【K8S搭载高可用集群报错】error downloading certs: error decoding certificate key: encoding/hex: invalid byte: U

久呀

于 2024-03-27 10:42:12 发布

阅读量272

点赞数 9

分类专栏： k8s linux docker 文章标签： kubernetes 容器云原生

本文链接：https://blog.csdn.net/zhiyoujiu/article/details/137069177

版权

linux 同时被 3 个专栏收录

8 篇文章 0 订阅

订阅专栏

docker

4 篇文章 0 订阅

订阅专栏

k8s

3 篇文章 0 订阅

订阅专栏

master1已经搭建并且输出了token

[root@master1 ~]# kubeadm token create --print-join-command --certificate-key --v=5
kubeadm join 10.10.19.141:8443 --token hw9fe4.s0jhfpcqqx38swwb --discovery-token-ca-cert-hash sha256:e9df4c818e0e3d291b18529e80fcfbd3fb2651879c0985db2e97a235b5c04f64 --control-plane --certificate-key --v=5

master2加入时指定socket，在后面加入–cri-socket unix:///run/containerd/containerd.sock，如果以docker为容器加上–cri-socket unix:///var/run/cri-dockerd.sock
发现报错了！！！
master2加入时报错error execution phase control-plane-prepare/download-certs: error downloading certs: error decoding certificate key: encoding/hex: invalid byte: U+002D ‘-’

[root@master2 ~]# kubeadm join 10.10.19.141:8443 --token hw9fe4.s0jhfpcqqx38swwb --discovery-token-ca-cert-hash sha256:e9df4c818e0e3d291b18529e80fcfbd3fb2651879c0985db2e97a235b5c04f64 --control-plane --certificate-key --v=5 --cri-socket unix:///run/containerd/containerd.sock
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[preflight] Running pre-flight checks before initializing the new control plane instance
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[download-certs] Downloading the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
error execution phase control-plane-prepare/download-certs: error downloading certs: error decoding certificate key: encoding/hex: invalid byte: U+002D '-'
To see the stack trace of this error execute with --v=5 or higher

在master1上重新生成证书密钥

[root@master1 ~]# kubeadm init phase upload-certs --upload-certs --config kubeadm-init.yaml
[upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
[upload-certs] Using certificate key:
b80e18d761b1614f8ee53b1d1018aa09bd54efb37efb7391013b76ef3e4f04cb

master2加入时加上证书密钥字段 --certificate-key b80e18d761b1614f8ee53b1d1018aa09bd54efb37efb7391013b76ef3e4f04cb

[root@master2 containerd]# kubeadm join 10.10.19.141:8443 --token t45zd2.f9njrzf3dn9w0j9y --discovery-token-ca-cert-hash sha256:e9df4c818e0e3d291b18529e80fcfbd3fb2651879c0985db2e97a235b5c04f64 --control-plane  --v=5 --cri-socket unix:///run/containerd/containerd.sock  --certificate-key b80e18d761b1614f8ee53b1d1018aa09bd54efb37efb7391013b76ef3e4f04cb

在这里插入图片描述
成功！
其他补充：
node加入集群的命令

[root@node1 ~]# kubeadm join 10.10.19.141:8443 --token t45zd2.f9njrzf3dn9w0j9y --discovery-token-ca-cert-hash sha256:e9df4c818e0e3d291b18529e80fcfbd3fb2651879c0985db2e97a235b5c04f64  --v=5 --cri-socket unix:///run/containerd/containerd.sock

解释一下每个字段的含义

字段	含义
–discovery-token-ca-cert-hash	验证新节点的哈希值
–control-plane	此节点为控制节点
–v=5	记录所有的日志信息，包括调试信息
–cri-socket	socket文件位置
–certificate-key	证书密钥

久呀

关注

9
点赞
踩
4

收藏

觉得还不错? 一键收藏
打赏
0
评论
【K8S搭载高可用集群报错】error downloading certs: error decoding certificate key: encoding/hex: invalid byte: U

其他master节点加入时报错error execution phase control-plane-prepare/download-certs: error downloading certs: error decoding certificate key: encoding/hex: invalid byte: U+002D ‘-’
复制链接

扫一扫