CentOS Stream 10
Sponsored Link

Kubernetes : Add Worker Nodes2025/01/24
 

Add new Worker Nodes to existing Kubernetes Cluster.

This example is based on the cluster environment like follows.
It adds [node03.srv.world (10.0.0.53)] as Worker Node to this cluster. 

+----------------------+   +----------------------+
|  [ ctrl.srv.world ]  |   |   [ dlp.srv.world ]  |
|     Manager Node     |   |     Control Plane    |
+-----------+----------+   +-----------+----------+
        eth0|10.0.0.25             eth0|10.0.0.30
            |                          |
------------+--------------------------+-----------
            |                          |
        eth0|10.0.0.51             eth0|10.0.0.52
+-----------+----------+   +-----------+----------+
| [ node01.srv.world ] |   | [ node02.srv.world ] |
|     Worker Node#1    |   |     Worker Node#2    |
+----------------------+   +----------------------+
[1]

On a new Node, Configure common settings to join in Cluster, refer to here.

[2] Confirm join command on Control Plane Node.
[root@dlp ~]#
kubeadm token create --print-join-command 

kubeadm join 10.0.0.25:6443 --token 1303q4.vioahp3nqt51kjp5 --discovery-token-ca-cert-hash sha256:17b33be257174fc86fa06066a5ebdbdb84d9b397f86d893a54d328ac3a1a44dd
[3] Run join command on a new Node.
# if Firewalld is running, allow services

[root@node03 ~]#
firewall-cmd --add-service={kube-nodeport-services,kubelet,kubelet-readonly}

success
[root@node03 ~]#
firewall-cmd --add-port={179/tcp,4789/udp}

success
[root@node03 ~]#
firewall-cmd --add-masquerade

success
[root@node03 ~]#
firewall-cmd --runtime-to-permanent

success
[root@node03 ~]#
kubeadm join 10.0.0.25:6443 --token 1303q4.vioahp3nqt51kjp5 \
--discovery-token-ca-cert-hash sha256:17b33be257174fc86fa06066a5ebdbdb84d9b397f86d893a54d328ac3a1a44dd 

[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-check] Waiting for a healthy kubelet at http://127.0.0.1:10248/healthz. This can take up to 4m0s
[kubelet-check] The kubelet is healthy after 501.779437ms
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
[4] Verify settings on Manager Node. That's OK if the status of new Node turns to [STATUS = Ready].
[root@ctrl ~]#
kubectl get nodes 

NAME               STATUS   ROLES           AGE    VERSION
dlp-1.srv.world    Ready    control-plane   13m    v1.31.5
dlp.srv.world      Ready    control-plane   2d2h   v1.31.5
node01.srv.world   Ready    <none>          2d2h   v1.31.5
node02.srv.world   Ready    <none>          2d2h   v1.31.5
node03.srv.world   Ready    <none>          56s    v1.31.5
[root@ctrl ~]#
kubectl get pods -A -o wide | grep node03 

kube-system   calico-node-zgzhc                          1/1     Running   0          99s    10.0.0.53        node03.srv.world   <none>           <none>
kube-system   kube-proxy-jqrbl                           1/1     Running   0          99s    10.0.0.53        node03.srv.world   <none>           <none>
Matched Content