网站首页 > 技术教程 正文
1.主机规划
角色 hostname IP
master db1 192.168.0.201
node1 db2 192.168.0.202
OS: redhat 7.2 最小化安装即可
需要配置网卡桥接,需要访问外网下载镜像
现在开始Master和Node都要做
2.配置基本信息
# yum install vim net-tools wget bash-com* -y
# vi /etc/hosts
192.168.0.201 db1
192.168.0.202 db23.配置网络信息
# systemctl stop NetworkManager
# systemctl disable NetworkManager
# systemctl mask NetworkManager
# vi /etc/sysconfig/network-scripts/ifcfg-enp0s3
TYPE="Ethernet"
BOOTPROTO="none"
IPADDR=192.168.0.201 //写自己虚拟机NAT网络的CIDR和网关
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
DNS1=8.8.8.8
DNS2=114.114.114.114
DEVICE="enp0s3"
ONBOOT="yes"
# systemctl enable network4.关闭firewall,使用iptables
# systemctl disable firewalld.service
# systemctl stop firewalld.service
# systemctl mask firewalld.service
# yum install iptables-services -y
# systemctl enable iptables.service
# service iptables save5.把selinux设置为disabled状态
# sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
# setenforce 0
# reboot
调整之后,需要重启才能生效6.设置内核参数
# vi /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness = 0
# modprobe br_netfilter
# sysctl -p /etc/sysctl.d/k8s.conf7.关闭交换内存
# swapoff -a
# sed -ir 's/.*swap/#&/g' /etc/fstab8.添加阿里云源
# wget -O /etc/yum.repos.d/Centos-7-Ali.repo https://mirrors.aliyun.com/repo/Centos-7.repo9.安装配置docker
安装docker tools
# yum install yum-utils device-mapper-persistent-data lvm2 -y
# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
# yum list docker-ce --showduplicates | sort -r
安装docker-ce
# yum install docker-ce-19.03.9-3.el7 -y
修改docker镜像加速器
# mkdir /etc/docker
# vim /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://3ca84f1l.mirror.aliyuncs.com"]
}
备注:阿里云docker镜像加速器:
打开网址:https://cr.console.aliyun.com/#/accelerator
注册、登录、设置密码,左下角,然后在页面上可以看到加速器地址,类似于:https://123abc.mirror.aliyuncs.com
# systemctl daemon-reload
# systemctl enable docker
# systemctl start docker
# docker info 10.配置k8s,阿里云镜像
# vim /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enable=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
# yum repolist 11.k8s安装
# yum install -y kubelet-1.19.0 kubeadm-1.19.0 kubectl-1.19.0 ipsvadm
# systemctl enable kubelet
注意,如果是安装node节点,务必保证版本和master一致
开启转发
# iptables -P FORWARD ACCEPT
=====================以下部分不用做
这一步可以不做,前面配置阿里源,会去阿里源拉去对应的镜像,这里采用1.19.0,最新版本不要用,因为没有,拉去会失败。
预先下载镜像
可以调用
kubeadm config images list --kubernetes-version=1.19.0
得到所需的镜像和版本号
k8s.gcr.io/kube-apiserver:v1.19.0
k8s.gcr.io/kube-controller-manager:v1.19.0
k8s.gcr.io/kube-scheduler:v1.19.0
k8s.gcr.io/kube-proxy:v1.19.0
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.13-0
k8s.gcr.io/coredns:1.7.0
由于国内网络原因,无法直接下载以上镜像,所以可以通过代理源自行下载
目前可用的代理源包括:
– registry.cn-hangzhou.aliyuncs.com/google_containers/*
其中coredns可以直接调用docker pull coredns/coredns:1.6.5进行下载,
其他都可以把前面的k8s.gcr.io替换为以上前缀pull down
pull完成后使用docker tag指令将前缀换回k8s.gcr.io即可
docker pull registry.aliyuncs.com/google-containers/kube-apiserver:v1.19.7
docker tag registry.aliyuncs.com/google-containers/kube-apiserver:v1.19.0 gcr.io/google_containers/kube-apiserver:v1.19.7
配置kubelet参数
这里涉及到前面parse image的版本号,保持同步
vi /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--cgroup-driver=systemd --pod-infra-container-image=k8s.gcr.io/pause:3.2"
至此公共部分完成
12.Master配置
在Master端执行
[root@db1 ~]# mkdir -p $HOME/.kube
[root@db1 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@db1 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
简单来说就是把admin.conf复制到对应用户根目录.kube/config文件,并修改归属关系,
root用户就是放到/root/.kube/config
查看node
[root@db1 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
db1 NotReady master 8m11s v1.19.013.kubectl配置
在node节点执行。向集群添加新节点,执行在kubeadm init输出的kubeadm join命令。
[root@db2 ~]# kubeadm join 192.168.0.201:6443 --token rm3lna.2d4uarrsskk7vjcc \
--discovery-token-ca-cert-hash sha256:f3747e539ffafa3d5634393971c86bcdcab9838421c2a0dd13e9388439d41d28
[root@db2 ~]# scp root@db1:/etc/kubernetes/admin.conf /etc/kubernetes/admin.conf
[root@db2 ~]# echo export KUBECONFIG=/etc/kubernetes/admin.conf >> /root/.bash_profile
[root@db2 ~]# source /root/.bash_profile
[root@db2 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
db1 NotReady master 14m v1.19.0
db2 NotReady <none> 4m54s v1.19.0
由于没有配置网络,所以这里还是NotReady状态。继续后面的配置14.节点加入集群
在node节点执行。向集群添加新节点,执行在kubeadm init输出的kubeadm join命令。
[root@db2 ~]# kubeadm join 192.168.0.201:6443 --token rm3lna.2d4uarrsskk7vjcc \
--discovery-token-ca-cert-hash sha256:f3747e539ffafa3d5634393971c86bcdcab9838421c2a0dd13e9388439d41d28
[root@db2 ~]# scp root@db1:/etc/kubernetes/admin.conf /etc/kubernetes/admin.conf
[root@db2 ~]# echo export KUBECONFIG=/etc/kubernetes/admin.conf >> /root/.bash_profile
[root@db2 ~]# source /root/.bash_profile
[root@db2 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
db1 NotReady master 14m v1.19.0
db2 NotReady <none> 4m54s v1.19.0
由于没有配置网络,所以这里还是NotReady状态。继续后面的配置token默认有效期为24小时,过期后需要重新创建:
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"15.配置k8s网络
这里遇到了coredns无法启动的问题,进而导致kubectl get nodes一直是NotReady,这里提供一个命令
echo "199.232.4.133 raw.githubusercontent.com" >> /etc/hosts
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml配置flannel网络
[root@db1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
db1 Ready master 21m v1.19.0
db2 Ready <none> 11m v1.19.0查看node状态
[root@db1 ~]# kubectl get pod -o wide -n kube-system
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-6d56c8448f-ndx9j 1/1 Running 0 20m 10.44.0.1 db1 <none> <none>
coredns-6d56c8448f-zz4rm 1/1 Running 0 20m 10.44.0.2 db1 <none> <none>
etcd-db1 1/1 Running 0 20m 192.168.0.201 db1 <none> <none>
kube-apiserver-db1 1/1 Running 0 20m 192.168.0.201 db1 <none> <none>
kube-controller-manager-db1 1/1 Running 0 20m 192.168.0.201 db1 <none> <none>
kube-flannel-ds-7vz8g 0/1 Init:0/1 0 13s 192.168.0.201 db1 <none> <none>
kube-flannel-ds-h5d26 0/1 Init:0/1 0 13s 192.168.0.202 db2 <none> <none>
kube-proxy-2q6ht 1/1 Running 0 20m 192.168.0.201 db1 <none> <none>
kube-proxy-lc9rj 1/1 Running 0 10m 192.168.0.202 db2 <none> <none>
kube-scheduler-db1 1/1 Running 0 20m 192.168.0.201 db1 <none> <none>
weave-net-crn7z 2/2 Running 0 2m50s 192.168.0.201 db1 <none> <none>
weave-net-vz7qc 2/2 Running 0 2m50s 192.168.0.202 db2 <none> <none> 查看pod状态
[root@db1 ~]# kubectl get pod -o wide -n kube-system
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-6d56c8448f-ndx9j 1/1 Running 0 20m 10.44.0.1 db1 <none> <none>
coredns-6d56c8448f-zz4rm 1/1 Running 0 20m 10.44.0.2 db1 <none> <none>
etcd-db1 1/1 Running 0 20m 192.168.0.201 db1 <none> <none>
