环境信息:
ubuntu-master01 192.1681.195.128
ubuntu-work01 192.168.195.129
k8s版本 1.25.2
背景描述:初始环境是一个master一个work,后面想扩容两个master节点。当初master01节点初始化成功时输出了一些内容用于节点加入集群的,我保存下来了。
如下:
1 Your Kubernetes control-plane has initialized successfully! 2 3 To start using your cluster, you need to run the following as a regular user: 4 5 mkdir -p $HOME/.kube 6 sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config 7 sudo chown $(id -u):$(id -g) $HOME/.kube/config 8 9 Alternatively, if you are the root user, you can run: 10 11 export KUBECONFIG=/etc/kubernetes/admin.conf 12 13 You should now deploy a pod network to the cluster. 14 Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: 15 https://kubernetes.io/docs/concepts/cluster-administration/addons/ 16 17 You can now join any number of the control-plane node running the following command on each as root: 18 19 kubeadm join 192.168.195.128:6443 --token 1s8cnx.dzp9gxk9mhri0px3 \ 20 --discovery-token-ca-cert-hash sha256:22c12a103ae84f0f7eeace12ed8d98db392cb42782bfe50a205f73f4013b471a \ 21 --control-plane --certificate-key daad49c58ef7ca85acfc65501a06f4179a228925dc149c1086a07cf6754b5b14 22 23 Please note that the certificate-key gives access to cluster sensitive data, keep it secret! 24 As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use 25 "kubeadm init phase upload-certs --upload-certs" to reload certs afterward. 26 27 Then you can join any number of worker nodes by running the following on each as root: 28 29 kubeadm join 192.168.195.128:6443 --token 1s8cnx.dzp9gxk9mhri0px3 \ 30 --discovery-token-ca-cert-hash sha256:22c12a103ae84f0f7eeace12ed8d98db392cb42782bfe50a205f73f4013b471a
于是,两天后我使用这里的命令添加master2报错如下
网上看了一下原来是我的token过期了,要重新生成才行
root@master01:~# kubeadm init phase upload-certs --upload-certs [upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace [upload-certs] Using certificate key: 8e4961700ae059535f4bc60bc64ae9f6e9badb113f4eb2f8d8253a3a0a92b5f3 # 此命令在work节点上执行可以直接用来添加work节点,前提是节点初始化过了 kubeadm token create --print-join-command kubeadm join 192.168.195.128:6443 --token 2cl24c.zuuuv813otnocq38 --discovery-token-ca-cert-hash sha256:22c12a103ae84f0f7eeace12ed8d98db392cb42782bfe50a205f73f4013b471a
# 所以此处加入master的命令如下
kubeadm join 192.168.195.128:6443 --token 2cl24c.zuuuv813otnocq38 \
--discovery-token-ca-cert-hash sha256:22c12a103ae84f0f7eeace12ed8d98db392cb42782bfe50a205f73f4013b471a \
--control-plane --certificate-key 8e4961700ae059535f4bc60bc64ae9f6e9badb113f4eb2f8d8253a3a0a92b5f3
标签:cgroups,missing,blkio,--,token,certs,join,kubeadm,节点 From: https://www.cnblogs.com/ggborn-001/p/16787524.html