kubeadm初始化k8s-刪除控制節點-重新把控制節點加入集群步驟

# 1、把k8s-master2的信息從etcd刪除：
[root@k8s-master1 ~]# tar zxvf etcd-v3.3.4-linux-amd64.tar.gz 
[root@k8s-master1 ~]# cd etcd-v3.3.4-linux-amd64
[root@k8s-master1 etcd-v3.3.4-linux-amd64]# cp etcdctl /usr/local/sbin/
[root@k8s-master1 ~]# ETCDCTL_API=3 etcdctl --endpoints 127.0.0.1:2379 --cacert /etc/kubernetes/pki/etcd/ca.crt --cert  /etc/kubernetes/pki/etcd/server.crt --key  /etc/kubernetes/pki/etcd/server.key member list
1203cdd3ad75e761, started, k8s-master1, https://192.168.40.180:2380, https://192.168.40.180:2379
dda71d9d52b97028, started, k8s-master2, https://192.168.40.181:2380, https://192.168.40.181:2379

# 2、找到k8s-master2對應的hash值是：dda71d9d52b97028

# 3、我們下一步就是根據hash刪除etcd信息，執行如下命令
[root@k8s-master1 ~]# ETCDCTL_API=3 etcdctl --endpoints 127.0.0.1:2379 --cacert /etc/kubernetes/pki/etcd/ca.crt --cert /etc/kubernetes/pki/etcd/server.crt --key /etc/kubernetes/pki/etcd/server.key member remove dda71d9d52b97028

# 4、查看加入集群命令：(比較慢)
[root@k8s-master1 ~]# kubeadm token create --print-join-command
kubeadm join 192.168.40.199:16443 --token e5wrs0.lqcem5us4a04tp5x     --discovery-token-ca-cert-hash sha256:61c6754582a1ca7668770594acd1efa36a9c5c71a897517d8fb6f6c9db8ee314

# 5、把k8s-master2從k8s集群刪除，重新加入到k8s步驟
[root@k8s-master1 ~]# kubectl delete nodes k8s-master2   # 可以多執行幾遍
# 特別注意：在刪除的節點上執行，千萬不要執行錯
[root@k8s-master2 ~]# kubeadm reset

# 6、把k8s-master1上的證書還是按照文檔全都拷貝到k8s-master2機器上
[root@k8s-master1 ~]# scp /etc/kubernetes/pki/ca.crt k8s-master2:/etc/kubernetes/pki/
[root@k8s-master1 ~]# scp /etc/kubernetes/pki/ca.key k8s-master2:/etc/kubernetes/pki/
[root@k8s-master1 ~]# scp /etc/kubernetes/pki/sa.key k8s-master2:/etc/kubernetes/pki/
[root@k8s-master1 ~]# scp /etc/kubernetes/pki/sa.pub k8s-master2:/etc/kubernetes/pki/
[root@k8s-master1 ~]# scp /etc/kubernetes/pki/front-proxy-ca.crt k8s-master2:/etc/kubernetes/pki/
[root@k8s-master1 ~]# scp /etc/kubernetes/pki/front-proxy-ca.key k8s-master2:/etc/kubernetes/pki/
[root@k8s-master2 ~]# mkdir -p /etc/kubernetes/pki/etcd/
[root@k8s-master1 ~]# scp /etc/kubernetes/pki/etcd/ca.crt k8s-master2:/etc/kubernetes/pki/etcd/
[root@k8s-master1 ~]# scp /etc/kubernetes/pki/etcd/ca.key k8s-master2:/etc/kubernetes/pki/etcd/

# 7、在k8s-master2執行如下命令，把節點加入k8s集群，充當控制節點：
[root@k8s-master2 ~]# kubeadm join 192.168.40.199:16443 --token e5wrs0.lqcem5us4a04tp5x     --discovery-token-ca-cert-hash sha256:61c6754582a1ca7668770594acd1efa36a9c5c71a897517d8fb6f6c9db8ee314  --control-plane

# 8、查看集群是否加入成功：
[root@k8s-master1 ~]# kubectl get nodes
NAME          STATUS   ROLES                  AGE   VERSION
k8s-master1   Ready    control-plane,master   34m   v1.20.6
k8s-master2   Ready    control-plane,master   50s   v1.20.6
k8s-node1     Ready    <none>                 30m   v1.20.6

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 kubeadm 線上集群部署(四) k8s node 節點初始化安裝重新初始化k8s master節點 k8s-"節點控制器驅逐Pod" k8s(一) kubeadm簡單集群初始化 Kubernetes 學習3 kubeadm初始化k8s集群 kubeadm初始化k8s-延長證書過期時間 7. 復制k8s Node節點並重新初始化k8s-nodes2節點 (k8s連載) k8s 刪除問題節點，重新加入該節點，看不到csr申請 Node節點加入k8s集群 Node節點如何加入K8S集群