kube-apiserver-db1 1/1 Running 0 20m 192.168.0.201 db1 <none> <none>
kube-controller-manager-db1 1/1 Running 0 20m 192.168.0.201 db1 <none> <none>
kube-flannel-ds-7vz8g 0/1 Init:0/1 0 13s 192.168.0.201 db1 <none> <none>
kube-flannel-ds-h5d26 0/1 Init:0/1 0 13s 192.168.0.202 db2 <none> <none>
kube-proxy-2q6ht 1/1 Running 0 20m 192.168.0.201 db1 <none> <none>
kube-proxy-lc9rj 1/1 Running 0 10m 192.168.0.202 db2 <none> <none>
kube-scheduler-db1 1/1 Running 0 20m 192.168.0.201 db1 <none> <none>
weave-net-crn7z 2/2 Running 0 2m50s 192.168.0.201 db1 <none> <none>
weave-net-vz7qc 2/2 Running 0 2m50s 192.168.0.202 db2 <none> <none> 16.安装kubernetes-dashboard
k8s dashboard是一个常用UI控制台组件,目前已更新到2.0版本(1.x版本不再支持k8s 1.6以上版本,虽然能安装但是无法正常访问deployments)
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml
默认Dashboard只能集群内部访问,修改Service为NodePort类型,暴露到外部。
# vim recommended.yaml
---
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
ports:
- port: 443
targetPort: 8443
nodePort: 30001 # 添加
type: NodePort # 添加
selector:
k8s-app: kubernetes-dashboard
---
# kubectl apply -f recommended.yaml
# kubectl get pods,svc -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
pod/dashboard-metrics-scraper-7b59f7d4df-tcvv5 1/1 Running 0 21s
pod/kubernetes-dashboard-665f4c5ff-v2dnf 1/1 Running 0 21s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/dashboard-metrics-scraper ClusterIP 10.100.195.96 <none> 8000/TCP 21s
service/kubernetes-dashboard NodePort 10.100.27.197 <none> 443:30001/TCP 22s
[root@db1 ~]# netstat -an|grep 30001
tcp 0 0 0.0.0.0:30001 0.0.0.0:* LISTEN
查看pod日志
kubectl describe pod kubernetes-dashboard-665f4c5ff-v2dnf -n kubernetes-dashboard访问方式:
https://192.168.0.201:30001
查询登录token
# kubectl get secrets -n kubernetes-dashboard
NAME TYPE DATA AGE
default-token-6tjx9 kubernetes.io/service-account-token 3 4m59s
kubernetes-dashboard-certs Opaque 0 4m59s
kubernetes-dashboard-csrf Opaque 1 4m59s
kubernetes-dashboard-key-holder Opaque 2 4m59s
kubernetes-dashboard-token-w5xp2 kubernetes.io/service-account-token 3 4m59s查询到kubernetes-dashboard-token-xxxxx的条目后describe一下就能看到token了
# kubectl describe secret kubernetes-dashboard-token-w5xp2 -n kubernetes-dashboard
Name: kubernetes-dashboard-token-w5xp2
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubernetes-dashboard
kubernetes.io/service-account.uid: 7ec0b131-edb8-4910-9b01-2b2efac98e83
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1066 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IkR2MUNQeDBBYUp2bFlTSzhFRnh6TDJ6eG83RDA2QVB1V0dhN2lvZG9NNlkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi13NXhwMiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjdlYzBiMTMxLWVkYjgtNDkxMC05YjAxLTJiMmVmYWM5OGU4MyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.HZdMUWal4eFmhvbZh4RDZ_DA0JYPxflUk--Gd2Rb3vuLEnhOJAncCbhgIJjuOqjT1CnWpgY6S0bsHk4JpW51192A_N8hGqdY0_c5bpAvehX0fYOimjVRwnBYwOFtSZooJeQs3XnVxa9j8-lrvCGNuLY05NCfVdgy9dEPGJvHRO81EPN0uHfh5kAumU6WQoC8NNc0i1ynibvzaOdGulkfpaHd2GkYH9I-Tl9DpHAAWdt8xl0ty-8Qv-bIv8kvNcpMfY1MxUM6duvcwNJq-czpBQRrMiIOV7FAfeXyw066IrdWGHGGxHkfwWtpc375aqoHSxmyslxDHjsBYgS76kpsDg访问成功界面,最小用户权限
创建service account并绑定默认cluster-admin管理员集群角色:
# kubectl create serviceaccount dashboard-admin -n kube-system
# kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
查看管理员权限的Token
# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
Name: dashboard-admin-token-gvt5w
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: dashboard-admin
kubernetes.io/service-account.uid: 866014b5-5790-49a9-b06f-43ed50336150
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1066 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IkR2MUNQeDBBYUp2bFlTSzhFRnh6TDJ6eG83RDA2QVB1V0dhN2lvZG9NNlkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tZ3Z0NXciLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiODY2MDE0YjUtNTc5MC00OWE5LWIwNmYtNDNlZDUwMzM2MTUwIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.H7uZweWL2jXFSmcjKMWe5X1qfrQdVZWFQbvAqpqBPqvK3AFqFBLauU82JEhsPOHT3pUI7lmUJ1H9_jIIaicMzbrrMI0Co9TjOb3bpV-BAF_UmO1cUCBus1haZkCmbqweEtWWFUwu5aqsyAwb2dmdtPUiFhwreRHsa-qLgOLALLIQyy1BVgS960M7p1HrcQNBSAceeNG8P50Gqd0mmNWE5TrfCjfHzMGyBdvBD1qLdo-gjmGX6hMHP30qclpJH7zpkAMKpNv8qFy5s56VTRxAT1vqUzCxXnyqWN2z_epbxfpCiSHJXv8ByqctAl53SHNy-rs5LjoKG9BMoVGk1Te0Yg管理员权限登陆 https://192.168.0.201:30001
kubernetes dashboard 排错
如果dashboard没有部署到master节点会出现无法连接10.96.0.1:443的故障
需要Deployment中增加一个nodeSelector ,格式如下:
kubernetes.io/hostname: mastername默认token登录有效期很短,可添加环境变量,找到kubernetesui/dashboard image,在下面的args内添加参数:
--token-ttl=43200(12小时)查看node的标签
# kubectl get nodes --show-labels
NAME STATUS ROLES AGE VERSION LABELS
db1 Ready master 3h46m v1.19.0 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=db1,kubernetes.io/os=linux,node-role.kubernetes.io/master=
db2 Ready <none> 3h36m v1.19.0 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=db2,kubernetes.io/os=linux17.集群测试
17.1 部署deployment service
通过deployment部署一个nginx
# kubectl create deployment nginx-deploy --image=nginx:1.18
通过svc暴露服务
# kubectl expose deployment nginx-deploy --name=nginx-svc --port=80 --target-port=80 --type=NodePort
查看
# kubectl get deploy,pods,svc -o wide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
deployment.apps/nginx-deploy 1/1 1 1 2m56s nginx nginx:1.18 app=nginx-deploy
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/nginx-deploy-fb74b55d4-t5slf 1/1 Running 0 2m56s 10.244.1.6 db2 <none> <none>
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3h40m <none>
service/nginx-svc NodePort 10.101.243.114 <none> 80:30488/TCP 2m30s app=nginx-deploy
在node节点访问
# curl -I 10.244.1.6 此为pod IP
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 12 Nov 2020 06:30:35 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 21 Apr 2020 12:43:12 GMT
Connection: keep-alive
ETag: "5e9eea60-264"
Accept-Ranges: bytes
# curl -I 10.101.243.114:80 此为svc的IP
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 12 Nov 2020 06:30:54 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 21 Apr 2020 12:43:12 GMT
Connection: keep-alive
ETag: "5e9eea60-264"
Accept-Ranges: bytes
# curl 192.168.0.202:30488 此为db2节点的endpoint
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>17.2 集群DNS测试
kubeadm方式默认已部署coredns
# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-6d56c8448f-ndx9j 1/1 Running 0 3h42m
coredns-6d56c8448f-zz4rm 1/1 Running 0 3h42m
# kubectl run busybox-test --rm -it --image=busybox:1.28.4 -- sh
If you don't see a command prompt, try pressing enter.
