问题描述

我们目前有2个Kubernetes集群:

We currently have 2 Kubernetes clusters:

• 使用Kops在AWS上运行的一种设置

• One setup with Kops running on AWS

使用我们自己的硬件运行Kubeadm的一种设置

One setup with Kubeadm running on our own hardware

我们希望将它们组合在一起以仅具有一个集群来管理.

We want to combine them to only have a single cluster to manage.

主服务器最终可能位于AWS或我们的服务器上，两者都很好.

The master could end up being on AWS or on our servers, both are fine.

我们找不到将配置了一个集群的节点添加到另一个集群的方法.

We can't find a way to add nodes configured with one cluster to the other.

• kubeadm在使用Kops设置的节点上不可用，因此我们无法执行例如kubeadm token create --print-join-command

• kubeadm is not made available on nodes setup with Kops, so we can't do eg kubeadm token create --print-join-command

Kops似乎没有实用程序可让我们添加任意节点，请参见

Kops doesn't seem to have utilities to let us add arbitrary nodes, see how to add an node to my kops cluster? (node in here is my external instance)

此问题提出了相同的问题，但未得到回答: https://github.com/kubernetes/kops/issues/5024

This issue raises the same question but was left unanswered: https://github.com/kubernetes/kops/issues/5024

推荐答案

您可以手动加入节点，但这实际上不是推荐的处理方式.

You can join the nodes manually, but this is really not a recommend way of doing things.

如果您正在使用kubeadm，则可能已经在工作程序上安装了所有相关组件，以使它们以有效方式加入.我要说的要遵循的过程是:

If you're using kubeadm, you probably already have all the relevant components installed on the workers to have them join in a valid way. What I'd say the process to follow is:

在有问题的本地运行kubeadm reset

登录到kops节点，并检查kubelet配置:

login to the kops node, and examine the kubelet configuration:

systemctl cat kubelet

在这里，您将看到在/etc/sysconfig/kubelet中指定了kubelet配置.您需要复制该文件，并确保本地节点在其systemd启动配置中包含该文件

In here, you'll see the kubelet config is specified at /etc/sysconfig/kubelet. You'll need to copy that file and ensure the on-prem node has it in its systemd startup config

将relevent配置复制到本地节点.您需要删除对AWS云提供商的任何引用，并确保主机名有效.这是我从kops节点复制并修改的示例配置:

Copy the relevent config over to the on-prem node. You'll need to remove any references to the AWS cloud provider stuff, as well as make sure the hostname is valid. Here's an example config I copied from a kops node, and modified:

DAEMON_ARGS="--allow-privileged=true --cgroup-root=/ --cluster-dns=100.64.0.10 --cluster-domain=cluster.local --enable-debugging-handlers=true - --feature-gates=ExperimentalCriticalPodAnnotation=true --hostname-override=<my_dns_name> --kubeconfig=/var/lib/kubelet/kubeconfig --network-plugin=cni --node-labels=kops.k8s.io/instancegroup=onpremnodes,kubernetes.io/role=node,node-role.kubernetes.io/node= --non-masquerade-cidr=100.64.0.0/10 --pod-infra-container-image=gcr.io/google_containers/pause-amd64:3.0 --pod-manifest-path=/etc/kubernetes/manifests --register-schedulable=true --v=2 --cni-bin-dir=/opt/cni/bin/ --cni-conf-dir=/etc/cni/net.d/"
HOME="/root"

此外，检查kubelet kubeconfig配置(应位于/var/lib/kubelet/kubeconfig).这是告诉kubelet要向哪个API服务器注册的配置.确保存在于本地节点上

Also, examine the kubelet kubeconfig configuration (it should be at /var/lib/kubelet/kubeconfig). This is the config which tells the kubelet which API server to register with. Ensure that exists on the on-prem node

这应该使您的节点加入API.在执行此过程时，您可能必须进行一些调试.

This should get your node joining the API. You may have to go through some debugging as you go through this process.

我确实不建议这样做，原因如下:

I really don't recommend doing this though, for the following reasons:

• 除非您以理智的方式使用节点标签，否则在配置云元素时会遇到问题. kubelet将定期与AWS API进行交互，因此，如果您尝试使用LoadBalancer类型的服务或任何云卷，则需要将工作负载固定到特定节点.您需要大量使用污点和公差.
• Kubernetes员工并非旨在通过WAN连接.您可能会在某些时候看到网络延迟等问题
• 如果您确实选择沿这条路线走，则需要确保在两个方向上均已为TLS配置了TLS，以用于API<-> kubelet通信或VPN.

这篇关于Kubernetes:将Kops集群与本地Kubeadm集群组合的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！