使用kubeadm重置k8s集群

1.Master 节点和Work节点都需要执行:kubeadm reset

kubeadm reset -hAvailable Commands:alpha       Kubeadm experimental sub-commandscompletion  Output shell completion code for the specified shell (bash or zsh)config      Manage configuration for a kubeadm cluster persisted in a ConfigMap in the clusterhelp        Help about any commandinit        Run this command in order to set up the Kubernetes control plane--建立k8s集群面板join        Run this on any machine you wish to join an existing clusterreset       Performs a best effort revert of changes made to this host by 'kubeadm init' or 'kubeadm join'--执行“kubeadm init”或“kubeadm join”对该主机所做的更改的最大努力还原。token       Manage bootstrap tokensupgrade     Upgrade your cluster smoothly to a newer version with this commandversion     Print the version of kubeadm

在kubeadm已安装的k8s集群进行重置

[root@k8smaster ~]# kubeadm reset
[reset] Reading configuration from the cluster...
[reset] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[reset] WARNING: Changes made to this host by 'kubeadm init' or 'kubeadm join' will be reverted.
[reset] Are you sure you want to proceed? [y/N]: y
[preflight] Running pre-flight checks
[reset] Removing info for node "k8smaster" from the ConfigMap "kubeadm-config" in the "kube-system" Namespace
[reset] Stopping the kubelet service
[reset] Unmounting mounted directories in "/var/lib/kubelet"
[reset] Deleting contents of config directories: [/etc/kubernetes/manifests /etc/kubernetes/pki]
[reset] Deleting files: [/etc/kubernetes/admin.conf /etc/kubernetes/kubelet.conf /etc/kubernetes/bootstrap-kubelet.conf /etc/kubernetes/controller-manager.conf /etc/kubernetes/scheduler.conf]
[reset] Deleting contents of stateful directories: [/var/lib/etcd /var/lib/kubelet /var/lib/dockershim /var/run/kubernetes /var/lib/cni]The reset process does not clean CNI configuration. To do so, you must remove /etc/cni/net.dThe reset process does not reset or clean up iptables rules or IPVS tables.
If you wish to reset iptables, you must do so manually by using the "iptables" command.If your cluster was setup to utilize IPVS, run ipvsadm --clear (or similar)
to reset your system's IPVS tables.The reset process does not clean your kubeconfig files and you must remove them manually.
Please, check the contents of the $HOME/.kube/config file.

vi kubeadm-config.yaml

apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: v1.19.5
imageRepository: registry.aliyuncs.com/k8sxio
controlPlaneEndpoint: "apiserver.demo:6443"
networking:serviceSubnet: "10.96.0.0/16"podSubnet: "10.100.0.1/16"dnsDomain: "cluster.local"

初始化master节点
使用kubeadm init --config=kubeadm-config.yaml

[root@k8smaster ~]# kubeadm init --config=kubeadm-config.yaml
W0709 16:17:43.494419   56318 configset.go:348] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
[init] Using Kubernetes version: v1.19.5
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
---使用kubeadm config images pull
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [apiserver.demo k8smaster kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.4.7.30]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [k8smaster localhost] and IPs [10.4.7.30 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [k8smaster localhost] and IPs [10.4.7.30 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Starting the kubelet
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[apiclient] All control plane components are healthy after 18.007843 seconds
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.19" in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Skipping phase. Please see --upload-certs
[mark-control-plane] Marking the node k8smaster as control-plane by adding the label "node-role.kubernetes.io/master=''"
[mark-control-plane] Marking the node k8smaster as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: opy069.qrjw6f0bgj8bzezo
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to get nodes
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxyYour Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/configYou should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:https://kubernetes.io/docs/concepts/cluster-administration/addons/You can now join any number of control-plane nodes by copying certificate authorities
and service account keys on each node and then running the following as root:kubeadm join apiserver.demo:6443 --token opy069.qrjw6f0bgj8bzezo \--discovery-token-ca-cert-hash sha256:c3f3ddc2c09a2b0ffee03bef3fd06228baa48d0e6c41ef96df65d45f6ed72d88 \--control-planeThen you can join any number of worker nodes by running the following on each as root:kubeadm join apiserver.demo:6443 --token opy069.qrjw6f0bgj8bzezo \--discovery-token-ca-cert-hash sha256:c3f3ddc2c09a2b0ffee03bef3fd06228baa48d0e6c41ef96df65d45f6ed72d88

从节点没有执行kubeadm reset,加入节点,报错

[root@k8sworker ~]# kubeadm join apiserver.demo:6443 --token qn5iq3.yy7pghu3y9feff64     --discovery-token-ca-cert-hash sha256:c3f3ddc2c09a2b0ffee03bef3fd06228baa48d0e6c41ef96df65d45f6ed72d88
[preflight] Running pre-flight checks
error execution phase preflight: [preflight] Some fatal errors occurred:[ERROR FileAvailable--etc-kubernetes-kubelet.conf]: /etc/kubernetes/kubelet.conf already exists[ERROR Port-10250]: Port 10250 is in use[ERROR FileAvailable--etc-kubernetes-pki-ca.crt]: /etc/kubernetes/pki/ca.crt already exists
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

