k8skubeadm生成Token以及设置过期时间kubeadm删除token_kubeadm token

作者：IT领航者 | 2024-01-17 09:34:36

踩

kubeadm token

1.查看Token


[root@m1 admin]# kubeadm token list
TOKEN                     TTL         EXPIRES                     USAGES                   DESCRIPTION               EXTRA GROUPS
bwa8py.ghf5s0vfsxz1d7fx   <invalid>   2022-08-01T19:06:15+08:00   authentication,signing   kubelet-bootstrap-token   system:bootstrappers:worker
mbwfv6.lbasbfken6or58re   23h         2022-08-04T21:29:20+08:00   authentication,signing   kubelet-bootstrap-token   system:bootstrappers:worker
yvsocr.b40go6o23ee85wrs   <forever>   <never>                     authentication,signing   kubelet-bootstrap-token   system:bootstrappers:worker

2.设置用不过期Token


# 不加只有24H小时
[root@m1 admin]#  kubeadm token create
# 加上 kubeadm token create --ttl 0
[root@m1 admin]# export BOOTSTRAP_TOKEN=$(kubeadm token create --ttl 0 \
      --description kubelet-bootstrap-token \
      --groups system:bootstrappers:worker \
      --kubeconfig kube.config)


获取CA公钥的哈希值
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed  's/^ .* //'
 
 
kubeadm join 192.168.40.8:6443 --token token填这里   --discovery-token-ca-cert-hash sha256:哈希值填这里


# 删除多余token
[root@m1 admin]# kubeadm token delete  bwa8py.ghf5s0vfsxz1d7fx
bootstrap token with id "bwa8py" deleted
[root@m1 admin]# kubeadm token delete  mbwfv6.lbasbfken6or58re
bootstrap token with id "mbwfv6" deleted

声明：本文内容由网友自发贡献，不代表【wpsshop博客】立场，版权归原作者所有，本站不承担相应法律责任。如您发现有侵权的内容，请联系我们。转载请注明出处：https://www.wpsshop.cn/article/detail/40899