部署Kubernetes Cluster
<p>中文学习网站:https://www.kubernetes.org.cn/doc-16</p><h2>部署docker服务</h2>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">所有节点部署docker服务
curl </span>-sSL https:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">get.daocloud.io/docker | sh</span>
<span style="color: rgba(0, 0, 0, 1)">systemctl start docker
echo </span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{"registry-mirrors":["https://reg-mirror.qiniu.com/"]}</span><span style="color: rgba(128, 0, 0, 1)">'</span> >>/etc/docker/<span style="color: rgba(0, 0, 0, 1)">daemon.json
systemctl daemon</span>-<span style="color: rgba(0, 0, 0, 1)">reload
systemctl restart docker</span></pre>
</div>
<div class="cnblogs_code">
<pre>后面需要操作的<br>cat > /etc/docker/daemon.json <<<span style="color: rgba(0, 0, 0, 1)">EOF
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">],
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=systemd</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
}
EOF
systemctl daemon</span>-<span style="color: rgba(0, 0, 0, 1)">reload
systemctl restart docker.service </span></pre>
</div>
<p> </p>
<h2>自己的yum安装没有镜像源,需要配置源</h2>
<div class="cnblogs_code">
<pre>$ systemctl stopfirewalld.service
$ yum install -<span style="color: rgba(0, 0, 0, 1)">y kubelet kubeadm kubectl
Loaded plugins: fastestmirror
</span><span style="color: rgba(0, 0, 255, 1)">base</span> | <span style="color: rgba(128, 0, 128, 1)">3.6</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
epel </span>| <span style="color: rgba(128, 0, 128, 1)">4.7</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
extras </span>| <span style="color: rgba(128, 0, 128, 1)">2.9</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
updates </span>| <span style="color: rgba(128, 0, 128, 1)">2.9</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
(</span><span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">3</span>): epel/x86_64/updateinfo | <span style="color: rgba(128, 0, 128, 1)">1.0</span> MB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">01</span><span style="color: rgba(0, 0, 0, 1)">
(</span><span style="color: rgba(128, 0, 128, 1)">2</span>/<span style="color: rgba(128, 0, 128, 1)">3</span>): epel/x86_64/primary_db | <span style="color: rgba(128, 0, 128, 1)">7.0</span> MB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">07</span><span style="color: rgba(0, 0, 0, 1)">
(</span><span style="color: rgba(128, 0, 128, 1)">3</span>/<span style="color: rgba(128, 0, 128, 1)">3</span>): updates/<span style="color: rgba(128, 0, 128, 1)">7</span>/x86_64/primary_db |<span style="color: rgba(128, 0, 128, 1)">13</span> MB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">08</span><span style="color: rgba(0, 0, 0, 1)">
Determining fastest mirrors
</span>* <span style="color: rgba(0, 0, 255, 1)">base</span><span style="color: rgba(0, 0, 0, 1)">: mirrors.aliyun.com
</span>*<span style="color: rgba(0, 0, 0, 1)"> extras: mirrors.aliyun.com
</span>*<span style="color: rgba(0, 0, 0, 1)"> updates: mirrors.aliyun.com
No package kubelet available.
No package kubeadm available.
No package kubectl available.
Error: Nothing to </span><span style="color: rgba(0, 0, 255, 1)">do</span><span style="color: rgba(0, 0, 0, 1)">
$ ls /etc/yum.repos.d/<span style="color: rgba(0, 0, 0, 1)">
CentOS</span>-Base.repoCentOS-Base.repo.backupCentOS-CR.repoCentOS-Debuginfo.repoCentOS-fasttrack.repoCentOS-Media.repoCentOS-Sources.repoCentOS-Vault.repoepel.repo</pre>
</div>
<h2>配置阿里kubernetes镜像源以及yum安装kubelet/kubeadm/kubectl</h2>
<div class="cnblogs_code">
<pre>所有节点都要安装kubelet/kubeadm/<span style="color: rgba(0, 0, 0, 1)">kubectl
阿里云kubernetes镜像源添加指导:https:</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">developer.aliyun.com/mirror/kubernetes?spm=a2c6h.13651102.0.0.3e221b11Ki4Wu1</span>
<span style="color: rgba(0, 0, 0, 1)">直接去阿里云镜像源找kubernetes,进行操作
CentOS </span>/ RHEL /<span style="color: rgba(0, 0, 0, 1)"> Fedora
cat </span><<EOF > /etc/yum.repos.d/<span style="color: rgba(0, 0, 0, 1)">kubernetes.repo
name</span>=<span style="color: rgba(0, 0, 0, 1)">Kubernetes
baseurl</span>=https:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/</span>
enabled=<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
gpgcheck</span>=<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
repo_gpgcheck</span>=<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
gpgkey</span>=https:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg </span><span style="color: rgba(0, 128, 0, 1); text-decoration: underline">https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg</span>
<span style="color: rgba(0, 0, 0, 1)">EOF
setenforce </span><span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">
yum install </span>-<span style="color: rgba(0, 0, 0, 1)">y kubelet kubeadm kubectl
systemctl enable kubelet </span>&& systemctl start kubelet</pre>
</div>
<h2>用kubeadm创建集群</h2>
<div class="cnblogs_code"><img src="https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif" id="code_img_closed_1a383911-58be-4dbe-a331-4ee37003a0a9" class="code_img_closed"><img src="https://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif" id="code_img_opened_1a383911-58be-4dbe-a331-4ee37003a0a9" class="code_img_opened" style="display: none">
<div id="cnblogs_code_open_1a383911-58be-4dbe-a331-4ee37003a0a9" class="cnblogs_code_hide">
<pre><span style="color: rgba(0, 0, 0, 1)">master至少两个cpu,2G内存
net.ipv4.ip_forward </span>= <span style="color: rgba(128, 0, 128, 1)">1</span>
<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">. 关掉swapoff
swapoff </span>-<span style="color: rgba(0, 0, 0, 1)">a
</span><span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">. 注释掉配置
vi </span>/etc/<span style="color: rgba(0, 0, 0, 1)">fstab
注释掉最后一行swap的
#UUID</span>=6042e061-f29b-4ac1-9f32-87980ddf0e1f swap swap defaults <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">0</span>
<span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)">、重启虚拟机,我这里是虚拟机,如果是生产或其它,可要想好了
reboot now
改驱动
cat </span>> /etc/docker/daemon.json <<<span style="color: rgba(0, 0, 0, 1)">EOF
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">],
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=cgroupfs</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
}
EOF
node
改驱动
cat </span>> /etc/docker/daemon.json <<<span style="color: rgba(0, 0, 0, 1)">EOF
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">],
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=cgroupfs</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
}
EOF
swapoff </span>-a</pre>
</div>
<span class="cnblogs_code_collapse">部署前注意的点</span></div>
<p>官网:https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/</p>
<p> </p>
<h2>主机规划</h2>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">主机名 节点类型 ip
mcw7 master </span><span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span><span style="color: rgba(0, 0, 0, 1)">
mcw8 node1 </span><span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.138</span><span style="color: rgba(0, 0, 0, 1)">
mcw9 node2 </span><span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.139</span></pre>
</div>
<h2>初始化Master</h2>
<div class="cnblogs_code">
<pre>$ kubeadm init --apiserver-advertise-address <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> --pod-network-cidr=<span style="color: rgba(128, 0, 128, 1)">10.244</span>.<span style="color: rgba(128, 0, 128, 1)">0.0</span>/<span style="color: rgba(128, 0, 128, 1)">24</span><span style="color: rgba(0, 0, 0, 1)">
......
Server:
ERROR: Cannot connect to the Docker daemon at unix:</span><span style="color: rgba(128, 128, 128, 1)">///</span><span style="color: rgba(0, 128, 0, 1)">var/run/docker.sock. Is the docker daemon running?</span>
<span style="color: rgba(0, 0, 0, 1)">errors pretty printing info
, error: exit status </span><span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
: docker service <span style="color: rgba(0, 0, 255, 1)">is</span> not active, please run <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">systemctl start docker.service</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
: /proc/sys/net/bridge/bridge-nf-call-<span style="color: rgba(0, 0, 0, 1)">iptables does not exist
: /proc/sys/net/ipv4/ip_forward contents are not <span style="color: rgba(0, 0, 255, 1)">set</span> to <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
: error verifying Docker info: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
If you know what you are doing, you can make a check non</span>-fatal with `--ignore-preflight-errors=<span style="color: rgba(0, 0, 0, 1)">...`
To see the stack trace of </span><span style="color: rgba(0, 0, 255, 1)">this</span> error execute with --v=<span style="color: rgba(128, 0, 128, 1)">5</span><span style="color: rgba(0, 0, 0, 1)"> or higher#运行报错,这是因为docker daemon没起
$ systemctl start docker.service#启动docker daemon ,然后初始化Master
$ kubeadm init --apiserver-advertise-address <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> --pod-network-cidr=<span style="color: rgba(128, 0, 128, 1)">10.244</span>.<span style="color: rgba(128, 0, 128, 1)">0.0</span>/<span style="color: rgba(128, 0, 128, 1)">24</span><span style="color: rgba(0, 0, 0, 1)">
$ kubeadm init --apiserver-advertise-address <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> --pod-network-cidr=<span style="color: rgba(128, 0, 128, 1)">10.244</span>.<span style="color: rgba(128, 0, 128, 1)">0.0</span>/<span style="color: rgba(128, 0, 128, 1)">24</span><span style="color: rgba(0, 0, 0, 1)">
Using Kubernetes version: v1.</span><span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
Running pre</span>-<span style="color: rgba(0, 0, 0, 1)">flight checks
: docker service <span style="color: rgba(0, 0, 255, 1)">is</span> not enabled, please run <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">systemctl enable docker.service</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
: swap </span><span style="color: rgba(0, 0, 255, 1)">is</span><span style="color: rgba(0, 0, 0, 1)"> enabled; production deployments should disable swap unless testing the NodeSwap feature gate of the kubelet
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw7</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> could not be reached
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw7</span><span style="color: rgba(128, 0, 0, 1)">"</span>: lookup mcw7 on <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.2</span>:<span style="color: rgba(128, 0, 128, 1)">53</span><span style="color: rgba(0, 0, 0, 1)">: no such host
error execution phase preflight: Some fatal errors occurred:
: the number of available CPUs </span><span style="color: rgba(128, 0, 128, 1)">1</span> <span style="color: rgba(0, 0, 255, 1)">is</span> less than the required <span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">
: the system RAM (</span><span style="color: rgba(128, 0, 128, 1)">976</span> MB) <span style="color: rgba(0, 0, 255, 1)">is</span> less than the minimum <span style="color: rgba(128, 0, 128, 1)">1700</span><span style="color: rgba(0, 0, 0, 1)"> MB
If you know what you are doing, you can make a check non</span>-fatal with `--ignore-preflight-errors=<span style="color: rgba(0, 0, 0, 1)">...`
To see the stack trace of </span><span style="color: rgba(0, 0, 255, 1)">this</span> error execute with --v=<span style="color: rgba(128, 0, 128, 1)">5</span><span style="color: rgba(0, 0, 0, 1)"> or higher
再次运行报错:
可用CPU 1的数量小于所需的2可用CPU 1的数量小于所需的2
系统RAM(</span><span style="color: rgba(128, 0, 128, 1)">976</span><span style="color: rgba(0, 0, 0, 1)"> MB)小于最小1700 MB
我的vmware创建的虚拟机是1G的,看来不够</span></pre>
</div>
<h3>修改虚拟机配置</h3>
<p><img src="https://img2020.cnblogs.com/blog/1286512/202201/1286512-20220103105114687-1891936076.png" alt="" loading="lazy"></p>
<p> </p>
<p> <img src="https://img2020.cnblogs.com/blog/1286512/202201/1286512-20220103105202650-1153230910.png" alt="" loading="lazy"></p>
<p> </p>
<p> <img src="https://img2020.cnblogs.com/blog/1286512/202201/1286512-20220103105239227-172428414.png" alt="" loading="lazy"></p>
<p> </p>
<p> <img src="https://img2020.cnblogs.com/blog/1286512/202201/1286512-20220103105313377-1685518690.png" alt="" loading="lazy"></p>
<p> </p>
<p> <img src="https://img2020.cnblogs.com/blog/1286512/202201/1286512-20220103105336558-409314970.png" alt="" loading="lazy"></p>
<p> </p>
<p>再次执行,卡住一段时间不懂,然后再次报错:failed to pull image k8s.gcr.io/kube-apiserver:v1.23.1<br>这是因为k8s.gcr.io是国外网站,</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">这是因为k8s.gcr.io是国外网站,
$ kubeadm init --apiserver-advertise-address <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> --pod-network-cidr=<span style="color: rgba(128, 0, 128, 1)">10.244</span>.<span style="color: rgba(128, 0, 128, 1)">0.0</span>/<span style="color: rgba(128, 0, 128, 1)">24</span><span style="color: rgba(0, 0, 0, 1)">
Using Kubernetes version: v1.</span><span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
Running pre</span>-<span style="color: rgba(0, 0, 0, 1)">flight checks
: docker service <span style="color: rgba(0, 0, 255, 1)">is</span> not enabled, please run <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">systemctl enable docker.service</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
: swap </span><span style="color: rgba(0, 0, 255, 1)">is</span><span style="color: rgba(0, 0, 0, 1)"> enabled; production deployments should disable swap unless testing the NodeSwap feature gate of the kubelet
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw7</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> could not be reached
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw7</span><span style="color: rgba(128, 0, 0, 1)">"</span>: lookup mcw7 on <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.2</span>:<span style="color: rgba(128, 0, 128, 1)">53</span><span style="color: rgba(0, 0, 0, 1)">: no such host
Pulling images required </span><span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> setting up a Kubernetes cluster
This might take a minute or two, depending on the speed of your internet connection
You can also perform </span><span style="color: rgba(0, 0, 255, 1)">this</span> action <span style="color: rgba(0, 0, 255, 1)">in</span> beforehand <span style="color: rgba(0, 0, 255, 1)">using</span> <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">kubeadm config images pull</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
error execution phase preflight: Some fatal errors occurred:
: failed to pull image k8s.gcr.io</span>/kube-apiserver:v1.<span style="color: rgba(128, 0, 128, 1)">23.1</span>: output: Error response <span style="color: rgba(0, 0, 255, 1)">from</span> daemon: Get <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://k8s.gcr.io/v2/</span><span style="color: rgba(128, 0, 0, 1)">"</span>: dial tcp <span style="color: rgba(128, 0, 128, 1)">142.250</span>.<span style="color: rgba(128, 0, 128, 1)">157.82</span>:<span style="color: rgba(128, 0, 128, 1)">443</span>: connect: connection timed <span style="color: rgba(0, 0, 255, 1)">out</span><span style="color: rgba(0, 0, 0, 1)">
, error: exit status </span><span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
........
: failed to pull image k8s.gcr.io</span>/coredns/coredns:v1.<span style="color: rgba(128, 0, 128, 1)">8.6</span>: output: Error response <span style="color: rgba(0, 0, 255, 1)">from</span> daemon: Get <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://k8s.gcr.io/v2/</span><span style="color: rgba(128, 0, 0, 1)">"</span>: dial tcp <span style="color: rgba(128, 0, 128, 1)">74.125</span>.<span style="color: rgba(128, 0, 128, 1)">204.82</span>:<span style="color: rgba(128, 0, 128, 1)">443</span>: connect: connection timed <span style="color: rgba(0, 0, 255, 1)">out</span><span style="color: rgba(0, 0, 0, 1)">
, error: exit status </span><span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
If you know what you are doing, you can make a check non</span>-fatal with `--ignore-preflight-errors=<span style="color: rgba(0, 0, 0, 1)">...`
To see the stack trace of </span><span style="color: rgba(0, 0, 255, 1)">this</span> error execute with --v=<span style="color: rgba(128, 0, 128, 1)">5</span> or higher</pre>
</div>
<p> </p>
<h3>kubeadm命令行指定国内镜像仓库</h3>
<p>上面问题解决方法:<br>下载镜像,使用国内镜像,比如阿里云镜像</p>
<div class="cnblogs_code">
<pre>kubeadm init --image-repository=registry.aliyuncs.com/google_containers --pod-network-cidr=<span style="color: rgba(128, 0, 128, 1)">10.244</span>.<span style="color: rgba(128, 0, 128, 1)">0.0</span>/<span style="color: rgba(128, 0, 128, 1)">16</span> --kubernetes-version=v1.<span style="color: rgba(128, 0, 128, 1)">18.5</span><span style="color: rgba(0, 0, 0, 1)">
kubeadm init </span>--apiserver-advertise-address <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> --pod-network-cidr=<span style="color: rgba(128, 0, 128, 1)">10.244</span>.<span style="color: rgba(128, 0, 128, 1)">0.0</span>/<span style="color: rgba(128, 0, 128, 1)">24</span> --image-repository=registry.aliyuncs.com/google_containers</pre>
</div>
<p>结果还是不行</p>
<div class="cnblogs_code">
<pre>$ kubeadm init --apiserver-advertise-address <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> --pod-network-cidr=<span style="color: rgba(128, 0, 128, 1)">10.244</span>.<span style="color: rgba(128, 0, 128, 1)">0.0</span>/<span style="color: rgba(128, 0, 128, 1)">24</span> --image-repository=registry.aliyuncs.com/<span style="color: rgba(0, 0, 0, 1)">google_containers
Using Kubernetes version: v1.</span><span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
Running pre</span>-<span style="color: rgba(0, 0, 0, 1)">flight checks
: docker service <span style="color: rgba(0, 0, 255, 1)">is</span> not enabled, please run <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">systemctl enable docker.service</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
: swap </span><span style="color: rgba(0, 0, 255, 1)">is</span><span style="color: rgba(0, 0, 0, 1)"> enabled; production deployments should disable swap unless testing the NodeSwap feature gate of the kubelet
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw7</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> could not be reached
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw7</span><span style="color: rgba(128, 0, 0, 1)">"</span>: lookup mcw7 on <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.2</span>:<span style="color: rgba(128, 0, 128, 1)">53</span><span style="color: rgba(0, 0, 0, 1)">: no such host
Pulling images required </span><span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> setting up a Kubernetes cluster
This might take a minute or two, depending on the speed of your internet connection
You can also perform </span><span style="color: rgba(0, 0, 255, 1)">this</span> action <span style="color: rgba(0, 0, 255, 1)">in</span> beforehand <span style="color: rgba(0, 0, 255, 1)">using</span> <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">kubeadm config images pull</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
Using certificateDir folder </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/pki</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">ca</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">apiserver</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
apiserver serving cert </span><span style="color: rgba(0, 0, 255, 1)">is</span> signed <span style="color: rgba(0, 0, 255, 1)">for</span> DNS names and IPs [<span style="color: rgba(128, 0, 128, 1)">10.96</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span> <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span><span style="color: rgba(0, 0, 0, 1)">]
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">apiserver-kubelet-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">front-proxy-ca</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">front-proxy-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/ca</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/server</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
etcd</span>/server serving cert <span style="color: rgba(0, 0, 255, 1)">is</span> signed <span style="color: rgba(0, 0, 255, 1)">for</span> DNS names and IPs [<span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span> ::<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">]
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/peer</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
etcd</span>/peer serving cert <span style="color: rgba(0, 0, 255, 1)">is</span> signed <span style="color: rgba(0, 0, 255, 1)">for</span> DNS names and IPs [<span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span> ::<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">]
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/healthcheck-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">apiserver-etcd-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">sa</span><span style="color: rgba(128, 0, 0, 1)">"</span> key and <span style="color: rgba(0, 0, 255, 1)">public</span><span style="color: rgba(0, 0, 0, 1)"> key
Using kubeconfig folder </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">admin.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">controller-manager.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">scheduler.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file
Writing kubelet environment file with flags to file <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/var/lib/kubelet/kubeadm-flags.env</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Writing kubelet configuration to file <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/var/lib/kubelet/config.yaml</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Starting the kubelet
Using manifest folder <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/manifests</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating <span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-apiserver</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating <span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-controller-manager</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating <span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-scheduler</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating </span><span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> local etcd <span style="color: rgba(0, 0, 255, 1)">in</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/manifests</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Waiting <span style="color: rgba(0, 0, 255, 1)">for</span> the kubelet to boot up the control plane <span style="color: rgba(0, 0, 255, 1)">as</span> <span style="color: rgba(0, 0, 255, 1)">static</span> Pods <span style="color: rgba(0, 0, 255, 1)">from</span> directory <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/manifests</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">. This can take up to 4m0s
Initial timeout of 40s passed.
It seems like the kubelet isn<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">t running or healthy.</span>
The HTTP call equal to <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">curl -sSL http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">'</span> failed with error: Get <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">"</span>: dial tcp [::<span style="color: rgba(128, 0, 128, 1)">1</span>]:<span style="color: rgba(128, 0, 128, 1)">10248</span><span style="color: rgba(0, 0, 0, 1)">: connect: connection refused.
It seems like the kubelet isn<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">t running or healthy.</span>
The HTTP call equal to <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">curl -sSL http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">'</span> failed with error: Get <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">"</span>: dial tcp [::<span style="color: rgba(128, 0, 128, 1)">1</span>]:<span style="color: rgba(128, 0, 128, 1)">10248</span><span style="color: rgba(0, 0, 0, 1)">: connect: connection refused.
It seems like the kubelet isn<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">t running or healthy.</span>
The HTTP call equal to <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">curl -sSL http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">'</span> failed with error: Get <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">"</span>: dial tcp [::<span style="color: rgba(128, 0, 128, 1)">1</span>]:<span style="color: rgba(128, 0, 128, 1)">10248</span><span style="color: rgba(0, 0, 0, 1)">: connect: connection refused.
It seems like the kubelet isn<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">t running or healthy.</span>
The HTTP call equal to <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">curl -sSL http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">'</span> failed with error: Get <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">"</span>: dial tcp [::<span style="color: rgba(128, 0, 128, 1)">1</span>]:<span style="color: rgba(128, 0, 128, 1)">10248</span><span style="color: rgba(0, 0, 0, 1)">: connect: connection refused.
It seems like the kubelet isn<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">t running or healthy.</span>
The HTTP call equal to <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">curl -sSL http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">'</span> failed with error: Get <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">"</span>: dial tcp [::<span style="color: rgba(128, 0, 128, 1)">1</span>]:<span style="color: rgba(128, 0, 128, 1)">10248</span><span style="color: rgba(0, 0, 0, 1)">: connect: connection refused.
Unfortunately, an error has occurred:
timed </span><span style="color: rgba(0, 0, 255, 1)">out</span> waiting <span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> the condition
This error </span><span style="color: rgba(0, 0, 255, 1)">is</span><span style="color: rgba(0, 0, 0, 1)"> likely caused by:
</span>- The kubelet <span style="color: rgba(0, 0, 255, 1)">is</span><span style="color: rgba(0, 0, 0, 1)"> not running
</span>- The kubelet <span style="color: rgba(0, 0, 255, 1)">is</span> unhealthy due to a misconfiguration of the node <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> some way (required cgroups disabled)
If you are on a systemd</span>-powered system, you can <span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)"> to troubleshoot the error with the following commands:
</span>- <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">systemctl status kubelet</span><span style="color: rgba(128, 0, 0, 1)">'</span>
- <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">journalctl -xeu kubelet</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
Additionally, a control plane component may have crashed or exited when started by the container runtime.
To troubleshoot, list all containers </span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> your preferred container runtimes CLI.
Here </span><span style="color: rgba(0, 0, 255, 1)">is</span> one example how you may list all Kubernetes containers running <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> docker:
</span>- <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">docker ps -a | grep kube | grep -v pause</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
Once you have found the failing container, you can inspect its logs with:
</span>- <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">docker logs CONTAINERID</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
error execution phase wait</span>-control-plane: couldn<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">t initialize a Kubernetes cluster</span>
To see the stack trace of <span style="color: rgba(0, 0, 255, 1)">this</span> error execute with --v=<span style="color: rgba(128, 0, 128, 1)">5</span> or higher</pre>
</div>
<h3>从DockerHub的其它仓库拉取</h3>
<div class="cnblogs_Highlighter">
<pre class="brush:csharp;gutter:true;">如何手动下载需要的镜像:https://blog.csdn.net/weixin_43168190/article/details/107227626
获取需要的docker镜像名称
$ kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.23.1
k8s.gcr.io/kube-controller-manager:v1.23.1
k8s.gcr.io/kube-scheduler:v1.23.1
k8s.gcr.io/kube-proxy:v1.23.1
k8s.gcr.io/pause:3.6
k8s.gcr.io/etcd:3.5.1-0
k8s.gcr.io/coredns/coredns:v1.8.6
</pre>
</div>
<p> </p>
<div class="cnblogs_code">
<pre>$kubeadm reset
Reading configuration </span><span style="color: rgba(0, 0, 255, 1)">from</span><span style="color: rgba(0, 0, 0, 1)"> the cluster...
FYI: You can look at </span><span style="color: rgba(0, 0, 255, 1)">this</span> config file with <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">kubectl -n kube-system get cm kubeadm-config -o yaml</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
W0103 </span><span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">18</span>:<span style="color: rgba(128, 0, 128, 1)">50.468316</span> <span style="color: rgba(128, 0, 128, 1)">14754</span> reset.go:<span style="color: rgba(128, 0, 128, 1)">101</span>] Unable to fetch the kubeadm-config ConfigMap <span style="color: rgba(0, 0, 255, 1)">from</span> cluster: failed to <span style="color: rgba(0, 0, 255, 1)">get</span> config map: Get <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://10.0.0.137:6443/api/v1/namespaces/kube-system/configmaps/kubeadm-config?timeout=10s</span><span style="color: rgba(128, 0, 0, 1)">"</span>: dial tcp <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span>:<span style="color: rgba(128, 0, 128, 1)">6443</span><span style="color: rgba(0, 0, 0, 1)">: connect: connection refused
WARNING: Changes made to </span><span style="color: rgba(0, 0, 255, 1)">this</span> host by <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">kubeadm init</span><span style="color: rgba(128, 0, 0, 1)">'</span> or <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">kubeadm join</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)"> will be reverted.
Are you sure you want to proceed</span>? : y
Running pre</span>-<span style="color: rgba(0, 0, 0, 1)">flight checks
W0103 </span><span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">18</span>:<span style="color: rgba(128, 0, 128, 1)">55.832129</span> <span style="color: rgba(128, 0, 128, 1)">14754</span> removeetcdmember.go:<span style="color: rgba(128, 0, 128, 1)">80</span>] No kubeadm config, <span style="color: rgba(0, 0, 255, 1)">using</span> etcd pod spec to <span style="color: rgba(0, 0, 255, 1)">get</span><span style="color: rgba(0, 0, 0, 1)"> data directory
Stopping the kubelet service
Unmounting mounted directories </span><span style="color: rgba(0, 0, 255, 1)">in</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/var/lib/kubelet</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Deleting contents of config directories: [</span>/etc/kubernetes/manifests /etc/kubernetes/<span style="color: rgba(0, 0, 0, 1)">pki]
Deleting files: [</span>/etc/kubernetes/admin.conf /etc/kubernetes/kubelet.conf /etc/kubernetes/bootstrap-kubelet.conf /etc/kubernetes/controller-manager.conf /etc/kubernetes/<span style="color: rgba(0, 0, 0, 1)">scheduler.conf]
Deleting contents of stateful directories: [</span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/lib/etcd /<span style="color: rgba(0, 0, 255, 1)">var</span>/lib/kubelet /<span style="color: rgba(0, 0, 255, 1)">var</span>/lib/dockershim /<span style="color: rgba(0, 0, 255, 1)">var</span>/run/kubernetes /<span style="color: rgba(0, 0, 255, 1)">var</span>/lib/<span style="color: rgba(0, 0, 0, 1)">cni]
The reset process does not clean CNI configuration. To </span><span style="color: rgba(0, 0, 255, 1)">do</span> so, you must remove /etc/cni/<span style="color: rgba(0, 0, 0, 1)">net.d
The reset process does not reset or clean up iptables rules or IPVS tables.
If you wish to reset iptables, you must </span><span style="color: rgba(0, 0, 255, 1)">do</span> so manually by <span style="color: rgba(0, 0, 255, 1)">using</span> the <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">iptables</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> command.
If your cluster was setup to utilize IPVS, run ipvsadm </span>--<span style="color: rgba(0, 0, 0, 1)">clear (or similar)
to reset your system</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">s IPVS tables.</span>
<span style="color: rgba(0, 0, 0, 1)">
The reset process does not clean your kubeconfig files and you must remove them manually.
Please, check the contents of the $HOME</span>/.kube/config file.</pre>
</div>
<h3>又一个问题:查看失败系统日志(swap) </h3>
<p>命令输出日志: It seems like the kubelet isn't running or healthy. The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp [::1]:10248: connect: connection refused.</p>
<div class="cnblogs_code">
<pre>系统日志报错:unning with swap on <span style="color: rgba(0, 0, 255, 1)">is</span> not supported, please disable swap! or <span style="color: rgba(0, 0, 255, 1)">set</span> --fail-swap-on flag to <span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">.
$ tail -<span style="color: rgba(128, 0, 128, 1)">100</span> /<span style="color: rgba(0, 0, 255, 1)">var</span>/log/<span style="color: rgba(0, 0, 0, 1)">messages
......
