1.关闭防火墙及selinux
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i ‘s/=enforcing/=disabled/g’ /etc/selinux/config
2.关闭swap分区
swapoff -a #临时
sed -i ‘/swap/s/^/#/’ /etc/fstab #永久
3.增加docker和k8s yum仓库(阿里源)
cd /etc/yum.repos.d/
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#vi /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
enabled=1
4.安装docker和kubeadm
yum install docker-ce kubelet kubeadm kubectl -y
5.启动docker和kubelet
systemctl start docker && systemctl enable docker
systemctl start kubelet && systemctl enable kubelet
6.master查看当前节点
kubectl get nodes
7.master上重新生成token
kubeadm token create
#列出token
kubeadm token list | awk -F" " ‘{print $1}’ |tail -n 1
8.获取master节点CA公钥的哈希值
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed ‘s/^ .* //’
9.node上执行加入集群
kubeadm join master_apiserver地址 --token token值
–discovery-token-ca-cert-hash sha256:哈希值
kubeadm join 192.168.0.24:6443 --token z5ckzz.zitvp4mvwdofxe6w
–discovery-token-ca-cert-hash sha256:f77608774293996a46f83cd16a8f9cc7eb47a6808373163624d431d4d8fe4726
10.查看当前集群node
该node节点已经成功加入集群