执行kubeadm join,报错如下:
[root@k8s-node01 ~]# kubeadm join 192.168.0.8:6443 --token aakoqt.zq79agckuzc5wt29 \
> --discovery-token-ca-cert-hash sha256:fa781d59e6e69d1a8abb836f66e3d36fd2d3e1765a1afdb71b1a18af807585c2
[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
error execution phase preflight: couldn't validate the identity of the API Server: abort connecting to API servers after timeout of 5m0s默认情况下,通过kubeadm create token创建的token,过期时间是24小时,这就是为什么过了一天无法再次使用之前记录的kube join原生脚本的原因,也可以运行kubeadm token create --ttl 0生成一个永不过期的token,详情请参考:kubeadm-token
[root@k8s-master ~]# kubeadm token list
TOKEN TTL EXPIRES USAGES DESCRIPTION EXTRA GROUPS
[root@k8s-master ~]# kubeadm token create --ttl 0
wiym9e.zacobk8a0iof5ymz
[root@k8s-master ~]# kubeadm token list
TOKEN TTL EXPIRES USAGES DESCRIPTION EXTRA GROUPS
wiym9e.zacobk8a0iof5ymz <forever> <never> authentication,signing <none> system:bootstrappers:kubeadm:default-node-token
[root@k8s-master ~]#[root@k8s-node01 ~]# kubeadm join 192.168.0.8:6443 --token wiym9e.zacobk8a0iof5ymz --discovery-token-ca-cert-hash sha256:fa781d59e6e69d1a8abb836f66e3d36fd2d3e1765a1afdb71b1a18af807585c2