Jan</span><span style="color: rgba(128, 0, 128, 1)">3</span> <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">26</span>:<span style="color: rgba(128, 0, 128, 1)">00</span> mcw7 kubelet: I0103 <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">26</span>:<span style="color: rgba(128, 0, 128, 1)">00.904313</span> <span style="color: rgba(128, 0, 128, 1)">16215</span> server.go:<span style="color: rgba(128, 0, 128, 1)">693</span>] <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">--cgroups-per-qos enabled, but --cgroup-root was not specified.defaulting to /</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Jan</span><span style="color: rgba(128, 0, 128, 1)">3</span> <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">26</span>:<span style="color: rgba(128, 0, 128, 1)">00</span> mcw7 kubelet: E0103 <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">26</span>:<span style="color: rgba(128, 0, 128, 1)">00.904525</span> <span style="color: rgba(128, 0, 128, 1)">16215</span> server.go:<span style="color: rgba(128, 0, 128, 1)">302</span>] <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Failed to run kubelet</span><span style="color: rgba(128, 0, 0, 1)">"</span> err=<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">failed to run Kubelet: running with swap on is not supported, please disable swap! or set --fail-swap-on flag to false. /proc/swaps contained: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Jan</span><span style="color: rgba(128, 0, 128, 1)">3</span> <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">26</span>:<span style="color: rgba(128, 0, 128, 1)">00</span> mcw7 systemd: kubelet.service: main process exited, code=exited, status=<span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(0, 0, 0, 1)">FAILURE
Jan</span><span style="color: rgba(128, 0, 128, 1)">3</span> <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">26</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)"> mcw7 systemd: Unit kubelet.service entered failed state.
Jan</span><span style="color: rgba(128, 0, 128, 1)">3</span> <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">26</span>:<span style="color: rgba(128, 0, 128, 1)">00</span> mcw7 systemd: kubelet.service failed.</pre>
</div>
<p>解决方案:<br>1. 关掉swapoff<br>swapoff -a<br>2. 注释掉配置<br>vi /etc/fstab<br>注释掉最后一行swap的<br>#UUID=6042e061-f29b-4ac1-9f32-87980ddf0e1f swap swap defaults 0 0<br>3、重启虚拟机,我这里是虚拟机,如果是生产或其它,可要想好了<br>reboot now</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">我这里关闭swap了,暂时不改配置重启
$ free -<span style="color: rgba(0, 0, 0, 1)">m
total used free sharedbuff</span>/<span style="color: rgba(0, 0, 0, 1)">cache available
Mem: </span><span style="color: rgba(128, 0, 128, 1)">1823</span> <span style="color: rgba(128, 0, 128, 1)">192</span> <span style="color: rgba(128, 0, 128, 1)">202</span> <span style="color: rgba(128, 0, 128, 1)">8</span> <span style="color: rgba(128, 0, 128, 1)">1427</span> <span style="color: rgba(128, 0, 128, 1)">1412</span><span style="color: rgba(0, 0, 0, 1)">
Swap: </span><span style="color: rgba(128, 0, 128, 1)">774</span> <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">774</span><span style="color: rgba(0, 0, 0, 1)">
$ swapoff -<span style="color: rgba(0, 0, 0, 1)">a
$ free -<span style="color: rgba(0, 0, 0, 1)">m
total used free sharedbuff</span>/<span style="color: rgba(0, 0, 0, 1)">cache available
Mem: </span><span style="color: rgba(128, 0, 128, 1)">1823</span> <span style="color: rgba(128, 0, 128, 1)">193</span> <span style="color: rgba(128, 0, 128, 1)">203</span> <span style="color: rgba(128, 0, 128, 1)">8</span> <span style="color: rgba(128, 0, 128, 1)">1426</span> <span style="color: rgba(128, 0, 128, 1)">1412</span><span style="color: rgba(0, 0, 0, 1)">
Swap: </span><span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">0</span></pre>
</div>
<p>重试初始化</p>
<div class="cnblogs_code">
<pre>$ kubeadm init --apiserver-advertise-address <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> --pod-network-cidr=<span style="color: rgba(128, 0, 128, 1)">10.244</span>.<span style="color: rgba(128, 0, 128, 1)">0.0</span>/<span style="color: rgba(128, 0, 128, 1)">24</span> --image-repository=registry.aliyuncs.com/<span style="color: rgba(0, 0, 0, 1)">google_containers
Using Kubernetes version: v1.</span><span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
Running pre</span>-<span style="color: rgba(0, 0, 0, 1)">flight checks
: docker service <span style="color: rgba(0, 0, 255, 1)">is</span> not enabled, please run <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">systemctl enable docker.service</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw7</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> could not be reached
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw7</span><span style="color: rgba(128, 0, 0, 1)">"</span>: lookup mcw7 on <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.2</span>:<span style="color: rgba(128, 0, 128, 1)">53</span><span style="color: rgba(0, 0, 0, 1)">: no such host
error execution phase preflight: Some fatal errors occurred:
: /etc/kubernetes/manifests/kube-<span style="color: rgba(0, 0, 0, 1)">apiserver.yaml already exists
: /etc/kubernetes/manifests/kube-controller-<span style="color: rgba(0, 0, 0, 1)">manager.yaml already exists
: /etc/kubernetes/manifests/kube-<span style="color: rgba(0, 0, 0, 1)">scheduler.yaml already exists
: /etc/kubernetes/manifests/<span style="color: rgba(0, 0, 0, 1)">etcd.yaml already exists
If you know what you are doing, you can make a check non</span>-fatal with `--ignore-preflight-errors=<span style="color: rgba(0, 0, 0, 1)">...`
To see the stack trace of </span><span style="color: rgba(0, 0, 255, 1)">this</span> error execute with --v=<span style="color: rgba(128, 0, 128, 1)">5</span><span style="color: rgba(0, 0, 0, 1)"> or higher
$ kubeadm reset
$ ls/etc/kubernetes #每次初始化都会生成 /etc/<span style="color: rgba(0, 0, 0, 1)">kubernetes目录及下面的文件,删除然后重新初始化
manifestspki
$ rm -rf /etc/kubernetes</pre>
</div>
<p>重新初始化后还是同样的报错</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">kubeadm reset
rm </span>-rf /etc/<span style="color: rgba(0, 0, 0, 1)">kubernetes
$ kubeadm init --apiserver-advertise-address <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> --pod-network-cidr=<span style="color: rgba(128, 0, 128, 1)">10.244</span>.<span style="color: rgba(128, 0, 128, 1)">0.0</span>/<span style="color: rgba(128, 0, 128, 1)">24</span> --image-repository=registry.aliyuncs.com/<span style="color: rgba(0, 0, 0, 1)">google_containers
.......
Waiting <span style="color: rgba(0, 0, 255, 1)">for</span> the kubelet to boot up the control plane <span style="color: rgba(0, 0, 255, 1)">as</span> <span style="color: rgba(0, 0, 255, 1)">static</span> Pods <span style="color: rgba(0, 0, 255, 1)">from</span> directory <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/manifests</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">. This can take up to 4m0s
Initial timeout of 40s passed.
It seems like the kubelet isn<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">t running or healthy.</span>
The HTTP call equal to <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">curl -sSL http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">'</span> failed with error: Get <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">"</span>: dial tcp [::<span style="color: rgba(128, 0, 128, 1)">1</span>]:<span style="color: rgba(128, 0, 128, 1)">10248</span>: connect: connection refused.</pre>
</div>
<h3>问题关于Kubelet 和docker 驱动不一致的问题</h3>
<p>查看系统日志报错:failed to run Kubelet: misconfiguration: kubelet cgroup driver: \"systemd\" is different from docker cgroup driver: \"cgroupfs\""</p>
<p>无法运行Kubelet:配置错误:Kubelet cgroup驱动程序:\“systemd\”与docker cgroup驱动程序:\“cgroupfs\”不同</p>
<div class="cnblogs_code">
<pre>$ tail -<span style="color: rgba(128, 0, 128, 1)">100</span> /<span style="color: rgba(0, 0, 255, 1)">var</span>/log/<span style="color: rgba(0, 0, 0, 1)">messages #查看系统日志
......
Jan</span><span style="color: rgba(128, 0, 128, 1)">3</span> <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">57</span>:<span style="color: rgba(128, 0, 128, 1)">01</span> mcw7 kubelet: E0103 <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">57</span>:<span style="color: rgba(128, 0, 128, 1)">01.212358</span> <span style="color: rgba(128, 0, 128, 1)">25354</span> server.go:<span style="color: rgba(128, 0, 128, 1)">302</span>] <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Failed to run kubelet</span><span style="color: rgba(128, 0, 0, 1)">"</span> err=<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">failed to run Kubelet: misconfiguration: kubelet cgroup driver: \"systemd\" is different from docker cgroup driver: \"cgroupfs\"</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Jan</span><span style="color: rgba(128, 0, 128, 1)">3</span> <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">57</span>:<span style="color: rgba(128, 0, 128, 1)">01</span> mcw7 systemd: kubelet.service: main process exited, code=exited, status=<span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(0, 0, 0, 1)">FAILURE
Jan</span><span style="color: rgba(128, 0, 128, 1)">3</span> <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">57</span>:<span style="color: rgba(128, 0, 128, 1)">01</span><span style="color: rgba(0, 0, 0, 1)"> mcw7 systemd: Unit kubelet.service entered failed state.
Jan</span><span style="color: rgba(128, 0, 128, 1)">3</span> <span style="color: rgba(128, 0, 128, 1)">19</span>:<span style="color: rgba(128, 0, 128, 1)">57</span>:<span style="color: rgba(128, 0, 128, 1)">01</span> mcw7 systemd: kubelet.service failed.</pre>
</div>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">上述日志表明:kubelet的cgroup driver是cgroupfs,docker的 cgroup driver是systemd,两者不一致导致初始化失败
解决方案:
</span><span style="color: rgba(128, 0, 128, 1)">1</span>、尝试过修改kubelet的cgroup dirver(文件位置:/etc/systemd/system/kubelet.service.d/<span style="color: rgba(128, 0, 128, 1)">10</span>-<span style="color: rgba(0, 0, 0, 1)">kubeadm.conf),但是每次启动minikube时会被覆盖掉,于是只能放弃这种处理方式,转去修改docker的cgroup dirver设置;
</span><span style="color: rgba(128, 0, 128, 1)">2</span>、打开文件/usr/lib/systemd/system/<span style="color: rgba(0, 0, 0, 1)">docker.service,如下图,将红框中的systemd改为cgroupfs:
也就是启动文件的ExecStart配置项,修改 参数 </span>--exec-opt native.cgroupdirver=<span style="color: rgba(0, 0, 0, 1)">systemd \
为 </span>--exec-opt native.cgroupdirver=<span style="color: rgba(0, 0, 0, 1)">cgroupfs \
\是换行符
docker 不再设置native.cgroupdriver</span>=systemd,或将 systemd 改成 cgroupfs,重启docker systemctl daemon-reload &&<span style="color: rgba(0, 0, 0, 1)"> systemctl restart docker
检查 docker info</span>|grep <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Cgroup Driver</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> 是否输出 Cgroup Driver: cgroupfs
</span><span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)">、
重置未初始化成功的kubeadm配置
echo y</span>|<span style="color: rgba(0, 0, 0, 1)">kubeadm reset
修改docker,只需在</span>/etc/docker/daemon.json中,添加<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=systemd</span><span style="color: rgba(128, 0, 0, 1)">"</span>]即可,本文最初的docker配置可供参考。</pre>
</div>
<p>修改kubelet:</p>
<div class="cnblogs_code">
<pre>cat > /<span style="color: rgba(0, 0, 255, 1)">var</span>/lib/kubelet/config.yaml <<<span style="color: rgba(0, 0, 0, 1)">EOF
apiVersion: kubelet.config.k8s.io</span>/<span style="color: rgba(0, 0, 0, 1)">v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd
EOF
重启docker 与 kubelet:
systemctl daemon</span>-<span style="color: rgba(0, 0, 0, 1)">reload
systemctl restart docker
systemctl restart kubelet
检查 docker info</span>|grep <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Cgroup Driver</span><span style="color: rgba(128, 0, 0, 1)">"</span> 是否输出 Cgroup Driver: systemd</pre>
</div>
<p>这里选择方案3</p>
<div class="cnblogs_code">
<pre>$ ls /etc/<span style="color: rgba(0, 0, 0, 1)">kubernetes
admin.confcontroller</span>-<span style="color: rgba(0, 0, 0, 1)">manager.confkubelet.confmanifestspkischeduler.conf
$ echo y|<span style="color: rgba(0, 0, 0, 1)">kubeadm reset #使用这种方法应该是跳过询问阶段,下次试试其它的是不是也可以这样
$ ls /etc/<span style="color: rgba(0, 0, 0, 1)">kubernetes #重设之后,配置删除了,留下两个目录
manifestspki</span></pre>
</div>
<h3>参考查看别人的daemon配置</h3>
<p><br>安装 docker 并配置 (kubernetes官方推荐docker等使用systemd作为cgroupdriver)</p>
<div class="cnblogs_code">
<pre>mkdir /etc/<span style="color: rgba(0, 0, 0, 1)">docker
cat </span>> /etc/docker/daemon.json <<<span style="color: rgba(0, 0, 0, 1)">EOF
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=systemd</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">],
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">log-driver</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">json-file</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">log-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">: {
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">max-size</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">100m</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
},
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">storage-driver</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">overlay2</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">storage-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">: [
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">overlay2.override_kernel_check=true</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
],
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">data-root</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/data/docker</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
}
EOF</span></pre>
</div>
<p>我给它这样配置,加个镜像加速的试试。<br>其实是可以的,后面有过程,这里不能放在同一个花括号,是因为字典内的分隔符逗号是个中文</p>
<div class="cnblogs_code">
<pre>cat > /etc/docker/daemon.json <<<span style="color: rgba(0, 0, 0, 1)">EOF
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">],
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=cgroupfs</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
}
EOF
$ ls /etc/docker/<span style="color: rgba(0, 0, 0, 1)">
key.json
$ cat > /etc/docker/daemon.json <<<span style="color: rgba(0, 0, 0, 1)">EOF
</span>><span style="color: rgba(0, 0, 0, 1)"> {
</span>> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">],
</span>> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=cgroupfs</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
</span>><span style="color: rgba(0, 0, 0, 1)"> }
</span>><span style="color: rgba(0, 0, 0, 1)"> EOF
$ cat /etc/docker/<span style="color: rgba(0, 0, 0, 1)">daemon.json
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">],
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=cgroupfs</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
}
#添加后重启docker daemon失败,去掉配置,只留加速的
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=cgroupfs</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
$ cat /etc/docker/<span style="color: rgba(0, 0, 0, 1)">daemon.json
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
}
$ systemctldaemon-<span style="color: rgba(0, 0, 0, 1)">reload
$ systemctl restart docker.service
$ </pre>
</div>
<p>如下,用两个花括号可以生效,放一个里面好像不行。用两个花括号是否是正确的做法,有啥问题,以后再验证</p>
<div class="cnblogs_code">
<pre>$ systemctldaemon-<span style="color: rgba(0, 0, 0, 1)">reload
$ cat /etc/docker/<span style="color: rgba(0, 0, 0, 1)">daemon.json
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
}
{</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=cgroupfs</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]}
$ systemctldaemon-<span style="color: rgba(0, 0, 0, 1)">reload
$ systemctl restart docker.service
$ docker info|grep <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Cgroup Driver</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Cgroup Driver: cgroupfs
$ </pre>
</div>
<p>重设重初始化试试<br>$ kubeadm reset<br>$ kubeadm init --apiserver-advertise-address 10.0.0.137 --pod-network-cidr=10.244.0.0/24 --image-repository=registry.aliyuncs.com/google_containers</p>
<p> </p>
<p>还是报错,貌似我上面配置错了<br>配置错误:kubelet cgroup驱动程序“ systemd”与docker cgroup驱动程序“ cgroupfs” 不相同,<br>我先把docker的cgroupfs改成systemd 吧</p>
<p>貌似修改没 成功</p>
<div class="cnblogs_code">
<pre>root@mcw7 ~]$ vim /etc/docker/<span style="color: rgba(0, 0, 0, 1)">daemon.json
$ cat /etc/docker/<span style="color: rgba(0, 0, 0, 1)">daemon.json
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
}
{</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=systemd</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]}
$ systemctl daemon-<span style="color: rgba(0, 0, 0, 1)">reload
$ systemctl restart docker.service
$ docker info |grep <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Cgroup Driver</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Cgroup Driver: cgroupfs
如下修改就生效了,只有这一行
$ vim /etc/docker/<span style="color: rgba(0, 0, 0, 1)">daemon.json
$ cat /etc/docker/<span style="color: rgba(0, 0, 0, 1)">daemon.json
{</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=systemd</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]}
$ systemctl daemon-<span style="color: rgba(0, 0, 0, 1)">reload
$ systemctl restart docker.service
$ docker info |grep <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Cgroup Driver</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Cgroup Driver: systemd
$</pre>
</div>
<p>看如下配置,之前不能放在同一个花括号,是因为字典内的分隔符逗号是个中文</p>
<div class="cnblogs_code">
<pre>$ vim /etc/docker/<span style="color: rgba(0, 0, 0, 1)">daemon.json
$ cat /etc/docker/<span style="color: rgba(0, 0, 0, 1)">daemon.json
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">],
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=systemd</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
}
$ systemctl daemon-<span style="color: rgba(0, 0, 0, 1)">reload
$ systemctl restart docker.service
$ docker info |grep <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Cgroup Driver</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Cgroup Driver: systemd
$ </pre>
</div>
<p>重设重初始化试试,后面显示我的Kubernetes初始化成功</p>
<div class="cnblogs_code">
<pre>$ echo y|<span style="color: rgba(0, 0, 0, 1)">kubeadm reset
$ kubeadm init --apiserver-advertise-address <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> --pod-network-cidr=<span style="color: rgba(128, 0, 128, 1)">10.244</span>.<span style="color: rgba(128, 0, 128, 1)">0.0</span>/<span style="color: rgba(128, 0, 128, 1)">24</span> --image-repository=registry.aliyuncs.com/<span style="color: rgba(0, 0, 0, 1)">google_containers
Using Kubernetes version: v1.</span><span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
Running pre</span>-<span style="color: rgba(0, 0, 0, 1)">flight checks#初始化前的检查
: docker service <span style="color: rgba(0, 0, 255, 1)">is</span> not enabled, please run <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">systemctl enable docker.service</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw7</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> could not be reached
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw7</span><span style="color: rgba(128, 0, 0, 1)">"</span>: lookup mcw7 on <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.2</span>:<span style="color: rgba(128, 0, 128, 1)">53</span><span style="color: rgba(0, 0, 0, 1)">: no such host
Pulling images required </span><span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> setting up a Kubernetes cluster
This might take a minute or two, depending on the speed of your internet connection
You can also perform </span><span style="color: rgba(0, 0, 255, 1)">this</span> action <span style="color: rgba(0, 0, 255, 1)">in</span> beforehand <span style="color: rgba(0, 0, 255, 1)">using</span> <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">kubeadm config images pull</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
Using certificateDir folder </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/pki</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">ca</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">apiserver</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key#生成token和证书
apiserver serving cert </span><span style="color: rgba(0, 0, 255, 1)">is</span> signed <span style="color: rgba(0, 0, 255, 1)">for</span> DNS names and IPs [<span style="color: rgba(128, 0, 128, 1)">10.96</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span> <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span><span style="color: rgba(0, 0, 0, 1)">]
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">apiserver-kubelet-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">front-proxy-ca</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">front-proxy-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/ca</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/server</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
etcd</span>/server serving cert <span style="color: rgba(0, 0, 255, 1)">is</span> signed <span style="color: rgba(0, 0, 255, 1)">for</span> DNS names and IPs [<span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span> ::<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">]
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/peer</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
etcd</span>/peer serving cert <span style="color: rgba(0, 0, 255, 1)">is</span> signed <span style="color: rgba(0, 0, 255, 1)">for</span> DNS names and IPs [<span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span> ::<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">]
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd/healthcheck-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">apiserver-etcd-client</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> certificate and key
Generating </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">sa</span><span style="color: rgba(128, 0, 0, 1)">"</span> key and <span style="color: rgba(0, 0, 255, 1)">public</span><span style="color: rgba(0, 0, 0, 1)"> key
Using kubeconfig folder </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">admin.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file #生成kubeconfig文件,bubelet用这个文件与master通信
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">controller-manager.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file
Writing </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">scheduler.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> kubeconfig file
Writing kubelet environment file with flags to file <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/var/lib/kubelet/kubeadm-flags.env</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Writing kubelet configuration to file <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/var/lib/kubelet/config.yaml</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Starting the kubelet
Using manifest folder <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/manifests</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating <span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-apiserver</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating <span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-controller-manager</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating <span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-scheduler</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Creating </span><span style="color: rgba(0, 0, 255, 1)">static</span> Pod manifest <span style="color: rgba(0, 0, 255, 1)">for</span> local etcd <span style="color: rgba(0, 0, 255, 1)">in</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/manifests</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Waiting <span style="color: rgba(0, 0, 255, 1)">for</span> the kubelet to boot up the control plane <span style="color: rgba(0, 0, 255, 1)">as</span> <span style="color: rgba(0, 0, 255, 1)">static</span> Pods <span style="color: rgba(0, 0, 255, 1)">from</span> directory <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/manifests</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">. This can take up to 4m0s
All control plane components are healthy after </span><span style="color: rgba(128, 0, 128, 1)">11.505693</span><span style="color: rgba(0, 0, 0, 1)"> seconds
Storing the configuration used <span style="color: rgba(0, 0, 255, 1)">in</span> ConfigMap <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubeadm-config</span><span style="color: rgba(128, 0, 0, 1)">"</span> <span style="color: rgba(0, 0, 255, 1)">in</span> the <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-system</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> Namespace
Creating a ConfigMap </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet-config-1.23</span><span style="color: rgba(128, 0, 0, 1)">"</span> <span style="color: rgba(0, 0, 255, 1)">in</span> <span style="color: rgba(0, 0, 255, 1)">namespace</span> kube-system with the configuration <span style="color: rgba(0, 0, 255, 1)">for</span> the kubelets <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> the cluster
NOTE: The </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet-config-1.23</span><span style="color: rgba(128, 0, 0, 1)">"</span> naming of the kubelet ConfigMap <span style="color: rgba(0, 0, 255, 1)">is</span> deprecated. Once the UnversionedKubeletConfigMap feature gate graduates to Beta the <span style="color: rgba(0, 0, 255, 1)">default</span> name will become just <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet-config</span><span style="color: rgba(128, 0, 0, 1)">"</span>. Kubeadm upgrade will handle <span style="color: rgba(0, 0, 255, 1)">this</span><span style="color: rgba(0, 0, 0, 1)"> transition transparently.
Skipping phase. Please see --upload-<span style="color: rgba(0, 0, 0, 1)">certs
Marking the node mcw7 <span style="color: rgba(0, 0, 255, 1)">as</span> control-plane by adding the labels:
Marking the node mcw7 <span style="color: rgba(0, 0, 255, 1)">as</span> control-plane by adding the taints
Using token: 7fmuqu.hbr7n14o7kpbx8iw
Configuring bootstrap tokens, cluster-<span style="color: rgba(0, 0, 0, 1)">info ConfigMap, RBAC Roles
configured RBAC rules to allow Node Bootstrap tokens to <span style="color: rgba(0, 0, 255, 1)">get</span><span style="color: rgba(0, 0, 0, 1)"> nodes
configured RBAC rules to allow Node Bootstrap tokens to post CSRs <span style="color: rgba(0, 0, 255, 1)">in</span> order <span style="color: rgba(0, 0, 255, 1)">for</span> nodes to <span style="color: rgba(0, 0, 255, 1)">get</span> <span style="color: rgba(0, 0, 255, 1)">long</span><span style="color: rgba(0, 0, 0, 1)"> term certificate credentials
configured RBAC rules to allow the csrapprover controller automatically approve CSRs <span style="color: rgba(0, 0, 255, 1)">from</span><span style="color: rgba(0, 0, 0, 1)"> a Node Bootstrap Token
configured RBAC rules to allow certificate rotation <span style="color: rgba(0, 0, 255, 1)">for</span> all node client certificates <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> the cluster
Creating the <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">cluster-info</span><span style="color: rgba(128, 0, 0, 1)">"</span> ConfigMap <span style="color: rgba(0, 0, 255, 1)">in</span> the <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-public</span><span style="color: rgba(128, 0, 0, 1)">"</span> <span style="color: rgba(0, 0, 255, 1)">namespace</span><span style="color: rgba(0, 0, 0, 1)">
Updating <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kubernetes/kubelet.conf</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> to point to a rotatable kubelet client certificate and key
Applied essential addon: CoreDNS 安装附加组件 kube</span>-<span style="color: rgba(0, 0, 0, 1)">proxy 和coredns
Applied essential addon: kube</span>-<span style="color: rgba(0, 0, 0, 1)">proxy
Your Kubernetes control</span>-plane has initialized successfully!<span style="color: rgba(0, 0, 0, 1)"> #初始化成功
To start </span><span style="color: rgba(0, 0, 255, 1)">using</span> your cluster, you need to run the following <span style="color: rgba(0, 0, 255, 1)">as</span><span style="color: rgba(0, 0, 0, 1)"> a regular user: #提示如何配置kubectl
mkdir </span>-p $HOME/<span style="color: rgba(0, 0, 0, 1)">.kube
sudo cp </span>-i /etc/kubernetes/admin.conf $HOME/.kube/<span style="color: rgba(0, 0, 0, 1)">config
sudo chown $(id </span>-u):$(id -g) $HOME/.kube/<span style="color: rgba(0, 0, 0, 1)">config
Alternatively, </span><span style="color: rgba(0, 0, 255, 1)">if</span><span style="color: rgba(0, 0, 0, 1)"> you are the root user, you can run:
export KUBECONFIG</span>=/etc/kubernetes/<span style="color: rgba(0, 0, 0, 1)">admin.conf
You should now deploy a pod network to the cluster.