从节点执行kubeadm reset
新令牌

kubeadm token create --print-join-command

在worker节点加入节点到集群

[root@k8sworker ~]# kubeadm join apiserver.demo:6443 --token opy069.qrjw6f0bgj8bzezo     --discovery-token-ca-cert-hash sha256:c3f3ddc2c09a2b0ffee03bef3fd06228baa48d0e6c41ef96df65d45f6ed72d88
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

添加完查看node

[root@k8smaster ~]# kubectl get node
NAME        STATUS   ROLES    AGE   VERSION
k8smaster   Ready    master   75m   v1.19.5
k8sworker   Ready    <none>   26m   v1.19.5
--修改node的角色
[root@k8smaster ~]# kubectl label node k8sworker kubernetes.io/role=worker1
node/k8sworker labeled
[root@k8smaster ~]# kubectl get node
NAME        STATUS   ROLES     AGE   VERSION
k8smaster   Ready    master    77m   v1.19.5
k8sworker   Ready    worker1   28m   v1.19.5
--更改为其他标签
[root@k8smaster ~]# kubectl label node k8sworker kubernetes.io/role=worker --overwrite
node/k8sworker labeled
[root@k8smaster ~]# kubectl get node
NAME        STATUS   ROLES    AGE   VERSION
k8smaster   Ready    master   84m   v1.19.5
k8sworker   Ready    worker   35m   v1.19.5
--移除角色标签
[root@k8smaster ~]# kubectl label node k8sworker kubernetes.io/role-
node/k8sworker labeled
[root@k8smaster ~]# kubectl get node
NAME        STATUS   ROLES    AGE   VERSION
k8smaster   Ready    master   87m   v1.19.5
k8sworker   Ready    <none>   38m   v1.19.5

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.mzph.cn/pingmian/44722.shtml

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

智慧水利的变革之路:如何通过大数据、物联网和人工智能构建高效、智能、可持续的水利管理新模式

目录 一、引言&#xff1a;智慧水利的时代背景与意义 二、大数据&#xff1a;水利管理的数据基石 &#xff08;一&#xff09;数据收集与整合 &#xff08;二&#xff09;数据分析与挖掘 三、物联网&#xff1a;水利管理的感知神经 &#xff08;一&#xff09;智能感知与监…

ONLYOFFICE 8.1版本版本桌面编辑器测评

ONLYOFFICE官网链接&#xff1a;ONLYOFFICE - 企业在线办公应用软件 | ONLYOFFICE ONLYOFFICE在线办公套件&#xff1a;在线办公套件 | ONLYOFFICE ONLYOFFICE在线PDF编辑器、阅读器和转换器&#xff1a;在线PDF查看器和转换器 | ONLYOFFICE ONLYOFFICE 8.1版本桌面编辑器是…

Java面试之缓存中间件常见面试题

1. 请简述什么是缓存以及为什么需要使用缓存&#xff1f; 缓存是存储常用或临时数据的组件&#xff0c;用于提高数据访问速度。在Web应用中&#xff0c;缓存能够减少数据库访问次数&#xff0c;提高系统响应速度和吞吐量&#xff0c;从而提升用户体验和系统稳定性。 2. 列举一…

开源可视化Flutter图表库:Graphic

Graphic&#xff1a;用Graphic绘制数据的无限可能- 精选真开源&#xff0c;释放新价值。 概览 Graphic&#xff0c;这个基于Flutter的图表库&#xff0c;以其源自《The Grammar of Graphics》的灵感&#xff0c;为数据可视化提供了一种全新的方法。它不仅仅是一个工具&#xf…

【Pytorch】RNN for Image Classification

文章目录 1 RNN 的定义2 RNN 输入 input, h_03 RNN 输出 output, h_n4 多层5 小试牛刀 学习参考来自 pytorch中nn.RNN()总结RNN for Image Classification(RNN图片分类–MNIST数据集)pytorch使用-nn.RNNBuilding RNNs is Fun with PyTorch and Google Colab 1 RNN 的定义 nn.…

【ECCV 2024】首个跨模态步态识别框架:Camera-LiDAR Cross-modality Gait Recognition

【ECCV 2024】首个跨模态步态识别框架&#xff1a;Camera-LiDAR Cross-modality Gait Recognition 简介&#xff1a;主要方法&#xff1a;实验结果&#xff1a; 论文&#xff1a;https://arxiv.org/abs/2407.02038 简介&#xff1a; 步态识别是一种重要的生物特征识别技术。基…

算法力扣刷题记录 四十一【N叉树遍历】

前言 依然是遍历问题。由二叉树扩展到N叉树遍历。 记录 四十一【N叉树遍历】 一、【589. N叉树的前序遍历】 题目 给定一个 n 叉树的根节点 root &#xff0c;返回 其节点值的 前序遍历 。 n 叉树 在输入中按层序遍历进行序列化表示&#xff0c;每组子节点由空值 null 分隔…

