提示:如上仅需Master01节点操作,从而实现所有节点镜像的分发。
[root@master01 ~]# ctr -n k8s.io images ls #确认验证 [root@master01 ~]# crictl images ls Master上初始化 [root@master01 ~]# kubeadm init --config=kubeadm-config.yaml --upload-certs #保留如下命令用于后续节点添加: You can now join any number of the control-plane node running the following command on each as root: kubeadm join 172.16.10.254:16443 --token 4f772m.kiql0dnan4lx5qoj \ --discovery-token-ca-cert-hash sha256:e066a9a190ea7fa2619250ce4e2bd0d0fd403afb7abdea8acbab4733584ee8c0 \ --control-plane --certificate-key d3d695b2fcad2de4f1f8054cef94655a61aa615b696e07a1d5a84203a63777a2 Please note that the certificate-key gives access to cluster sensitive data, keep it secret! As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use "kubeadm init phase upload-certs --upload-certs" to reload certs afterward. Then you can join any number of worker nodes by running the following on each as root: kubeadm join 172.16.10.254:16443 --token 4f772m.kiql0dnan4lx5qoj \ --discovery-token-ca-cert-hash sha256:e066a9a190ea7fa2619250ce4e2bd0d0fd403afb7abdea8acbab4733584ee8c0注意:如上token具有默认24小时的有效期,token和hash值可通过如下方式获取:
kubeadm token list
如果 Token 过期以后,可以输入以下命令,生成新的 Token:
附加:初始化过程大致步骤如下:
[kubelet-start] 生成kubelet的配置文件”/var/lib/kubelet/config.yaml”
[certificates]生成相关的各种证书
[kubeconfig]生成相关的kubeconfig文件
[bootstraptoken]生成token记录下来,后边使用kubeadm join往集群中添加节点时会用到