k8s:kubeadm搭建k8s集群,加入新master节点报错
加入新的master节点
[root@k8s-master02 ~]#kubeadm join 172.20.1.236:16443 --token 7t2weq.bjbawausm0jaxury \
> --discovery-token-ca-cert-hash sha256:cf30ddd3df1c6215b886df1ea378a68ad5a9faad7933d53ca9891ebbdf9a1c3f \
> --control-plane --certificate-key 8025cc203187ad6bf23f074538cb8b9163031ae73262be556dbcb11ccc92248
出现报错,报错如下所示:
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[preflight] Running pre-flight checks before initializing the new control plane instance
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[download-certs] Downloading the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
error execution phase control-plane-prepare/download-certs: error downloading certs: error decoding certificate key: encoding/hex: odd length hex string
To see the stack trace of this error execute with --v=5 or higher
解决办法:
重新生成新的token
[root@k8s-master01 ~]# kubeadm token create --print-join-command
kubeadm join 172.20.1.236:16443 --token 1azu55.pe79z2ir146pjf2i --discovery-token-ca-cert-hash sha256:cf30ddd3df1c6215b886df1ea378a68ad5a9faad7933d53ca9891ebbdf9a1c3f
[root@k8s-master01 ~]# kubeadm init phase upload-certs --upload-certs
I0719 15:26:30.213882 17524 version.go:254] remote version is much newer: v1.24.3; falling back to: stable-1.20
[upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
[upload-certs] Using certificate key:
16e74623e8ab152265c6814617062e66e3a2ca9f033a992b9338207d745d1c66
为什么会出现该问题,我们来看下
[root@k8s-master01 calico]# kubectl get secret -n kube-system
NAME TYPE DATA AGE
attachdetach-controller-token-w9zp2 kubernetes.io/service-account-token 3 19h
bootstrap-signer-token-hxq9w kubernetes.io/service-account-token 3 19h
bootstrap-token-1azu55 bootstrap.kubernetes.io/token 6 60m
bootstrap-token-7t2weq bootstrap.kubernetes.io/token 6 19h
bootstrap-token-i3gkzz bootstrap.kubernetes.io/token 4 59m
calico-etcd-secrets Opaque 3 22m
calico-kube-controllers-token-hb6c7 kubernetes.io/service-account-token 3 22m
calico-node-token-x58nk kubernetes.io/service-account-token 3 22m
certificate-controller-token-ts6r7 kubernetes.io/service-account-token 3 19h
clusterrole-aggregation-controller-token-dqlfc kubernetes.io/service-account-token 3 19h
coredns-token-dh4lk kubernetes.io/service-account-token 3 19h
cronjob-controller-token-xls8g kubernetes.io/service-account-token 3 19h
daemon-set-controller-token-m7v6f kubernetes.io/service-account-token 3 19h
default-token-qmm4s kubernetes.io/service-account-token 3 19h
deployment-controller-token-x2vg7 kubernetes.io/service-account-token 3 19h
disruption-controller-token-4h52k kubernetes.io/service-account-token 3 19h
endpoint-controller-token-cpnts kubernetes.io/service-account-token 3 19h
endpointslice-controller-token-mqcdp kubernetes.io/service-account-token 3 19h
endpointslicemirroring-controller-token-jqf25 kubernetes.io/service-account-token 3 19h
expand-controller-token-jpbln kubernetes.io/service-account-token 3 19h
generic-garbage-collector-token-7zcl2 kubernetes.io/service-account-token 3 19h
horizontal-pod-autoscaler-token-ddbkf kubernetes.io/service-account-token 3 19h
job-controller-token-6tdlk kubernetes.io/service-account-token 3 19h
kube-proxy-token-8g9hz kubernetes.io/service-account-token 3 19h
kubeadm-certs Opaque 8 59m
namespace-controller-token-s5t9w kubernetes.io/service-account-token 3 19h
node-controller-token-5zxfl kubernetes.io/service-account-token 3 19h
persistent-volume-binder-token-mlb75 kubernetes.io/service-account-token 3 19h
pod-garbage-collector-token-qxjq8 kubernetes.io/service-account-token 3 19h
pv-protection-controller-token-zmdbd kubernetes.io/service-account-token 3 19h
pvc-protection-controller-token-fzpdw kubernetes.io/service-account-token 3 19h
