \/usr\/local\/bin\/crictl ||<\/span> true<\/span><\/p>\n

    # \u6e05\u7406iptables\u89c4\u5219<\/span>
    \necho<\/span> "\u6e05\u7406iptables\u89c4\u5219…"<\/span>
    \niptables -F &&<\/span> iptables -X &&<\/span> iptables -F -t nat &&<\/span> iptables -X -t nat &&<\/span> iptables -F -t mangle &&<\/span> iptables -X -t mangle ||<\/span> true<\/span>
    \nip6tables -F &&<\/span> ip6tables -X &&<\/span> ip6tables -F -t nat &&<\/span> ip6tables -X -t nat &&<\/span> ip6tables -F -t mangle &&<\/span> ip6tables -X -t mangle ||<\/span> true<\/span><\/p>\n

    # \u6e05\u7406\u7f51\u7edc\u63a5\u53e3<\/span>
    \necho<\/span> "\u6e05\u7406CNI\u7f51\u7edc\u63a5\u53e3…"<\/span>
    \nip<\/span> link<\/span> delete cni0 ||<\/span> true<\/span>
    \nip<\/span> link<\/span> delete flannel.1 ||<\/span> true<\/span>
    \nip<\/span> link<\/span> delete cali* ||<\/span> true<\/span>
    \nip<\/span> link<\/span> delete kube-ipvs0 ||<\/span> true<\/span><\/p>\n

    # \u6e05\u7406swap<\/span>
    \nswapoff -a ||<\/span> true<\/span>
    \nsed<\/span> -i '\/swap\/s\/^\/#\/'<\/span> \/etc\/fstab ||<\/span> true<\/span><\/p>\n

    # \u91cd\u65b0\u52a0\u8f7dsystemd<\/span>
    \nsystemctl daemon-reload<\/p>\n

    echo<\/span> -e "\\\\033<\/span>[32mK8s\u73af\u5883\u6e05\u7406\u5b8c\u6210\\\\033<\/span>[0m"<\/span><\/p>\n

    \n

    3. 03-init-all-nodes.sh(\u521d\u59cb\u5316\u6240\u6709\u8282\u70b9,\u4e0d\u542bHAProxy)<\/h4>\n

    #!\/bin\/bash<\/span>
    \nset<\/span> -euo pipefail<\/p>\n

    # \u6838\u5fc3\u914d\u7f6e<\/span>
    \nPROXY_ADDR<\/span>=<\/span>"http:\/\/192.168.56.102:8080"<\/span>
    \nHARBOR_REGISTRY<\/span>=<\/span>"192.168.56.102"<\/span>
    \nHARBOR_FULL_ADDR<\/span>=<\/span>"http:\/\/${HARBOR_REGISTRY}<\/span>"<\/span>
    \nHARBOR_USER<\/span>=<\/span>"admin"<\/span>
    \nHARBOR_PASS<\/span>=<\/span>"Harbor12345"<\/span>
    \nK8S_VERSION<\/span>=<\/span>"1.33.6"<\/span>
    \nARCH<\/span>=<\/span>"amd64"<\/span>
    \nDOWNLOAD_DIR<\/span>=<\/span>"\/tmp\/k8s-bin"<\/span>
    \nPAUSE_VERSION<\/span>=<\/span>"3.8"<\/span>
    \nPAUSE_TARGET_VERSION<\/span>=<\/span>"3.10"<\/span>
    \nSOURCE_REGISTRY<\/span>=<\/span>"registry.k8s.io"<\/span>
    \nTARGET_REGISTRY<\/span>=<\/span>"${HARBOR_REGISTRY}<\/span>\/library"<\/span><\/p>\n

    # \u83b7\u53d6\u5f53\u524d\u8282\u70b9enp0s8\u7684IP<\/span>
    \nNODE_IP<\/span>=<\/span>$(<\/span>ip<\/span> addr show enp0s8 |<\/span> grep<\/span> -oP '(?<=inet\\\\s)\\\\d+(\\\\.\\\\d+){3}'<\/span> |<\/span> head<\/span> -1)<\/span><\/span>
    \nif<\/span> [<\/span> -z "${NODE_IP}<\/span>"<\/span> ]<\/span>;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u672a\u627e\u5230enp0s8\u7f51\u5361\u7684IP,\u8bf7\u68c0\u67e5\u7f51\u5361\u540d\u79f0\\\\033<\/span>[0m"<\/span>
    \n exit<\/span> 1<\/span>
    \nfi<\/span><\/p>\n

    echo<\/span> "\u5f53\u524d\u8282\u70b9enp0s8 IP: ${NODE_IP}<\/span>"<\/span><\/p>\n

    # 1. \u57fa\u7840\u914d\u7f6e<\/span>
    \ntimedatectl set-timezone Asia\/Shanghai ||<\/span> true<\/span>
    \napt<\/span> update -y &&<\/span> apt<\/span> upgrade -y ||<\/span> true<\/span><\/p>\n

    # 2. \u5b89\u88c5\u4f9d\u8d56<\/span>
    \napt<\/span> install<\/span> -y curl<\/span> wget<\/span> iptables apt-transport-https ca-certificates gnupg2 software-properties-common net-tools socat conntrack ipset ||<\/span> true<\/span><\/p>\n

    # 3. \u5173\u95edswap<\/span>
    \nswapoff -a
    \nsed<\/span> -i '\/swap\/s\/^\/#\/'<\/span> \/etc\/fstab<\/p>\n

    # 4. \u52a0\u8f7d\u5185\u6838\u6a21\u5757<\/span>
    \ncat<\/span> <<<\/span>EOF |<\/span> tee<\/span> \/etc\/modules-load.d\/containerd.conf<\/span>
    \noverlay
    \nbr_netfilter
    \nEOF<\/span>
    \nmodprobe overlay ||<\/span> true<\/span>
    \nmodprobe br_netfilter ||<\/span> true<\/span><\/p>\n

    # 5. \u8bbe\u7f6esysctl\u53c2\u6570<\/span>
    \ncat<\/span> <<<\/span>EOF |<\/span> tee<\/span> \/etc\/sysctl.d\/99-kubernetes-cri.conf<\/span>
    \nnet.bridge.bridge-nf-call-iptables = 1
    \nnet.ipv4.ip_forward = 1
    \nnet.bridge.bridge-nf-call-ip6tables = 1
    \nnet.ipv4.tcp_tw_recycle = 0
    \nvm.swappiness=0
    \nEOF<\/span>
    \nsysctl –system ||<\/span> true<\/span><\/p>\n

    # 6. \u90e8\u7f72containerd<\/span>
    \n# \u4e0b\u8f7dcontainerd<\/span>
    \ncurl<\/span> -L –proxy ${PROXY_ADDR}<\/span> –insecure -s https:\/\/github.com\/containerd\/containerd\/releases\/download\/v1.7.30\/containerd-1.7.30-linux-${ARCH}<\/span>.tar.gz -o \/tmp\/containerd.tar.gz
    \ntar<\/span> Cxzvf \/usr\/local \/tmp\/containerd.tar.gz ||<\/span> true<\/span><\/p>\n

    # \u4e0b\u8f7drunc<\/span>
    \ncurl<\/span> -L –proxy ${PROXY_ADDR}<\/span> –insecure -s https:\/\/github.com\/opencontainers\/runc\/releases\/download\/v1.1.12\/runc.${ARCH}<\/span> -o \/tmp\/runc
    \ninstall<\/span> -m 755<\/span> \/tmp\/runc \/usr\/local\/sbin\/runc ||<\/span> true<\/span><\/p>\n

