3.4 Setting Up a Worker Node

Repeat these steps on each host that you want to add to the cluster as a worker node.

Install the kubeadm package and its dependencies:

# yum install kubeadm kubelet kubectl kubeadm-ha-setup

As root, run the kubeadm-ha-setup join command to add the host as a worker node:

# kubeadm-ha-setup join container-registry.oracle.com/kubernetes:v1.12.5 192.0.2.13:6443 \
   --token ixxbh9.zrtxo7jwo1uz2ssp --discovery-token-ca-cert-hash \
      sha256:6459031d2993f672f5a47f1373f009a3ce220ceddd6118f14168734afc0a43ad
Trying to pull image kube-proxy v1.12.5 from container-registry.oracle.com/kubernetes
Cleaning up ...
[preflight] running pre-flight checks
[discovery] Trying to connect to API Server "192.0.2.13:6443"
[discovery] Created cluster-info discovery client, 
requesting info from "https://192.0.2.13:6443"
[discovery] Requesting info from "https://192.0.2.13:6443" again 
to validate TLS against the pinned public key
[discovery] Cluster info signature and contents are valid and TLS certificate validates 
against pinned roots, will use API Server "192.0.2.13:6443"
[discovery] Successfully established connection with API Server "192.0.2.13:6443"
[kubelet] Downloading configuration for the kubelet from 
the "kubelet-config-1.12" ConfigMap in the kube-system namespace
[kubelet] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[preflight] Activating the kubelet service
[tlsbootstrap] Waiting for the kubelet to perform the TLS Bootstrap...
[patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" 
to the Node API object "worker1.example.com" as an annotation

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the master to see this node join the cluster.

Replace the IP address and port, 192.0.2.13:6443, with the IP address and port that is set for the vip or loadbalancer used by the master cluster. Note that the default port is 6443, and you can check the IP address you need to use with kubectl cluster-info.

To verify that the worker has been successfully added to the high availability cluster, run kubectl get nodes on any node in the master cluster:

$ kubectl get nodes
NAME                  STATUS   ROLES    AGE     VERSION
master1.example.com   Ready    master   10m     v1.12.5+2.1.1.el7
master2.example.com   Ready    master   9m56s   v1.12.5+2.1.1.el7
master3.example.com   Ready    master   9m16s   v1.12.5+2.1.1.el7
worker1.example.com   Ready    <none>   2m26s   v1.12.5+2.1.1.el7