1.新节点安装docker,kubelet,kubeadm ,kubectl 2.kubelet设置enable; docker设置enabled systemctl enable docker kubelet 3.关闭swap分区 [root@node2 ~]# swapoff -a [root@node2 ~]# free -h total used free shared buff/cache available Mem: 1.8G 174M 846M 9.5M 798M 1.4G Swap: 0B 0B 0B [root@node2 ~]# sed -i '/swap/s@(.*)@#1@' /etc/fstab
4.加载ip_vs模块: [root@node2 ipvs]# cat ipvs.sh #!/bin/bash modprobe -- ip_vs modprobe -- ip_vs_sh modprobe -- ip_vs_rr modprobe -- ip_vs_wrr modprobe -- nf_conntrack_ipv4 [root@node2 ipvs]#echo "bash /root/ipvs/ipvs.sh" >>/etc/rc.local [root@node2 ipvs]#chmod +x /etc/rc.local 5.测试是否启用ip_vs: [root@node2 ipvs]# lsmod |grep ip_vs ip_vs_wrr 12697 0 ip_vs_rr 12600 0 ip_vs_sh 12688 0 ip_vs 145497 6 ip_vs_rr,ip_vs_sh,ip_vs_wrr nf_conntrack 133095 7 ip_vs,nf_nat,nf_nat_ipv4,xt_conntrack,nf_nat_masquerade_ipv4,nf_conntrack_netlink,nf_conntrack_ipv4 libcrc32c 12644 4 xfs,ip_vs,nf_nat,nf_conntrack 6.master执行: [root@master ipvs]# kubeadm token create --print-join-command kubeadm join 192.168.100.200:6443 --token 5zv3v2.ee3gopn6n1jdr4rx --discovery-token-ca-cert-hash sha256:442aa72184ea7de3f3ce8e6e97516e657061fa18a613794d66c3d7a68f3639c1
7.新增节点执行: [root@node2 ~]# kubeadm join 192.168.100.200:6443 --token 5zv3v2.ee3gopn6n1jdr4rx --discovery-token-ca-cert-hash sha256:442aa72184ea7de3f3ce8e6e97516e657061fa18a613794d66c3d7a68f3639c1 [preflight] Running pre-flight checks [WARNING SystemVerification]: this Docker version is not on the list of validated versions: 19.03.4. Latest validated version: 18.09 [preflight] Reading configuration from the cluster... [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml' [kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.16" ConfigMap in the kube-system namespace [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [kubelet-start] Activating the kubelet service [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap... This node has joined the cluster: * Certificate signing request was sent to apiserver and a response was received. * The Kubelet was informed of the new secure connection details. Run 'kubectl get nodes' on the control-plane to see this node join the cluster. 说明:新增节点已经成功加入集群。
8.在新增节点上运行flannel,pause,kube-proxy镜像: [root@node1 ~]# docker save -o flannel.tar quay.io/coreos/flannel:v0.11.0-amd64 [root@node1 ~]# docker save -o kube-proxy.tar k8s.gcr.io/kube-proxy:v1.16.2 [root@node1 ~]# docker save -o pause.tar k8s.gcr.io/pause:3.1 [root@node1 ~]# scp flannel.tar kube-proxy.tar pause.tar node2:/root/ root@node2's password: flannel.tar 100% 50MB 30.7MB/s 00:01 kube-proxy.tar 100% 84MB 41.9MB/s 00:02 pause.tar [root@node2 ~]# docker load -i flannel.tar [root@node2 ~]# docker load < kube-proxy.tar [root@node2 ~]# docker load -i pause.tar
9.master节点查看: [root@master ipvs]# kubectl get nodes NAME STATUS ROLES AGE VERSION master Ready master 30d v1.16.2 node1 Ready <none> 30d v1.16.2 node2 Ready <none> 30d v1.16.2 说明:此时新增的node2节点已经加入集群成功。 [root@master ipvs]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES httpd-856c97d764-6zq2d 1/1 Running 14 18d 10.244.1.220 node1 <none> <none> jenkins-6d7fb8f845-6dr8n 1/1 Running 0 5d20h 10.244.2.2 node2 <none> <none>