{"id":886,"date":"2023-07-05T16:52:38","date_gmt":"2023-07-05T08:52:38","guid":{"rendered":"https:\/\/blog.espnlol.com\/?p=886"},"modified":"2023-10-07T14:10:02","modified_gmt":"2023-10-07T06:10:02","slug":"%e7%bc%96%e8%af%91kubeadm%e4%bf%ae%e6%94%b9%e8%af%81%e4%b9%a6%e8%bf%87%e6%9c%9f%e6%97%b6%e9%97%b4%e4%b8%ba100%e5%b9%b4","status":"publish","type":"post","link":"https:\/\/blog.espnlol.com\/?p=886","title":{"rendered":"\u7f16\u8bd1kubeadm\u4fee\u6539\u8bc1\u4e66\u8fc7\u671f\u65f6\u95f4\u4e3a100\u5e74"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">\u4e00\u3001\u62c9\u53d6\u7248\u672c\u4ee3\u7801\uff0c\u5e76\u4fee\u6539certs\u76f8\u5173\u6587\u4ef6<\/h2>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">#\u62c9\u53bb\u4ee3\u7801\ngit clone --branch v1.24.15 https:\/\/github.com\/kubernetes\/kubernetes.git\ncd kubernetes\n\n#\u4fee\u6539cert.go\nvi staging\/src\/k8s.io\/client-go\/util\/cert\/cert.go\n'''\nfunc NewSelfSignedCACert(cfg Config, key crypto.Signer) (*x509.Certificate, error) {\n        now := time.Now()\n        tmpl := x509.Certificate{\n                SerialNumber: new(big.Int).SetInt64(0),\n                Subject: pkix.Name{\n                        CommonName:   cfg.CommonName,\n                        Organization: cfg.Organization,\n                },\n                DNSNames:              []string{cfg.CommonName},\n                NotBefore:             now.UTC(),\n                \/\/NotAfter:              now.Add(duration365d).UTC(),\n                NotAfter:              now.Add(duration365d * 100).UTC(),\n                KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,\n                BasicConstraintsValid: true,\n                IsCA:                  true,\n'''\n\n#\u4fee\u6539CertificateValidity\nvi cmd\/kubeadm\/app\/constants\/constants.go\n'''\nconst (\n        \/\/ KubernetesDir is the directory Kubernetes owns for storing various configuration files\n        KubernetesDir = \"\/etc\/kubernetes\"\n        \/\/ ManifestsSubDirName defines directory name to store manifests\n        ManifestsSubDirName = \"manifests\"\n        \/\/ TempDirForKubeadm defines temporary directory for kubeadm\n        \/\/ should be joined with KubernetesDir.\n        TempDirForKubeadm = \"tmp\"\n\n        \/\/ CertificateValidity defines the validity for all the signed certificates generated by kubeadm\n        \/\/ CertificateValidity = time.Hour * 24 * 365\n        CertificateValidity = time.Hour * 24 * 365 * 100\n\n        \/\/ DefaultCertificateDir defines default certificate directory\n        DefaultCertificateDir = \"pki\"\n\n        \/\/ CACertAndKeyBaseName defines certificate authority base name\n        CACertAndKeyBaseName = \"ca\"\n        \/\/ CACertName defines certificate name\n        CACertName = \"ca.crt\"\n        \/\/ CAKeyName defines certificate name\n        CAKeyName = \"ca.key\"\n'''\n\n#\u53bb\u6389\u56e0\u7f16\u8bd1\u6e90\u7801\u800c\u5728\u7248\u672c\u751f\u6210\u65f6\u5019\u589e\u52a0-dirty\nsed -ri 's#KUBE_GIT_TREE_STATE=\"dirty\"#KUBE_GIT_TREE_STATE=\"clean\"#g' hack\/lib\/version.sh<\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">\u4e8c\u3001\u91cd\u65b0\u7f16\u8bd1\u6e90\u7801\uff0c\u751f\u6210kubeadm<\/h2>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">#centos\nyum install gcc make rsync jq -y\n#debain\napt update &amp;&amp; apt install build-essential rsync jq -y\n\n#\u91cd\u65b0\u7f16\u8bd1kubeadm\nmake all WHAT=cmd\/kubeadm GOFLAGS=-v\n\n#\u7f16\u8bd1kubelet\nmake all WHAT=cmd\/kubelet GOFLAGS=-v\n\n#\u7f16\u8bd1kubectl\nmake all WHAT=cmd\/kubectl GOFLAGS=-v\n\n\u7f16\u8bd1\u5b8c\u7684kubeadm\u5728 _output\/bin\/kubeadm \u76ee\u5f55\u4e0b\uff0c\u5176\u4e2dbin\u662f\u4f7f\u7528\u4e86\u8f6f\u8fde\u63a5\uff0c\u771f\u5b9e\u8def\u5f84\u662f_output\/local\/bin\/linux\/amd64\/kubeadm\n<\/pre>\n\n\n\n<p>\u4e09\u3001\u67e5\u770b\u96c6\u7fa4\u8bc1\u4e66\u8fc7\u671f\u65f6\u95f4<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">kubeadm certs check-expiration<\/pre>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u4e00\u3001\u62c9\u53d6\u7248\u672c\u4ee3\u7801\uff0c\u5e76\u4fee\u6539certs\u76f8\u5173\u6587\u4ef6 \u4e8c\u3001\u91cd\u65b0\u7f16\u8bd1\u6e90\u7801\uff0c\u751f\u6210kubeadm &hellip; <a href=\"https:\/\/blog.espnlol.com\/?p=886\">\u7ee7\u7eed\u9605\u8bfb <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-886","post","type-post","status-publish","format-standard","hentry","category-k8s"],"_links":{"self":[{"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/posts\/886","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=886"}],"version-history":[{"count":2,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/posts\/886\/revisions"}],"predecessor-version":[{"id":888,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/posts\/886\/revisions\/888"}],"wp:attachment":[{"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=886"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=886"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=886"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}