CentOS Stream 9
Sponsored Link

Kubernetes : Worker ノードを追加する2023/10/19
 

既存の Kubernetes クラスターに Worker ノードを新規に追加する場合は以下のように設定します。

当例では以下のように 4 台のノードを使用してクラスターを構成しています。
ここへ、新たに [node03.srv.world (10.0.0.53)] を Worker ノードとして追加します。 

+----------------------+   +----------------------+
|   [ mgr.srv.world ]  |   |   [ dlp.srv.world ]  |
|     Manager Node     |   |     Control Plane    |
+-----------+----------+   +-----------+----------+
        eth0|10.0.0.25             eth0|10.0.0.30
            |                          |
------------+--------------------------+-----------
            |                          |
        eth0|10.0.0.51             eth0|10.0.0.52
+-----------+----------+   +-----------+----------+
| [ node01.srv.world ] |   | [ node02.srv.world ] |
|     Worker Node#1    |   |     Worker Node#2    |
+----------------------+   +----------------------+
[1]

新規に追加するノードで、こちらを参考に、ノード共通の設定を適用しておきます
[2] Control Plane ノードで認証トークンを確認します。
[root@dlp ~]#
kubeadm token create --print-join-command 

kubeadm join 10.0.0.25:6443 --token 5f90le.v0jciitymf7j19jl --discovery-token-ca-cert-hash sha256:8a8bd725c9cbf8d03c0a724bded0afb923a067d48ca50fd8f0346fd3d0a27b6e
[3] 新規に追加するノードで、Control Plane ノードで確認した認証トークン用コマンドを実行します。
# Firewalld 稼働中の場合は停止

[root@node03 ~]#
systemctl disable --now firewalld
[root@node03 ~]#
kubeadm join 10.0.0.25:6443 --token 5f90le.v0jciitymf7j19jl \
--discovery-token-ca-cert-hash sha256:8a8bd725c9cbf8d03c0a724bded0afb923a067d48ca50fd8f0346fd3d0a27b6e 

[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
[  432.883160] Warning: Deprecated Driver is detected: iptables will not be maintained in a future major release and may be disabled
[  432.921296] Warning: Deprecated Driver is detected: ip6tables will not be maintained in a future major release and may be disabled

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
[4] Manager ノードでノード情報を確認しておきます。新規追加ノードが STATUS = Ready であれば OK です。
[root@mgr ~]#
kubectl get nodes 

NAME               STATUS   ROLES           AGE    VERSION
dlp-1.srv.world    Ready    control-plane   22m    v1.28.2
dlp.srv.world      Ready    control-plane   4h4m   v1.28.2
node01.srv.world   Ready    <none>          3h     v1.28.2
node02.srv.world   Ready    <none>          178m   v1.28.2
node03.srv.world   Ready    <none>          95s    v1.28.2
[root@mgr ~]#
kubectl get pods -A -o wide | grep node03 

kube-system            calico-node-fqf2f                            1/1     Running   0             2m55s   10.0.0.53         node03.srv.world   <none>           <none>
kube-system            kube-proxy-rlcbx                             1/1     Running   0             2m55s   10.0.0.53         node03.srv.world   <none>           <none>
関連コンテンツ