kubernetes节点ip变更后通信就会出现问题,我们只需要通过kubeadm init phase命令,重新生成config文件和签名文件就可以了。
1、备份当前k8s集群配置文件
cp -r /etc/kubernetes /etc/kubernetes_bak$(date +"%Y%m%d%H%M%S")
2、批量替换k8s配置文件中ip地址(如果配置了hosts、kubelet,同样需要一起替换)
sed -i "s/${OLD_IP}/${NEW_IP}/g" `grep -rl "${OLD_IP}" /etc/kubernetes`
sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/hosts if [ -f "/etc/default/kubelet" ]; then sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/default/kubelet elif [ -f "/etc/sysconfig/kubelet" ]; then sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/sysconfig/kubelet fi
3、重新生成apiserver证书
rm -rf /etc/kubernetes/pki/apiserver.* kubeadm init phase certs apiserver --apiserver-advertise-address ${NEW_IP}
4、重新生成admin配置(并更新k8sconfig)
rm -rf /etc/kubernetes/admin.conf kubeadm init phase kubeconfig admin --apiserver-advertise-address ${NEW_IP} \cp /etc/kubernetes/admin.conf ~/.kube/config
5、重启docker和kubelet
systemctl restart docker && systemctl restart kubelet
systemctl status docker && systemctl status kubelet
6、更新kube-proxy配置,并重启kube-proxy服务
kubectl -n kube-system get cm kube-proxy -oyaml > /etc/kubernetes/kube-proxy.conf sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/kubernetes/kube-proxy.conf kubectl -n kube-system apply -f /etc/kubernetes/kube-proxy.conf kubectl -n kube-system delete pod -l k8s-app=kube-proxy
注意:
1、如果不更新kube-proxy配置,连接将会失败(因为default.svc.kubernetes对应地址依然是旧的ip)
2、如果是多节点,删除kube-proxy服务时会卡主,这是由于工作节点kubelet配置没有更新,导致节点NotReady,删除节点上pod自然会卡主(强制终止即可,或者参考步骤8提前更新工作节点)
7、检查节点和系统状态
kubectl get node | grep -vE 'STATUS|Ready' Ready kubectl get pod -n kube-system |grep -vE 'STATUS|Running'
8、如果是多节点,需要修改工作节点kubelet.conf配置,并重启kubelet
sed -i "s/${OLD_IP}/${NEW_IP}/g" `grep -rl "${OLD_IP}" /etc/kubernetes`
systemctl restart kubelet
>>>如果你还是觉得很麻烦,我这边已经提供现成的自动化脚本:
#!/bin/bash if [ "$UID" -ne 0 ]; then echo "[ERROR]: require root user" exit 1 fi echo "If there is a worker node, first execute the following command to update: sed -i 's/<OLD_IP>/<NEW_IP>/g' `grep -rl '<OLD_IP>' /etc/kubernetes` systemctl restart kubelet " NEW_IP=$(ip route get 8.8.4.4 | head -1 | awk '{print $7}') IP_CONF=$(cat /etc/kubernetes/manifests/kube-apiserver.yaml | grep "advertise-address") OLD_IP=${IP_CONF#*=} while [ "$1" != "" ]; do case $1 in --new-ip) NEW_IP=$2 shift 2 ;; --old-ip) OLD_IP=$2 shift 2 ;; *) echo "[ERROR] invalid argument '$1'" usage exit 1 esac done echo "Update node ip: $OLD_IP > $NEW_IP" echo "Backup k8s config: /etc/kubernetes_bak$(date +"%Y%m%d%H%M%S")" cp -r /etc/kubernetes /etc/kubernetes_bak$(date +"%Y%m%d%H%M%S") echo "======================= Update k8s config ===============================" grep -rl "${OLD_IP}" /etc/kubernetes sed -i "s/${OLD_IP}/${NEW_IP}/g" `grep -rl "${OLD_IP}" /etc/kubernetes` sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/hosts if [ -f "/etc/default/kubelet" ]; then sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/default/kubelet elif [ -f "/etc/sysconfig/kubelet" ]; then sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/sysconfig/kubelet fi echo echo "======================== Generate new certificate ==========================" rm -rf /etc/kubernetes/pki/apiserver.* kubeadm init phase certs apiserver --apiserver-advertise-address ${NEW_IP} echo echo "======================= Generate new config ================================" rm -rf /etc/kubernetes/admin.conf kubeadm init phase kubeconfig admin --apiserver-advertise-address ${NEW_IP} \cp /etc/kubernetes/admin.conf ~/.kube/config echo echo "======================= Restart docker and kubelet =========================" systemctl restart docker && systemctl status docker | head -n10 systemctl restart kubelet && systemctl status kubelet | head -n10 echo echo "=========================== Check node status ==============================" while kubectl get nodes| grep master | grep NotReady; do sleep 5 && echo "waiting node ready..."; done echo echo "======================== Update kube-proxy config ===========================" kubectl -n kube-system get cm kube-proxy -oyaml > /etc/kubernetes/kube-proxy.conf sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/kubernetes/kube-proxy.conf kubectl -n kube-system apply -f /etc/kubernetes/kube-proxy.conf kubectl -n kube-system delete pod -l k8s-app=kube-proxy echo echo "=========================== Check pod status ===============================" while kubectl get pod -n kube-system| grep -vE "STATUS|Running"; do sleep 5 && echo "waiting pod ready..."; done echo "IP updated successfully."
