Setting up the other master with existing certifications

Similar to the last session, let's start and enable kubelet first:

// now you're in the second master
$ sudo systemctl enable kubelet && sudo systemctl start kubelet

After we have set up the first master, we should share newly generated certificates and keys with the whole system. It makes sure that the masters are secured in the same manner:

$ sudo scp -r root@$FIRST_MASTER_IP:/etc/kubernetes/pki/* /etc/kubernetes/pki/

You will have found that several files such as certificates or keys are copied to the /etc/kubernetes/pki/ directly, where they can only be accessed by the root. However, we are going to remove the files  apiserver.crt and apiserver.key. It is because these files should be generated in line with the hostname and IP of the second master, but the shared client certificate ca.crt is also involved in the generating process:

$ sudo rm /etc/kubernetes/pki/apiserver.*

Next, before we fire the master initialization command, please change the API advertise address in the configuration file for the second master. It should be the IP of the second master, your current host. The configuration file of the second master is quite similar to the first master's.

The difference is that we should indicate the information of etcd server and avoid creating a new set of them:

// Please modify the change by your case
$ cat custom-init-2nd.conf
apiVersion: kubeadm.k8s.io/v1alpha1
kind: MasterConfiguration
api:
  advertiseAddress: "<SECOND_MASTER_IP>"
...

Go ahead and fire the kubeadm init command, record the kubeadm join command shown in the last line of the init command to add the node later, and enable the client API permission:

$ sudo kubeadm init --config custom-init-2nd.conf
// copy the "kubeadm join" command showing in the output
$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config

Then, check the current nodes; you will find there are two master :

$ kubectl get nodes
NAME       STATUS    ROLES     AGE       VERSION
master01   Ready     master    8m        v1.10.2
master02   Ready     master    1m        v1.10.2
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset