Qiita Teams that are logged in
You are not logged in to any team

Log in to Qiita Team
Community
OrganizationAdvent CalendarQiitadon (β)
Service
Qiita JobsQiita ZineQiita Blog
Help us understand the problem. What is going on with this article?

k3sのバージョンアップとミスした時の対処方法

研究室のk3sクラスタのバージョンアップをしようとしたところworkerがNotReadyになったのでその時の原因と対処法の備忘録です.

VERSIONを
v1.18.3+k3s1⇒v1.19.3+k3s3にアップ

$ sudo kubectl get nodes
NAME       STATUS     ROLES    AGE   VERSION
worker-1   NotReady   <none>   100d   v1.19.3+k3s3
worker-2   NotReady   <none>   100d   v1.19.3+k3s3
master     Ready      master   100d   v1.19.3+k3s3

しかしNotReadyに...
エラーが起こったらログを見ろ
masterの/var/log/syslogを見たところ

Nov 27 08:26:13 anchor-1 k3s[29821]: E1127 08:26:13.520864 29821 authentication.go:53] Unable to authenticate the request due to an error: x509: certificate signed by unknown authority

証明書がおかしいらしいのでworkerのk3sの設定を見る

worker1:~$ which k3s
/usr/local/bin/k3s

worker1:~$ ls /usr/local/bin/
crictl  ctr  k3s  k3s-agent-uninstall.sh  k3s-killall.sh  k3s-uninstall.sh  kubectl  stns-key-wrapper

原因

workerにmasterの設定を入れてしまっていた...
(xpanesコマンドを使い複数VMにmasterの設定を流し込んだのが原因です...)

対処法

/usr/local/binのk3s-agent-uninstall.shを実行して削除

/usr/local/bin$ ./k3s-agent-uninstall.sh

workerの再設定

curl -sfL https://get.k3s.io | K3S_URL=<master name>
:6443 K3S_TOKEN="<node-token>" sh -
$ sudo kubectl get nodes
NAME       STATUS     ROLES    AGE   VERSION
worker-1   Ready      <none>   100d   v1.19.3+k3s3
worker-2   Ready      <none>   100d   v1.19.3+k3s3
master     Ready      master   100d   v1.19.3+k3s3

参考文献

日本語版K3sマニュアル

cdsl
東京工科大学コンピュータサイエンス学部クラウド・分散システム研究室
https://www.tak-cslab.org/
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away