    # \u4e0b\u8f7dCNI\u63d2\u4ef6<\/span>
    \nCNI_VERSION<\/span>=<\/span>"1.4.0"<\/span>
    \ncurl<\/span> -L –proxy ${PROXY_ADDR}<\/span> –insecure -s https:\/\/github.com\/containernetworking\/plugins\/releases\/download\/v${CNI_VERSION}<\/span>\/cni-plugins-linux-${ARCH}<\/span>-v${CNI_VERSION}<\/span>.tgz -o \/tmp\/cni-plugins.tgz
    \nmkdir<\/span> -p \/opt\/cni\/bin
    \ntar<\/span> Cxzvf \/opt\/cni\/bin \/tmp\/cni-plugins.tgz ||<\/span> true<\/span><\/p>\n

    # \u914d\u7f6econtainerd<\/span>
    \nmkdir<\/span> -p \/etc\/containerd
    \ncontainerd config default ><\/span> \/etc\/containerd\/config.toml ||<\/span> true<\/span>
    \nsed<\/span> -i 's\/SystemdCgroup \\\\= false\/SystemdCgroup \\\\= true\/'<\/span> \/etc\/containerd\/config.toml
    \nsed<\/span> -i 's\/config_path = ""\/config_path = "\\\\\/etc\\\\\/containerd\\\\\/certs.d"\/'<\/span> \/etc\/containerd\/config.toml
    \nsed<\/span> -i 's\/^\\\\(\\\\s*\\\\)tls_verify = true\/\\\\1tls_verify = false\/'<\/span> \/etc\/containerd\/config.toml<\/p>\n

    # \u914d\u7f6eHarbor\u955c\u50cf\u4ed3\u5e93<\/span>
    \nmkdir<\/span> -p \/etc\/containerd\/certs.d\/${HARBOR_REGISTRY}<\/span>
    \ncat<\/span> ><\/span> \/etc\/containerd\/certs.d\/${HARBOR_REGISTRY}<\/span>\/hosts.toml <<<\/span> EOF
    \nserver = "${HARBOR_FULL_ADDR}<\/span>"
    \n[host."${HARBOR_FULL_ADDR}<\/span>"]
    \n capabilities = ["pull", "resolve", "push"]
    \n skip_verify = true
    \n allow_insecure = true
    \n [host."${HARBOR_FULL_ADDR}<\/span>".auth]
    \n username = "${HARBOR_USER}<\/span>"
    \n password = "${HARBOR_PASS}<\/span>"
    \nEOF<\/span><\/p>\n

    # \u914d\u7f6econtainerd\u670d\u52a1<\/span>
    \ncat<\/span> <<<\/span>EOF |<\/span> tee<\/span> \/etc\/systemd\/system\/containerd.service<\/span>
    \n[Unit]
    \nDescription=containerd container runtime
    \nAfter=network.target local-fs.target
    \n[Service]
    \nExecStartPre=-\/sbin\/modprobe overlay
    \nExecStart=\/usr\/local\/bin\/containerd
    \nType=notify
    \nRestart=always
    \nRestartSec=5
    \nLimitNOFILE=infinity
    \n[Install]
    \nWantedBy=multi-user.target
    \nEOF<\/span><\/p>\n

    # \u542f\u52a8containerd<\/span>
    \nsystemctl daemon-reload
    \nsystemctl enable<\/span> –now containerd ||<\/span> true<\/span><\/p>\n

    # 7. \u5b89\u88c5crictl<\/span>
    \nCRICTL_VERSION<\/span>=<\/span>"v1.30.0"<\/span>
    \ncurl<\/span> -L –proxy ${PROXY_ADDR}<\/span> –insecure -s https:\/\/github.com\/kubernetes-sigs\/cri-tools\/releases\/download\/${CRICTL_VERSION}<\/span>\/crictl-${CRICTL_VERSION}<\/span>-linux-amd64.tar.gz |<\/span> tar<\/span> zxvf – -C \/usr\/local\/bin ||<\/span> true<\/span>
    \ncat<\/span> ><\/span> \/etc\/crictl.yaml <<<\/span> EOF
    \nruntime-endpoint: unix:\/\/\/run\/containerd\/containerd.sock
    \ntimeout: 10
    \ndebug: false
    \nEOF<\/span><\/p>\n

    # 8. \u914d\u7f6epause\u955c\u50cf<\/span>
    \ncrictl pull ${TARGET_REGISTRY}<\/span>\/pause:${PAUSE_TARGET_VERSION}<\/span> ||<\/span> true<\/span>
    \nctr -n k8s.io images tag ${TARGET_REGISTRY}<\/span>\/pause:${PAUSE_TARGET_VERSION}<\/span> ${SOURCE_REGISTRY}<\/span>\/pause:${PAUSE_VERSION}<\/span> ||<\/span> true<\/span><\/p>\n

    # 9. \u5b89\u88c5K8s\u7ec4\u4ef6<\/span>
    \nmkdir<\/span> -p ${DOWNLOAD_DIR}<\/span> &&<\/span> cd<\/span> ${DOWNLOAD_DIR}<\/span>
    \nfor<\/span> bin<\/span> in<\/span> kubeadm kubelet kubectl;<\/span> do<\/span>
    \n curl<\/span> -L –proxy ${PROXY_ADDR}<\/span> –insecure -s https:\/\/dl.k8s.io\/v${K8S_VERSION}<\/span>\/bin\/linux\/${ARCH}<\/span>\/${bin}<\/span> -o ${bin}<\/span>
    \n chmod<\/span> +x ${bin}<\/span> &&<\/span> mv<\/span> ${bin}<\/span> \/usr\/bin\/ ||<\/span> true<\/span>
    \ndone<\/span><\/p>\n

    # 10. \u914d\u7f6ekubelet<\/span>
    \ncat<\/span> <<<\/span>EOF |<\/span> tee<\/span> \/etc\/systemd\/system\/kubelet.service<\/span>
    \n[Unit]
    \nDescription=kubelet: The Kubernetes Node Agent
    \nAfter=network-online.target
    \n[Service]
    \nExecStart=\/usr\/bin\/kubelet
    \nRestart=always
    \nRestartSec=10
    \nLimitNOFILE=infinity
    \n[Install]
    \nWantedBy=multi-user.target
    \nEOF<\/span><\/p>\n

    mkdir<\/span> -p \/etc\/systemd\/system\/kubelet.service.d
    \ncat<\/span> <<<\/span>EOF |<\/span> tee<\/span> \/etc\/systemd\/system\/kubelet.service.d\/10-kubeadm.conf<\/span>
    \n[Service]
    \nEnvironment="KUBELET_KUBECONFIG_ARGS=–bootstrap-kubeconfig=\/etc\/kubernetes\/bootstrap-kubelet.conf –kubeconfig=\/etc\/kubernetes\/kubelet.conf"
    \nEnvironment="KUBELET_CONFIG_ARGS=–config=\/var\/lib\/kubelet\/config.yaml"
    \nEnvironmentFile=-\/var\/lib\/kubelet\/kubeadm-flags.env
    \nExecStart=
    \nExecStart=\/usr\/bin\/kubelet \\\\$KUBELET_KUBECONFIG_ARGS<\/span> \\\\$KUBELET_CONFIG_ARGS<\/span> \\\\$KUBELET_KUBEADM_ARGS<\/span> –container-runtime-endpoint=unix:\/\/\/run\/containerd\/containerd.sock –node-ip=${NODE_IP}<\/span>
    \nEOF<\/span><\/p>\n

    cat<\/span> <<<\/span>EOF |<\/span> tee<\/span> \/etc\/default\/kubelet<\/span>
    \nKUBELET_EXTRA_ARGS="–pod-infra-container-image=${TARGET_REGISTRY}<\/span>\/pause:${PAUSE_TARGET_VERSION}<\/span> –node-ip=${NODE_IP}<\/span>"
    \nEOF<\/span><\/p>\n

    systemctl daemon-reload
    \nsystemctl enable<\/span> kubelet ||<\/span> true<\/span><\/p>\n

    # \u6e05\u7406\u4e34\u65f6\u6587\u4ef6<\/span>
    \nrm<\/span> -rf ${DOWNLOAD_DIR}<\/span> \/tmp\/containerd.tar.gz \/tmp\/runc \/tmp\/cni-plugins.tgz ||<\/span> true<\/span><\/p>\n

    echo<\/span> -e "\\\\033<\/span>[32m\u8282\u70b9${NODE_IP}<\/span>\u521d\u59cb\u5316\u5b8c\u6210\\\\033<\/span>[0m"<\/span><\/p>\n

    \n

    4. 04-init-first-master.sh(\u521d\u59cb\u5316\u7b2c\u4e00\u4e2aMaster\u8282\u70b9111)<\/h4>\n

    #!\/bin\/bash<\/span>
    \nset<\/span> -euo pipefail<\/p>\n

    # \u6838\u5fc3\u914d\u7f6e<\/span>
    \nHAPROXY_IP<\/span>=<\/span>"192.168.56.102"<\/span>
    \nHAPROXY_PORT<\/span>=<\/span>6443<\/span>
    \nK8S_VERSION<\/span>=<\/span>"1.33.6"<\/span>
    \nHARBOR_REGISTRY<\/span>=<\/span>"192.168.56.102"<\/span>
    \nTARGET_REGISTRY<\/span>=<\/span>"${HARBOR_REGISTRY}<\/span>\/library"<\/span>
    \nPOD_SUBNET<\/span>=<\/span>"192.156.32.0\/20"<\/span>
    \nSVC_SUBNET<\/span>=<\/span>"192.156.48.0\/24"<\/span>
    \nCALICO_VERSION<\/span>=<\/span>"v3.29.0"<\/span>
    \nPROXY_ADDR<\/span>=<\/span>"http:\/\/192.168.56.102:8080"<\/span><\/p>\n

    # \u83b7\u53d6\u5f53\u524d\u8282\u70b9enp0s8\u7684IP<\/span>
    \nNODE_IP<\/span>=<\/span>$(<\/span>ip<\/span> addr show enp0s8 |<\/span> grep<\/span> -oP '(?<=inet\\\\s)\\\\d+(\\\\.\\\\d+){3}'<\/span> |<\/span> head<\/span> -1)<\/span><\/span>
    \nif<\/span> [<\/span> -z "${NODE_IP}<\/span>"<\/span> ]<\/span>;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u672a\u627e\u5230enp0s8\u7f51\u5361\u7684IP,\u8bf7\u68c0\u67e5\u7f51\u5361\u540d\u79f0\\\\033<\/span>[0m"<\/span>
    \n exit<\/span> 1<\/span>
    \nfi<\/span><\/p>\n

    # \u751f\u6210kubeadm\u914d\u7f6e\u6587\u4ef6(\u542betcd\u8bc1\u4e66\u914d\u7f6e\u3001\u6307\u5b9aenp0s8 IP)<\/span>
    \ncat<\/span> ><\/span> \/root\/kubeadm-config.yaml <<<\/span> EOF
    \napiVersion: kubeadm.k8s.io\/v1beta3
    \nkind: ClusterConfiguration
    \nkubernetesVersion: v${K8S_VERSION}<\/span>
    \nimageRepository: ${TARGET_REGISTRY}<\/span>
    \ncontrolPlaneEndpoint: "${HAPROXY_IP}<\/span>:${HAPROXY_PORT}<\/span>"
    \nnetworking:
    \n podSubnet: ${POD_SUBNET}<\/span>
    \n serviceSubnet: ${SVC_SUBNET}<\/span>
    \n dnsDomain: cluster.local
    \netcd:
    \n local:
    \n serverCertSANs:
    \n – "${NODE_IP}<\/span>"
    \n – "${HAPROXY_IP}<\/span>"
    \n – "127.0.0.1"
    \n peerCertSANs:
    \n – "${NODE_IP}<\/span>"
    \n – "127.0.0.1"
    \n dataDir: \/var\/lib\/etcd
    \n—
    \napiVersion: kubelet.config.k8s.io\/v1beta1
    \nkind: KubeletConfiguration
    \npodSandboxImage: "${TARGET_REGISTRY}<\/span>\/pause:3.10"
    \nstaticPodPath: \/etc\/kubernetes\/manifests
    \nclusterDomain: cluster.local
    \nclusterDNS:
    \n – ${SVC_SUBNET%<\/span>.*.*}<\/span>.10
    \n—
    \napiVersion: kubeadm.k8s.io\/v1beta3
    \nkind: InitConfiguration
    \nlocalAPIEndpoint:
    \n advertiseAddress: ${NODE_IP}<\/span>
    \n bindPort: 6443
    \nnodeRegistration:
    \n criSocket: unix:\/\/\/run\/containerd\/containerd.sock
    \n kubeletExtraArgs:
    \n node-ip: ${NODE_IP}<\/span>
    \nEOF<\/span><\/p>\n

    # \u521d\u59cb\u5316\u96c6\u7fa4(\u751f\u6210etcd\u8bc1\u4e66)<\/span>
    \necho<\/span> "\u5f00\u59cb\u521d\u59cb\u5316\u7b2c\u4e00\u4e2aMaster\u8282\u70b9(${NODE_IP}<\/span>)…"<\/span>
    \nkubeadm init –config \/root\/kubeadm-config.yaml –ignore-preflight-errors all –upload-certs -v=<\/span>5<\/span><\/p>\n

    # \u914d\u7f6ekubectl<\/span>
    \nmkdir<\/span> -p $HOME<\/span>\/.kube
    \ncp<\/span> -i \/etc\/kubernetes\/admin.conf $HOME<\/span>\/.kube\/config
    \nchown<\/span> $(<\/span>id<\/span> -u)<\/span><\/span>:<\/span>$(<\/span>id<\/span> -g)<\/span><\/span> $HOME<\/span>\/.kube\/config<\/p>\n

    # \u90e8\u7f72Calico\u7f51\u7edc<\/span>
    \ncurl<\/span> -L –proxy ${PROXY_ADDR}<\/span> –insecure -s https:\/\/raw.githubusercontent.com\/projectcalico\/calico\/${CALICO_VERSION}<\/span>\/manifests\/calico.yaml -o \/tmp\/calico.yaml
    \n# \u4fee\u6539Calico\u7f51\u6bb5\u4e3a\u81ea\u5b9a\u4e49Pod\u7f51\u6bb5<\/span>
    \nsed<\/span> -i "s|192.168.0.0\/16|${POD_SUBNET}<\/span>|g"<\/span> \/tmp\/calico.yaml
    \n# \u4fee\u6539\u955c\u50cf\u4ed3\u5e93<\/span>
    \nsed<\/span> -i "s|docker.io\/calico|${TARGET_REGISTRY}<\/span>\/calico|g"<\/span> \/tmp\/calico.yaml
    \nkubectl apply -f \/tmp\/calico.yaml<\/p>\n

    # \u79fb\u9664master\u8282\u70b9\u7684taint(\u53ef\u9009,\u8ba9master\u4e5f\u80fd\u8fd0\u884cpod)<\/span>
    \nkubectl taint nodes –all node-role.kubernetes.io\/control-plane- ||<\/span> true<\/span><\/p>\n

    # \u4fdd\u5b58join\u547d\u4ee4(\u7528\u4e8e\u5176\u4ed6master\/node\u8282\u70b9)<\/span>
    \nkubeadm token create –print-join-command ><\/span> \/root\/k8s-join-command.sh
    \nchmod<\/span> +x \/root\/k8s-join-command.sh<\/p>\n

    # \u4fdd\u5b58certificate-key(\u7528\u4e8emaster\u8282\u70b9\u52a0\u5165)<\/span>
    \nCERT_KEY<\/span>=<\/span>$(<\/span>kubeadm init phase upload-certs –upload-certs |<\/span> tail<\/span> -1)<\/span><\/span>
    \necho<\/span> "export CERT_KEY=${CERT_KEY}<\/span>"<\/span> ><\/span> \/root\/k8s-cert-key.sh
    \nchmod<\/span> +x \/root\/k8s-cert-key.sh<\/p>\n

    echo<\/span> -e "\\\\033<\/span>[32m\u7b2c\u4e00\u4e2aMaster\u8282\u70b9(${NODE_IP}<\/span>)\u521d\u59cb\u5316\u5b8c\u6210!\\\\033<\/span>[0m"<\/span>
    \necho<\/span> "join\u547d\u4ee4\u5df2\u4fdd\u5b58\u81f3: \/root\/k8s-join-command.sh"<\/span>
    \necho<\/span> "certificate-key\u5df2\u4fdd\u5b58\u81f3: \/root\/k8s-cert-key.sh"<\/span><\/p>\n

    \n

    5. 05-join-master-nodes.sh(112\/113\u52a0\u5165\u96c6\u7fa4,\u4fee\u590d\u4f9d\u8d56+\u81ea\u52a8\u62f7\u8d1d\u6587\u4ef6)<\/h4>\n

    #!\/bin\/bash<\/span>
    \nset<\/span> -euo pipefail<\/p>\n

    # \u6838\u5fc3\u914d\u7f6e<\/span>
    \nHAPROXY_IP<\/span>=<\/span>"192.168.56.102"<\/span>
    \nHAPROXY_PORT<\/span>=<\/span>6443<\/span>
    \nK8S_VERSION<\/span>=<\/span>"1.33.6"<\/span>
    \nHARBOR_REGISTRY<\/span>=<\/span>"192.168.56.102"<\/span>
    \nTARGET_REGISTRY<\/span>=<\/span>"${HARBOR_REGISTRY}<\/span>\/library"<\/span>
    \nFIRST_MASTER_IP<\/span>=<\/span>"192.168.56.111"<\/span> # \u7b2c\u4e00\u4e2amaster\u8282\u70b9IP<\/span>
    \nFIRST_MASTER_USER<\/span>=<\/span>"root"<\/span> # \u7b2c\u4e00\u4e2amaster\u8282\u70b9\u767b\u5f55\u7528\u6237<\/span><\/p>\n

    # \u83b7\u53d6\u5f53\u524d\u8282\u70b9enp0s8\u7684IP<\/span>
    \nNODE_IP<\/span>=<\/span>$(<\/span>ip<\/span> addr show enp0s8 |<\/span> grep<\/span> -oP '(?<=inet\\\\s)\\\\d+(\\\\.\\\\d+){3}'<\/span> |<\/span> head<\/span> -1)<\/span><\/span>
    \nif<\/span> [<\/span> -z "${NODE_IP}<\/span>"<\/span> ]<\/span>;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u672a\u627e\u5230enp0s8\u7f51\u5361\u7684IP,\u8bf7\u68c0\u67e5\u7f51\u5361\u540d\u79f0\\\\033<\/span>[0m"<\/span>
    \n exit<\/span> 1<\/span>
    \nfi<\/span>
    \necho<\/span> "\u5f53\u524d\u8282\u70b9enp0s8 IP: ${NODE_IP}<\/span>"<\/span><\/p>\n

    # \u65b0\u589e:\u81ea\u52a8\u4ece\u7b2c\u4e00\u4e2amaster\u8282\u70b9\u62f7\u8d1d\u5173\u952e\u6587\u4ef6<\/span>
    \necho<\/span> "\u5f00\u59cb\u4ece${FIRST_MASTER_IP}<\/span>\u62f7\u8d1dk8s-join-command.sh\u548ck8s-cert-key.sh…"<\/span>
    \n# \u5c1d\u8bd5\u514d\u5bc6\u62f7\u8d1d,\u82e5\u5931\u8d25\u5219\u63d0\u793a\u8f93\u5165\u5bc6\u7801<\/span>
    \nif<\/span> !<\/span> scp<\/span> -o StrictHostKeyChecking<\/span>=<\/span>no ${FIRST_MASTER_USER}<\/span>@${FIRST_MASTER_IP}<\/span>:\/root\/k8s-join-command.sh \/root\/;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[33m\u514d\u5bc6\u62f7\u8d1d\u5931\u8d25,\u8bf7\u8f93\u5165${FIRST_MASTER_IP}<\/span>\u7684${FIRST_MASTER_USER}<\/span>\u5bc6\u7801:\\\\033<\/span>[0m"<\/span>
    \n scp<\/span> ${FIRST_MASTER_USER}<\/span>@${FIRST_MASTER_IP}<\/span>:\/root\/k8s-join-command.sh \/root\/ ||<\/span> {<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u62f7\u8d1dk8s-join-command.sh\u5931\u8d25,\u8bf7\u624b\u52a8\u62f7\u8d1d\u540e\u91cd\u8bd5!\\\\033<\/span>[0m"<\/span>
    \n exit<\/span> 1<\/span>
    \n }<\/span>
    \nfi<\/span><\/p>\n

    if<\/span> !<\/span> scp<\/span> -o StrictHostKeyChecking<\/span>=<\/span>no ${FIRST_MASTER_USER}<\/span>@${FIRST_MASTER_IP}<\/span>:\/root\/k8s-cert-key.sh \/root\/;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[33m\u514d\u5bc6\u62f7\u8d1d\u5931\u8d25,\u8bf7\u8f93\u5165${FIRST_MASTER_IP}<\/span>\u7684${FIRST_MASTER_USER}<\/span>\u5bc6\u7801:\\\\033<\/span>[0m"<\/span>
    \n scp<\/span> ${FIRST_MASTER_USER}<\/span>@${FIRST_MASTER_IP}<\/span>:\/root\/k8s-cert-key.sh \/root\/ ||<\/span> {<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u62f7\u8d1dk8s-cert-key.sh\u5931\u8d25,\u8bf7\u624b\u52a8\u62f7\u8d1d\u540e\u91cd\u8bd5!\\\\033<\/span>[0m"<\/span>
    \n exit<\/span> 1<\/span>
    \n }<\/span>
    \nfi<\/span><\/p>\n

    # \u68c0\u67e5\u6587\u4ef6\u662f\u5426\u5b58\u5728<\/span>
    \nif<\/span> [<\/span> !<\/span> -f \/root\/k8s-join-command.sh ]<\/span>;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u672a\u627e\u5230k8s-join-command.sh\u6587\u4ef6!\\\\033<\/span>[0m"<\/span>
    \n exit<\/span> 1<\/span>
    \nfi<\/span>
    \nif<\/span> [<\/span> !<\/span> -f \/root\/k8s-cert-key.sh ]<\/span>;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u672a\u627e\u5230k8s-cert-key.sh\u6587\u4ef6!\\\\033<\/span>[0m"<\/span>
    \n exit<\/span> 1<\/span>
    \nfi<\/span><\/p>\n

    # \u52a0\u8f7dcertificate-key<\/span>
    \nsource<\/span> \/root\/k8s-cert-key.sh
    \nif<\/span> [<\/span> -z "${CERT_KEY}<\/span>"<\/span> ]<\/span>;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u672a\u63d0\u53d6\u5230CERT_KEY,\u8bf7\u68c0\u67e5k8s-cert-key.sh\u6587\u4ef6\u5185\u5bb9!\\\\033<\/span>[0m"<\/span>
    \n cat<\/span> \/root\/k8s-cert-key.sh
    \n exit<\/span> 1<\/span>
    \nfi<\/span><\/p>\n

    # \u4ecejoin\u547d\u4ee4\u6587\u4ef6\u63d0\u53d6token\u548ccaCertHash(\u4fee\u590d\u4f9d\u8d56\u89e3\u6790)<\/span>
    \nJOIN_CMD<\/span>=<\/span>$(<\/span>cat<\/span> \/root\/k8s-join-command.sh)<\/span><\/span>
    \nTOKEN<\/span>=<\/span>$(<\/span>echo<\/span> "${JOIN_CMD}<\/span>"<\/span> |<\/span> grep<\/span> -oP 'token \\\\K\\\\S+'<\/span>)<\/span><\/span>
    \nCA_CERT_HASH<\/span>=<\/span>$(<\/span>echo<\/span> "${JOIN_CMD}<\/span>"<\/span> |<\/span> grep<\/span> -oP 'discovery-token-ca-cert-hash \\\\K\\\\S+'<\/span>)<\/span><\/span>
    \nif<\/span> [<\/span> -z "${TOKEN}<\/span>"<\/span> ]<\/span> ||<\/span> [<\/span> -z "${CA_CERT_HASH}<\/span>"<\/span> ]<\/span>;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u65e0\u6cd5\u4ecejoin\u547d\u4ee4\u4e2d\u63d0\u53d6token\u6216caCertHash!\\\\033<\/span>[0m"<\/span>
    \n echo<\/span> "join\u547d\u4ee4\u5185\u5bb9:${JOIN_CMD}<\/span>"<\/span>
    \n exit<\/span> 1<\/span>
    \nfi<\/span><\/p>\n

    # \u751f\u6210kubeadm join\u914d\u7f6e\u6587\u4ef6<\/span>
    \ncat<\/span> ><\/span> \/root\/kubeadm-join-master.yaml <<<\/span> EOF
    \napiVersion: kubeadm.k8s.io\/v1beta3
    \nkind: JoinConfiguration
    \ndiscovery:
    \n bootstrapToken:
    \n apiServerEndpoint: "${HAPROXY_IP}<\/span>:${HAPROXY_PORT}<\/span>"
    \n token: "${TOKEN}<\/span>"
    \n caCertHashes:
    \n – "${CA_CERT_HASH}<\/span>"
    \n timeout: 5m0s
    \nnodeRegistration:
    \n criSocket: unix:\/\/\/run\/containerd\/containerd.sock
    \n kubeletExtraArgs:
    \n node-ip: ${NODE_IP}<\/span>
    \ncontrolPlane:
    \n certificateKey: "${CERT_KEY}<\/span>"
    \n localAPIEndpoint:
    \n advertiseAddress: ${NODE_IP}<\/span>
    \n bindPort: 6443
    \nEOF<\/span><\/p>\n

    # \u52a0\u5165\u96c6\u7fa4<\/span>
    \necho<\/span> "\u5f00\u59cb\u5c06\u8282\u70b9${NODE_IP}<\/span>\u52a0\u5165\u96c6\u7fa4(Master\u89d2\u8272)…"<\/span>
    \nkubeadm join<\/span> –config \/root\/kubeadm-join-master.yaml –ignore-preflight-errors all -v=<\/span>5<\/span><\/p>\n

    # \u914d\u7f6ekubectl(\u53ef\u9009)<\/span>
    \nmkdir<\/span> -p $HOME<\/span>\/.kube
    \ncp<\/span> -i \/etc\/kubernetes\/admin.conf $HOME<\/span>\/.kube\/config ||<\/span> true<\/span>
    \nchown<\/span> $(<\/span>id<\/span> -u)<\/span><\/span>:<\/span>$(<\/span>id<\/span> -g)<\/span><\/span> $HOME<\/span>\/.kube\/config ||<\/span> true<\/span><\/p>\n

    # \u6e05\u7406\u4e34\u65f6\u6587\u4ef6<\/span>
    \nrm<\/span> -f \/root\/kubeadm-join-master.yaml<\/p>\n

    echo<\/span> -e "\\\\033<\/span>[32mMaster\u8282\u70b9${NODE_IP}<\/span>\u52a0\u5165\u96c6\u7fa4\u5b8c\u6210\\\\033<\/span>[0m"<\/span><\/p>\n

    \n

    6. 06-join-node-nodes.sh(114\/115\u52a0\u5165\u96c6\u7fa4,\u4fee\u590d+\u81ea\u52a8\u62f7\u8d1d\u6587\u4ef6)<\/h4>\n

    #!\/bin\/bash<\/span>
    \nset<\/span> -euo pipefail<\/p>\n

    # \u6838\u5fc3\u914d\u7f6e<\/span>
    \nHAPROXY_IP<\/span>=<\/span>"192.168.56.102"<\/span>
    \nHAPROXY_PORT<\/span>=<\/span>6443<\/span>
    \nFIRST_MASTER_IP<\/span>=<\/span>"192.168.56.111"<\/span> # \u7b2c\u4e00\u4e2amaster\u8282\u70b9IP<\/span>
    \nFIRST_MASTER_USER<\/span>=<\/span>"root"<\/span> # \u7b2c\u4e00\u4e2amaster\u8282\u70b9\u767b\u5f55\u7528\u6237<\/span><\/p>\n

    # 1. \u83b7\u53d6\u5f53\u524d\u8282\u70b9enp0s8\u7684IP(\u9c81\u68d2\u6027\u68c0\u67e5)<\/span>
    \nNODE_IP<\/span>=<\/span>$(<\/span>ip<\/span> addr show enp0s8 |<\/span> grep<\/span> -oP '(?<=inet\\\\s)\\\\d+(\\\\.\\\\d+){3}'<\/span> |<\/span> head<\/span> -1)<\/span><\/span>
    \nif<\/span> [<\/span> -z "${NODE_IP}<\/span>"<\/span> ]<\/span>;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u9519\u8bef:\u672a\u627e\u5230enp0s8\u7f51\u5361\u7684IP,\u8bf7\u68c0\u67e5\u7f51\u5361\u540d\u79f0!\\\\033<\/span>[0m"<\/span>
    \n exit<\/span> 1<\/span>
    \nfi<\/span>
    \necho<\/span> "\u5f53\u524d\u8282\u70b9enp0s8 IP: ${NODE_IP}<\/span>"<\/span><\/p>\n

    # \u65b0\u589e:\u81ea\u52a8\u4ece\u7b2c\u4e00\u4e2amaster\u8282\u70b9\u62f7\u8d1djoin\u547d\u4ee4\u6587\u4ef6<\/span>
    \necho<\/span> "\u5f00\u59cb\u4ece${FIRST_MASTER_IP}<\/span>\u62f7\u8d1dk8s-join-command.sh…"<\/span>
    \n# \u5c1d\u8bd5\u514d\u5bc6\u62f7\u8d1d,\u82e5\u5931\u8d25\u5219\u63d0\u793a\u8f93\u5165\u5bc6\u7801<\/span>
    \nif<\/span> !<\/span> scp<\/span> -o StrictHostKeyChecking<\/span>=<\/span>no ${FIRST_MASTER_USER}<\/span>@${FIRST_MASTER_IP}<\/span>:\/root\/k8s-join-command.sh \/root\/;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[33m\u514d\u5bc6\u62f7\u8d1d\u5931\u8d25,\u8bf7\u8f93\u5165${FIRST_MASTER_IP}<\/span>\u7684${FIRST_MASTER_USER}<\/span>\u5bc6\u7801:\\\\033<\/span>[0m"<\/span>
    \n scp<\/span> ${FIRST_MASTER_USER}<\/span>@${FIRST_MASTER_IP}<\/span>:\/root\/k8s-join-command.sh \/root\/ ||<\/span> {<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u62f7\u8d1dk8s-join-command.sh\u5931\u8d25,\u8bf7\u624b\u52a8\u62f7\u8d1d\u540e\u91cd\u8bd5!\\\\033<\/span>[0m"<\/span>
    \n exit<\/span> 1<\/span>
    \n }<\/span>
    \nfi<\/span><\/p>\n

    # 2. \u68c0\u67e5join\u547d\u4ee4\u6587\u4ef6\u662f\u5426\u5b58\u5728<\/span>
    \nJOIN_CMD_FILE<\/span>=<\/span>"\/root\/k8s-join-command.sh"<\/span>
    \nif<\/span> [<\/span> !<\/span> -f "${JOIN_CMD_FILE}<\/span>"<\/span> ]<\/span>;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u9519\u8bef:\u672a\u627e\u5230join\u547d\u4ee4\u6587\u4ef6!\\\\033<\/span>[0m"<\/span>
    \n exit<\/span> 1<\/span>
    \nfi<\/span><\/p>\n

    # 3. \u4ecejoin\u547d\u4ee4\u6587\u4ef6\u4e2d\u63d0\u53d6token\u548ccaCertHash(\u4fee\u590d\u89e3\u6790\u903b\u8f91)<\/span>
    \nJOIN_CMD<\/span>=<\/span>$(<\/span>cat<\/span> "${JOIN_CMD_FILE}<\/span>"<\/span>)<\/span><\/span>
    \nTOKEN<\/span>=<\/span>$(<\/span>echo<\/span> "${JOIN_CMD}<\/span>"<\/span> |<\/span> grep<\/span> -oP 'token \\\\K\\\\S+'<\/span>)<\/span><\/span>
    \nCA_CERT_HASH<\/span>=<\/span>$(<\/span>echo<\/span> "${JOIN_CMD}<\/span>"<\/span> |<\/span> grep<\/span> -oP 'discovery-token-ca-cert-hash \\\\K\\\\S+'<\/span>)<\/span><\/span><\/p>\n

    # 4. \u9a8c\u8bc1\u63d0\u53d6\u7ed3\u679c(\u9c81\u68d2\u6027\u68c0\u67e5)<\/span>
    \nif<\/span> [<\/span> -z "${TOKEN}<\/span>"<\/span> ]<\/span> ||<\/span> [<\/span> -z "${CA_CERT_HASH}<\/span>"<\/span> ]<\/span>;<\/span> then<\/span>
    \n echo<\/span> -e "\\\\033<\/span>[31m\u9519\u8bef:\u65e0\u6cd5\u4ecejoin\u547d\u4ee4\u4e2d\u63d0\u53d6token\u6216caCertHash!\\\\033<\/span>[0m"<\/span>
    \n echo<\/span> "\u5f53\u524djoin\u547d\u4ee4\u5185\u5bb9:${JOIN_CMD}<\/span>"<\/span>
    \n exit<\/span> 1<\/span>
    \nfi<\/span><\/p>\n

    # 5. \u751f\u6210kubeadm join\u914d\u7f6e\u6587\u4ef6(\u6b63\u786e\u914d\u7f6enode-ip)<\/span>
    \ncat<\/span> ><\/span> \/root\/kubeadm-join-node.yaml <<<\/span> EOF
    \napiVersion: kubeadm.k8s.io\/v1beta3
    \nkind: JoinConfiguration
    \ndiscovery:
    \n bootstrapToken:
    \n apiServerEndpoint: "${HAPROXY_IP}<\/span>:${HAPROXY_PORT}<\/span>"
    \n token: "${TOKEN}<\/span>"
    \n caCertHashes:
    \n – "${CA_CERT_HASH}<\/span>"
    \n timeout: 5m0s
    \nnodeRegistration:
    \n criSocket: unix:\/\/\/run\/containerd\/containerd.sock
    \n # \u6838\u5fc3\u4fee\u590d:\u901a\u8fc7kubeletExtraArgs\u6307\u5b9anode-ip(\u800c\u975e\u547d\u4ee4\u884c\u53c2\u6570)
    \n kubeletExtraArgs:
    \n node-ip: ${NODE_IP}<\/span>
    \nEOF<\/span><\/p>\n

    # 6. \u6267\u884cjoin\u547d\u4ee4(\u4f7f\u7528\u914d\u7f6e\u6587\u4ef6,\u907f\u514d\u547d\u4ee4\u884c\u53c2\u6570\u9519\u8bef)<\/span>
    \necho<\/span> "\u5f00\u59cb\u5c06\u8282\u70b9${NODE_IP}<\/span>\u52a0\u5165\u96c6\u7fa4(Node\u89d2\u8272)…"<\/span>
    \nkubeadm join<\/span> –config \/root\/kubeadm-join-node.yaml –ignore-preflight-errors all -v=<\/span>5<\/span><\/p>\n

    # 7. \u6e05\u7406\u4e34\u65f6\u914d\u7f6e\u6587\u4ef6<\/span>
    \nrm<\/span> -f \/root\/kubeadm-join-node.yaml<\/p>\n

    echo<\/span> -e "\\\\033<\/span>[32mNode\u8282\u70b9${NODE_IP}<\/span>\u52a0\u5165\u96c6\u7fa4\u5b8c\u6210!\\\\033<\/span>[0m"<\/span><\/p>\n

    \n

    \u4e09\u3001\u90e8\u7f72\u6b65\u9aa4<\/h3>\n
  • \u90e8\u7f72HAProxy:\u5728192.168.56.102\u6267\u884c01-deploy-haproxy.sh;<\/li>\n
  • \u6e05\u7406\u73af\u5883:\u5728111\/112\/113\/114\/115\u6267\u884c02-clean-k8s-env.sh(\u4fdd\u8bc1\u73af\u5883\u5e72\u51c0);<\/li>\n
  • \u521d\u59cb\u5316\u6240\u6709\u8282\u70b9:\u5728111\/112\/113\/114\/115\u6267\u884c03-init-all-nodes.sh(\u5b89\u88c5\u4f9d\u8d56\u3001containerd\u3001k8s\u7ec4\u4ef6);<\/li>\n
  • \u521d\u59cb\u5316\u7b2c\u4e00\u4e2aMaster:\u5728111\u6267\u884c04-init-first-master.sh(\u751f\u6210etcd\u8bc1\u4e66\u3001\u521d\u59cb\u5316\u96c6\u7fa4\u3001\u90e8\u7f72Calico);<\/li>\n
  • \u52a0\u5165\u5176\u4ed6Master:\u5728112\/113\u6267\u884c05-join-master-nodes.sh(\u81ea\u52a8\u62f7\u8d1d\u6587\u4ef6,\u65e0\u9700\u624b\u52a8\u64cd\u4f5c);<\/li>\n
  • \u52a0\u5165Node\u8282\u70b9:\u5728114\/115\u6267\u884c06-join-node-nodes.sh(\u81ea\u52a8\u62f7\u8d1d\u6587\u4ef6,\u4fee\u590dnode-ip\u53c2\u6570)\u3002<\/li>\n
    \n

