基础环境
主机名 | IP | 系统版本 | 内核 | docker版本 | kubenetes版本 |
master | 192.168.1.220 | CentOS Linux release 7.6.1810 (Core) | 5.5.4-1.el7.elrepo.x86_64 | Docker version 18.06.3-ce, build d7080c1 | v1.15.4 |
node01 | 192.168.1.221 | CentOS Linux release 7.6.1810 (Core) | 5.5.4-1.el7.elrepo.x86_64 | Docker version 18.06.3-ce, build d7080c1 | v1.15.4 |
node02 | 192.168.1.222 | CentOS Linux release 7.6.1810 (Core) | 5.5.4-1.el7.elrepo.x86_64 | Docker version 18.06.3-ce, build d7080c1 | v1.15.4 |
准备工作(所有主机)
[root@master ~]# hostname master [root@master ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.220 master 192.168.1.221 node01 192.168.1.222 node02 [root@master ~]# systemctl stop firewalld && systemctl disable firewalld [root@master ~]# swapoff -a && sed -i '/ swap / s/^(.*)$/#1/g' /etc/fstab
[root@master ~]# ntpdate cn.pool.ntp.org 19 Feb 18:06:14 ntpdate[43208]: adjust time server 182.92.12.11 offset -0.002174 sec
[root@master ~]# crontab -l */3 * * * * /usr/sbin/ntpdate cn.pool.ntp.org
更换yum源(所有主机)
[root@master ~]# cd /etc/yum.repos.d/ [root@master yum.repos.d]# mv CentOS-Base.repo CentOS-Base.repo.bak [root@master yum.repos.d]# wget http://mirrors.aliyun.com/repo/Centos-7.repo [root@master yum.repos.d]# wget http://mirrors.163.com/.help/CentOS7-Base-163.repo [root@master yum.repos.d]# ls -l 总用量 36 -rw-r--r-- 1 root root 1572 12月 1 2016 CentOS7-Base-163.repo -rw-r--r-- 1 root root 2523 6月 16 2018 Centos-7.repo -rw-r--r--. 1 root root 1664 8月 30 2017 CentOS-Base.repo.bak -rw-r--r--. 1 root root 1309 8月 30 2017 CentOS-CR.repo -rw-r--r--. 1 root root 649 8月 30 2017 CentOS-Debuginfo.repo -rw-r--r--. 1 root root 314 8月 30 2017 CentOS-fasttrack.repo -rw-r--r--. 1 root root 630 8月 30 2017 CentOS-Media.repo -rw-r--r--. 1 root root 1331 8月 30 2017 CentOS-Sources.repo -rw-r--r--. 1 root root 3830 8月 30 2017 CentOS-Vault.repo [root@master yum.repos.d]# yum clean all && yum makecache
创建/etc/sysctl.d/k8s.conf文件,添加如下内容(所有主机)
[root@master ~]# vi /etc/sysctl.d/k8s.conf net.ipv4.ip_forward = 1 net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 [root@master ~]# modprobe br_netfilter [root@master ~]# sysctl -p /etc/sysctl.d/k8s.conf net.ipv4.ip_forward = 1 net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1
配置阿里docker源(所有主机)
[root@master yum.repos.d]# yum install -y yum-utils device-mapper-persistent-data lvm2 安装必要的一些系统工具 [root@master yum.repos.d]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo 添加软件源信息 [root@master yum.repos.d]# yum makecache fast 更新 [root@master ~]# yum -y install docker-ce-18.06.3.ce-3.el7 [root@master yum.repos.d]# systemctl enable docker && systemctl start docker [root@master yum.repos.d]# docker --version Docker version 18.06.3-ce, build d7080c1
配置镜像加速(所有主机)
[root@master ~]# vi /etc/docker/daemon.json { "registry-mirrors": ["https://4ym6pzzt.mirror.aliyuncs.com"] }
