因业务需求,需要把apiserver的6443端口改成其它端口,k8s集群是二进制部署的,有三个master节点,调整方法如下
1.修改apiserver启动service中的配置
查看apiserver的service文件位置
systemctl status kube-apiserver,找到/usr/lib/systemd/system/kube-apiserver.service
修改--secure-port=6443为6444
如果想看详细的kube-apiserver日志,可以用journalctl -u kube-apiserver.service
2.配置生效
systemctl daemon-reload
systemctl restart kube-apiserver
3.修改haproxy配置文件
vim /etc/haproxy/haproxy.cfg
修改下面IP的端口为6444
server k8s-api-10.253.19.175 10.253.19.175:6444 check
server k8s-api-10.253.19.174 10.253.19.174:6444 check
server k8s-api-10.253.19.180 10.253.19.180:6444 check
然后重启haproxy
systemctl restart haproxy
以上操作三个master节点都要操作
4.修改kubernetes服务
[root@k8s-master1-ceshi haproxy]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 7d17h
kubectl edit svc kubernetes修改targetPort为6444
...
ports:
- name: https
port: 443
protocol: TCP
targetPort: 6444
...
5.修改endpoint对应端口
kubectl edit ep kubernetes
...
subsets:
- addresses:
- ip: 10.253.19.174
- ip: 10.253.19.175
- ip: 10.253.19.180
ports:
- name: https
port: 6444 #修改端口为6444
protocol: TCP