修改kubernetes集群中Node的名字

文章目录
[隐藏]

1. kubeadm搭建的集群

修改之前节点信息如下:

# kubectl get node
NAME         STATUS   ROLES    AGE   VERSION
k8s-master   Ready    master   95d   v1.17.2
k8s-node01   Ready    node01   95d   v1.17.2
k8s-node02   Ready    node02   95d   v1.17.2

(1)、修改主机名

hostnamectl set-hostname k8s-node03

(2)、删除node节点

kubectl delete nodes k8s-node02

(3)、在删除的Node节点上重置节点

kubeadm reset

(4)、在master节点上查看token是否存在(默认24小时过期)

kubeadm token list

(5)、如果token不存在则创建token

# kubeadm token create
4u4w7j.qv34axysi783i7wg

(6)、获取ca证书sha256编码hash值

# openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
d0d8bc0728a15007638f3ff4f047b3ef8b6359fd0dc3cf409efe94147cb32e32

(7)、在删除的Node节点执行kubeadm join加入集群

kubeadm join 10.1.10.128:6443 --token cq7ufd.t05znkzrnrinosjn \
     --discovery-token-ca-cert-hash sha256:b7f7676bf5af4ce251f96390d70e1158f01ddfaa2767f9734b03e238a5b6a798 \
     --node-name k8s-node03

(8)、在master上查看是否已经加入

# kubectl get node
NAME         STATUS   ROLES    AGE     VERSION
k8s-master   Ready    master   95d     v1.17.2
k8s-node01   Ready    node01   95d     v1.17.2
k8s-node03   Ready    <none>   3m19s   v1.17.2

(9)、给node节点加标签(按需)

kubectl label nodes k8s-node03 node-role.kubernetes.io/node03=

(10)、查看集群Node信息

# kubectl get node
NAME         STATUS   ROLES    AGE     VERSION
k8s-master   Ready    master   95d     v1.17.2
k8s-node01   Ready    node01   95d     v1.17.2
k8s-node03   Ready    node03   4m12s   v1.17.2

2. 二进制搭建的集群

将host1改为master

(1)、修改系统主机名

hostnamectl set-hostname master

(2)、修改kubelet启动参数

--hostname-override=master

重启kubelet服务

systemctl restart kubelet

查看kubelet日志

journalctl -xe -u kubelet

会看到如下报错

Mar 23 13:15:27 master kubelet[13508]: E0323 13:15:27.320556   13508 kubelet_node_status.go:106] Unable to register node "master" with API server: nodes "master" is forbidden: node "host1" cannot modify node "master"

(3)、停止kubelet服务并删除节点

systemctl stop kubelet
kubectl delete node host1

(4)、删除kubelet.kubeconfig,kubelet.key,kubelet.crt,kubelet-client.key和kubelet-client.crt

rm -f /etc/kubernetes/kubelet.kubeconfig
rm -f /etc/kubernetes/ssl/kubelet*

(5)、重启kubelet

ystemctl restart kubelet

(6)、查看证书状态

# kubectl get csr
NAME                                                   AGE       REQUESTOR           CONDITION
node-csr-GIAqC5LBI_7c6TlMW8wugv_TlHfs1CShZhnEyLgxvSI   1m        kubelet-bootstrap   Pending

(7)、允许证书

kubectl certificate approve node-csr-GIAqC5LBI_7c6TlMW8wugv_TlHfs1CShZhnEyLgxvSI

(8)、再次查看证书状态

# kubectl get csr
NAME                                                   AGE       REQUESTOR           CONDITION
node-csr-GIAqC5LBI_7c6TlMW8wugv_TlHfs1CShZhnEyLgxvSI   1m        kubelet-bootstrap   Approved,Issued

(9)、查看节点状态

kubectl get node

原文出处:coolops -> https://www.coolops.cn/posts/kubernetes-update-node-name/

打赏

如果此文对你有所帮助,请随意打赏鼓励作者^_^