kubeadm add new master or node, unknown flag --experimental-upload-certs

created at 08-25-2021 views: 28

At master01

Generate a new token

[root@k8s-master01 ~]# kubeadm token create --print-join-command
W0825 09:25:49.300571   23457 configset.go:348] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
kubeadm join 192.168.80.10:16443 --token il1ddh.6s1rp74bb3cf18wv     --discovery-token-ca-cert-hash sha256:b7c2ecb0c238eadf5c6b8657137203c11633fd4c812bcea10e1dfbc61a36861f

Generate new certificate

The parameter before version 1.16 was --experimental-upload-certs, and after version 1.16 and 1.16, it was --upload-certs

If the command is wrong, an unknown flag --experimental-upload-certs error will appear

[root@k8s-master01 ~]# kubeadm init phase upload-certs --upload-certs
I0825 09:35:16.039382   32084 version.go:255] remote version is much newer: v1.22.1; falling back to: stable-1.19
W0825 09:35:16.739034   32084 configset.go:348] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
[upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
[upload-certs] Using certificate key:
a615c6fb67eff694085de21480c462de2bc65b545884957ae0d37b109000e281

At new node

Add new node

kubeadm join 192.168.80.10:16443 --token il1ddh.6s1rp74bb3cf18wv     --discovery-token-ca-cert-hash sha256:b7c2ecb0c238eadf5c6b8657137203c11633fd4c812bcea10e1dfbc61a36861f

Add new master node

Similarly, the parameter before version 1.16 is --experimental-control-plane --certificate-key, and after version 1.16 and 1.16, it is --control-plane --certificate-key.

kubeadm join 192.168.80.10:16443 --token il1ddh.6s1rp74bb3cf18wv     --discovery-token-ca-cert-hash sha256:b7c2ecb0c238eadf5c6b8657137203c11633fd4c812bcea10e1dfbc61a36861f --control-plane --certificate-key a615c6fb67eff694085de21480c462de2bc65b545884957ae0d37b109000e281
etcdctl --cacert="/etc/kubernetes/pki/etcd/ca.crt" --cert="/etc/kubernetes/pki/etcd/server.crt" --key="/etc/kubernetes/pki/etcd/server.key" member list
created at:08-25-2021
edited at: 08-25-2021: