kubernetes節點ip變更後通信就會出現問題,我們只需要通過kubeadm init phase命令,重新生成config文件和簽名文件就可以了。
1、備份當前k8s集羣配置文件
cp -r /etc/kubernetes /etc/kubernetes_bak$(date +"%Y%m%d%H%M%S")
2、批量替換k8s配置文件中ip地址(如果配置了hosts、kubelet,同樣需要一起替換)
sed -i "s/${OLD_IP}/${NEW_IP}/g" `grep -rl "${OLD_IP}" /etc/kubernetes`
sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/hosts if [ -f "/etc/default/kubelet" ]; then sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/default/kubelet elif [ -f "/etc/sysconfig/kubelet" ]; then sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/sysconfig/kubelet fi
3、重新生成apiserver證書
rm -rf /etc/kubernetes/pki/apiserver.* kubeadm init phase certs apiserver --apiserver-advertise-address ${NEW_IP}
4、重新生成admin配置(並更新k8sconfig)
rm -rf /etc/kubernetes/admin.conf kubeadm init phase kubeconfig admin --apiserver-advertise-address ${NEW_IP} \cp /etc/kubernetes/admin.conf ~/.kube/config
5、重啓docker和kubelet
systemctl restart docker && systemctl restart kubelet
systemctl status docker && systemctl status kubelet
6、更新kube-proxy配置,並重啓kube-proxy服務
kubectl -n kube-system get cm kube-proxy -oyaml > /etc/kubernetes/kube-proxy.conf sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/kubernetes/kube-proxy.conf kubectl -n kube-system apply -f /etc/kubernetes/kube-proxy.conf kubectl -n kube-system delete pod -l k8s-app=kube-proxy
注意:
1、如果不更新kube-proxy配置,連接將會失敗(因爲default.svc.kubernetes對應地址依然是舊的ip)
2、如果是多節點,刪除kube-proxy服務時會卡主,這是由於工作節點kubelet配置沒有更新,導致節點NotReady,刪除節點上pod自然會卡主(強制終止即可,或者參考步驟8提前更新工作節點)
7、檢查節點和系統狀態
kubectl get node | grep -vE 'STATUS|Ready' Ready kubectl get pod -n kube-system |grep -vE 'STATUS|Running'
8、如果是多節點,需要修改工作節點kubelet.conf配置,並重啓kubelet
sed -i "s/${OLD_IP}/${NEW_IP}/g" `grep -rl "${OLD_IP}" /etc/kubernetes`
systemctl restart kubelet
>>>如果你還是覺得很麻煩,我這邊已經提供現成的自動化腳本:
#!/bin/bash if [ "$UID" -ne 0 ]; then echo "[ERROR]: require root user" exit 1 fi echo "If there is a worker node, first execute the following command to update: sed -i 's/<OLD_IP>/<NEW_IP>/g' `grep -rl '<OLD_IP>' /etc/kubernetes` systemctl restart kubelet " NEW_IP=$(ip route get 8.8.4.4 | head -1 | awk '{print $7}') IP_CONF=$(cat /etc/kubernetes/manifests/kube-apiserver.yaml | grep "advertise-address") OLD_IP=${IP_CONF#*=} while [ "$1" != "" ]; do case $1 in --new-ip) NEW_IP=$2 shift 2 ;; --old-ip) OLD_IP=$2 shift 2 ;; *) echo "[ERROR] invalid argument '$1'" usage exit 1 esac done echo "Update node ip: $OLD_IP > $NEW_IP" echo "Backup k8s config: /etc/kubernetes_bak$(date +"%Y%m%d%H%M%S")" cp -r /etc/kubernetes /etc/kubernetes_bak$(date +"%Y%m%d%H%M%S") echo "======================= Update k8s config ===============================" grep -rl "${OLD_IP}" /etc/kubernetes sed -i "s/${OLD_IP}/${NEW_IP}/g" `grep -rl "${OLD_IP}" /etc/kubernetes` sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/hosts if [ -f "/etc/default/kubelet" ]; then sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/default/kubelet elif [ -f "/etc/sysconfig/kubelet" ]; then sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/sysconfig/kubelet fi echo echo "======================== Generate new certificate ==========================" rm -rf /etc/kubernetes/pki/apiserver.* kubeadm init phase certs apiserver --apiserver-advertise-address ${NEW_IP} echo echo "======================= Generate new config ================================" rm -rf /etc/kubernetes/admin.conf kubeadm init phase kubeconfig admin --apiserver-advertise-address ${NEW_IP} \cp /etc/kubernetes/admin.conf ~/.kube/config echo echo "======================= Restart docker and kubelet =========================" systemctl restart docker && systemctl status docker | head -n10 systemctl restart kubelet && systemctl status kubelet | head -n10 echo echo "=========================== Check node status ==============================" while kubectl get nodes| grep master | grep NotReady; do sleep 5 && echo "waiting node ready..."; done echo echo "======================== Update kube-proxy config ===========================" kubectl -n kube-system get cm kube-proxy -oyaml > /etc/kubernetes/kube-proxy.conf sed -i "s/${OLD_IP}/${NEW_IP}/g" /etc/kubernetes/kube-proxy.conf kubectl -n kube-system apply -f /etc/kubernetes/kube-proxy.conf kubectl -n kube-system delete pod -l k8s-app=kube-proxy echo echo "=========================== Check pod status ===============================" while kubectl get pod -n kube-system| grep -vE "STATUS|Running"; do sleep 5 && echo "waiting pod ready..."; done echo "IP updated successfully."