K8S测试环境添加节点-备忘

yum install ipvsadm

>/etc/modules-load.d/k8s_bridge.conf
cat >> /etc/modules-load.d/k8s_bridge.conf <<EOF
bridge
EOF

>/etc/modules-load.d/k8s_br_netfilter.conf
cat >> /etc/modules-load.d/k8s_br_netfilter.conf <<EOF
br_netfilter
EOF

>/etc/modules-load.d/k8s_ip_vs.conf
cat >> /etc/modules-load.d/k8s_ip_vs.conf <<EOF
ip_vs_wrr
ip_vs_rr
ip_vs_sh
ip_vs
nf_conntrack_ipv4
EOF

modprobe ip_vs_wrr
modprobe ip_vs_rr
modprobe ip_vs_sh
modprobe ip_vs nf_conntrack_ipv4
modprobe bridge
modprobe br_netfilter

cat >> /etc/sysctl.conf <<EOF
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.ip_nonlocal_bind=1
EOF

K8S测试环境添加节点：
 yum --showduplicates list docker-ce
 yum install docker-ce-19.03.15-3.el7

 yum install -y kubeadm-1.16.8-0 --disableexcludes=kubernetes
 yum install -y kubelet-1.16.8-0 kubectl-1.16.8-0 --disableexcludes=kubernetes

cat >> /etc/docker/daemon.json  <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "registry-mirrors": ["https://registry.docker-cn.com"],
  "storage-driver": "overlay2",
  "bip": "169.254.32.1/28",
  "log-driver": "json-file",
  "log-opts": {
      "max-size": "10m",
      "max-file": "10"
  }
}
EOF



默认token的有效期为24小时，当过期之后，该token就不可用了。
产生token:
kubeadm token create
wcyl0z.knsxl9irrpluhjwb
取ca证书sha256编码hash值：

openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
007f26ca26f70cf2bd33f38b702921e107bbd1656998619e1cba99840d0c9a30

kubeadm join 172.16.100.100:6443 --token bg51gp.w9pfnq0f2yqbxk63 --discovery-token-ca-cert-hash sha256:007f26ca26f70cf2bd33f38b702921e107bbd1656998619e1cba99840d0c9a30     --node-name=172.16.100.37

kubeadm reset 重置环境