Run </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubectl apply -f .yaml</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> with one of the options listed at:
https:</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">kubernetes.io/docs/concepts/cluster-administration/addons/</span>
<span style="color: rgba(0, 0, 0, 1)">
Then you can join any number of worker nodes by running the following on each </span><span style="color: rgba(0, 0, 255, 1)">as</span><span style="color: rgba(0, 0, 0, 1)"> root:
kubeadm join </span><span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span>:<span style="color: rgba(128, 0, 128, 1)">6443</span> --<span style="color: rgba(0, 0, 0, 1)">token 7fmuqu.hbr7n14o7kpbx8iw \
</span>--discovery-token-ca-cert-<span style="color: rgba(0, 0, 0, 1)">hash sha256:9794706d7eadeecbc14ba8372fab500d90c624748c2c45ae212d0f32889e4071
$#提示如何注册其它节点到集群</pre>
</div>
<p>但是在系统日志中还是有报错信息的</p>
<div class="cnblogs_code">
<pre>$ tail -100f/<span style="color: rgba(0, 0, 255, 1)">var</span>/log/<span style="color: rgba(0, 0, 0, 1)">messages
Jan</span><span style="color: rgba(128, 0, 128, 1)">3</span> <span style="color: rgba(128, 0, 128, 1)">20</span>:<span style="color: rgba(128, 0, 128, 1)">59</span>:<span style="color: rgba(128, 0, 128, 1)">23</span> mcw7 kubelet: I0103 <span style="color: rgba(128, 0, 128, 1)">20</span>:<span style="color: rgba(128, 0, 128, 1)">59</span>:<span style="color: rgba(128, 0, 128, 1)">23.623761</span> <span style="color: rgba(128, 0, 128, 1)">41877</span> cni.go:<span style="color: rgba(128, 0, 128, 1)">240</span>] <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Unable to update cni config</span><span style="color: rgba(128, 0, 0, 1)">"</span> err=<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">no networks found in /etc/cni/net.d</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Jan</span><span style="color: rgba(128, 0, 128, 1)">3</span> <span style="color: rgba(128, 0, 128, 1)">20</span>:<span style="color: rgba(128, 0, 128, 1)">59</span>:<span style="color: rgba(128, 0, 128, 1)">25</span> mcw7 kubelet: E0103 <span style="color: rgba(128, 0, 128, 1)">20</span>:<span style="color: rgba(128, 0, 128, 1)">59</span>:<span style="color: rgba(128, 0, 128, 1)">25.779159</span> <span style="color: rgba(128, 0, 128, 1)">41877</span> kubelet.go:<span style="color: rgba(128, 0, 128, 1)">2347</span>] <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Container runtime network not ready</span><span style="color: rgba(128, 0, 0, 1)">"</span> networkReady=<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized</span><span style="color: rgba(128, 0, 0, 1)">"</span></pre>
</div>
<h3>初始化master后查看容器 </h3>
<div class="cnblogs_code">
<pre>$ docker ps |awk <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{print $3,"\t",$NF}</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
IMAGE NAMES
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/usr/local/bin/kube…</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_kube-proxy_kube-proxy-c5zmm_kube-system_5897b315-6a17-4d8b-82c6-<span style="color: rgba(0, 0, 0, 1)">7712ade54560_0
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-proxy-c5zmm_kube-system_5897b315-6a17-4d8b-82c6-<span style="color: rgba(0, 0, 0, 1)">7712ade54560_0
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-scheduler k8s_kube-scheduler_kube-scheduler-mcw7_kube-system_5a3a66c7da6759d92afea91cd2972f6e_2</span><span style="color: rgba(128, 0, 0, 1)">
"</span><span style="color: rgba(128, 0, 0, 1)">kube-apiserver k8s_kube-apiserver_kube-apiserver-mcw7_kube-system_fc840a9b537be965fe104fc9cbddd14f_2</span><span style="color: rgba(128, 0, 0, 1)">
"</span><span style="color: rgba(128, 0, 0, 1)">kube-controller-man…</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_kube-controller-manager_kube-controller-manager-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_3e1d477612039be74973ec7803946c3a_3
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd k8s_etcd_etcd-mcw7_kube-system_93c9b21b665d4c633156ae2d5739fb33_3</span><span style="color: rgba(128, 0, 0, 1)">
"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-scheduler-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_5a3a66c7da6759d92afea91cd2972f6e_0
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-controller-manager-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_3e1d477612039be74973ec7803946c3a_0
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-apiserver-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_fc840a9b537be965fe104fc9cbddd14f_0
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_etcd-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_93c9b21b665d4c633156ae2d5739fb33_0
$ </pre>
</div>
<h3>初始化master后查看所有命名空间(貌似很多服务名称都拼接了主机名了)所有Pod情况</h3>
<div class="cnblogs_code">
<pre>$ kubectl <span style="color: rgba(0, 0, 255, 1)">get</span> pod --all-<span style="color: rgba(0, 0, 0, 1)">namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube</span>-system coredns-6d8c4cb4d-2296m <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)"> (27m ago) 4h18m
kube</span>-system coredns-6d8c4cb4d-lphb2 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)"> (27m ago) 4h18m
kube</span>-system etcd-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 4h18m
kube</span>-system kube-apiserver-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)"> 4h18m
kube</span>-system kube-controller-manager-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">4</span><span style="color: rgba(0, 0, 0, 1)"> (27m ago) 4h18m
kube</span>-system kube-flannel-ds-8gzfq <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)"> 32m
kube</span>-system kube-proxy-c5zmm <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)"> 4h18m
kube</span>-system kube-scheduler-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> (27m ago) 4h18m
$ </pre>
</div>
<h2>使用普通用戶配置kubectl</h2>
<p>我這裏是在master操作的</p>
<div class="cnblogs_code">
<pre>su -<span style="color: rgba(0, 0, 0, 1)"> machangwei
mkdir </span>-p $HOME/<span style="color: rgba(0, 0, 0, 1)">.kube
sudo cp </span>-i /etc/kubernetes/admin.conf $HOME/.kube/<span style="color: rgba(0, 0, 0, 1)">config
sudo chown $(id </span>-u):$(id -g) $HOME/.kube/config</pre>
</div>
<h2><span style="font-size: 16.38px">安装Pod网络</span></h2>
<p>还在普通用户下,执行命令部署flannel网络方案.用手机流量</p>
<div class="cnblogs_code">
<pre>$ kubectl apply -f https:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml</span>
Warning: policy/v1beta1 PodSecurityPolicy <span style="color: rgba(0, 0, 255, 1)">is</span> deprecated <span style="color: rgba(0, 0, 255, 1)">in</span> v1.<span style="color: rgba(128, 0, 128, 1)">21</span>+, unavailable <span style="color: rgba(0, 0, 255, 1)">in</span> v1.<span style="color: rgba(128, 0, 128, 1)">25</span>+<span style="color: rgba(0, 0, 0, 1)">
podsecuritypolicy.policy</span>/<span style="color: rgba(0, 0, 0, 1)">psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io</span>/<span style="color: rgba(0, 0, 0, 1)">flannel created
clusterrolebinding.rbac.authorization.k8s.io</span>/<span style="color: rgba(0, 0, 0, 1)">flannel created
serviceaccount</span>/<span style="color: rgba(0, 0, 0, 1)">flannel created
configmap</span>/kube-flannel-<span style="color: rgba(0, 0, 0, 1)">cfg created
daemonset.apps</span>/kube-flannel-<span style="color: rgba(0, 0, 0, 1)">ds created
$</pre>
</div>
<p>kube-flannel.yml内容</p>
<div class="cnblogs_code"><img src="https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif" id="code_img_closed_6c3adf48-851b-40c1-9f3d-a4db322afc75" class="code_img_closed"><img src="https://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif" id="code_img_opened_6c3adf48-851b-40c1-9f3d-a4db322afc75" class="code_img_opened" style="display: none">
<div id="cnblogs_code_open_6c3adf48-851b-40c1-9f3d-a4db322afc75" class="cnblogs_code_hide">
<pre>---<span style="color: rgba(0, 0, 0, 1)">
apiVersion: policy</span>/<span style="color: rgba(0, 0, 0, 1)">v1beta1
kind: PodSecurityPolicy
metadata:
name: psp.flannel.unprivileged
annotations:
seccomp.security.alpha.kubernetes.io</span>/allowedProfileNames: docker/<span style="color: rgba(0, 0, 255, 1)">default</span><span style="color: rgba(0, 0, 0, 1)">
seccomp.security.alpha.kubernetes.io</span>/defaultProfileName: docker/<span style="color: rgba(0, 0, 255, 1)">default</span><span style="color: rgba(0, 0, 0, 1)">
apparmor.security.beta.kubernetes.io</span>/allowedProfileNames: runtime/<span style="color: rgba(0, 0, 255, 1)">default</span><span style="color: rgba(0, 0, 0, 1)">
apparmor.security.beta.kubernetes.io</span>/defaultProfileName: runtime/<span style="color: rgba(0, 0, 255, 1)">default</span><span style="color: rgba(0, 0, 0, 1)">
spec:
privileged: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
volumes:
</span>-<span style="color: rgba(0, 0, 0, 1)"> configMap
</span>-<span style="color: rgba(0, 0, 0, 1)"> secret
</span>-<span style="color: rgba(0, 0, 0, 1)"> emptyDir
</span>-<span style="color: rgba(0, 0, 0, 1)"> hostPath
allowedHostPaths:
</span>- pathPrefix: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/cni/net.d</span><span style="color: rgba(128, 0, 0, 1)">"</span>
- pathPrefix: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kube-flannel</span><span style="color: rgba(128, 0, 0, 1)">"</span>
- pathPrefix: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/run/flannel</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
readOnlyRootFilesystem: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
# Users and groups
runAsUser:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
fsGroup:
rule: RunAsAny
# Privilege Escalation
allowPrivilegeEscalation: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
defaultAllowPrivilegeEscalation: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
# Capabilities
allowedCapabilities: [</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">NET_ADMIN</span><span style="color: rgba(128, 0, 0, 1)">'</span>, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">NET_RAW</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
defaultAddCapabilities: []
requiredDropCapabilities: []
# Host namespaces
hostPID: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
hostIPC: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
hostNetwork: </span><span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">
hostPorts:
</span>- min: <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">
max: </span><span style="color: rgba(128, 0, 128, 1)">65535</span><span style="color: rgba(0, 0, 0, 1)">
# SELinux
seLinux:
# SELinux </span><span style="color: rgba(0, 0, 255, 1)">is</span> unused <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> CaaSP
rule: </span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">RunAsAny</span><span style="color: rgba(128, 0, 0, 1)">'</span>
---<span style="color: rgba(0, 0, 0, 1)">
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io</span>/<span style="color: rgba(0, 0, 0, 1)">v1
metadata:
name: flannel
rules:
</span>- apiGroups: [<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">extensions</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
resources: [</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">podsecuritypolicies</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
verbs: [</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">use</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
resourceNames: [</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">psp.flannel.unprivileged</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
</span>-<span style="color: rgba(0, 0, 0, 1)"> apiGroups:
</span>- <span style="color: rgba(128, 0, 0, 1)">""</span><span style="color: rgba(0, 0, 0, 1)">
resources:
</span>-<span style="color: rgba(0, 0, 0, 1)"> pods
verbs:
</span>- <span style="color: rgba(0, 0, 255, 1)">get</span>
-<span style="color: rgba(0, 0, 0, 1)"> apiGroups:
</span>- <span style="color: rgba(128, 0, 0, 1)">""</span><span style="color: rgba(0, 0, 0, 1)">
resources:
</span>-<span style="color: rgba(0, 0, 0, 1)"> nodes
verbs:
</span>-<span style="color: rgba(0, 0, 0, 1)"> list
</span>-<span style="color: rgba(0, 0, 0, 1)"> watch
</span>-<span style="color: rgba(0, 0, 0, 1)"> apiGroups:
</span>- <span style="color: rgba(128, 0, 0, 1)">""</span><span style="color: rgba(0, 0, 0, 1)">
resources:
</span>- nodes/<span style="color: rgba(0, 0, 0, 1)">status
verbs:
</span>-<span style="color: rgba(0, 0, 0, 1)"> patch
</span>---<span style="color: rgba(0, 0, 0, 1)">
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io</span>/<span style="color: rgba(0, 0, 0, 1)">v1
metadata:
name: flannel
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flannel
subjects:
</span>-<span style="color: rgba(0, 0, 0, 1)"> kind: ServiceAccount
name: flannel
</span><span style="color: rgba(0, 0, 255, 1)">namespace</span>: kube-<span style="color: rgba(0, 0, 0, 1)">system
</span>---<span style="color: rgba(0, 0, 0, 1)">
apiVersion: v1
kind: ServiceAccount
metadata:
name: flannel
</span><span style="color: rgba(0, 0, 255, 1)">namespace</span>: kube-<span style="color: rgba(0, 0, 0, 1)">system
</span>---<span style="color: rgba(0, 0, 0, 1)">
kind: ConfigMap
apiVersion: v1
metadata:
name: kube</span>-flannel-<span style="color: rgba(0, 0, 0, 1)">cfg
</span><span style="color: rgba(0, 0, 255, 1)">namespace</span>: kube-<span style="color: rgba(0, 0, 0, 1)">system
labels:
tier: node
app: flannel
data:
cni</span>-conf.json: |<span style="color: rgba(0, 0, 0, 1)">
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">name</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">cbr0</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">cniVersion</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">0.3.1</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">plugins</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">: [
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">type</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">flannel</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">delegate</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">: {
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">hairpinMode</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">isDefaultGateway</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">
}
},
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">type</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">portmap</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">capabilities</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">: {
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">portMappings</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">
}
}
]
}
net</span>-conf.json: |<span style="color: rgba(0, 0, 0, 1)">
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Network</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">10.244.0.0/24</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Backend</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">: {
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Type</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">vxlan</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
}
}
</span>---<span style="color: rgba(0, 0, 0, 1)">
apiVersion: apps</span>/<span style="color: rgba(0, 0, 0, 1)">v1
kind: DaemonSet
metadata:
name: kube</span>-flannel-<span style="color: rgba(0, 0, 0, 1)">ds
</span><span style="color: rgba(0, 0, 255, 1)">namespace</span>: kube-<span style="color: rgba(0, 0, 0, 1)">system
labels:
tier: node
app: flannel
spec:
selector:
matchLabels:
app: flannel
template:
metadata:
labels:
tier: node
app: flannel
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
</span>-<span style="color: rgba(0, 0, 0, 1)"> matchExpressions:
</span>- key: kubernetes.io/<span style="color: rgba(0, 0, 0, 1)">os
</span><span style="color: rgba(0, 0, 255, 1)">operator</span><span style="color: rgba(0, 0, 0, 1)">: In
values:
</span>-<span style="color: rgba(0, 0, 0, 1)"> linux
hostNetwork: </span><span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">
priorityClassName: system</span>-node-<span style="color: rgba(0, 0, 0, 1)">critical
tolerations:
</span>- <span style="color: rgba(0, 0, 255, 1)">operator</span><span style="color: rgba(0, 0, 0, 1)">: Exists
effect: NoSchedule
serviceAccountName: flannel
initContainers:
</span>- name: install-cni-<span style="color: rgba(0, 0, 0, 1)">plugin
image: rancher</span>/mirrored-flannelcni-flannel-cni-plugin:v1.<span style="color: rgba(128, 0, 128, 1)">0.0</span><span style="color: rgba(0, 0, 0, 1)">
command:
</span>-<span style="color: rgba(0, 0, 0, 1)"> cp
args:
</span>- -<span style="color: rgba(0, 0, 0, 1)">f
</span>- /<span style="color: rgba(0, 0, 0, 1)">flannel
</span>- /opt/cni/bin/<span style="color: rgba(0, 0, 0, 1)">flannel
volumeMounts:
</span>- name: cni-<span style="color: rgba(0, 0, 0, 1)">plugin
mountPath: </span>/opt/cni/<span style="color: rgba(0, 0, 0, 1)">bin
</span>- name: install-<span style="color: rgba(0, 0, 0, 1)">cni
image: quay.io</span>/coreos/flannel:v0.<span style="color: rgba(128, 0, 128, 1)">15.1</span><span style="color: rgba(0, 0, 0, 1)">
command:
</span>-<span style="color: rgba(0, 0, 0, 1)"> cp
args:
</span>- -<span style="color: rgba(0, 0, 0, 1)">f
</span>- /etc/kube-flannel/cni-<span style="color: rgba(0, 0, 0, 1)">conf.json
</span>- /etc/cni/net.d/<span style="color: rgba(128, 0, 128, 1)">10</span>-<span style="color: rgba(0, 0, 0, 1)">flannel.conflist
volumeMounts:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: cni
mountPath: </span>/etc/cni/<span style="color: rgba(0, 0, 0, 1)">net.d
</span>- name: flannel-<span style="color: rgba(0, 0, 0, 1)">cfg
mountPath: </span>/etc/kube-flannel/<span style="color: rgba(0, 0, 0, 1)">
containers:
</span>- name: kube-<span style="color: rgba(0, 0, 0, 1)">flannel
image: quay.io</span>/coreos/flannel:v0.<span style="color: rgba(128, 0, 128, 1)">15.1</span><span style="color: rgba(0, 0, 0, 1)">
command:
</span>- /opt/bin/<span style="color: rgba(0, 0, 0, 1)">flanneld
args:
</span>- --ip-<span style="color: rgba(0, 0, 0, 1)">masq
</span>- --kube-subnet-<span style="color: rgba(0, 0, 0, 1)">mgr
resources:
requests:
cpu: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">100m</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
memory: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">50Mi</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
limits:
cpu: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">100m</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
memory: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">50Mi</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
securityContext:
privileged: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
capabilities:
add: [</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">NET_ADMIN</span><span style="color: rgba(128, 0, 0, 1)">"</span>, <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">NET_RAW</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
env:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.</span><span style="color: rgba(0, 0, 255, 1)">namespace</span><span style="color: rgba(0, 0, 0, 1)">
volumeMounts:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: run
mountPath: </span>/run/<span style="color: rgba(0, 0, 0, 1)">flannel
</span>- name: flannel-<span style="color: rgba(0, 0, 0, 1)">cfg
mountPath: </span>/etc/kube-flannel/<span style="color: rgba(0, 0, 0, 1)">
volumes:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: run
hostPath:
path: </span>/run/<span style="color: rgba(0, 0, 0, 1)">flannel
</span>- name: cni-<span style="color: rgba(0, 0, 0, 1)">plugin
hostPath:
path: </span>/opt/cni/<span style="color: rgba(0, 0, 0, 1)">bin
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: cni
hostPath:
path: </span>/etc/cni/<span style="color: rgba(0, 0, 0, 1)">net.d
</span>- name: flannel-<span style="color: rgba(0, 0, 0, 1)">cfg
configMap:
name: kube</span>-flannel-cfg</pre>
</div>
<span class="cnblogs_code_collapse">cidr一致的</span></div>
<div class="cnblogs_code"><img src="https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif" id="code_img_closed_903f3787-ea63-4fe6-8f7b-8e0c734c6374" class="code_img_closed"><img src="https://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif" id="code_img_opened_903f3787-ea63-4fe6-8f7b-8e0c734c6374" class="code_img_opened" style="display: none">
<div id="cnblogs_code_open_903f3787-ea63-4fe6-8f7b-8e0c734c6374" class="cnblogs_code_hide">
<pre>---<span style="color: rgba(0, 0, 0, 1)">
apiVersion: policy</span>/<span style="color: rgba(0, 0, 0, 1)">v1beta1
kind: PodSecurityPolicy
metadata:
name: psp.flannel.unprivileged
annotations:
seccomp.security.alpha.kubernetes.io</span>/allowedProfileNames: docker/<span style="color: rgba(0, 0, 255, 1)">default</span><span style="color: rgba(0, 0, 0, 1)">
seccomp.security.alpha.kubernetes.io</span>/defaultProfileName: docker/<span style="color: rgba(0, 0, 255, 1)">default</span><span style="color: rgba(0, 0, 0, 1)">
apparmor.security.beta.kubernetes.io</span>/allowedProfileNames: runtime/<span style="color: rgba(0, 0, 255, 1)">default</span><span style="color: rgba(0, 0, 0, 1)">
apparmor.security.beta.kubernetes.io</span>/defaultProfileName: runtime/<span style="color: rgba(0, 0, 255, 1)">default</span><span style="color: rgba(0, 0, 0, 1)">
spec:
privileged: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
volumes:
</span>-<span style="color: rgba(0, 0, 0, 1)"> configMap
</span>-<span style="color: rgba(0, 0, 0, 1)"> secret
</span>-<span style="color: rgba(0, 0, 0, 1)"> emptyDir
</span>-<span style="color: rgba(0, 0, 0, 1)"> hostPath
allowedHostPaths:
</span>- pathPrefix: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/cni/net.d</span><span style="color: rgba(128, 0, 0, 1)">"</span>
- pathPrefix: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/etc/kube-flannel</span><span style="color: rgba(128, 0, 0, 1)">"</span>
- pathPrefix: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/run/flannel</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
readOnlyRootFilesystem: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
# Users and groups
runAsUser:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
fsGroup:
rule: RunAsAny
# Privilege Escalation
allowPrivilegeEscalation: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
defaultAllowPrivilegeEscalation: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
# Capabilities
allowedCapabilities: [</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">NET_ADMIN</span><span style="color: rgba(128, 0, 0, 1)">'</span>, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">NET_RAW</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
defaultAddCapabilities: []
requiredDropCapabilities: []
# Host namespaces
hostPID: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
hostIPC: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
hostNetwork: </span><span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">
hostPorts:
</span>- min: <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">
max: </span><span style="color: rgba(128, 0, 128, 1)">65535</span><span style="color: rgba(0, 0, 0, 1)">
# SELinux
seLinux:
# SELinux </span><span style="color: rgba(0, 0, 255, 1)">is</span> unused <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> CaaSP
rule: </span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">RunAsAny</span><span style="color: rgba(128, 0, 0, 1)">'</span>
---<span style="color: rgba(0, 0, 0, 1)">
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io</span>/<span style="color: rgba(0, 0, 0, 1)">v1
metadata:
name: flannel
rules:
</span>- apiGroups: [<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">extensions</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
resources: [</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">podsecuritypolicies</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
verbs: [</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">use</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
resourceNames: [</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">psp.flannel.unprivileged</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
</span>-<span style="color: rgba(0, 0, 0, 1)"> apiGroups:
</span>- <span style="color: rgba(128, 0, 0, 1)">""</span><span style="color: rgba(0, 0, 0, 1)">
resources:
</span>-<span style="color: rgba(0, 0, 0, 1)"> pods
verbs:
</span>- <span style="color: rgba(0, 0, 255, 1)">get</span>
-<span style="color: rgba(0, 0, 0, 1)"> apiGroups:
</span>- <span style="color: rgba(128, 0, 0, 1)">""</span><span style="color: rgba(0, 0, 0, 1)">
resources:
</span>-<span style="color: rgba(0, 0, 0, 1)"> nodes
verbs:
</span>-<span style="color: rgba(0, 0, 0, 1)"> list
</span>-<span style="color: rgba(0, 0, 0, 1)"> watch
</span>-<span style="color: rgba(0, 0, 0, 1)"> apiGroups:
</span>- <span style="color: rgba(128, 0, 0, 1)">""</span><span style="color: rgba(0, 0, 0, 1)">
resources:
</span>- nodes/<span style="color: rgba(0, 0, 0, 1)">status
verbs:
</span>-<span style="color: rgba(0, 0, 0, 1)"> patch
</span>---<span style="color: rgba(0, 0, 0, 1)">
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io</span>/<span style="color: rgba(0, 0, 0, 1)">v1
metadata:
name: flannel
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flannel
subjects:
</span>-<span style="color: rgba(0, 0, 0, 1)"> kind: ServiceAccount
name: flannel
</span><span style="color: rgba(0, 0, 255, 1)">namespace</span>: kube-<span style="color: rgba(0, 0, 0, 1)">system
</span>---<span style="color: rgba(0, 0, 0, 1)">
apiVersion: v1
kind: ServiceAccount
metadata:
name: flannel
</span><span style="color: rgba(0, 0, 255, 1)">namespace</span>: kube-<span style="color: rgba(0, 0, 0, 1)">system
</span>---<span style="color: rgba(0, 0, 0, 1)">
kind: ConfigMap
apiVersion: v1
metadata:
name: kube</span>-flannel-<span style="color: rgba(0, 0, 0, 1)">cfg
</span><span style="color: rgba(0, 0, 255, 1)">namespace</span>: kube-<span style="color: rgba(0, 0, 0, 1)">system
labels:
tier: node
app: flannel
data:
cni</span>-conf.json: |<span style="color: rgba(0, 0, 0, 1)">
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">name</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">cbr0</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">cniVersion</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">0.3.1</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">plugins</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">: [
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">type</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">flannel</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">delegate</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">: {
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">hairpinMode</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">isDefaultGateway</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">
}
},
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">type</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">portmap</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">capabilities</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">: {
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">portMappings</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">
}
}
]
}
net</span>-conf.json: |<span style="color: rgba(0, 0, 0, 1)">
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Network</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">10.244.0.0/16</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">,
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Backend</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">: {
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Type</span><span style="color: rgba(128, 0, 0, 1)">"</span>: <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">vxlan</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
}
}
</span>---<span style="color: rgba(0, 0, 0, 1)">
apiVersion: apps</span>/<span style="color: rgba(0, 0, 0, 1)">v1
kind: DaemonSet
metadata:
name: kube</span>-flannel-<span style="color: rgba(0, 0, 0, 1)">ds
</span><span style="color: rgba(0, 0, 255, 1)">namespace</span>: kube-<span style="color: rgba(0, 0, 0, 1)">system
labels:
tier: node
app: flannel
spec:
selector:
matchLabels:
app: flannel
template:
metadata:
labels:
tier: node
app: flannel
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
</span>-<span style="color: rgba(0, 0, 0, 1)"> matchExpressions:
</span>- key: kubernetes.io/<span style="color: rgba(0, 0, 0, 1)">os
</span><span style="color: rgba(0, 0, 255, 1)">operator</span><span style="color: rgba(0, 0, 0, 1)">: In
values:
</span>-<span style="color: rgba(0, 0, 0, 1)"> linux
hostNetwork: </span><span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">
priorityClassName: system</span>-node-<span style="color: rgba(0, 0, 0, 1)">critical
tolerations:
</span>- <span style="color: rgba(0, 0, 255, 1)">operator</span><span style="color: rgba(0, 0, 0, 1)">: Exists
effect: NoSchedule
serviceAccountName: flannel
initContainers:
</span>- name: install-cni-<span style="color: rgba(0, 0, 0, 1)">plugin
image: rancher</span>/mirrored-flannelcni-flannel-cni-plugin:v1.<span style="color: rgba(128, 0, 128, 1)">0.0</span><span style="color: rgba(0, 0, 0, 1)">
command:
</span>-<span style="color: rgba(0, 0, 0, 1)"> cp
args:
</span>- -<span style="color: rgba(0, 0, 0, 1)">f
</span>- /<span style="color: rgba(0, 0, 0, 1)">flannel
</span>- /opt/cni/bin/<span style="color: rgba(0, 0, 0, 1)">flannel
volumeMounts:
</span>- name: cni-<span style="color: rgba(0, 0, 0, 1)">plugin
mountPath: </span>/opt/cni/<span style="color: rgba(0, 0, 0, 1)">bin
</span>- name: install-<span style="color: rgba(0, 0, 0, 1)">cni
image: quay.io</span>/coreos/flannel:v0.<span style="color: rgba(128, 0, 128, 1)">15.1</span><span style="color: rgba(0, 0, 0, 1)">
command:
</span>-<span style="color: rgba(0, 0, 0, 1)"> cp
args:
</span>- -<span style="color: rgba(0, 0, 0, 1)">f
</span>- /etc/kube-flannel/cni-<span style="color: rgba(0, 0, 0, 1)">conf.json
</span>- /etc/cni/net.d/<span style="color: rgba(128, 0, 128, 1)">10</span>-<span style="color: rgba(0, 0, 0, 1)">flannel.conflist
volumeMounts:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: cni
mountPath: </span>/etc/cni/<span style="color: rgba(0, 0, 0, 1)">net.d
</span>- name: flannel-<span style="color: rgba(0, 0, 0, 1)">cfg
mountPath: </span>/etc/kube-flannel/<span style="color: rgba(0, 0, 0, 1)">
containers:
</span>- name: kube-<span style="color: rgba(0, 0, 0, 1)">flannel
image: quay.io</span>/coreos/flannel:v0.<span style="color: rgba(128, 0, 128, 1)">15.1</span><span style="color: rgba(0, 0, 0, 1)">
command:
</span>- /opt/bin/<span style="color: rgba(0, 0, 0, 1)">flanneld
args:
</span>- --ip-<span style="color: rgba(0, 0, 0, 1)">masq
</span>- --kube-subnet-<span style="color: rgba(0, 0, 0, 1)">mgr
resources:
requests:
cpu: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">100m</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
memory: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">50Mi</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
limits:
cpu: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">100m</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
memory: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">50Mi</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
securityContext:
privileged: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
capabilities:
add: [</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">NET_ADMIN</span><span style="color: rgba(128, 0, 0, 1)">"</span>, <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">NET_RAW</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
env:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.</span><span style="color: rgba(0, 0, 255, 1)">namespace</span><span style="color: rgba(0, 0, 0, 1)">
