OpenStack ํด๋ผ์ฐ๋ ๊ณต๊ธ์์์ ์คํ๋๋ K8s ํด๋ฌ์คํฐ๊ฐ ์์ต๋๋ค.
ํด๋ฌ์คํฐ๋ ๋ง์คํฐ ๋ ธ๋์ ์ฌ๋ ์ด๋ธ ๋ ธ๋๋ฅผ ํฌํจํ๋ kubeadm ๋๊ตฌ๋ฅผ ์ฌ์ฉํ์ฌ ์ค์ ๋ฉ๋๋ค.
kubeadm join ๋ช
๋ น์ ์ฌ์ฉํ์ฌ ๋ค๋ฅธ ์์
์ ๋
ธ๋๋ฅผ ์ถ๊ฐํ๋ ค๊ณ ํฉ๋๋ค. ๋ช
๋ น์ ๋
ธ๋๊ฐ ์ฑ๊ณต์ ์ผ๋ก ์ถ๊ฐ๋์์์ ์๋ฆฌ๋ ๊ธ์ ์ ์ธ ์๋ต์ ํ์ํ์ง๋ง kubectl get nodes
๋ช
๋ น์ ์ฌ์ฉํ์ฌ ์ฐพ์ ์ ์์ต๋๋ค.
์กฐ์ฌํ ๊ฒฐ๊ณผ ์ ์ฌ๋ ์ด๋ธ ๋
ธ๋์ kubelet์ด ์คํ๋์ง ์๊ณ cannot create certificate signing request: Unauthorized
ํ์๋๋ ๊ฒ์ผ๋ก ๋ํ๋ฌ์ต๋๋ค.
-- The start-up result is done.
May 14 12:15:33 vm1 kubelet[17678]: W0514 12:15:33.715964 17678 cni.go:171] Unable to update cni config: No networks found in /etc/cni/net.d
May 14 12:15:33 vm1 kubelet[17678]: W0514 12:15:33.738398 17678 hostport_manager.go:68] The binary conntrack is not installed, this can cause failures in network connection cleanup.
May 14 12:15:33 vm1 kubelet[17678]: I0514 12:15:33.738669 17678 server.go:376] Version: v1.10.1
May 14 12:15:33 vm1 kubelet[17678]: I0514 12:15:33.738913 17678 feature_gate.go:226] feature gates: &{{} map[]}
May 14 12:15:33 vm1 kubelet[17678]: I0514 12:15:33.739222 17678 plugins.go:89] No cloud provider specified.
May 14 12:15:33 vm1 kubelet[17678]: F0514 12:15:33.784257 17678 server.go:233] failed to run Kubelet: cannot create certificate signing request: Unauthorized
May 14 12:15:33 vm1 systemd[1]: kubelet.service: Main process exited, code=exited, status=255/n/a
May 14 12:15:33 vm1 systemd[1]: kubelet.service: Unit entered failed state.
May 14 12:15:33 vm1 systemd[1]: kubelet.service: Failed with result 'exit-code'.
์์
์ ๋
ธ๋์ ๋ฒ์ : kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.1", GitCommit:"d4ab47518836c750f9949b9e0d387f20fb92260b", GitTreeState:"clean", BuildDate:"2018-04-12T14:14:26Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
๋ง์คํฐ ๋ ธ๋์ ๋ฒ์ :
kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"10",
GitVersion:"v1.10.1",
GitCommit:"d4ab47518836c750f9949b9e0d387f20fb92260b",
GitTreeState:"clean", BuildDate:"2018-04-12T14:14:26Z",
GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
์กฐ์ธ์ ๋ง๋๋ ๋ฐ ์ฌ์ฉ๋๋ ๋ช ๋ น :
ํ ํฐ ๋ฐ๊ธฐ : kubeadm token list | awk '/The default bootstrap token/ { print $1; }'
ํด์ ์ป๊ธฐ : openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
join ๋ช
๋ น : kubeadm join --skip-preflight-checks --token {{token}} --discovery-token-ca-cert-hash sha256:{{hash}} master_ip:6443
๋๋ ๊ฐ์ ๋ฌธ์ ๊ฐ ์์ต๋๋ค. ์ง๊ธ์ ๊ด์ฐฎ์ต๋๋ค.
ํ ํฐ ๊ธฐ๋ณธ ์๋ช
์ 24 ์๊ฐ์ด๋ฉฐ ์ ํ ํฐ์ ์์ฑ ํ ๋ค์ kubeadm ์กฐ์ธ์ด ํ์ํฉ๋๋ค.
https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-token/
์, ๊ฐ์
ํ๋ ค๋ ์์ ์์ ํ ํฐ์ด ๋ง๋ฃ ๋ ๊ฒ ๊ฐ์ต๋๋ค. ์ด ๋ฌธ์ ๊ฐ ํด๊ฒฐ ๋๋๋ก ๋ซ์ต๋๋ค.
๊ทธ๋ ์ง ์์ ๊ฒฝ์ฐ ๋ค์์ฌ์ญ์์ค.
@ qianyong-2005
์ฌ๊ธฐ์๋ ๊ฐ์ ๋ฌธ์ ๊ฐ ์์ต๋๋ค. ๋งํฌ ์ฃผ์ ์ ๊ฐ์ฌํฉ๋๋ค!
kubeadm token create --print-join-command
๊ฐ์ฅ ์ ์ฉํ ๋๊ธ
@ qianyong-2005
์ฌ๊ธฐ์๋ ๊ฐ์ ๋ฌธ์ ๊ฐ ์์ต๋๋ค. ๋งํฌ ์ฃผ์ ์ ๊ฐ์ฌํฉ๋๋ค!