K8S删除节点重新加入集群

整体流程就是删除node节点,然后重新join进集群,也适用于新加入的加点

新节点加入需要使用如下命令下载kubelet kubeadm 以及 kubectl

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet-1.21.5 kubeadm-1.21.5 kubectl-1.21.5

删除节点

首先在集群里面执行

kubectl delete node xxxx

关闭kubelet等进程

lsof -i:10250
kill -9 XXX
cd /etc/kubernetes/
mv ./kubelet.conf ./kubelet.conf.back #备份
cd pki/
mv ./ca.crt ./ca.crt.back
kubeadm reset #重置 看好输出说明,换集群需要把cni插件配置文件删除掉

至此node节点已经被删除了,重新加入集群
在第一台master节点上执行,因为第一台master的kubeadm上有集群的配置,后加的master集群是没有的.当然也看自己环境的问题,我这边是因为忘了这个事在其他的master节点上执行这个之后没有生成出来external-etcd-ca.crt配置,导致加入集群出错:

[root@master03 etcd]# kubeadm join lb.kubesphere.local:6443 --token 8vm0i2.s0c9srjykr7ou98m --discovery-token-ca-cert-hash sha256:b095b99af4240d9c1c4ead1b273e3296783123123b6689351a56ad1eba96f6312819902 --control-plane --certificate-key b04e33c36ff562c1a39742bfe3725ea23120c68e027c3e52c8962502342df04fb84a00a3b
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
W0615 09:27:20.886972   34466 utils.go:69] The recommended value for "clusterDNS" in "KubeletConfiguration" is: [10.233.0.10]; the provided value is: [169.254.25.10]
[preflight] Running pre-flight checks before initializing the new control plane instance
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[download-certs] Downloading the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
error execution phase control-plane-prepare/download-certs: error downloading certs: the Secret does not include the required certificate or key - name: external-etcd.crt, path: /etc/ssl/etcd/ssl/node-master01.pem

以下是加入集群命令

#如果需要加入成为主节点,需要执行该命令,否则直接执行 第二个命令就行kubeadm token create --print-join-command
[root@master01 ~]# kubeadm --config /etc/kubernetes/kubeadm-config.yaml init phase upload-certs --upload-certs
W0615 09:42:16.537169   59618 utils.go:69] The recommended value for "clusterDNS" in "KubeletConfiguration" is: [10.233.0.10]; the provided value is: [169.254.25.10]
[upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
[upload-certs] Using certificate key:
e2e470ce8f26854e0abbbed38c82a823e2da9a0c3c8566cbc407be304d6e2709

[root@master02 kubernetes]# kubeadm token create --print-join-command
kubeadm join lb.kubesphere.local:6443 --token sqtj0l.eoxrfy1ed1c6fys3 --discovery-token-ca-cert-hash sha256:b095b99af4240d9c1c4eadb273e1196783b66129351a56adaeba96f6312819902 

如果想把节点加入成为主节点执行如下命令

kubeadm join lb.kubesphere.local:6443 --token sqtj0l.eoxrfy1ed1c6fys3 --discovery-token-ca-cert-hash sha256:b095b99af4240d9c1c4eadb273e1196783b66129351a56adaeba96f6312819902 --control-plane --certificate-key e2e470ce8f26854e0abbbed38c82a859e2da9a0c3c8566cbc407be304d6e2709 

如果加入成为node节点则直接执行

kubeadm join lb.kubesphere.local:6443 --token sqtj0l.eoxrfy1ed1c6fys3 --discovery-token-ca-cert-hash sha256:b095b99af4240d9c1c4eadb273e1196783b66129351a56adaeba96f6312819902