Centos8下K8S master节点更换IP

cd /etc/Kubernetes

mv admin.conf admin.conf_bak

使用如下命令生成新的admin.conf

# kubeadm init phase kubeconfig admin --apiserver-advertise-address 192.168.37.128

I0920 09:50:30.940689   38240 version.go:252] remote version is much newer: v1.19.2; falling back to: stable-1.18

W0920 09:50:33.261484   38240 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]

[kubeconfig] Writing "admin.conf" kubeconfig file

--192.168.37.128 为当前主机的IP地址

cd /etc/kubernetes/pki

mv apiserver.key apiserver.key.bak

mv apiserver.crt apiserver.crt.bak

使用如下命令生成

# kubeadm init phase certs apiserver --apiserver-advertise-address 192.168.37.128

I0920 09:55:31.656513   45703 version.go:252] remote version is much newer: v1.19.2; falling back to: stable-1.18

W0920 09:55:33.787879   45703 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]

[certs] Generating "apiserver" certificate and key

[certs] apiserver serving cert is signed for DNS names [k8s1 kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 192.168.37.128]

--192.168.37.128 为当前主机的IP地址

root@k8s1 ~ # systemctl restart docker

root@k8s1 ~ # systemctl restart kubelet

cd /etc/kubernetes/

root@k8s1 /etc/kubernetes # kubectl get nodes --kubeconfig=admin.conf

NAME   STATUS     ROLES    AGE   VERSION

k8s1   Ready      master   126d   v1.18.2

k8s2   NotReady     126d   v1.18.2

k8s3   NotReady     126d   v1.18.2

k8s4   NotReady     126d   v1.18.2

可以看到master节点现在已经起来了

执行mv admin.conf ~/.kube/config,后续可以使用kubectl get nodes查看K8S集群状态了

root@k8s1 ~ # kubectl get nodes

NAME   STATUS     ROLES    AGE   VERSION

k8s1   Ready      master   126d   v1.18.2

k8s2   NotReady     126d   v1.18.2

k8s3   NotReady     126d   v1.18.2

k8s4   NotReady     126d   v1.18.2

使用journalctl命令查看kubelet日志,可以看到K8S2还是连接的原来的IP192.168.37.129

journalctl -f -u kubelet

Sep 20 10:14:58 k8s2 kubelet[102389]: E0920 10:14:58.673121  102389 file_linux.go:60] Unable to read config path "/etc/kubernetes/manifests": path does not exist, ignoring

Sep 20 10:14:58 k8s2 kubelet[102389]: E0920 10:14:58.684202  102389 kubelet.go:2267] node "k8s2" not found

Sep 20 10:14:58 k8s2 kubelet[102389]: E0920 10:14:58.784485  102389 kubelet.go:2267] node "k8s2" not found

Sep 20 10:14:58 k8s2 kubelet[102389]: E0920 10:14:58.873297  102389 kubelet_node_status.go:92] Unable to register node "k8s2" with API server: Post https://192.168.37.129:6443/api/v1/nodes: dial tcp 192.168.37.129:6443: connect: connection refused

Sep 20 10:14:58 k8s2 kubelet[102389]: E0920 10:14:58.884986  102389 kubelet.go:2267] node "k8s2" not found

Sep 20 10:14:58 k8s2 kubelet[102389]: E0920 10:14:58.985714  102389 kubelet.go:2267] node "k8s2" not found

Sep 20 10:14:59 k8s2 kubelet[102389]: E0920 10:14:59.021311  102389 controller.go:136] failed to ensure node lease exists, will retry in 3.2s, error: Get https://192.168.37.129:6443/apis/coordination.k8s.io/v1/namespaces/kube-node-lease/leases/k8s2?timeout=10s: dial tcp 192.168.37.129:6443: connect: connection refused

Sep 20 10:14:59 k8s2 kubelet[102389]: E0920 10:14:59.073642  102389 reflector.go:178] k8s.io/kubernetes/pkg/kubelet/config/apiserver.go:46: Failed to list *v1.Pod: Get https://192.168.37.129:6443/api/v1/pods?fieldSelector=spec.nodeName%3Dk8s2&limit=500&resourceVersion=0: dial tcp 192.168.37.129:6443: connect: connection refused

1.从master节点k8s1拷贝ca.crt到node节点对应的目录

scp ca.crt k8s2:/etc/kubernetes/pki/

2.修改node节点的kubelet.conf,把server: https://192.168.37.129:6443修改为现在master节点的ip地址192.168.37.128

3.重启node节点的docker

systemctl restart docker

4.使用kubectl get nodes查看,node状态已经正常

# kubectl get nodes

NAME   STATUS   ROLES    AGE   VERSION

k8s1   Ready    master   126d   v1.18.2

k8s2   Ready       126d v1.18.2

k8s3   Ready       126d v1.18.2

k8s4   Ready       126d v1.18.2