[root@master yum.repos.d]# systemctl restart docker
配置阿里k8s源(所有主机)
[root@master yum.repos.d]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
k8s版本查看(任意一台主机)
[root@node02 ~]# yum list kubelet --showduplicates | sort -r Repository base is listed more than once in the configuration Repository updates is listed more than once in the configuration Repository extras is listed more than once in the configuration Repository centosplus is listed more than once in the configuration 已加载插件:fastestmirror 已安装的软件包 可安装的软件包 Loading mirror speeds from cached hostfile kubelet.x86_64 1.9.9-0 kubernetes kubelet.x86_64 1.9.8-0 kubernetes kubelet.x86_64 1.9.7-0 kubernetes kubelet.x86_64 1.9.6-0 kubernetes kubelet.x86_64 1.9.5-0 kubernetes kubelet.x86_64 1.9.4-0 kubernetes kubelet.x86_64 1.9.3-0 kubernetes kubelet.x86_64 1.9.2-0 kubernetes kubelet.x86_64 1.9.11-0 kubernetes kubelet.x86_64 1.9.1-0 kubernetes kubelet.x86_64 1.9.10-0 kubernetes kubelet.x86_64 1.9.0-0 kubernetes kubelet.x86_64 1.8.9-0 kubernetes kubelet.x86_64 1.8.8-0 kubernetes kubelet.x86_64 1.8.7-0 kubernetes kubelet.x86_64 1.8.6-0 kubernetes kubelet.x86_64 1.8.5-1 kubernetes kubelet.x86_64 1.8.5-0 kubernetes kubelet.x86_64 1.8.4-1 kubernetes kubelet.x86_64 1.8.4-0 kubernetes kubelet.x86_64 1.8.3-1 kubernetes kubelet.x86_64 1.8.3-0 kubernetes kubelet.x86_64 1.8.2-1 kubernetes kubelet.x86_64 1.8.2-0 kubernetes kubelet.x86_64 1.8.15-0 kubernetes kubelet.x86_64 1.8.14-0 kubernetes kubelet.x86_64 1.8.13-0 kubernetes kubelet.x86_64 1.8.12-0 kubernetes kubelet.x86_64 1.8.1-1 kubernetes kubelet.x86_64 1.8.11-0 kubernetes kubelet.x86_64 1.8.1-0 kubernetes kubelet.x86_64 1.8.10-0 kubernetes kubelet.x86_64 1.8.0-1 kubernetes kubelet.x86_64 1.8.0-0 kubernetes kubelet.x86_64 1.7.9-1 kubernetes kubelet.x86_64 1.7.9-0 kubernetes kubelet.x86_64 1.7.8-2 kubernetes kubelet.x86_64 1.7.8-1 kubernetes kubelet.x86_64 1.7.7-2 kubernetes kubelet.x86_64 1.7.7-1 kubernetes kubelet.x86_64 1.7.6-2 kubernetes kubelet.x86_64 1.7.6-1 kubernetes kubelet.x86_64 1.7.5-1 kubernetes kubelet.x86_64 1.7.5-0 kubernetes kubelet.x86_64 1.7.4-1 kubernetes kubelet.x86_64 1.7.4-0 kubernetes kubelet.x86_64 1.7.3-2 kubernetes kubelet.x86_64 1.7.3-1 kubernetes kubelet.x86_64 1.7.2-1 kubernetes kubelet.x86_64 1.7.2-0 kubernetes kubelet.x86_64 1.7.16-0 kubernetes kubelet.x86_64 1.7.15-0 kubernetes kubelet.x86_64 1.7.14-0 kubernetes kubelet.x86_64 1.7.1-1 kubernetes kubelet.x86_64 1.7.11-1 kubernetes kubelet.x86_64 1.7.11-0 kubernetes kubelet.x86_64 1.7.1-0 kubernetes kubelet.x86_64 1.7.10-1 kubernetes kubelet.x86_64 1.7.10-0 kubernetes kubelet.x86_64 1.7.0-1 kubernetes kubelet.x86_64 1.7.0-0 kubernetes kubelet.x86_64 1.6.9-1 kubernetes kubelet.x86_64 1.6.9-0 kubernetes kubelet.x86_64 1.6.8-1 kubernetes kubelet.x86_64 1.6.8-0 kubernetes kubelet.x86_64 1.6.7-1 kubernetes kubelet.x86_64 1.6.7-0 kubernetes