    \u56db\u3001\u5173\u952e\u4fee\u590d\u70b9\u603b\u7ed3<\/h3>\n
  • HAProxy\u542f\u52a8\u5931\u8d25:\u5c06fall 0 rise 0\u6539\u4e3afall 3 rise 2,\u89e3\u51b3\u5065\u5eb7\u68c0\u67e5\u9608\u503c\u4e3a0\u5bfc\u81f4\u7684\u542f\u52a8\u5931\u8d25\u95ee\u9898\u3002<\/li>\n
  • Node\u8282\u70b9join\u9519\u8bef:\u901a\u8fc7\u914d\u7f6e\u6587\u4ef6JoinConfiguration\u7684nodeRegistration.kubeletExtraArgs\u6307\u5b9anode-ip,\u800c\u975e\u76f4\u63a5\u62fc\u63a5\u5230\u547d\u4ee4\u884c,\u89e3\u51b3unknown flag: –node-ip\u9519\u8bef\u3002<\/li>\n
  • Master\u8282\u70b9join\u4f9d\u8d56:\u4fee\u590d\u4e86\u5bf9k8s-join-command.sh\u7684\u4f9d\u8d56\u89e3\u6790\u903b\u8f91,\u81ea\u52a8\u63d0\u53d6token\u548ccaCertHash\u3002<\/li>\n
  • \u81ea\u52a8\u62f7\u8d1d\u6587\u4ef6:\u5728\u4e24\u4e2ajoin\u811a\u672c\u4e2d\u65b0\u589e\u4e86\u4ece\u7b2c\u4e00\u4e2aMaster\u8282\u70b9\u81ea\u52a8\u62f7\u8d1d\u5173\u952e\u6587\u4ef6\u7684\u903b\u8f91,\u652f\u6301\u514d\u5bc6\u767b\u5f55\u548c\u5bc6\u7801\u767b\u5f55\u4e24\u79cd\u65b9\u5f0f,\u51cf\u5c11\u4e86\u624b\u52a8\u64cd\u4f5c\u3002<\/li>\n
    \n

    \u4e94\u3001\u9a8c\u8bc1\u96c6\u7fa4<\/h3>\n

    \u90e8\u7f72\u5b8c\u6210\u540e,\u5728\u7b2c\u4e00\u4e2aMaster\u8282\u70b9\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\u9a8c\u8bc1\u96c6\u7fa4\u72b6\u6001:<\/p>\n

    # \u67e5\u770b\u6240\u6709\u8282\u70b9\u72b6\u6001<\/span>
    \nkubectl get nodes<\/p>\n

    # \u67e5\u770b\u96c6\u7fa4\u7ec4\u4ef6\u72b6\u6001<\/span>
    \nkubectl get cs<\/p>\n

    # \u67e5\u770bCalico Pod\u72b6\u6001<\/span>
    \nkubectl get pods -n kube-system<\/p>\n

    \u5982\u679c\u6240\u6709\u8282\u70b9\u72b6\u6001\u4e3aReady,\u4e14\u6240\u6709Pod\u90fd\u6b63\u5e38\u8fd0\u884c,\u8bf4\u660e\u96c6\u7fa4\u90e8\u7f72\u6210\u529f\u3002<\/p>\n

    \n

    \u516d\u3001\u603b\u7ed3<\/h3>\n

    \u901a\u8fc7\u8fd9\u5957\u811a\u672c,\u6211\u4eec\u6210\u529f\u642d\u5efa\u4e86\u4e00\u4e2a\u9ad8\u53ef\u7528\u7684K8s\u96c6\u7fa4\u3002\u5728\u90e8\u7f72\u8fc7\u7a0b\u4e2d,\u6211\u4eec\u9047\u5230\u4e86\u4e00\u4e9b\u5e38\u89c1\u7684\u5751,\u6bd4\u5982HAProxy\u5065\u5eb7\u68c0\u67e5\u914d\u7f6e\u3001kubeadm join\u53c2\u6570\u9519\u8bef\u7b49,\u901a\u8fc7\u4e0d\u65ad\u8c03\u8bd5\u548c\u4f18\u5316,\u6700\u7ec8\u5f97\u5230\u4e86\u4e00\u5957\u9c81\u68d2\u6027\u5f3a\u3001\u53ef\u590d\u7528\u7684\u90e8\u7f72\u65b9\u6848\u3002<\/p>\n

    \u5e0c\u671b\u8fd9\u7bc7\u6587\u7ae0\u80fd\u5e2e\u52a9\u5230\u6b63\u5728\u642d\u5efaK8s\u96c6\u7fa4\u7684\u540c\u5b66,\u5982\u679c\u4f60\u6709\u4efb\u4f55\u95ee\u9898\u6216\u5efa\u8bae,\u6b22\u8fce\u5728\u8bc4\u8bba\u533a\u7559\u8a00\u4ea4\u6d41\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"