/ # nslookup kubernetes
Server: 10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
Name: kubernetes
Address 1: 10.96.0.1 kubernetes.default.svc.cluster.local
/ # nslookup nginx-svc 此svc刚才是刚才创建的
Server: 10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
Name: nginx-svc
Address 1: 10.101.243.114 nginx-svc.default.svc.cluster.local
解析正常18.重置k8s集群
18.1 重置k8s集群
重置k8s,主节点执行
# kubeadm reset
kubeadm reset 负责从使用 kubeadm init 或 kubeadm join 命令创建的文件中清除节点本地文件系统。
对于控制平面节点,reset 还从 etcd 集群中删除该节点的本地 etcd 堆成员,
还从 kubeadm ClusterStatus 对象中删除该节点的信息。
ClusterStatus 是一个 kubeadm 管理的 Kubernetes API 对象,该对象包含 kube-apiserver 端点列表。18.2 删除node节点
驱逐这个node01节点上的pod
# kubectl drain node01 --delete-local-data --force --ignore-daemonsets
删除这个node01节点
kubectl delete node node01
然后再node01上执行
kubeadm reset
systemctl stop kubelet
systemctl stop docker
rm -rf /var/lib/cni/
rm -rf /var/lib/kubelet/*
rm -rf /etc/cni/
ifconfig cni0 down
ifconfig flannel.1 down
ifconfig docker0 down
ip link delete cni0
ip link delete flannel.1
systemctl start docker
systemctl start kubelet
如果不做上面的操作的话会导致这个节点上的pod无法启动,
具体报错信息为:networkPlugin cni failed to set up pod "alertmanager-main-1_monitoring"
network: failed to set bridge ad has an IP address different from 10.244.5.1/24 ,
意思是已经集群网络cni已经有一个不同于10.244.51.1/24 的网络地址,
所以需要执行上述命令重置节点网络。18.3 重新加入这个node节点
节点加入集群的命令格式:kubeadm join --token <token> <master-ip>:<master-port> --discovery-token-ca-cert-hash sha256:<hash>
由于默认token的有效期为24小时,当过期之后,该token就不可用了,解决方法如下:
重新生成新的token ==> kubeadm token create
# 1.查看当前的token列表
# kubeadm token list
# 2.重新生成新的token
# kubeadm token create
# 3.再次查看当前的token列表
# kubeadm token list
# 4.获取ca证书sha256编码hash值
# openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
# 5.节点加入集群
# kubeadm join 172.16.40.2:58443 --token 369tcl.oe4punpoj9gaijh7(新的token) --discovery-token-ca-cert-hash sha256:7ae10591aa593c2c36fb965d58964a84561e9ccd416ffe7432550a0d0b7e4f90(ca证书sha256编码hash值)
再次在master节点查看node发现已经加入到集群了。猜你喜欢
- 2024-10-13 nginx的集群原理与常用的调度算法
- 2024-10-13 自己动手在阿里云部署 K8S 集群(阿里云 slb k8s)
- 2024-10-13 Kubernetes集群的自动化部署和管理
- 2024-10-13 最新Minio+Docker+Nginx多机集群(多台nginx集群方案)
- 2024-10-13 基于 consul + nginx 的Spring boot微服务集群部署
- 2024-10-13 k8s集群中部署nginx(k8s nginx ingress)
- 2024-10-13 完美!Kubernetes 集群的零停机服务器更新
- 2024-10-13 LVS+keepalived+nginx实现高性能高可用负载均衡集群--第二部分
- 2024-10-13 高级架构技术点之安装redis 集群(redis 安装配置)
- 2024-10-13 K8s Helm部署 ES集群 &Kibana 收集展示日志
欢迎 你 发表评论:
- 最近发表
-
- Oracle 在其新的 Linux 内核中引入了热补丁功能
- CentOS 7.6下安装Oracle 11.2.0.4
- ORACLE体系 - 2(oracle体系讲解)
- ORA-12514 TNS 监听程序当前无法识别连接描述符中请求服务
- Hadoop自学系列集(二) ---- CentOS下安装JDK
- 如何升级oracle数据库安全补丁(oraclepsu补丁升级)
- 搭建Oracle数据库服务器(oracle服务器创建用户)
- OGG同步到Kafka(oggforbigdata到kafka)
- oracle是什么软件?(oracle是干什么用的)
- 脚本化修改Oracle用户的密码以及执行sql(增删改查等)
- 标签列表
-
- 下划线是什么 (87)
- 精美网站 (58)
- qq登录界面 (90)
- nginx 命令 (82)
- nginx .http (73)
- nginx lua (70)
- nginx 重定向 (68)
- Nginx超时 (65)
- nginx 监控 (57)
- odbc (59)
- rar密码破解工具 (62)
- annotation (71)
- 红黑树 (57)
- 智力题 (62)
- php空间申请 (61)
- 按键精灵 注册码 (69)
- 软件测试报告 (59)
- ntcreatefile (64)
- 闪动文字 (56)
- guid (66)
- abap (63)
- mpeg 2 (65)
- column (63)
- dreamweaver教程 (57)
- excel行列转换 (56)
本文暂时没有评论,来添加一个吧(●'◡'●)