k8s的node主机修改IP以后配置
原k8s node主机IP为172.16.20.182需要修改成172.16.20.183
查看原node
node主机修改IP以后,修改node的kubele配置文件
# cat /opt/kubernetes/cfg/kubelet # cat /opt/kubernetes/cfg/kubelet KUBELET_OPTS="--logtostderr=false --log-dir=/opt/kubernetes/logs/kubelet --v=4 --hostname-override=172.16.20.183 --kubeconfig=/opt/kubernetes/cfg/kubelet.kubeconfig --bootstrap-kubeconfig=/opt/kubernetes/cfg/bootstrap.kubeconfig --config=/opt/kubernetes/cfg/kubelet.config --cert-dir=/opt/kubernetes/ssl --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0"
修改项为--hostname-override
# cat /opt/kubernetes/cfg/kubelet.config kind: KubeletConfiguration apiVersion: kubelet.config.k8s.io/v1beta1 address: 172.16.20.183 port: 10250 readOnlyPort: 10255 cgroupDriver: cgroupfs clusterDNS: ["172.16.20.2"] clusterDomain: cluster.local. failSwapOn: false authentication: anonymous: enabled: true
修改项为address
删除原自动生成的ssl证书
rm -rf /opt/kubernetes/ssl/*
停止kubelet
systemctl stop kubelet
在k8s的master上查看该node是NotReady状态
启动node端kubelet
systemctl start kubelet
在证书目录下自动生成了对应证书
在master上查看csr并通过验证
# kubectl get csr NAME AGE REQUESTOR CONDITION node-csr-YAZO_DoidvRc-HaySrJI9p5qwf4Ju49bKBrys_2lcGA 75s kubelet-bootstrap Pending [root@k8s-master rabbitmq]# kubectl certificate approve node-csr-YAZO_DoidvRc-HaySrJI9p5qwf4Ju49bKBrys_2lcGA certificatesigningrequest.certificates.k8s.io/node-csr-YAZO_DoidvRc-HaySrJI9p5qwf4Ju49bKBrys_2lcGA approved
等待片刻新的node处于Ready状态,删除原node
kubectl delete node 172.16.20.182
同理修改node端的kube-proxy修改成对应IP
# cat /opt/kubernetes/cfg/kube-proxy # cat /opt/kubernetes/cfg/kube-proxy KUBE_PROXY_OPTS="--logtostderr=true --v=4 --hostname-override=172.16.20.183 --cluster-cidr=172.16.20.0/24 --proxy-mode=ipvs --masquerade-all=true --kubeconfig=/opt/kubernetes/cfg/kube-proxy.kubeconfig"
重启kube-proxy
systemctl restart kube-proxy systemctl enable kube-proxy