    \u6700\u8fd1\u5728\u865a\u62df\u673a\u4e0a\u642d\u5efa\u4e86\u4e00\u5957\u57fa\u4e8eHAProxy 3 Master 2 Node\u7684K8s\u9ad8\u53ef\u7528\u96c6\u7fa4,\u8e29\u4e86\u4e0d\u5c11\u5751,\u4e5f\u6c89\u6dc0\u4e86\u4e00\u5957\u53ef\u590d\u7528\u7684\u90e8\u7f72\u811a\u672c\u3002\u4eca\u5929\u5c31\u628a\u6574\u4e2a\u8fc7\u7a0b\u548c\u811a\u672c\u5206\u4eab\u51fa\u6765,\u5e0c\u671b\u80fd\u5e2e\u5230\u6709\u540c\u6837\u9700\u6c42\u7684\u540c\u5b66\u3002\u4e00\u3001\u96c6\u7fa4\u67b6\u6784\u8bbe\u8ba1
    \n\u6211\u4eec\u7684\u76ee\u6807\u662f\u642d\u5efa\u4e00\u4e2a\u751f\u4ea7\u53ef\u7528\u7684K8s\u96c6\u7fa4,\u6838\u5fc3\u8bbe\u8ba1\u5982\u4e0b:\u89d2\u8272\u8282\u70b9IP\u8bf4\u660eHAProxy192.168.56.102\u4f5c\u4e3aAPI Server\u7684\u8d1f\u8f7d\u5747\u8861\u5165\u53e3,\u65e0\u9700\u5065\u5eb7\u68c0\u67e5Master<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1493,763,121],"topic":[],"class_list":["post-76570","post","type-post","status-publish","format-standard","hentry","category-server","tag-k8s","tag-763","tag-121"],"yoast_head":"\n\u4ece\u5355\u8282\u70b9\u5230\u9ad8\u53ef\u7528\uff1a\u6211\u662f\u5982\u4f55\u4e00\u6b65\u6b65\u642d\u5efa\u751f\u4ea7\u7ea7K8s\u96c6\u7fa4\u7684 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.wsisp.com\/helps\/76570.html\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u4ece\u5355\u8282\u70b9\u5230\u9ad8\u53ef\u7528\uff1a\u6211\u662f\u5982\u4f55\u4e00\u6b65\u6b65\u642d\u5efa\u751f\u4ea7\u7ea7K8s\u96c6\u7fa4\u7684 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\" \/>\n<meta property=\"og:description\" content=\"\u6700\u8fd1\u5728\u865a\u62df\u673a\u4e0a\u642d\u5efa\u4e86\u4e00\u5957\u57fa\u4e8eHAProxy 3 Master 2 Node\u7684K8s\u9ad8\u53ef\u7528\u96c6\u7fa4,\u8e29\u4e86\u4e0d\u5c11\u5751,\u4e5f\u6c89\u6dc0\u4e86\u4e00\u5957\u53ef\u590d\u7528\u7684\u90e8\u7f72\u811a\u672c\u3002\u4eca\u5929\u5c31\u628a\u6574\u4e2a\u8fc7\u7a0b\u548c\u811a\u672c\u5206\u4eab\u51fa\u6765,\u5e0c\u671b\u80fd\u5e2e\u5230\u6709\u540c\u6837\u9700\u6c42\u7684\u540c\u5b66\u3002\u4e00\u3001\u96c6\u7fa4\u67b6\u6784\u8bbe\u8ba1 \u6211\u4eec\u7684\u76ee\u6807\u662f\u642d\u5efa\u4e00\u4e2a\u751f\u4ea7\u53ef\u7528\u7684K8s\u96c6\u7fa4,\u6838\u5fc3\u8bbe\u8ba1\u5982\u4e0b:\u89d2\u8272\u8282\u70b9IP\u8bf4\u660eHAProxy192.168.56.102\u4f5c\u4e3aAPI Server\u7684\u8d1f\u8f7d\u5747\u8861\u5165\u53e3,\u65e0\u9700\u5065\u5eb7\u68c0\u67e5Master\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.wsisp.com\/helps\/76570.html\" \/>\n<meta property=\"og:site_name\" content=\"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\" \/>\n<meta property=\"article:published_time\" content=\"2026-02-22T12:33:27+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"13 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/76570.html\",\"url\":\"https:\/\/www.wsisp.com\/helps\/76570.html\",\"name\":\"\u4ece\u5355\u8282\u70b9\u5230\u9ad8\u53ef\u7528\uff1a\u6211\u662f\u5982\u4f55\u4e00\u6b65\u6b65\u642d\u5efa\u751f\u4ea7\u7ea7K8s\u96c6\u7fa4\u7684 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\",\"isPartOf\":{\"@id\":\"https:\/\/www.wsisp.com\/helps\/#website\"},\"datePublished\":\"2026-02-22T12:33:27+00:00\",\"dateModified\":\"2026-02-22T12:33:27+00:00\",\"author\":{\"@id\":\"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.wsisp.com\/helps\/76570.html#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.wsisp.com\/helps\/76570.html\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/76570.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.wsisp.com\/helps\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u4ece\u5355\u8282\u70b9\u5230\u9ad8\u53ef\u7528\uff1a\u6211\u662f\u5982\u4f55\u4e00\u6b65\u6b65\u642d\u5efa\u751f\u4ea7\u7ea7K8s\u96c6\u7fa4\u7684\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/#website\",\"url\":\"https:\/\/www.wsisp.com\/helps\/\",\"name\":\"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\",\"description\":\"\u9999\u6e2f\u670d\u52a1\u5668_\u9999\u6e2f\u4e91\u670d\u52a1\u5668\u8d44\u8baf_\u670d\u52a1\u5668\u5e2e\u52a9\u6587\u6863_\u670d\u52a1\u5668\u6559\u7a0b\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.wsisp.com\/helps\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery\",\"contentUrl\":\"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery\",\"caption\":\"admin\"},\"sameAs\":[\"http:\/\/wp.wsisp.com\"],\"url\":\"https:\/\/www.wsisp.com\/helps\/author\/admin\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\u4ece\u5355\u8282\u70b9\u5230\u9ad8\u53ef\u7528\uff1a\u6211\u662f\u5982\u4f55\u4e00\u6b65\u6b65\u642d\u5efa\u751f\u4ea7\u7ea7K8s\u96c6\u7fa4\u7684 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.wsisp.com\/helps\/76570.html","og_locale":"zh_CN","og_type":"article","og_title":"\u4ece\u5355\u8282\u70b9\u5230\u9ad8\u53ef\u7528\uff1a\u6211\u662f\u5982\u4f55\u4e00\u6b65\u6b65\u642d\u5efa\u751f\u4ea7\u7ea7K8s\u96c6\u7fa4\u7684 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","og_description":"\u6700\u8fd1\u5728\u865a\u62df\u673a\u4e0a\u642d\u5efa\u4e86\u4e00\u5957\u57fa\u4e8eHAProxy 3 Master 2 Node\u7684K8s\u9ad8\u53ef\u7528\u96c6\u7fa4,\u8e29\u4e86\u4e0d\u5c11\u5751,\u4e5f\u6c89\u6dc0\u4e86\u4e00\u5957\u53ef\u590d\u7528\u7684\u90e8\u7f72\u811a\u672c\u3002\u4eca\u5929\u5c31\u628a\u6574\u4e2a\u8fc7\u7a0b\u548c\u811a\u672c\u5206\u4eab\u51fa\u6765,\u5e0c\u671b\u80fd\u5e2e\u5230\u6709\u540c\u6837\u9700\u6c42\u7684\u540c\u5b66\u3002\u4e00\u3001\u96c6\u7fa4\u67b6\u6784\u8bbe\u8ba1 \u6211\u4eec\u7684\u76ee\u6807\u662f\u642d\u5efa\u4e00\u4e2a\u751f\u4ea7\u53ef\u7528\u7684K8s\u96c6\u7fa4,\u6838\u5fc3\u8bbe\u8ba1\u5982\u4e0b:\u89d2\u8272\u8282\u70b9IP\u8bf4\u660eHAProxy192.168.56.102\u4f5c\u4e3aAPI Server\u7684\u8d1f\u8f7d\u5747\u8861\u5165\u53e3,\u65e0\u9700\u5065\u5eb7\u68c0\u67e5Master","og_url":"https:\/\/www.wsisp.com\/helps\/76570.html","og_site_name":"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","article_published_time":"2026-02-22T12:33:27+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"admin","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"13 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.wsisp.com\/helps\/76570.html","url":"https:\/\/www.wsisp.com\/helps\/76570.html","name":"\u4ece\u5355\u8282\u70b9\u5230\u9ad8\u53ef\u7528\uff1a\u6211\u662f\u5982\u4f55\u4e00\u6b65\u6b65\u642d\u5efa\u751f\u4ea7\u7ea7K8s\u96c6\u7fa4\u7684 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","isPartOf":{"@id":"https:\/\/www.wsisp.com\/helps\/#website"},"datePublished":"2026-02-22T12:33:27+00:00","dateModified":"2026-02-22T12:33:27+00:00","author":{"@id":"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41"},"breadcrumb":{"@id":"https:\/\/www.wsisp.com\/helps\/76570.html#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.wsisp.com\/helps\/76570.html"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.wsisp.com\/helps\/76570.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.wsisp.com\/helps"},{"@type":"ListItem","position":2,"name":"\u4ece\u5355\u8282\u70b9\u5230\u9ad8\u53ef\u7528\uff1a\u6211\u662f\u5982\u4f55\u4e00\u6b65\u6b65\u642d\u5efa\u751f\u4ea7\u7ea7K8s\u96c6\u7fa4\u7684"}]},{"@type":"WebSite","@id":"https:\/\/www.wsisp.com\/helps\/#website","url":"https:\/\/www.wsisp.com\/helps\/","name":"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","description":"\u9999\u6e2f\u670d\u52a1\u5668_\u9999\u6e2f\u4e91\u670d\u52a1\u5668\u8d44\u8baf_\u670d\u52a1\u5668\u5e2e\u52a9\u6587\u6863_\u670d\u52a1\u5668\u6559\u7a0b","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.wsisp.com\/helps\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41","name":"admin","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/image\/","url":"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery","contentUrl":"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery","caption":"admin"},"sameAs":["http:\/\/wp.wsisp.com"],"url":"https:\/\/www.wsisp.com\/helps\/author\/admin"}]}},"_links":{"self":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/posts\/76570","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/comments?post=76570"}],"version-history":[{"count":0,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/posts\/76570\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/media?parent=76570"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/categories?post=76570"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/tags?post=76570"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/topic?post=76570"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}