在现有的master节点操作如下指令:
生成加入集群成为master节点
生成key信息
kubeadm init phase upload-certs --experimental-upload-certs
执行结果如下:
[root@k8s-master01 ~]# kubeadm init phase upload-certs --upload-certs
I0122 18:11:15.517893 60086 version.go:252] remote version is much newer: v1.23.2; falling back to: stable-1.18
W0122 18:11:17.049273 60086 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
[upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
[upload-certs] Using certificate key:
21bd36e059dfb46bf395d817a5480c54bb079eab4f7b75b4dfef724adb3349aa
再执行生成token
kubeadm token create --print-join-command
执行结果如下:
[root@k8s-master01 ~]# kubeadm token create --print-join-command
W0122 18:11:19.445355 60121 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
kubeadm join 192.168.137.12:6443 --token xhsmiv.ggj00ojs6dvv8b23 --discovery-token-ca-cert-hash sha256:33b52ec83686f93ae6212542d22d00c621fad20f0dc9592b45211bd42a2e81b9
根据上面两条指令执行的结果后,将token和key进行拼接,加入集群为master的命令:
kubeadm join 192.168.137.12:6443 --token xhsmiv.ggj00ojs6dvv8b23 --discovery-token-ca-cert-hash sha256:33b52ec83686f93ae6212542d22d00c621fad20f0dc9592b45211bd42a2e81b9
--control-plane --certificate-key 21bd36e059dfb46bf395d817a5480c54bb079eab4f7b75b4dfef724adb3349aa
最后就可以根据上面生成拼接后的命令,到新部署的k8s节点上执行加入集群即可
生成加入集群成为work节点
在master节点上执行如下命令:
kubeadm token create --print-join-command
执行结果如下:
[root@k8s-master01 ~]# kubeadm token create --print-join-command
W0122 18:11:19.445355 60121 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
kubeadm join 192.168.137.12:6443 --token xhsmiv.ggj00ojs6dvv8b23 --discovery-token-ca-cert-hash sha256:33b52ec83686f93ae6212542d22d00c621fad20f0dc9592b45211bd42a2e81b9
根据得到的token,在新部署的k8s节点上执行如下命令即可
kubeadm join 192.168.137.12:6443 --token xhsmiv.ggj00ojs6dvv8b23 --discovery-token-ca-cert-hash sha256:33b52ec83686f93ae6212542d22d00c621fad20f0dc9592b45211bd42a2e81b9
最后在master节点执行如下指令查看新增的节点是否已加入集群中了没
kubectl get nodes
执行结果如下:
[root@k8s-master01 ~]$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-node01 Ready <none> 2d11h v1.18.6
k8s-node02 Ready <none> 2d11h v1.18.6
k8s-master01 Ready master 2d11h v1.18.6
k8s-master02 Ready <none> 2d11h v1.18.6
k8s-master03 Ready <none> 2d11h v1.18.6