kubelet.x86_64 1.6.6-1 kubernetes kubelet.x86_64 1.6.6-0 kubernetes kubelet.x86_64 1.6.5-1 kubernetes kubelet.x86_64 1.6.5-0 kubernetes kubelet.x86_64 1.6.4-1 kubernetes kubelet.x86_64 1.6.4-0 kubernetes kubelet.x86_64 1.6.3-1 kubernetes kubelet.x86_64 1.6.3-0 kubernetes kubelet.x86_64 1.6.2-1 kubernetes kubelet.x86_64 1.6.2-0 kubernetes kubelet.x86_64 1.6.13-1 kubernetes kubelet.x86_64 1.6.13-0 kubernetes kubelet.x86_64 1.6.12-1 kubernetes kubelet.x86_64 1.6.12-0 kubernetes kubelet.x86_64 1.6.1-1 kubernetes kubelet.x86_64 1.6.11-1 kubernetes kubelet.x86_64 1.6.11-0 kubernetes kubelet.x86_64 1.6.1-0 kubernetes kubelet.x86_64 1.6.10-1 kubernetes kubelet.x86_64 1.6.10-0 kubernetes kubelet.x86_64 1.6.0-1 kubernetes kubelet.x86_64 1.6.0-0 kubernetes kubelet.x86_64 1.5.4-1 kubernetes kubelet.x86_64 1.5.4-0 kubernetes kubelet.x86_64 1.17.3-0 kubernetes kubelet.x86_64 1.17.2-0 kubernetes kubelet.x86_64 1.17.1-0 kubernetes kubelet.x86_64 1.17.0-0 kubernetes kubelet.x86_64 1.16.7-0 kubernetes kubelet.x86_64 1.16.6-0 kubernetes kubelet.x86_64 1.16.5-0 kubernetes kubelet.x86_64 1.16.4-0 kubernetes kubelet.x86_64 1.16.3-0 kubernetes kubelet.x86_64 1.16.2-0 kubernetes kubelet.x86_64 1.16.1-0 kubernetes kubelet.x86_64 1.16.0-0 kubernetes kubelet.x86_64 1.15.9-0 kubernetes kubelet.x86_64 1.15.8-0 kubernetes kubelet.x86_64 1.15.7-0 kubernetes kubelet.x86_64 1.15.6-0 kubernetes kubelet.x86_64 1.15.5-0 kubernetes kubelet.x86_64 1.15.4-0 kubernetes kubelet.x86_64 1.15.4-0 @kubernetes kubelet.x86_64 1.15.3-0 kubernetes kubelet.x86_64 1.15.2-0 kubernetes kubelet.x86_64 1.15.1-0 kubernetes kubelet.x86_64 1.15.10-0 kubernetes kubelet.x86_64 1.15.0-0 kubernetes kubelet.x86_64 1.14.9-0 kubernetes kubelet.x86_64 1.14.8-0 kubernetes kubelet.x86_64 1.14.7-0 kubernetes kubelet.x86_64 1.14.6-0 kubernetes kubelet.x86_64 1.14.5-0 kubernetes kubelet.x86_64 1.14.4-0 kubernetes kubelet.x86_64 1.14.3-0 kubernetes kubelet.x86_64 1.14.2-0 kubernetes kubelet.x86_64 1.14.1-0 kubernetes kubelet.x86_64 1.14.10-0 kubernetes kubelet.x86_64 1.14.0-0 kubernetes kubelet.x86_64 1.13.9-0 kubernetes kubelet.x86_64 1.13.8-0 kubernetes kubelet.x86_64 1.13.7-0 kubernetes kubelet.x86_64 1.13.6-0 kubernetes kubelet.x86_64 1.13.5-0 kubernetes kubelet.x86_64 1.13.4-0 kubernetes kubelet.x86_64 1.13.3-0 kubernetes kubelet.x86_64 1.13.2-0 kubernetes kubelet.x86_64 1.13.12-0 kubernetes kubelet.x86_64 1.13.11-0 kubernetes kubelet.x86_64 1.13.1-0 kubernetes kubelet.x86_64 1.13.10-0 kubernetes kubelet.x86_64 1.13.0-0 kubernetes kubelet.x86_64 1.12.9-0 kubernetes kubelet.x86_64 1.12.8-0 kubernetes kubelet.x86_64 1.12.7-0 kubernetes kubelet.x86_64 1.12.6-0 kubernetes kubelet.x86_64 1.12.5-0 kubernetes kubelet.x86_64 1.12.4-0 kubernetes kubelet.x86_64 1.12.3-0 kubernetes kubelet.x86_64 1.12.2-0 kubernetes kubelet.x86_64 1.12.1-0 kubernetes kubelet.x86_64 1.12.10-0 