volumeMounts:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: run
mountPath: </span>/run/<span style="color: rgba(0, 0, 0, 1)">flannel
</span>- name: flannel-<span style="color: rgba(0, 0, 0, 1)">cfg
mountPath: </span>/etc/kube-flannel/<span style="color: rgba(0, 0, 0, 1)">
volumes:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: run
hostPath:
path: </span>/run/<span style="color: rgba(0, 0, 0, 1)">flannel
</span>- name: cni-<span style="color: rgba(0, 0, 0, 1)">plugin
hostPath:
path: </span>/opt/cni/<span style="color: rgba(0, 0, 0, 1)">bin
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: cni
hostPath:
path: </span>/etc/cni/<span style="color: rgba(0, 0, 0, 1)">net.d
</span>- name: flannel-<span style="color: rgba(0, 0, 0, 1)">cfg
configMap:
name: kube</span>-flannel-cfg</pre>
</div>
<span class="cnblogs_code_collapse">kube-flannel.yml</span></div>
<p> </p>
<p>由于第二次部署下面网络不通了,网站访问不了(查域名是禁止查询的域名),但是我以前有把这个文件内容保存下来。这样我直接把文件内容复制进来,直接部署就可以了。如下<br>https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml</p>
<div class="cnblogs_code">
<pre>$ ls
mcw.txtmm.ymlscriptstools
$ kubectl apply -<span style="color: rgba(0, 0, 0, 1)">f mm.yml
Warning: policy</span>/v1beta1 PodSecurityPolicy <span style="color: rgba(0, 0, 255, 1)">is</span> deprecated <span style="color: rgba(0, 0, 255, 1)">in</span> v1.<span style="color: rgba(128, 0, 128, 1)">21</span>+, unavailable <span style="color: rgba(0, 0, 255, 1)">in</span> v1.<span style="color: rgba(128, 0, 128, 1)">25</span>+<span style="color: rgba(0, 0, 0, 1)">
podsecuritypolicy.policy</span>/<span style="color: rgba(0, 0, 0, 1)">psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io</span>/<span style="color: rgba(0, 0, 0, 1)">flannel created
clusterrolebinding.rbac.authorization.k8s.io</span>/<span style="color: rgba(0, 0, 0, 1)">flannel created
serviceaccount</span>/<span style="color: rgba(0, 0, 0, 1)">flannel created
configmap</span>/kube-flannel-<span style="color: rgba(0, 0, 0, 1)">cfg created
daemonset.apps</span>/kube-flannel-ds created</pre>
</div>
<h2>添加k8s-node1和k8s-node2</h2>
<h3>添加</h3>
<p>主机名 节点类型 ip </p>
<p>mcw7 master 10.0.0.137</p>
<p>mcw8 k8s-node1 10.0.0.138</p>
<p>mcw9 k8s-node2 10.0.0.139</p>
<p> </p>
<p>添加节点,是执行如下命令,这个命令是初始化master时命令行生成的。</p>
<p>kubeadm join 10.0.0.137:6443 --token 7fmuqu.hbr7n14o7kpbx8iw</p>
<p>kubeadm join --token 7fmuqu.hbr7n14o7kpbx8iw 10.0.0.137:6443 #或者,都一样的</p>
<p> </p>
<p>#这个是初始化生成的信息,应该是要下面这个完整的,不然报错,上面那个的不行</p>
<p>kubeadm join 10.0.0.137:6443 --token 7fmuqu.hbr7n14o7kpbx8iw \</p>
<p>--discovery-token-ca-cert-hash sha256:9794706d7eadeecbc14ba8372fab500d90c624748c2c45ae212d0f32889e4071 </p>
<p> </p>
<p>如果没有记下来,master上执行如下命令查看需要的信息,需要的只是TOKEN,ip端口就是master上的信息</p>
<div class="cnblogs_code">
<pre>$ kubeadm token list
TOKEN TTL EXPIRES USAGES DESCRIPTION EXTRA GROUPS
7fmuqu.hbr7n14o7kpbx8iw 20h </span><span style="color: rgba(128, 0, 128, 1)">2022</span>-<span style="color: rgba(128, 0, 128, 1)">01</span>-04T12:<span style="color: rgba(128, 0, 128, 1)">54</span>:48Z authentication,signing The <span style="color: rgba(0, 0, 255, 1)">default</span> bootstrap token generated by <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">kubeadm init</span><span style="color: rgba(128, 0, 0, 1)">'</span>. system:bootstrappers:kubeadm:<span style="color: rgba(0, 0, 255, 1)">default</span>-node-<span style="color: rgba(0, 0, 0, 1)">token
查看6443端口是什么?这里查看是kube</span>-<span style="color: rgba(0, 0, 0, 1)">apiserver服务,也就是添加节点,是要跟这个服务进行通信
$ ss -lntup|grep <span style="color: rgba(128, 0, 128, 1)">6443</span><span style="color: rgba(0, 0, 0, 1)">
tcp LISTEN </span><span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">16384</span> :::<span style="color: rgba(128, 0, 128, 1)">6443</span> :::* users:((<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-apiserver</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">41659</span>,fd=<span style="color: rgba(128, 0, 128, 1)">7</span><span style="color: rgba(0, 0, 0, 1)">))
执行报错;
mcw8上将执行命令,没添加节点成功
$ kubeadm join <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span>:<span style="color: rgba(128, 0, 128, 1)">6443</span> --<span style="color: rgba(0, 0, 0, 1)">token 7fmuqu.hbr7n14o7kpbx8iw
discovery.bootstrapToken: Invalid value: </span><span style="color: rgba(128, 0, 0, 1)">""</span>: <span style="color: rgba(0, 0, 255, 1)">using</span> token-based discovery without caCertHashes can be <span style="color: rgba(0, 0, 255, 1)">unsafe</span>. Set unsafeSkipCAVerification <span style="color: rgba(0, 0, 255, 1)">as</span> <span style="color: rgba(0, 0, 255, 1)">true</span> <span style="color: rgba(0, 0, 255, 1)">in</span> your kubeadm config file or pass --discovery-token-<span style="color: rgba(0, 0, 255, 1)">unsafe</span>-skip-ca-verification flag to <span style="color: rgba(0, 0, 255, 1)">continue</span><span style="color: rgba(0, 0, 0, 1)">
To see the stack trace of </span><span style="color: rgba(0, 0, 255, 1)">this</span> error execute with --v=<span style="color: rgba(128, 0, 128, 1)">5</span><span style="color: rgba(0, 0, 0, 1)"> or higher
mcw7上普通用户查看节点情况,只有mcw7的
$ kubectl <span style="color: rgba(0, 0, 255, 1)">get</span><span style="color: rgba(0, 0, 0, 1)"> nodes
NAME STATUS ROLES AGE VERSION
mcw7 Ready control</span>-plane,master 4h4m v1.<span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
再次在mcw8上执行添加,这次使用初始化生成的两行,完整的带有</span>--discovery-token-ca-cert-<span style="color: rgba(0, 0, 0, 1)">hash的
$ kubeadm join <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span>:<span style="color: rgba(128, 0, 128, 1)">6443</span> --<span style="color: rgba(0, 0, 0, 1)">token 7fmuqu.hbr7n14o7kpbx8iw \
</span>> --discovery-token-ca-cert-<span style="color: rgba(0, 0, 0, 1)">hash sha256:9794706d7eadeecbc14ba8372fab500d90c624748c2c45ae212d0f32889e4071
Running pre</span>-<span style="color: rgba(0, 0, 0, 1)">flight checks
Server:
ERROR: Cannot connect to the Docker daemon at unix:</span><span style="color: rgba(128, 128, 128, 1)">///</span><span style="color: rgba(0, 128, 0, 1)">var/run/docker.sock. Is the docker daemon running?</span>
<span style="color: rgba(0, 0, 0, 1)">errors pretty printing info
, error: exit status </span><span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
: docker service <span style="color: rgba(0, 0, 255, 1)">is</span> not active, please run <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">systemctl start docker.service</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
: /proc/sys/net/bridge/bridge-nf-call-<span style="color: rgba(0, 0, 0, 1)">iptables does not exist
: /proc/sys/net/ipv4/ip_forward contents are not <span style="color: rgba(0, 0, 255, 1)">set</span> to <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
: error verifying Docker info: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
If you know what you are doing, you can make a check non</span>-fatal with `--ignore-preflight-errors=<span style="color: rgba(0, 0, 0, 1)">...`
To see the stack trace of </span><span style="color: rgba(0, 0, 255, 1)">this</span> error execute with --v=<span style="color: rgba(128, 0, 128, 1)">5</span><span style="color: rgba(0, 0, 0, 1)"> or higher
由上面的错误信息可知,docker daemon部署好后就没起,我启动一下;ipv4转发没有开启
$ systemctl start docker.service
$ vim /etc/<span style="color: rgba(0, 0, 0, 1)">sysctl.conf
$ sysctl -<span style="color: rgba(0, 0, 0, 1)">p
$ tail -<span style="color: rgba(128, 0, 128, 1)">1</span> /etc/<span style="color: rgba(0, 0, 0, 1)">sysctl.conf
net.ipv4.ip_forward </span>= <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
然后再试一下:
$ kubeadm join <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span>:<span style="color: rgba(128, 0, 128, 1)">6443</span> --token 7fmuqu.hbr7n14o7kpbx8iw --discovery-token-ca-cert-<span style="color: rgba(0, 0, 0, 1)">hash sha256:9794706d7eadeecbc14ba8372fab500d90c624748c2c45ae212d0f32889e4071
Running pre</span>-<span style="color: rgba(0, 0, 0, 1)">flight checks
It seems like the kubelet isn<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">t running or healthy.</span>
The HTTP call equal to <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">curl -sSL http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">'</span> failed with error: Get <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">http://localhost:10248/healthz</span><span style="color: rgba(128, 0, 0, 1)">"</span>: dial tcp [::<span style="color: rgba(128, 0, 128, 1)">1</span>]:<span style="color: rgba(128, 0, 128, 1)">10248</span><span style="color: rgba(0, 0, 0, 1)">: connect: connection refused.
查看系统日志信息,又报错了
$ tail -<span style="color: rgba(128, 0, 128, 1)">100</span> /<span style="color: rgba(0, 0, 255, 1)">var</span>/log/<span style="color: rgba(0, 0, 0, 1)">messages
Jan</span><span style="color: rgba(128, 0, 128, 1)">4</span> <span style="color: rgba(128, 0, 128, 1)">01</span>:<span style="color: rgba(128, 0, 128, 1)">21</span>:<span style="color: rgba(128, 0, 128, 1)">11</span> mcw8 kubelet: I0104 <span style="color: rgba(128, 0, 128, 1)">01</span>:<span style="color: rgba(128, 0, 128, 1)">21</span>:<span style="color: rgba(128, 0, 128, 1)">11.454777</span> <span style="color: rgba(128, 0, 128, 1)">21848</span> server.go:<span style="color: rgba(128, 0, 128, 1)">693</span>] <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">--cgroups-per-qos enabled, but --cgroup-root was not specified.defaulting to /</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Jan</span><span style="color: rgba(128, 0, 128, 1)">4</span> <span style="color: rgba(128, 0, 128, 1)">01</span>:<span style="color: rgba(128, 0, 128, 1)">21</span>:<span style="color: rgba(128, 0, 128, 1)">11</span> mcw8 kubelet: E0104 <span style="color: rgba(128, 0, 128, 1)">01</span>:<span style="color: rgba(128, 0, 128, 1)">21</span>:<span style="color: rgba(128, 0, 128, 1)">11.455004</span> <span style="color: rgba(128, 0, 128, 1)">21848</span> server.go:<span style="color: rgba(128, 0, 128, 1)">302</span>] <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">Failed to run kubelet</span><span style="color: rgba(128, 0, 0, 1)">"</span> err=<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">failed to run Kubelet: running with swap on is not supported, please disable swap! or set --fail-swap-on flag to false. /proc/swaps contained: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
在mcw8上执行如下操作
cat </span>> /etc/docker/daemon.json <<<span style="color: rgba(0, 0, 0, 1)">EOF
{
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">],
</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=systemd</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
}
EOF
$ swapoff -<span style="color: rgba(0, 0, 0, 1)">a
$ cat > /etc/docker/daemon.json <<<span style="color: rgba(0, 0, 0, 1)">EOF
</span>><span style="color: rgba(0, 0, 0, 1)"> {
</span>> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">registry-mirrors</span><span style="color: rgba(128, 0, 0, 1)">"</span>:[<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://reg-mirror.qiniu.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://docker.mirrors.ustc.edu.cn/</span><span style="color: rgba(128, 0, 0, 1)">"</span>,<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">https://hub-mirror.c.163.com/</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">],
</span>> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">exec-opts</span><span style="color: rgba(128, 0, 0, 1)">"</span>: [<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">native.cgroupdriver=systemd</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">]
</span>><span style="color: rgba(0, 0, 0, 1)"> }
</span>><span style="color: rgba(0, 0, 0, 1)"> EOF
$ systemctl daemon-<span style="color: rgba(0, 0, 0, 1)">reload
$ systemctl restart docker.service
然后再次添加报错:
$ kubeadm join <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span>:<span style="color: rgba(128, 0, 128, 1)">6443</span> --token 7fmuqu.hbr7n14o7kpbx8iw --discovery-token-ca-cert-<span style="color: rgba(0, 0, 0, 1)">hash sha256:9794706d7eadeecbc14ba8372fab500d90c624748c2c45ae212d0f32889e4071
Running pre</span>-<span style="color: rgba(0, 0, 0, 1)">flight checks
: docker service <span style="color: rgba(0, 0, 255, 1)">is</span> not enabled, please run <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">systemctl enable docker.service</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw8</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> could not be reached
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw8</span><span style="color: rgba(128, 0, 0, 1)">"</span>: lookup mcw8 on <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.2</span>:<span style="color: rgba(128, 0, 128, 1)">53</span><span style="color: rgba(0, 0, 0, 1)">: no such host
error execution phase preflight: Some fatal errors occurred:
: /etc/kubernetes/<span style="color: rgba(0, 0, 0, 1)">kubelet.conf already exists
: Port <span style="color: rgba(128, 0, 128, 1)">10250</span> <span style="color: rgba(0, 0, 255, 1)">is</span> <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> use
: /etc/kubernetes/pki/<span style="color: rgba(0, 0, 0, 1)">ca.crt already exists
If you know what you are doing, you can make a check non</span>-fatal with `--ignore-preflight-errors=<span style="color: rgba(0, 0, 0, 1)">...`
To see the stack trace of </span><span style="color: rgba(0, 0, 255, 1)">this</span> error execute with --v=<span style="color: rgba(128, 0, 128, 1)">5</span><span style="color: rgba(0, 0, 0, 1)"> or higher
再次执行重设。再添加进集群,成功添加
$ echo y|<span style="color: rgba(0, 0, 0, 1)">kubeadm reset
$ kubeadm join <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.137</span>:<span style="color: rgba(128, 0, 128, 1)">6443</span> --token 7fmuqu.hbr7n14o7kpbx8iw --discovery-token-ca-cert-<span style="color: rgba(0, 0, 0, 1)">hash sha256:9794706d7eadeecbc14ba8372fab500d90c624748c2c45ae212d0f32889e4071
Running pre</span>-<span style="color: rgba(0, 0, 0, 1)">flight checks
: docker service <span style="color: rgba(0, 0, 255, 1)">is</span> not enabled, please run <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">systemctl enable docker.service</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw8</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> could not be reached
: hostname </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">mcw8</span><span style="color: rgba(128, 0, 0, 1)">"</span>: lookup mcw8 on <span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.2</span>:<span style="color: rgba(128, 0, 128, 1)">53</span><span style="color: rgba(0, 0, 0, 1)">: no such host
Reading configuration </span><span style="color: rgba(0, 0, 255, 1)">from</span><span style="color: rgba(0, 0, 0, 1)"> the cluster...
FYI: You can look at </span><span style="color: rgba(0, 0, 255, 1)">this</span> config file with <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">kubectl -n kube-system get cm kubeadm-config -o yaml</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
Writing kubelet configuration to file <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/var/lib/kubelet/config.yaml</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Writing kubelet environment file with flags to file <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/var/lib/kubelet/kubeadm-flags.env</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Starting the kubelet
Waiting <span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:
</span>*<span style="color: rgba(0, 0, 0, 1)"> Certificate signing request was sent to apiserver and a response was received.
</span>* The Kubelet was informed of the <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> secure connection details.
Run </span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">kubectl get nodes</span><span style="color: rgba(128, 0, 0, 1)">'</span> on the control-plane to see <span style="color: rgba(0, 0, 255, 1)">this</span><span style="color: rgba(0, 0, 0, 1)"> node join the cluster.
