Changing Managment IP on Kubernetes cluster
From: https://github.com/kubernetes/kubeadm/issues/338
- Replace IP in kuberenets configs.
oldip=192.168.1.9
newip=10.20.2.210
cd /etc/kubernetes
# see before
find . -type f | xargs grep $oldip
# modify files in place
find . -type f | xargs sed -i "s/$oldip/$newip/"
# see after
find . -type f | xargs grep $newip
2. backup /etc/kubernetes/pki
mkdir ~/k8s-old-pki
cp -Rvf /etc/kubernetes/pki/* ~/k8s-old-pki
3. Identify certs in /etc/kubernetes/pki that have the old IP address as an alt name (this could be cleaned up)
cd /etc/kubernetes/pki
for f in $(find -name "*.crt"); do
openssl x509 -in $f -text -noout > $f.txt;
done
grep -Rl $oldip .
for f in $(find -name "*.crt"); do rm $f.txt; done
4. identify configmap in the kube-system
namespace that referenced the old IP, edit them:
# find all the config map names
configmaps=$(kubectl -n kube-system get cm -o name | \
awk '{print $1}' | \
cut -d '/' -f 2)
# fetch all for filename reference
dir=$(mktemp -d)
for cf in $configmaps; do
kubectl -n kube-system get cm $cf -o yaml > $dir/$cf.yaml
done
# have grep help you find the files to edit, and where
grep -Hn $dir/* -e $oldip
# edit those files, in my case, grep only returned these two:
kubectl -n kube-system edit cm kubeadm-config
kubectl -n kube-system edit cm kube-proxy
5. change the IP address (via cli or gui for your distro)
6. Run the following command to renew all the Kubernetes certificates:
kubeadm alpha certs renew all
7. restart kubelete and docker
sudo systemctl restart kubelet
sudo systemctl restart docker
8. copy over the new config
sudo systemctl restart kubelet
sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
9. I rebooted for good measure.