kubernetes kubelet.x86_64 1.12.0-0 kubernetes kubelet.x86_64 1.11.9-0 kubernetes kubelet.x86_64 1.11.8-0 kubernetes kubelet.x86_64 1.11.7-0 kubernetes kubelet.x86_64 1.11.6-0 kubernetes kubelet.x86_64 1.11.5-0 kubernetes kubelet.x86_64 1.11.4-0 kubernetes kubelet.x86_64 1.11.3-0 kubernetes kubelet.x86_64 1.11.2-0 kubernetes kubelet.x86_64 1.11.1-0 kubernetes kubelet.x86_64 1.11.10-0 kubernetes kubelet.x86_64 1.11.0-0 kubernetes kubelet.x86_64 1.10.9-0 kubernetes kubelet.x86_64 1.10.8-0 kubernetes kubelet.x86_64 1.10.7-0 kubernetes kubelet.x86_64 1.10.6-0 kubernetes kubelet.x86_64 1.10.5-0 kubernetes kubelet.x86_64 1.10.4-0 kubernetes kubelet.x86_64 1.10.3-0 kubernetes kubelet.x86_64 1.10.2-0 kubernetes kubelet.x86_64 1.10.13-0 kubernetes kubelet.x86_64 1.10.12-0 kubernetes kubelet.x86_64 1.10.11-0 kubernetes kubelet.x86_64 1.10.1-0 kubernetes kubelet.x86_64 1.10.10-0 kubernetes kubelet.x86_64 1.10.0-0 kubernetes * elrepo: mirrors.tuna.tsinghua.edu.cn
安装组件(所有主机),我安装的1.15.4版本的
[root@node02 ~]# yum install -y kubelet-1.15.4 kubeadm-1.15.4 kubectl-1.15.4 [root@master ~]# kubectl version Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.4", GitCommit:"67d2fcf276fcd9cf743ad4be9a9ef5828adc082f", GitTreeState:"clean", BuildDate:"2019-09-18T14:51:13Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"} Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.4", GitCommit:"67d2fcf276fcd9cf743ad4be9a9ef5828adc082f", GitTreeState:"clean", BuildDate:"2019-09-18T14:41:55Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}
列出所需镜像。可以手动下载,也可以不用手动下载,master初始化时会自动下载。
[root@master ~]# kubeadm --kubernetes-version=v1.15.4 config images list k8s.gcr.io/kube-apiserver:v1.15.4 k8s.gcr.io/kube-controller-manager:v1.15.4 k8s.gcr.io/kube-scheduler:v1.15.4 k8s.gcr.io/kube-proxy:v1.15.4 k8s.gcr.io/pause:3.1 k8s.gcr.io/etcd:3.3.10 k8s.gcr.io/coredns:1.3.1
修改docker服务管理方式为systemd(所有主机)
[root@master yum.repos.d]# sed -i "s#^ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd#g" /usr/lib/systemd/system/docker.service 这步可以不做,如果没有修改,集群在初始化和worker节点加入的时候会爆出警告信息
master初始化,仅在master节点操作
参数说明
--kubernetes-version #指定Kubernetes版本 --image-repository #由于kubeadm默认是从官网k8s.grc.io下载所需镜像,国内无法访问,所以这里通过--image-repository指定为阿里云镜像仓库地址 --pod-network-cidr #指定pod网络段 --service-cidr #指定service网络段 --ignore-preflight-errors=Swap #忽略swap报错信息
[root@master ~]# kubeadm init --apiserver-advertise-address=192.168.1.220 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.15.4 --service-cidr=10.1.0.0/16 --pod-network-cidr=10.244.0.0/16
[root@master ~]# mkdir -p $HOME/.kube [root@master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config [root@master ~]# chown $(id -u):$(id -g) $HOME/.kube/config
下载并安装flannel资源配置清单(所有主机)
