3.7. K8s添加工作节点
1. 在master执行shell脚本, 主要修改网卡名,使用正确的ip, 生成Join 命令
#!/bin/bash
# 指定使用 enp0s8 网卡
NETWORK_INTERFACE="enp0s8"
# 从指定网卡获取 IP
MASTER_IP=$(ip addr show $NETWORK_INTERFACE | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
if [ -z "$MASTER_IP" ]; then
echo "错误:无法从网卡 $NETWORK_INTERFACE 获取 IP"
exit 1
fi
echo "使用网卡: $NETWORK_INTERFACE"
echo "Master IP: $MASTER_IP"
# 获取 token
TOKEN=$(kubeadm token list 2>/dev/null | grep -v "TOKEN" | awk '$2 !~ /^</ {print $1}' | head -1)
if [ -z "$TOKEN" ]; then
echo "未找到有效 token,正在创建新 token..."
TOKEN=$(kubeadm token create)
fi
echo "Token: $TOKEN"
# 获取 CA 哈希
CA_HASH=$(openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt -noout 2>/dev/null | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex 2>/dev/null | cut -d' ' -f2)
echo "CA Hash: sha256:$CA_HASH"
echo ""
echo "========== Join 命令 =========="
echo "kubeadm join $MASTER_IP:6443 --token $TOKEN --discovery-token-ca-cert-hash sha256:$CA_HASH"
echo "================================"
2. 在worker上执行master上的`Join命令`,结果提示如图
# * 案例: # kubeadm join 192.168.10.14:6443 --token 1tgvvz.m9x4j96ip1z8hf6r --discovery-token-ca-cert-hash sha256:7aeb5126aae638b091051341619a7ad8ad8f3383111d7e36e3065995d046baf7
3. worker执行: 创建clean-and-join.sh 脚本,清理worker节点并重新注册,脚本需要修改`hostnamectl set-hostname`后的`worker`名称 和 `"=== 加入集群 ==="`的内容(上面master执行的shell脚本的结果)
#!/bin/bash echo "=== 清理 Kubernetes 环境 ===" kubeadm reset -f rm -rf /etc/kubernetes/ rm -rf /var/lib/kubelet/ rm -rf /var/lib/etcd/ rm -rf ~/.kube/ rm -rf /etc/cni/net.d/ echo "=== 停止 kubelet ===" systemctl stop kubelet 2>/dev/null systemctl disable kubelet 2>/dev/null echo "=== 清理端口占用 ===" fuser -k 10250/tcp 2>/dev/null echo "=== 清理代理设置 ===" unset http_proxy https_proxy HTTP_PROXY HTTPS_PROXY ftp_proxy FTP_PROXY sed -i '/proxy/d' /etc/profile 2>/dev/null sed -i '/proxy/d' /etc/environment 2>/dev/null echo "=== 设置主机名 ===" hostnamectl set-hostname worker1 echo "127.0.0.1 $(hostname)" >> /etc/hosts echo "=== 验证网络连通性 ===" ping -c 2 192.168.10.14 echo "=== 加入集群 ===" kubeadm join 192.168.10.14:6443 \ --token 1tgvvz.m9x4j96ip1z8hf6r \ --discovery-token-ca-cert-hash sha256:7aeb5126aae638b091051341619a7ad8ad8f3383111d7e36e3065995d046baf7 \ --ignore-preflight-errors=Hostname,HTTPProxy echo "=== 完成 ==="
浙公网安备 33010602011771号