1.先查看token是否还可用
[root@hadoop01 ~]# kubeadm token list
1.1) 还在则获取ca证书sha256编码hash值,不在则进行2操作
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //' 6fd9b1bf2d593d2d4f550cd9f1f596865f117fef462db42860228311c2712b8b
1.2) node节点加入
kubeadm join k8smaster.com:6443 --token ky6r26.ucd2s4jmtimxvj90 --discovery-token-ca-cert-hash sha256:6fd9b1bf2d593d2d4f550cd9f1f596865f117fef462db42860228311c2712b8b --ignore-preflight-errors=Swap
2.生成一个新的token
[root@hadoop01 ~]# kubeadm token create --print-join-command //默认有效期24小时,若想久一些可以结合--ttl参数,设为0则用不过期 kubeadm join k8smaster.com:6443 --token pdas2m.fkgn8q7mz5u96jm6 --discovery-token-ca-cert-hash sha256:6fd9b1bf2d593d2d4f550cd9f1f596865f117fef462db42860228311c2712b8b
2.1) 查看token
[root@hadoop01 ~]# kubeadm token list TOKEN TTL EXPIRES USAGES DESCRIPTION EXTRA GROUPS pdas2m.fkgn8q7mz5u96jm6 23h 2019-10-25T23:38:46+08:00 authentication,signing <none> system:bootstrappers:kubeadm:default-node-token
2.2).node节点加入
kubeadm join k8smaster.com:6443 --token pdas2m.fkgn8q7mz5u96jm6
--discovery-token-ca-cert-hash sha256:6fd9b1bf2d593d2d4f550cd9f1f596865f117fef462db42860228311c2712b8b
--ignore-preflight-errors=Swap