replicaset-controller-token-mjjn4 kubernetes.io/service-account-token 3 19h
replication-controller-token-sbbpp kubernetes.io/service-account-token 3 19h
resourcequota-controller-token-52sw9 kubernetes.io/service-account-token 3 19h
root-ca-cert-publisher-token-z5wbb kubernetes.io/service-account-token 3 19h
service-account-controller-token-m2mxf kubernetes.io/service-account-token 3 19h
service-controller-token-fkpv6 kubernetes.io/service-account-token 3 19h
statefulset-controller-token-fr57m kubernetes.io/service-account-token 3 19h
token-cleaner-token-rrnf7 kubernetes.io/service-account-token 3 19h
ttl-controller-token-t44pd kubernetes.io/service-account-token 3 19h
[root@k8s-master01 calico]# kubectl get secret -n kube-system bootstrap-token-1azu55 -oyaml
apiVersion: v1
data:auth-extra-groups: c3lzdGVtOmJvb3RzdHJhcHBlcnM6a3ViZWFkbTpkZWZhdWx0LW5vZGUtdG9rZW4=expiration: MjAyMi0wNy0yMFQxNToyNTowOCswODowMA==token-id: MWF6dTU1token-secret: cGU3OXoyaXIxNDZwamYyaQ==usage-bootstrap-authentication: dHJ1ZQ==usage-bootstrap-signing: dHJ1ZQ==
kind: Secret
metadata:creationTimestamp: "2022-07-19T07:25:08Z"managedFields:- apiVersion: v1fieldsType: FieldsV1fieldsV1:f:data:.: {}f:auth-extra-groups: {}f:expiration: {}f:token-id: {}f:token-secret: {}f:usage-bootstrap-authentication: {}f:usage-bootstrap-signing: {}f:type: {}manager: kubeadmoperation: Updatetime: "2022-07-19T07:25:08Z"name: bootstrap-token-1azu55namespace: kube-systemresourceVersion: "13916"uid: 38b20292-9724-4c96-a745-130b7704bcb2
type: bootstrap.kubernetes.io/token
[root@k8s-master01 calico]# echo "MjAyMi0wNy0yMFQxNToyNTowOCswODowMA==" |base64 -d
2022-07-20T15:25:08+08:00[root@k8s-master01 ]#
我们能看到,token过期时间为2小时,由于token过期,所以导致节点加入失败
k8s:kubeadm搭建k8s集群,加入新master节点报错相关推荐
- 如何处理 Kubeadm 搭建的集群证书过期问题
推荐阅读 Helm3(K8S 资源对象管理工具)视频教程:https://edu.csdn.net/course/detail/32506 Helm3(K8S 资源对象管理工具)博客专栏:https: ...
- k8s集群部署中etcd启动报错request sent was ignored (cluster ID mismatch: peer[c39bdec535db1fd5]=cdf818194e3a8c
k8s集群部署中etcd启动报错处理 报错信息如下,主要报错信息有两条 原因是/var/lib/etcd/目录下缓存导致 解决方法 问题2: Error starting daemon: SELinu ...
- Kubeadm介绍与使用Kubeadm搭建kubernetes集群环境
文章目录 1.Kubeadm介绍 2.使用Kubeamd搭建kubernetes集群环境 2.1.首先准备一个三台的centos机器 2.2.yum -y update [在三台机器上执行更新包] 2 ...
- CentOS7 使用 kubeadm 搭建 kubernetes 集群(极速篇)
序言 本人在安装 k8s 的过程中曲折不断,故写下此文,让后人可以少走弯路. 这篇文章只描述如何从0开始快速搭建 k8s 集群,想更详细了解具体遇到问题的分析过程和解决方案,可阅读另一篇文章 -- C ...
- CentOS7 使用 kubeadm 搭建 kubernetes 集群(踩坑篇)
序言 本人在搭建 k8s 集群的过程中曲折不断,故写下此文,欲与"同是天涯沦落人"分享. 这篇文章会详细描述安装过程中遇到的问题,以及本人相应的解决办法,如读者只想快速搭建 k8s ...
- kubeadm搭建Kubernetes集群v1.16
一. 环境概述: master (192.168.122.23): CentOS7u7 node1(192.168.122.117): CentOS7u7 node2(192.168.122.164) ...
- k8s之搭建单机集群
写在前面 本文一起看下如何在单机环境下搭建k8s集群. 基础环境准备参考这篇文章 . 1:k8s的前世今生 现在当我们提到容器技术时,首先想到的肯定是docker,但其实在docker之前,谷歌公司就 ...
- redis映射的概念_在K8S上搭建Redis集群
今天让我们试着在k8s里部署一个redis集群,了解更多k8s的细节和特性. 环境:minikube v0.30 (kubernetes 1.10) 问题分析 本质上来说,在k8s上部署一个redis ...
- k8s集群重新将master节点加入集群
文章目录 问题背景 解决过程 基础环境恢复 恢复etcd集群 恢复docker 恢复k8s集群 总结 问题背景 由三台master节点组成的k8s集群,由于其中一台master节点启动文件异常,将机器 ...
最新文章
- 精简易懂,30 分钟学会 SVD 矩阵分解,很强!
- ubuntu19.04更改国内镜像源
- 用Python做自然语言处理必知的八个工具【转载】
- 在mysql中更改数据类型_如何在MySQL中更改列的数据类型?
- Thread的join方法使用解析
- maven 遇到failOnMissingWebXml有关问题解决方法
- 卷积神经网络CNN(8)—— Pix2Pix Application -- Aerialmap Lane Line Detection (Pix2Pix应用:航拍图车道线检测)
- Linux之强大的selinux
- VS2010 修改模板文件,增加默认注释
- 两个网段在同一个交换机_告诉你PC不能通过二层交换机实现跨网段通信的小秘密:你很难想到...
- git连接通过ssh连接github
- 查看Exchange用户最后登录时间
- mongodb数据库命令操作(转)
- idirect3ddevice9虚函数偏移_C++ 虚函数简介
- Raki的读paper小记:FastText:Enriching Word Vectors with Subword Information
- zoj 1100 - Mondriaan#39;s Dream
- python随机分组的思路_一个关于随机分组需求的Python方案与思考
- 用切片实现一个简陋的Map
- H3C模拟器中文路径问题(提示:“当前系统用户名中包含非ASCII字符”! )方法尝试:
- python 输入名字输出hello名字_Python 输入输出