kubeadm添加新master或node、unknown flag --experimental-upload-certs

在master01上

生成新token

[root@k8s-master01 ~]# kubeadm token create --print-join-command
W0825 09:25:49.300571   23457 configset.go:348] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
kubeadm join 192.168.80.10:16443 --token il1ddh.6s1rp74bb3cf18wv     --discovery-token-ca-cert-hash sha256:b7c2ecb0c238eadf5c6b8657137203c11633fd4c812bcea10e1dfbc61a36861f

生成新证书
1.16版本前参数为--experimental-upload-certs,1.16及1.16版本以后为--upload-certs

命令不对就会出现unknown flag --experimental-upload-certs的错误

[root@k8s-master01 ~]# kubeadm init phase upload-certs --upload-certs
I0825 09:35:16.039382   32084 version.go:255] remote version is much newer: v1.22.1; falling back to: stable-1.19
W0825 09:35:16.739034   32084 configset.go:348] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
[upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
[upload-certs] Using certificate key:
a615c6fb67eff694085de21480c462de2bc65b545884957ae0d37b109000e281

在新节点

添加新node节点

kubeadm join 192.168.80.10:16443 --token il1ddh.6s1rp74bb3cf18wv     --discovery-token-ca-cert-hash sha256:b7c2ecb0c238eadf5c6b8657137203c11633fd4c812bcea10e1dfbc61a36861f

添加新master节点

同样,1.16版本前参数为--experimental-control-plane --certificate-key ,1.16及1.16版本以后为--control-plane --certificate-key

kubeadm join 192.168.80.10:16443 --token il1ddh.6s1rp74bb3cf18wv     --discovery-token-ca-cert-hash sha256:b7c2ecb0c238eadf5c6b8657137203c11633fd4c812bcea10e1dfbc61a36861f --control-plane --certificate-key a615c6fb67eff694085de21480c462de2bc65b545884957ae0d37b109000e281

etcdctl --cacert="/etc/kubernetes/pki/etcd/ca.crt" --cert="/etc/kubernetes/pki/etcd/server.crt" --key="/etc/kubernetes/pki/etcd/server.key" member list

上一篇:关于bfs与dfs的标记区别


下一篇:电脑URL证书过期问题(已解决)SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate