k8s添加node时token过期

kubeadm init生成的token有效期只有1天,如果你的node节点在使用kubeadm join时出现如下错误

[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
error execution phase preflight: unable to fetch the kubeadm-config ConfigMap: failed to get config map: Unauthorized

请到master上检查你所使用的token是否有效,kubeadm token list

 

 

# kubeadm token list
TOKEN                     TTL         EXPIRES                     USAGES                   DESCRIPTION   EXTRA GROUPS
4ysp5a.xtvlf4mvw1aecugq   <invalid>   2019-11-01T13:54:09+08:00   authentication,signing   <none>        system:bootstrappers:kubeadm:default-node-token

 

 生成不过期的token

 

kubeadm token create --ttl 0 --print-join-command

 

kubeadm join 10.6.76.25:6443 --token ucit4q.qm4v6d6446v3jq5q     --discovery-token-ca-cert-hash sha256:48dd827c26fadc39217f41d5b1cab52a32b84ccc07b19453c1fed3550714f175

master 分配角色

kubectl label nodes k8s-node-1 node-role.kubernetes.io/node=

 

posted on 2019-11-04 11:10  光阴8023  阅读(1227)  评论(0编辑  收藏  举报

Powered by: 博客园 Copyright © 2024 光阴8023
Powered by .NET 8.0 on Kubernetes