kubeadm join增加worker节点时,卡住
[root@testing yum.repos.d]# kubeadm join 10.0.40.193:6443 --token y4d0ws.w8lxmohfc1o0yq6b --discovery-token-ca-cert-hash sha256:46f6cf1d84d0eadb4f6e7f05b908e5572025886d9f134db27f92b98e1c3dd3ed
W0429 10:21:36.848737 17290 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set.
[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
然后就不动了,检查了一下原因是token过期了。下面说一下解决办法
1,在master节点查看token
# kubeadm token list //没token
2,创建token
[root@bigserver3 pki]# kubeadm token create --ttl 0 //永不失效 W0429 11:25:57.187354 14070 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io] 5mhd9x.73x9n2gy4d28yqzo [root@bigserver3 pki]# kubeadm token create //有效期一天 W0429 11:26:15.884356 14216 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io] 652tg2.t1am119z6tdoosou [root@bigserver3 pki]# kubeadm token list //token列表 TOKEN TTL EXPIRES USAGES DESCRIPTION EXTRA GROUPS 5mhd9x.73x9n2gy4d28yqzo <forever> <never> authentication,signing <none> system:bootstrappers:kubeadm:default-node-token 652tg2.t1am119z6tdoosou 23h 2020-04-30T11:26:15+08:00 authentication,signing <none> system:bootstrappers:kubeadm:default-node-token
注意:TTL,一个显示forever(永久),一个显示23H
3,查看token
[root@bigserver3 kubernetes]# ll /etc/kubernetes/pki/ 总用量 56 -rw-r--r-- 1 root root 1224 4月 27 19:13 apiserver.crt -rw-r--r-- 1 root root 1090 4月 27 19:13 apiserver-etcd-client.crt -rw------- 1 root root 1679 4月 27 19:13 apiserver-etcd-client.key -rw------- 1 root root 1675 4月 27 19:13 apiserver.key -rw-r--r-- 1 root root 1099 4月 27 19:13 apiserver-kubelet-client.crt -rw------- 1 root root 1675 4月 27 19:13 apiserver-kubelet-client.key -rw-r--r-- 1 root root 1025 4月 27 19:13 ca.crt //ca证书 -rw------- 1 root root 1679 4月 27 19:13 ca.key drwxr-xr-x 2 root root 162 4月 27 19:13 etcd -rw-r--r-- 1 root root 1038 4月 27 19:13 front-proxy-ca.crt -rw------- 1 root root 1675 4月 27 19:13 front-proxy-ca.key -rw-r--r-- 1 root root 1058 4月 27 19:13 front-proxy-client.crt -rw------- 1 root root 1679 4月 27 19:13 front-proxy-client.key -rw------- 1 root root 1675 4月 27 19:13 sa.key -rw------- 1 root root 451 4月 27 19:13 sa.pub # openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //' 46f6cf1d84d0eadb4f6e7f05b908e5572025886d9f134db27f92b98e1c3dd3ed //token
4,worker节点执行join
[root@testing kubernetes]# kubeadm join 10.0.40.193:6443 --token 652tg2.t1am119z6tdoosou --discovery-token-ca-cert-hash sha256:46f6cf1d84d0eadb4f6e7f05b908e5572025886d9f134db27f92b98e1c3dd3ed W0429 11:29:53.078968 19474 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set. [preflight] Running pre-flight checks [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/ [preflight] Reading configuration from the cluster... [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml' [kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.18" ConfigMap in the kube-system namespace [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [kubelet-start] Starting the kubelet [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap... This node has joined the cluster: * Certificate signing request was sent to apiserver and a response was received. * The Kubelet was informed of the new secure connection details. Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
5,master节点查看
[root@bigserver3 ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION bigserver2 Ready <none> 20h v1.18.2 bigserver3 Ready master 40h v1.18.2 testing Ready <none> 54s v1.18.2
6,登录kubernetes-dashboard查看
kubernetes添加节点
转载请注明
作者:海底苍鹰
地址:http://blog.51yip.com/cloud/2404.html