kubeadm生成的token过期后,集群增加节点

  1. 重新生成token(默认token24小时后过期)

    kubeadm token create
TOKEN                     TTL       EXPIRES                     USAGES                   DESCRIPTION                                                EXTRA GROUPS
36iajs.t016zpxbyqdmivcq   19h       2018-07-04T12:48:32+08:00   authentication,signing   The default bootstrap token generated by 'kubeadm init'.   system:bootstrappers:kubeadm:default-node-token

  2. 获取ca证书sha256编码hash值

    openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'

  3. 节点加入集群

    kubeadm join <节点IP>:6443 --token 36iajs.t016zpxbyqdmivcq --discovery-token-ca-cert-hash sha256:19246ce11ba3fc633fe0b21f2f8aaaebd7df9103ae47138dc0dd615f61a32d99