解锁SQL Server的迷宫:深入死锁的诊断与解决之道

解锁SQL Server的迷宫&#xff1a;深入死锁的诊断与解决之道 在数据库的世界中&#xff0c;死锁是一种常见的现象&#xff0c;它发生在两个或多个事务在访问资源时相互等待对方释放锁&#xff0c;从而导致无法继续执行的情况。SQL Server作为一种广泛使用的数据库管理系统&…

第十八章 Express multer 文件上传

本章将学习Express multer 文件上传 &#xff0c;因为Nest 的文件上传是基于 Express 的中间件 multer 实现的&#xff0c;所以在学习 Nest 文件上传之前&#xff0c;我们先学习下 multer 包 首先先创建 multer-test 文件夹执行下面代码 创建package.json npm init -y接着安装…

深入浅出 Spring @Async 异步编程的艺术

目录 一、异步编程 二、Async 介绍 2.1 Async 使用 三、Async 原理 一、异步编程 在软件开发中&#xff0c;异步编程是非常关键的&#xff0c;尤其是构建高性能、高响应度的应用时。异步编程的主要优势在于它能够避免阻塞操作&#xff0c;提高程序的效率和用户体验。异步编…

修BUG:程序包javax.servlet.http不存在

貌似昨晚上并没有成功在tomcat上面运行&#xff0c;而是直接运行了网页。 不知道为啥又报错这个。。。 解决方案&#xff1a; https://developer.baidu.com/article/details/2768022 就整了这一步就行了 而且我本地就有这个tomcat就是加进去了。 所以说啊&#xff0c;是不是&a…

eNSP公司管理的对象及策略

拓扑图[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传 ) 实验需求 第一步&#xff1a;根据题目搭建拓扑图 其中交换机的型号为&#xff1a;S5700 防火墙设备为&#xff1a;USG6000V 第二步&#xff1a;启动防火墙设备 首先会让你输入密码&#xff0c;…

SQL MySQL定时器/事件调度器(Event Scheduler)

事件调度器&#xff08;Event Scheduler&#xff09;在MySQL数据库系统中是一个强大的功能组件&#xff0c;它允许用户定义一系列称为“事件”的数据库对象&#xff0c;这些事件在指定的时间或时间间隔自动执行预定义的SQL语句或操作。事件调度器通过维护一个时间计划表来管理这…

小抄 20240709

1 很多人做事&#xff0c;没有目标&#xff0c;没有主见&#xff0c;只是按照别人的指示去做&#xff0c;完全不清楚为什么去做。 你去问他为什么要做&#xff0c;他反而要和你急眼&#xff0c;觉得你在质疑他。 2 想要获得超出预期的成功&#xff0c;不是努力到极致&#x…

npm install报错:淘宝镜像证书过期

npm install报错&#xff1a;淘宝镜像证书过期 近期使用npm淘宝镜像新建项目或依赖时出现报错&#xff1a; npm ERR! request to https://registry.npm.taobao.org/xxx failed, reason: certificate has expired 错误原因&#xff1a; 早在 2021 年&#xff0c;淘宝就发文称…

【MySQL】常见的MySQL日志都有什么用?

MySQL日志的内容非常重要&#xff0c;面试中经常会被问到。同时&#xff0c;掌握日志相关的知识也有利于我们理解MySQL 底层原理&#xff0c;必要时帮助我们排查解决问题。 MySQL中常见的日志类型主要有下面几类(针对的是InnoDB 存储引擎): 错误日志(error log):对 MySQL 的启…

QScrollArea 设置最大的高度值

在 Qt 中&#xff0c;QScrollArea 是一个提供滚动视图的控件&#xff0c;允许用户查看大于当前视口尺寸的内容。如果你想要为 QScrollArea 设置一个最大的高度值&#xff0c;这通常不是直接通过 QScrollArea 的属性来设置的&#xff0c;而是需要调整其内容部件&#xff08;widg…

CentOS 6.5配置国内在线yum源和制作openssh 9.8p1 rpm包 —— 筑梦之路

CentOS 6.5比较古老的版本了&#xff0c;而还是有一些古老的项目仍然在使用。 环境说明 1. 更换国内在线yum源 CentOS 6 在线可用yum源配置——筑梦之路_centos6可用yum源-CSDN博客 cat > CentOS-163.repo << EOF [base] nameCentOS-$releasever - Base - 163.com …

新兴市场游戏产业爆发 传音以技术抢抓机遇 ​

随着年轻人口的增加以及互联网的普及,非洲、中东等新兴市场正迎来游戏产业的大爆发,吸引着全球游戏企业玩家在此开疆辟土。中国出海企业代表传音以新兴市场需求为中心,秉持本地化创新理念不断加强游戏等关键领域技术攻关凭借移动终端设备为全球玩家带来极致游戏体验,收获了消费…

就业平台小程序的设计

管理员账户功能包括&#xff1a;系统首页&#xff0c;个人中心&#xff0c;学生管理&#xff0c;企业管理&#xff0c;企业类型管理&#xff0c;留言板管理&#xff0c;系统管理 微信端账号功能包括&#xff1a;系统首页&#xff0c;招聘信息&#xff0c;简历&#xff0c;我的…