本文记录了在尝试向Kubernetes集群中添加新节点时遇到的连接问题,并详细描述了解决过程,包括调整API Server配置及重启kubelet服务。
今天想向kubernetes中增加一个节点,利用命令行:
kubeadm join --token c93b06.2cddb224a8931cb3 162.3.160.61:6443
但是加入节点的时候居然报错了,如下:
[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.
[preflight] Running pre-flight checks
[preflight] Starting the kubelet service
[discovery] Trying to connect to API Server "162.3.160.61:6443"
[discovery] Created cluster-info discovery client, requesting info from "https://162.3.160.61:6443"
[discovery] Failed to request cluster info, will try again: [the server has asked for the client to provide credentials (get configmaps cluster-info)]
[discovery] Failed to request cluster info, will try again: [the server has asked for the client to provide credentials (get configmaps cluster-info)]
[discovery] Failed to request cluster info, will try again: [the server has asked for the client to provide credentials (get configmaps cluster-info)]
[discovery] Failed to request cluster info, will try again: [the server has asked for the client to provide credentials (get configmaps cluster-info)]
[discovery] Failed to request cluster info, will try again: [the server has asked for the client to provide credentials (get configmaps cluster-info)]
[discovery] Failed to request cluster info, will try again: [the server has asked for the client to provide credentials (get configmaps cluster-info)]
[discovery] Failed to request cluster info, will try again: [the server has asked for the client to provide credentials (get configmaps cluster-info)]
获取cluster-info获取不到,为什么呢?
Google了很久也没查到具体的原因,难道token过期了?
kubeadm token list
TOKEN TTL EXPIRES USAGES DESCRIPTION
c93b06.2cddb224a8931cb3 <forever> <never> authentication,signing The default bootstrap token generated by 'kubeadm init'.
Kubeadm token list 可以看到token没有过期。
为什么为什么为什么?灵光一现,我们在kubeadm部署kubernetes, 部署dashborad不能访问的问题博客中,关闭了匿名访问,是不是这个原因呢?赶快把修改的api-server的启动参数在改回去,如下图所示
重启kubelet, service kubelet restart
再次加入节点
[root@node2 ~]# kubeadm join --token c93b06.2cddb224a8931cb3 162.3.160.61:6443
[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.
[preflight] Running pre-flight checks
[preflight] Starting the kubelet service
[discovery] Trying to connect to API Server "162.3.160.61:6443"
[discovery] Created cluster-info discovery client, requesting info from "https://162.3.160.61:6443"
[discovery] Cluster info signature and contents are valid, will use API Server "https://162.3.160.61:6443"
[discovery] Successfully established connection with API Server "162.3.160.61:6443"
[bootstrap] Detected server version: v1.7.6
[bootstrap] The server supports the Certificates API (certificates.k8s.io/v1beta1)
[csr] Created API client to obtain unique certificate for this node, generating keys and certificate signing request
[csr] Received signed certificate from the API server, generating KubeConfig...
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"
Node join complete:
* Certificate signing request sent to master and response
received.
* Kubelet informed of new secure connection details.
Run 'kubectl get nodes' on the master to see this machine join.
Oh, yes, 能够正常加入节点了,自己给自己挖的坑啊。
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
