向Kubernetes集群添加/移除Node 1. Minion Node操作前准备 ``` #关闭防火墙 systemctl stop firewalld #禁止防火墙开机启动 systemctl disable firewalld #检查selinux getenforce Disabled #端口检查 #关闭防火墙 systemctl disable firewalld systemctl stop firewalld systemctl status firewalld ``` 1. Kubernetes集群中添加Node 在kubeadm init初始化操作完成时,系统最后给出了将节点加入集群的命令: ``` kubeadm join 10.0.0.39:6443 --token 4g0p8w.w5p29ukwvitim2ti --discovery-token-ca-cert-hash sha256:21d0adbfcb409dca97e655641573b2ee51c 77a212f194e20a307cb459e5f77c8 ``` 说明:这条命令一定保存好,因为后期没法重现的!! 在swarm1(Minion Node)上操作: ``` kubeadm join 10.0.0.39:6443 --token 4g0p8w.w5p29ukwvitim2ti --discovery-token-ca-cert-hash sha256:21d0adbfcb409dca97e655641573b2ee51c 77a212f194e20a307cb459e5f77c8 ``` 在swarm2(Master)上操作: ``` kubectl get nodes NAME STATUS ROLES AGE VERSION swarm1 Ready 3h v1.10.0 swarm2 Ready master 3h v1.10.0 ``` swarm1加入集群很是顺利! 1. Kubernetes集群中移除Node 在master节点上执行: ``` kubectl drain swarm1 --delete-local-data --force --ignore-daemonsets kubectl delete node swarm1 ``` 在node2上执行: ``` kubeadm reset ``` 1. 添加Node出现的问题 #Minion Node一直处于notReady状态,如: ``` kubectl get nodes NAME STATUS ROLES AGE VERSION swarm1 NotReady 3h v1.10.0 swarm2 Ready master 3h v1.10.0 ``` #原因 (1)启动kubelet的时候,会pull以下两个镜像(gcr.io/**),因为天朝网络一般翻不了墙,不能成功pull,所以要自己找到这两个docker镜像。点击[images](https://github.com/datagrand/k8s_deploy)自行下载使用! ``` k8s.gcr.io/kube-proxy-amd64 v1.10.0 6e6237849607 3 weeks ago 97.1 MB k8s.gcr.io/pause-amd64 3.1 da86e6ba6ca1 4 months ago 742 kB ``` (2)使用Kubeadm工具搭建的Kubernetes集群,已经默认集成了安全策略,所以要将Master Node节点/etc/kubernetes/pki下的所有文件复制到Minion Node相同目录下一份。所以在Master Node上执行: ``` scp /etc/kubernetes/pki/* root@{minion-ip}:/etc/kubernetes/pki ``` 1. 文章推荐 [k8s 入门教程和实战](https://blog.51cto.com/wutengfei/2160771)