记录——kubeadm集群node节点加入
1. node节点关闭防火墙安全机制,映射等
2. 查看master的docker版本并安装与其相同版本。
docker version
列出docker版本
yum list docker-ce --showduplicates|sort -r
加速器配置
cat << EOF >> /etc/docker/daemon.json
{
"registry-mirrors": ["https://q6e6fnms.mirror.aliyuncs.com"]
}
EOF
systemctl restart docke
3. 拉取组件
可在其他node查看镜像组件名称及标签。
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.aliyuncs.com/google_containers/kube-proxy v1.15.0 d235b23c3570 23 months ago 82.4MB
registry.aliyuncs.com/google_containers/kube-apiserver v1.15.0 201c7a840312 23 months ago 207MB
registry.aliyuncs.com/google_containers/kube-controller-manager v1.15.0 8328bb49b652 23 months ago 159MB
registry.aliyuncs.com/google_containers/kube-scheduler v1.15.0 2d3813851e87 23 months ago 81.1MB
quay.io/coreos/flannel v0.11.0-amd64 ff281650a721 2 years ago 52.6MB
registry.aliyuncs.com/google_containers/coredns 1.3.1 eb516548c180 2 years ago 40.3MB
registry.aliyuncs.com/google_containers/pause 3.1 da86e6ba6ca1 3 years ago 742kB
registry.aliyuncs.com/google_containers/etcd 3.3.10 2c4adeb21b4f 2 years ago 258MB
默认是从k8s.gcr.io
拉取镜像的,因为地址在国外,所以拉取不下来,可以为镜像打标签。
只需要吧阿里云的名字换成k8s.gcr.io
即可
如:docker tag registry.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1
- 安装kubelet、kubeadm
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
需要与其他节点版本一致,其他节点为1.15
kubelet --version
Kubernetes v1.15.0
新node执行
yum install -y kubelet-1.15.0-0 kubeadm-1.15.0 kubectl-1.15.0
systemctl daemon-reload && systemctl enable kubelet && systemctl restart kubelet
- master获取加入集群命令
kubeadm token create --print-join-command
回显
kubeadm join 192.168.100.110:6443 --token 0foltd.hk8asl73ovd6x0x7 --discovery-token-ca-cert-hash sha256:908dcdd4e76018da88d150d2fe442fbad20b13931e9c1dbe5b3f5d984e0ce35c
- node加入集群
执行master回显命令即可
kubeadm join 192.168.100.110:6443 --token 0foltd.hk8asl73ovd6x0x7 --discovery-token-ca-cert-hash sha256:908dcdd4e76018da88d150d2fe442fbad20b13931e9c1dbe5b3f5d984e0ce35c
- 在master 查看新加入的节点
kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 8d v1.15.0
node1 Ready <none> 8d v1.15.0
node2 Ready <none> 8d v1.15.0
node3 Ready <none> 45m v1.15.0
问题
如果出现node状态为“Notready
”,可以使用如下命令查看组件情况。
kubectl get pods -n kube-system
进一步排查
kubectl describe pods -n “加上名字”