# 手动拉取flannel的docker镜像 docker pull easzlab/flannel:v0.11.0-amd64 # 修改镜像名称 docker tag easzlab/flannel:v0.11.0-amd64 quay.io/coreos/flannel:v0.11.0-amd64
[root@master ~]# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml [root@master ~]# kubectl apply -f kube-flannel.yml
[root@master ~]# kubectl get pod -n kube-system -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES coredns-bccdc95cf-5ptzm 1/1 Running 0 66m 10.244.0.3 master <none> <none> coredns-bccdc95cf-c7v9j 1/1 Running 0 66m 10.244.0.2 master <none> <none> etcd-master 1/1 Running 0 65m 192.168.1.220 master <none> <none> kube-apiserver-master 1/1 Running 0 65m 192.168.1.220 master <none> <none> kube-controller-manager-master 1/1 Running 0 66m 192.168.1.220 master <none> <none> kube-flannel-ds-amd64-9fjhr 1/1 Running 1 59m 192.168.1.222 node02 <none> <none> kube-flannel-ds-amd64-g7vs7 1/1 Running 1 59m 192.168.1.221 node01 <none> <none> kube-flannel-ds-amd64-tg697 1/1 Running 0 60m 192.168.1.220 master <none> <none> kube-proxy-bqd9j 1/1 Running 0 59m 192.168.1.221 node01 <none> <none> kube-proxy-d8q7s 1/1 Running 0 66m 192.168.1.220 master <none> <none> kube-proxy-gz85g 1/1 Running 0 59m 192.168.1.222 node02 <none> <none> kube-scheduler-master 1/1 Running 0 65m 192.168.1.220 master <none> <none>
node01加入集群
[root@node01 ~]# kubeadm join 192.168.1.220:6443 --token qa9y89.zmr3xgpk1429d0dw > --discovery-token-ca-cert-hash sha256:2edda5757334f420c0b501aa4dc19072307d796a0ae09b3474824727a227d7ec
node02加入集群
[root@node02 ~]# kubeadm join 192.168.1.220:6443 --token qa9y89.zmr3xgpk1429d0dw --discovery-token-ca-cert-hash sha256:2edda5757334f420c0b501aa4dc19072307d796a0ae09b3474824727a227d7ec
如果忘记加入命令,在master节点上行执行 kubeadm token create --print-join-command
master上查看各节点状态
[root@master ~]# kubectl get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME master Ready master 69m v1.15.4 192.168.1.220 <none> CentOS Linux 7 (Core) 5.5.4-1.el7.elrepo.x86_64 docker://18.6.3 node01 Ready <none> 61m v1.15.4 192.168.1.221 <none> CentOS Linux 7 (Core) 5.5.4-1.el7.elrepo.x86_64 docker://18.6.3 node02 Ready <none> 61m v1.15.4 192.168.1.222 <none> CentOS Linux 7 (Core) 5.5.4-1.el7.elrepo.x86_64 docker://18.6.3
[root@master ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION master Ready master 69m v1.15.4 node01 Ready <none> 61m v1.15.4 node02 Ready <none> 61m v1.15.4
如果集群初始化出错需要重新初始化的时候,首先要执行 kubeadm reset -f
1)在master节点上执行
# kubectl drain <NODE-NAME> --delete-local-data --force --ignore-daemonsets # kubectl delete node <NODE-NAME>
2)在需要移除的节点上执行
# kubeadm reset
测试一下kubernetes集群(master上执行)
创建一个镜像为nginx的容器
[root@master ~]# kubectl create deployment nginx --image=nginx deployment.apps/nginx created
查看pod的详细信息,events部分可以看到创建过程
[root@master ~]# kubectl describe pod nginx Name: nginx-554b9c67f9-hkl8n Namespace: default Priority: 0 Node: node01/192.168.1.221 Start Time: Wed, 19 Feb 2020 17:56:23 +0800 Labels: app=nginx pod-template-hash=554b9c67f9 Annotations: <none> Status: Pending IP: Controlled By: ReplicaSet/nginx-554b9c67f9 Containers: nginx: Container ID: Image: nginx Image ID: Port: <none> Host Port: <none> State: Waiting Reason: ContainerCreating Ready: False Restart Count: 0 Environment: <none> Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-v8gp9 (ro) Conditions: Type Status Initialized True Ready False ContainersReady False PodScheduled True Volumes: default-token-v8gp9: Type: Secret (a volume populated by a Secret) SecretName: default-token-v8gp9 Optional: false QoS Class: BestEffort Node-Selectors: <none> Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 17s default-scheduler Successfully assigned default/nginx-554b9c67f9-hkl8n to node01 Normal Pulling 11s kubelet, node01 Pulling image "nginx"
kubectl命令自动补全
##安装包 [root@master ~]# yum install -y bash-completion* ##手工执行 [root@master ~]# source <(kubectl completion bash) ##写入环境变量 [root@master ~]# echo "source <(kubectl completion bash)" >> ~/.bashrc ##需要手工执行一下,否则tab补全时会提示“-bash: _get_comp_words_by_ref: command not found ” [root@master ~]# sh /usr/share/bash-completion/bash_completion ##加载环境变量 [root@master ~]# source /etc/profile ##再次使用kubectl命令进行tab补全就ok了
后续有nodes节点想加入集群的话,由于默认token的有效期为24小时,当过期之后,该token就不可用了,解决方法如下:
重新生成新的token ==> kubeadm token create # 1.查看当前的token列表 [root@master ~]# kubeadm token list TOKEN TTL EXPIRES USAGES DESCRIPTION EXTRA GROUPS l507qh.nqysbrdxjtcfx4c9 23h 2020-02-10T15:20:19+08:00 authentication,signing <none> system:bootstrappers:kubeadm:default-node-token v2yw0n.xaq2uu2oqqsk4wlv 23h 2020-02-10T15:14:53+08:00 authentication,signing The default bootstrap token generated by 'kubeadm init'. system:bootstrappers:kubeadm:default-node-token
重新生成新的token
[root@master ~]# kubeadm token create W0209 15:44:21.172784 43064 validation.go:28] Cannot validate kube-proxy config - no validator is available W0209 15:44:21.172852 43064 validation.go:28] Cannot validate kubelet config - no validator is available 0xpz5e.7fcygebnug44a3xm
再次查看当前的token列表
[root@master ~]# kubeadm token list TOKEN TTL EXPIRES USAGES DESCRIPTION EXTRA GROUPS 0xpz5e.7fcygebnug44a3xm 23h 2020-02-10T15:44:21+08:00 authentication,signing <none> system:bootstrappers:kubeadm:default-node-token l507qh.nqysbrdxjtcfx4c9 23h 2020-02-10T15:20:19+08:00 authentication,signing <none> system:bootstrappers:kubeadm:default-node-token v2yw0n.xaq2uu2oqqsk4wlv 23h 2020-02-10T15:14:53+08:00 authentication,signing The default bootstrap token generated by 'kubeadm init'. system:bootstrappers:kubeadm:default-node-token
获取ca证书sha256编码hash值
[root@master ~]# openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //' 2773274565fa8f13ca7de2466ad98f5cb4f5815a20665f10d46399f318aa937c
节点加入集群
root@k8s-node03 ~]# kubeadm join --token 0xpz5e.7fcygebnug44a3xm(新的token) --discovery-token-ca-cert-hash
如果忘记加入命令,在master节点上行执行 kubeadm token create --print-join-command