kubeadm 生成的token过期后,集群增加节点:
通过kubeadm初始化后,都会提供node加入的token。
默认token的有效期为24小时,当过期之后,该token就不可用了。解决方法如下:
1.重新生成新的token:
[root@walker-1 kubernetes]# kubeadm token create #创建新的token
[kubeadm] WARNING: starting in 1.8, tokens expire after 24 hours by default (if you require a non-expiring token use --ttl 0)
aa78f6.8b4cafc8ed26c34f
[root@walker-1 kubernetes]# kubeadm token list
TOKEN TTL EXPIRES USAGES DESCRIPTION EXTRA GROUPS
aa78f6.8b4cafc8ed26c34f 23h 2017-12-26T16:36:29+08:00 authentication,signing <none> system:bootstrappers:kubeadm:default-node-token
2.获取ca证书sha256编码hash值:
[root@walker-1 kubernetes]# openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //' #获取h