单节点加入集群

节点VM准备

参考 runc+containerd+kubelet

因kubelet配置项较多，且为了引用已有的开源项目，在节点初始化启动static pod的过程中，对kubelet采用命令行方式启动，传递最少参数

/usr/bin/kubelet   --cgroup-driver=systemd  --pod-manifest-path=/etc/kubernetes/manifests/  --container-runtime=remote --container-runtime-endpoint=unix:///var/run/containerd/containerd.sock

检查static pod

root@runc-vm-1:/etc/kubernetes/manifests# crictl pods
POD ID              CREATED             STATE               NAME                         NAMESPACE           ATTEMPT             RUNTIME
ac6d2f00dc54a       3 seconds ago       Ready               static-test-pod3-runc-vm-1   default             0                   (default)
c9d574f6937ed       52 seconds ago      Ready               static-test-pod2-runc-vm-1   default             0                   (default)
373b11f71298b       7 minutes ago       Ready               static-test-pod-runc-vm-1    default             0                   (default)

kill kubelet

pid=$(ps -ef | grep kubelet | grep containerd | awk '{print$2}')
kill -9 $pid

root@runc-vm-1:/etc/kubernetes/manifests# crictl pods
POD ID              CREATED             STATE               NAME                         NAMESPACE           ATTEMPT             RUNTIME
ac6d2f00dc54a       12 minutes ago      Ready               static-test-pod3-runc-vm-1   default             0                   (default)
c9d574f6937ed       13 minutes ago      Ready               static-test-pod2-runc-vm-1   default             0                   (default)
373b11f71298b       19 minutes ago      Ready               static-test-pod-runc-vm-1    default             0                   (default)

节点VM加入

master 节点执行

[root@severless-k8s-master ~]# kubeadm token create --print-join-command
kubeadm join 192.168.2.79:6443 --token g2nqth.xfe6br8e050xsl6o --discovery-token-ca-cert-hash sha256:9d21d7e80839c9afd7ec97f24221f9fcfcb289f356c9827fd6eab1571c023a36

节点VM

root@runc-vm-2:~/libin# kubeadm join 192.168.2.79:6443 --token g2nqth.xfe6br8e050xsl6o --discovery-token-ca-cert-hash sha256:9d21d7e80839c9afd7ec97f24221f9fcfcb289f356c9827fd6eab1571c023a36
[preflight] Running pre-flight checks
error execution phase preflight: [preflight] Some fatal errors occurred:
	[ERROR FileContent--proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables does not exist
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

上午错误解决方案如下：

modprobe br_netfilter  #不执行这步骤，会出现：sysctl: cannot stat /proc/sys/–p: No such file or directory
vim /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

sysctl -p

再执行join命令

root@runc-vm-1:/etc/kubernetes/manifests# kubeadm join 192.168.2.79:6443 --token g2nqth.xfe6br8e050xsl6o --discovery-token-ca-cert-hash sha256:9d21d7e80839c9afd7ec97f24221f9fcfcb289f356c9827fd6eab1571c023a36
[preflight] Running pre-flight checks
error execution phase preflight: [preflight] Some fatal errors occurred:
	[ERROR DirAvailable--etc-kubernetes-manifests]: /etc/kubernetes/manifests is not empty
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

出现上面错误的原因，是因为我们已经在/etc/kubernetes/manifests目录下，放置了我们的static pod yaml 文件，此时我们需要忽略掉该错误

root@runc-vm-1:/etc/kubernetes/manifests# kubeadm join 192.168.2.79:6443 --token g2nqth.xfe6br8e050xsl6o --discovery-token-ca-cert-hash sha256:9d21d7e80839c9afd7ec97f24221f9fcfcb289f356c9827fd6eab1571c023a36  --ignore-preflight-errors=DirAvailable--etc-kubernetes-manifests
[preflight] Running pre-flight checks
	[WARNING DirAvailable--etc-kubernetes-manifests]: /etc/kubernetes/manifests is not empty
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

在master节点查看

[root@severless-k8s-master ~]# kubectl get nodes
NAME                    STATUS   ROLES                  AGE   VERSION
runc-vm-1               Ready    <none>                 38s   v1.22.4
runc-vm-2               Ready    <none>                 75m   v1.22.4
severless-k8s-master    Ready    control-plane,master   41d   v1.22.3
severless-k8s-worker1   Ready    <none>                 41d   v1.22.3
severless-k8s-worker2   Ready    <none>                 41d   v1.22.3