驱逐node节点上的pod

kubectl drain node01 --delete-local-data

 

 

将该节点从集群中删除

kubectl delete node node01

 

 

删除加入集群时候自动申请的key

[root@node01 kubernetes]# pwd
/etc/kubernetes
[root@node01 kubernetes]# tree 
.
├── cfg
│   ├── back
│   │   ├── kubelet.kubeconfig
│   │   └── kubelet.kubeconfig.bak
│   ├── kubelet-bootstrap.kubeconfig
│   ├── kubelet.conf
│   ├── kubelet-config.yml
│   ├── kubelet.kubeconfig
│   ├── kube-proxy.conf
│   ├── kube-proxy-config.yml
│   └── kube-proxy.kubeconfig
└── ssl
    ├── admin-key.pem
    ├── admin.pem
    ├── back
    │   ├── kubelet-client-2022-01-09-15-39-17.pem
    │   ├── kubelet-client-2022-01-09-17-02-22.pem
    │   ├── kubelet-client-current.pem -> /etc/kubernetes/ssl/kubelet-client-2022-01-09-17-02-22.pem
    │   ├── kubelet.crt
    │   └── kubelet.key
    ├── ca-key.pem
    ├── ca.pem
    ├── kubelet-client-2022-01-09-17-04-51.pem
    ├── kubelet-client-current.pem -> /etc/kubernetes/ssl/kubelet-client-2022-01-09-17-04-51.pem
    ├── kubelet.crt
    ├── kubelet.key
    ├── kube-proxy-key.pem
    └── kube-proxy.pem



[root@node01 kubernetes]# mkdir {ssl,cfg}/bak -p
[root@node01 kubernetes]# mv cfg/kubelet.kubeconfig cfg/bak
[root@node01 kubernetes]# mv ssl/kubelet* ssl/bak

#说明：

kubelet.kubeconfig：在第一次启动时候刚刚移动那些文件并不存在，在批准加入集群的时候，自动生成的

 

批准加入集群

node:
[root@node01 kubernetes]# systemctl restart kubelet.service 

master:
[root@master01 ssl]# kubectl get csr
node-csr-Lgrv9T_kgkMBUZ9b11U5P6Nyzz2MIQIlSXQefH-KKlI   7m37s       kubernetes.io/kube-apiserver-client-kubelet   kubelet-bootstrap   Pending

[root@master01 ssl]# kubectl certificate approve node-csr-Lgrv9T_kgkMBUZ9b11U5P6Nyzz2MIQIlSXQefH-KKlI

[root@master01 ssl]# kubectl get node
NAME STATUS ROLES AGE VERSION
master01 Ready master 18h v1.19.16
master02 Ready master 18h v1.19.16
master03 Ready master 18h v1.19.16
node01 Ready <none> 9m26s v1.19.16
node02 Ready <none> 9h v1.19.16

 

#node01已结重新加入集群了