k8s的node启动kubelet后再master端获取不到
node的日志/var/log/messages报错如下
failed to ensure node lease exists, will retry in 7s, error: leases.coordination.k8s.io "172.16.20.227" is forbidden: User "system:node:172.16.20.228" cannot get resource "leases" in API group "coordination.k8s.io" in the namespace "kube-node-lease": can only access node lease with the same name as the requesting node
原因:其他node复制过来的配置文件包含证书/opt/kubernetes/ssl/导致重复了
需要删除该目录下证书重启kubelet重新生成新的node证书
如果是修改了node主机的IP,需要修改kubelet 配置信息,重启kubelet并且在master删除原csr以及node