背景说明

Kubernetes集群部署时默认生成的token有效期只有24小时,当token过期时可以通过命令重新生成token

解决方案

工作节点

  1. [root@cka-master ~]# kubeadm token create --print-join-command 
  2. kubeadm join 192.168.184.128:6443 --token y9nyb6.yaf58t877w8glkrw --discovery-token-ca-cert-hash sha256:a51d74ba7c51cfd081fc8dd41455fcadda9ba4b02eace3d524ef1b6998a9d891 
  3. [root@cka-master ~]#

管理节点

  1. [root@cka-master ~]# kubeadm init phase upload-certs --upload-certs
  2. I0504 23:14:22.337585   61351 version.go:255] remote version is much newer: v1.24.0; falling back to: stable-1.22
  3. [upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
  4. [upload-certs] Using certificate key:
  5. 6f92319bacd2c86364d5a039980f0737e306992f02b8fe3fd2ad1d66d90d8885
  6. [root@cka-master ~]# kubeadm token create --print-join-command  --certificate-key=6f92319bacd2c86364d5a039980f0737e306992f02b8fe3fd2ad1d66d90d8885
  7. kubeadm join 192.168.184.128:6443 --token 3i6hys.3gvc1d8m192r5v83 --discovery-token-ca-cert-hash sha256:a51d74ba7c51cfd081fc8dd41455fcadda9ba4b02eace3d524ef1b6998a9d891 --control-plane --certificate-key 6f92319bacd2c86364d5a039980f0737e306992f02b8fe3fd2ad1d66d90d8885
  8. [root@cka-master ~]#