k8s-新增服务端节点

本文章是 k8s二进制高可用集群部署 的分支。详细步骤请参考目录。

1.etcd扩容

  **如果etcd通过CA生成的证书不包含当前节点的ip,可能etcd集群需要重新生成证书。

  1.复制相关文件

scp /opt/etcd/{cfg,ssl} root@192.168.64.131:/opt/etcd/
scp /usr/local/bin/{etcd,etcdctl,etcdutl} root@192.168.64.131:/usr/local/bin/
scp /usr/lib/systemd/system/etcd.service root@192.168.64.131:/usr/lib/systemd/system/

  2.修改配置文件

    1.修改当前节点名称

    2.在集群内所有etcd节点的配置文件中添加当前节点【包含当前节点】

  3.启动

systemctl daemon-reload
systemctl start etcd.service
systemctl enable etcd.service
systemctl status etcd.service

2.安装Docker【略】

3.k8s-docker适配

  可使用以下简易办法

  1.拷贝

scp -r /usr/local/bin/cri-dockerd root@192.168.64.131:/usr/local/bin/
scp -r /etc/systemd/system/cri-docker* root@192.168.64.131:/etc/systemd/system/

  2.启动

systemctl daemon-reload
systemctl start cri-docker.service
systemctl enable cri-docker.service
systemctl enable --now cri-docker.socket
systemctl is-active cri-docker.socket

4.拷贝master01上相关文件到master02

scp -r /opt/kubernetes root@192.168.64.131:/opt/
scp /usr/local/bin/kube* root@192.168.64.131:/usr/local/bin/
scp /usr/lib/systemd/system/kube* root@192.168.64.131:/usr/lib/systemd/system
scp -r ~/.kube root@192.168.64.131:~

5.删除证书文件

# 删除kubelet证书和kubeconfig文件
rm -f /opt/kubernetes/cfg/kubelet.kubeconfig 
rm -f /opt/kubernetes/ssl/kubelet*

6.修改配置文件IP和主机名

# 修改apiserver、kubelet和kube-proxy配置文件为本地IP
vi /opt/kubernetes/cfg/kube-apiserver.conf 
...
--bind-address=192.168.64.131 \
--advertise-address=192.168.64.131 \
...

vi /opt/kubernetes/cfg/kubelet.conf
--hostname-override=k8s-master2

vi /opt/kubernetes/cfg/kube-proxy-config.yml
hostnameOverride: k8s-master2

# 修改连接master为本机IP
vi ~/.kube/config
...
server: https://192.168.64.131:6443

7.启动并设置开机启动

systemctl daemon-reload
systemctl start kube-apiserver kube-controller-manager kube-scheduler kubelet kube-proxy
systemctl enable kube-apiserver kube-controller-manager kube-scheduler kubelet kube-proxy

8.查看集群状态

kubectl get cs

NAME                 STATUS    MESSAGE                         ERROR
scheduler            Healthy   ok                              
controller-manager   Healthy   ok                              
etcd-3               Healthy   {"health":"true","reason":""}   
etcd-2               Healthy   {"health":"true","reason":""}   
etcd-0               Healthy   {"health":"true","reason":""}   
etcd-4               Healthy   {"health":"true","reason":""}   
etcd-1               Healthy   {"health":"true","reason":""}

9.批准kubelet证书申请

# 查看证书请求
kubectl get csr

NAME                                                   AGE     SIGNERNAME                                    REQUESTOR           REQUESTEDDURATION   CONDITION
node-csr-6rVrcbZ6rxhfMzfwp8SScGk6WzUhYRkjWusy00ZN-IE   3m26s   kubernetes.io/kube-apiserver-client-kubelet   kubelet-bootstrap   <none>              Pending

# 授权请求
kubectl certificate approve node-csr-6rVrcbZ6rxhfMzfwp8SScGk6WzUhYRkjWusy00ZN-IE

# 查看Node
kubectl get node

NAME          STATUS   ROLES    AGE   VERSION
k8s-master1   Ready    <none>   33h   v1.26.1
k8s-master2   Ready    <none>   18s   v1.26.1
k8s-node1     Ready    <none>   8h    v1.26.1

 

posted @ 2023-02-24 17:04  SpringCore  阅读(272)  评论(0编辑  收藏  举报