问题:

[root@k8s-node-1 ~]# kubeadm join 192.168.122.201:6443 --token fmqvwn.6h11y2ayq23r7zmw --discovery-token-ca-cert-hash sha256:42e125ef64f5aabc67ae0e0f14b58270be35fde8ff4f7b9a47d5d76a74a97c4a

W0107 17:53:50.512517 14686 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set.

[preflight] Running pre-flight checks

[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/

error execution phase preflight: couldn't validate the identity of the API Server: abort connecting to API servers after timeout of 5m0s

解决方案:

因为kubeadm在使用过程中token的有效期只有24h,需要重新生成,才能解决上述问题

生成token:

[root@k8s-master ~]# kubeadm token create

ntqpnh.f5tbwenab50233at

查看有效期:

[root@k8s-master ~]# kubeadm token list

TOKEN TTL EXPIRES USAGES DESCRIPTION EXTRA GROUPS

ntqpnh.f5tbwenab50233at 23h 2020-01-08T19:27:01+08:00 authentication,signing <none> system:bootstrappers:kubeadm:default-node-token

生成令牌:

[root@k8s-master ~]# openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'

42e125ef64f5aabc67ae0e0f14b58270be35fde8ff4f7b9a47d5d76a74a97c4a

node节点重新加入

[root@k8s-node-1 ~]# kubeadm join 192.168.122.201:6443 --token ntqpnh.f5tbwenab50233at --disco

Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