$
在mcw7这个主节点上查看到mcw8这个节点,已经加进来了,但是未准备好的
$ kubectl <span style="color: rgba(0, 0, 255, 1)">get</span><span style="color: rgba(0, 0, 0, 1)"> nodes
NAME STATUS ROLES AGE VERSION
mcw7 Ready control</span>-plane,master 4h55m v1.<span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
mcw8 NotReady </span><none> 3m11s v1.<span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
在mcw9上做同样操作,这个节点也加入集群了
$ kubectl <span style="color: rgba(0, 0, 255, 1)">get</span><span style="color: rgba(0, 0, 0, 1)"> nodes
NAME STATUS ROLES AGE VERSION
mcw7 Ready control</span>-plane,master 5h52m v1.<span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
mcw8 Ready </span><none> 60m v1.<span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
mcw9 Ready </span><none> 22m v1.<span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
$
查看mcw9这个节点所有容器。有三个退出的容器
$ docker ps -<span style="color: rgba(0, 0, 0, 1)">a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2d7b99847855 e6ea68648f0c </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/opt/bin/flanneld -…</span><span style="color: rgba(128, 0, 0, 1)">"</span> <span style="color: rgba(128, 0, 128, 1)">5</span> minutes ago Exited (<span style="color: rgba(128, 0, 128, 1)">1</span>) <span style="color: rgba(128, 0, 128, 1)">5</span> minutes ago k8s_kube-flannel_kube-flannel-ds-s4qmj_kube-system_a8082592-8c92-4c48-98dc-<span style="color: rgba(0, 0, 0, 1)">c6b52ebb9498_16
a97be18082b7 quay.io</span>/coreos/flannel <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">cp -f /etc/kube-fla…</span><span style="color: rgba(128, 0, 0, 1)">"</span> About an hour ago Exited (<span style="color: rgba(128, 0, 128, 1)">0</span>) About an hour ago k8s_install-cni_kube-flannel-ds-s4qmj_kube-system_a8082592-8c92-4c48-98dc-<span style="color: rgba(0, 0, 0, 1)">c6b52ebb9498_0
881e2618fa9d registry.aliyuncs.com</span>/google_containers/kube-proxy <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/usr/local/bin/kube…</span><span style="color: rgba(128, 0, 0, 1)">"</span> About an hour ago Up About an hour k8s_kube-proxy_kube-proxy-npmtv_kube-system_7f6b0d03-0d35-48ae-b091-<span style="color: rgba(0, 0, 0, 1)">5f1e0618ba85_0
0503318f5d3c rancher</span>/mirrored-flannelcni-flannel-cni-plugin <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">cp -f /flannel /opt…</span><span style="color: rgba(128, 0, 0, 1)">"</span> About an hour ago Exited (<span style="color: rgba(128, 0, 128, 1)">0</span>) About an hour ago k8s_install-cni-plugin_kube-flannel-ds-s4qmj_kube-system_a8082592-8c92-4c48-98dc-<span style="color: rgba(0, 0, 0, 1)">c6b52ebb9498_0
75e85cb833df registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> About an hour ago Up About an hour k8s_POD_kube-proxy-npmtv_kube-system_7f6b0d03-0d35-48ae-b091-<span style="color: rgba(0, 0, 0, 1)">5f1e0618ba85_0
625efe596472 registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> About an hour ago Up About an hour k8s_POD_kube-flannel-ds-s4qmj_kube-system_a8082592-8c92-4c48-98dc-<span style="color: rgba(0, 0, 0, 1)">c6b52ebb9498_0
$ </pre>
</div>
<h3>查看所有的Pod的状态以及Pod详情等等</h3>
<p>名字带有kube-flannel-ds的,应该是三个k8s节点,根据时间上来猜测,Running 的应该是mcw7主节点,</p>
<p>Error 的 是之前加进去的mcw8节点,CrashLoopBackOff是最后加进去的mcw9节点</p>
<div class="cnblogs_code">
<pre>$ kubectl <span style="color: rgba(0, 0, 255, 1)">get</span> pod --all-<span style="color: rgba(0, 0, 0, 1)">namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube</span>-system coredns-6d8c4cb4d-2296m <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)"> (122m ago) 5h53m
kube</span>-system coredns-6d8c4cb4d-lphb2 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)"> (122m ago) 5h53m
kube</span>-system etcd-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 5h53m
kube</span>-system kube-apiserver-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)"> 5h53m
kube</span>-system kube-controller-manager-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">4</span><span style="color: rgba(0, 0, 0, 1)"> (123m ago) 5h53m
kube</span>-system kube-flannel-ds-5pxmj <span style="color: rgba(128, 0, 128, 1)">0</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Error <span style="color: rgba(128, 0, 128, 1)">16</span><span style="color: rgba(0, 0, 0, 1)"> (5m19s ago) 61m
kube</span>-system kube-flannel-ds-8gzfq <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)"> 128m
kube</span>-system kube-flannel-ds-s4qmj <span style="color: rgba(128, 0, 128, 1)">0</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> CrashLoopBackOff <span style="color: rgba(128, 0, 128, 1)">9</span><span style="color: rgba(0, 0, 0, 1)"> (72s ago) 24m
kube</span>-system kube-proxy-4lmsx <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)"> 61m
kube</span>-system kube-proxy-c5zmm <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)"> 5h53m
kube</span>-system kube-proxy-npmtv <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)"> 24m
kube</span>-system kube-scheduler-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> (123m ago) 5h53m
$
当k8s节点加入集群后,会运行起三个容器,如下:有kube</span>-proxy,POD_kube-flannel-ds,POD_kube-<span style="color: rgba(0, 0, 0, 1)">proxy
$ dockerps |awk <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{print $2,"\t",$3,"\t",$NF}</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
ID IMAGE NAMES
registry.aliyuncs.com</span>/google_containers/kube-proxy <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/usr/local/bin/kube…</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_kube-proxy_kube-proxy-4lmsx_kube-system_fb743f5c-0f44-43a7-ad7e-<span style="color: rgba(0, 0, 0, 1)">78817ddafc12_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-flannel-ds-5pxmj_kube-system_0972d5b3-a774-44cc-94b1-<span style="color: rgba(0, 0, 0, 1)">6765ec8f4256_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-proxy-4lmsx_kube-system_fb743f5c-0f44-43a7-ad7e-<span style="color: rgba(0, 0, 0, 1)">78817ddafc12_0
$
下面查看mcw9这个节点的Pod具体情况
$ kubectl describe pod kube-flannel-ds-s4qmj --<span style="color: rgba(0, 0, 255, 1)">namespace</span>=kube-<span style="color: rgba(0, 0, 0, 1)">system
Name: kube</span>-flannel-ds-<span style="color: rgba(0, 0, 0, 1)">s4qmj
Namespace: kube</span>-<span style="color: rgba(0, 0, 0, 1)">system
Priority: </span><span style="color: rgba(128, 0, 128, 1)">2000001000</span><span style="color: rgba(0, 0, 0, 1)">
Priority Class Name:system</span>-node-<span style="color: rgba(0, 0, 0, 1)">critical
Node: mcw9</span>/<span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.139</span><span style="color: rgba(0, 0, 0, 1)">
Start Time: Tue, </span><span style="color: rgba(128, 0, 128, 1)">04</span> Jan <span style="color: rgba(128, 0, 128, 1)">2022</span> <span style="color: rgba(128, 0, 128, 1)">02</span>:<span style="color: rgba(128, 0, 128, 1)">23</span>:<span style="color: rgba(128, 0, 128, 1)">58</span> +<span style="color: rgba(128, 0, 128, 1)">0800</span><span style="color: rgba(0, 0, 0, 1)">
Labels: app</span>=<span style="color: rgba(0, 0, 0, 1)">flannel
controller</span>-revision-hash=<span style="color: rgba(0, 0, 0, 1)">5947899bf6
pod</span>-template-generation=<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
tier</span>=<span style="color: rgba(0, 0, 0, 1)">node
Annotations: </span><none><span style="color: rgba(0, 0, 0, 1)">
Status: Running
IP: </span><span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.139</span><span style="color: rgba(0, 0, 0, 1)">
IPs:
IP: </span><span style="color: rgba(128, 0, 128, 1)">10.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.139</span><span style="color: rgba(0, 0, 0, 1)">
Controlled By:DaemonSet</span>/kube-flannel-<span style="color: rgba(0, 0, 0, 1)">ds
Init Containers:
install</span>-cni-<span style="color: rgba(0, 0, 0, 1)">plugin:
Container ID:docker:</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">0503318f5d3cfddd264f8b9519679ff429f6c23b5cabea4c3a9f3aabf023c716</span>
Image: rancher/mirrored-flannelcni-flannel-cni-plugin:v1.<span style="color: rgba(128, 0, 128, 1)">0.0</span><span style="color: rgba(0, 0, 0, 1)">
Image ID: docker</span>-pullable:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">rancher/mirrored-flannelcni-flannel-cni-plugin@sha256:bfe8f30c74bc6f31eba0cc6659e396dbdd5ab171314ed542cc238ae046660ede</span>
Port: <none><span style="color: rgba(0, 0, 0, 1)">
Host Port: </span><none><span style="color: rgba(0, 0, 0, 1)">
Command:
cp
Args:
</span>-<span style="color: rgba(0, 0, 0, 1)">f
</span>/<span style="color: rgba(0, 0, 0, 1)">flannel
</span>/opt/cni/bin/<span style="color: rgba(0, 0, 0, 1)">flannel
State: Terminated
Reason: Completed
Exit Code: </span><span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">
Started: Tue, </span><span style="color: rgba(128, 0, 128, 1)">04</span> Jan <span style="color: rgba(128, 0, 128, 1)">2022</span> <span style="color: rgba(128, 0, 128, 1)">02</span>:<span style="color: rgba(128, 0, 128, 1)">24</span>:<span style="color: rgba(128, 0, 128, 1)">20</span> +<span style="color: rgba(128, 0, 128, 1)">0800</span><span style="color: rgba(0, 0, 0, 1)">
Finished: Tue, </span><span style="color: rgba(128, 0, 128, 1)">04</span> Jan <span style="color: rgba(128, 0, 128, 1)">2022</span> <span style="color: rgba(128, 0, 128, 1)">02</span>:<span style="color: rgba(128, 0, 128, 1)">24</span>:<span style="color: rgba(128, 0, 128, 1)">20</span> +<span style="color: rgba(128, 0, 128, 1)">0800</span><span style="color: rgba(0, 0, 0, 1)">
Ready: True
Restart Count:</span><span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">
Environment: </span><none><span style="color: rgba(0, 0, 0, 1)">
Mounts:
</span>/opt/cni/bin <span style="color: rgba(0, 0, 255, 1)">from</span> cni-<span style="color: rgba(0, 0, 0, 1)">plugin (rw)
</span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/run/secrets/kubernetes.io/serviceaccount <span style="color: rgba(0, 0, 255, 1)">from</span> kube-api-access-<span style="color: rgba(0, 0, 0, 1)">j5mrk (ro)
install</span>-<span style="color: rgba(0, 0, 0, 1)">cni:
Container ID:docker:</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">a97be18082b79da0effeeaea374a2cd02afc61ec0fb6e03c900ad000656b8179</span>
Image: quay.io/coreos/flannel:v0.<span style="color: rgba(128, 0, 128, 1)">15.1</span><span style="color: rgba(0, 0, 0, 1)">
Image ID: docker</span>-pullable:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">quay.io/coreos/flannel@sha256:9a296fbb67790659adc3701e287adde3c59803b7fcefe354f1fc482840cdb3d9</span>
Port: <none><span style="color: rgba(0, 0, 0, 1)">
Host Port: </span><none><span style="color: rgba(0, 0, 0, 1)">
Command:
cp
Args:
</span>-<span style="color: rgba(0, 0, 0, 1)">f
</span>/etc/kube-flannel/cni-<span style="color: rgba(0, 0, 0, 1)">conf.json
</span>/etc/cni/net.d/<span style="color: rgba(128, 0, 128, 1)">10</span>-<span style="color: rgba(0, 0, 0, 1)">flannel.conflist
State: Terminated
Reason: Completed
Exit Code: </span><span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">
Started: Tue, </span><span style="color: rgba(128, 0, 128, 1)">04</span> Jan <span style="color: rgba(128, 0, 128, 1)">2022</span> <span style="color: rgba(128, 0, 128, 1)">02</span>:<span style="color: rgba(128, 0, 128, 1)">25</span>:<span style="color: rgba(128, 0, 128, 1)">53</span> +<span style="color: rgba(128, 0, 128, 1)">0800</span><span style="color: rgba(0, 0, 0, 1)">
Finished: Tue, </span><span style="color: rgba(128, 0, 128, 1)">04</span> Jan <span style="color: rgba(128, 0, 128, 1)">2022</span> <span style="color: rgba(128, 0, 128, 1)">02</span>:<span style="color: rgba(128, 0, 128, 1)">25</span>:<span style="color: rgba(128, 0, 128, 1)">53</span> +<span style="color: rgba(128, 0, 128, 1)">0800</span><span style="color: rgba(0, 0, 0, 1)">
Ready: True
Restart Count:</span><span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">
Environment: </span><none><span style="color: rgba(0, 0, 0, 1)">
Mounts:
</span>/etc/cni/net.d <span style="color: rgba(0, 0, 255, 1)">from</span><span style="color: rgba(0, 0, 0, 1)"> cni (rw)
</span>/etc/kube-flannel/ <span style="color: rgba(0, 0, 255, 1)">from</span> flannel-<span style="color: rgba(0, 0, 0, 1)">cfg (rw)
</span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/run/secrets/kubernetes.io/serviceaccount <span style="color: rgba(0, 0, 255, 1)">from</span> kube-api-access-<span style="color: rgba(0, 0, 0, 1)">j5mrk (ro)
Containers:
kube</span>-<span style="color: rgba(0, 0, 0, 1)">flannel:
Container ID:docker:</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">0039225dc56bd11b7a6ec41763daa61a85f128f0bf501bdc3dc6d49504da64a1</span>
Image: quay.io/coreos/flannel:v0.<span style="color: rgba(128, 0, 128, 1)">15.1</span><span style="color: rgba(0, 0, 0, 1)">
Image ID: docker</span>-pullable:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">quay.io/coreos/flannel@sha256:9a296fbb67790659adc3701e287adde3c59803b7fcefe354f1fc482840cdb3d9</span>
Port: <none><span style="color: rgba(0, 0, 0, 1)">
Host Port: </span><none><span style="color: rgba(0, 0, 0, 1)">
Command:
</span>/opt/bin/<span style="color: rgba(0, 0, 0, 1)">flanneld
Args:
</span>--ip-<span style="color: rgba(0, 0, 0, 1)">masq
</span>--kube-subnet-<span style="color: rgba(0, 0, 0, 1)">mgr
State: Waiting
Reason: CrashLoopBackOff
Last State: Terminated
Reason: Error
Exit Code: </span><span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
Started: Tue, </span><span style="color: rgba(128, 0, 128, 1)">04</span> Jan <span style="color: rgba(128, 0, 128, 1)">2022</span> <span style="color: rgba(128, 0, 128, 1)">03</span>:<span style="color: rgba(128, 0, 128, 1)">18</span>:<span style="color: rgba(128, 0, 128, 1)">15</span> +<span style="color: rgba(128, 0, 128, 1)">0800</span><span style="color: rgba(0, 0, 0, 1)">
Finished: Tue, </span><span style="color: rgba(128, 0, 128, 1)">04</span> Jan <span style="color: rgba(128, 0, 128, 1)">2022</span> <span style="color: rgba(128, 0, 128, 1)">03</span>:<span style="color: rgba(128, 0, 128, 1)">18</span>:<span style="color: rgba(128, 0, 128, 1)">16</span> +<span style="color: rgba(128, 0, 128, 1)">0800</span><span style="color: rgba(0, 0, 0, 1)">
Ready: False
Restart Count:</span><span style="color: rgba(128, 0, 128, 1)">15</span><span style="color: rgba(0, 0, 0, 1)">
Limits:
cpu: 100m
memory:50Mi
Requests:
cpu: 100m
memory:50Mi
Environment:
POD_NAME: kube</span>-flannel-ds-<span style="color: rgba(0, 0, 0, 1)">s4qmj (v1:metadata.name)
POD_NAMESPACE:kube</span>-system (v1:metadata.<span style="color: rgba(0, 0, 255, 1)">namespace</span><span style="color: rgba(0, 0, 0, 1)">)
Mounts:
</span>/etc/kube-flannel/ <span style="color: rgba(0, 0, 255, 1)">from</span> flannel-<span style="color: rgba(0, 0, 0, 1)">cfg (rw)
</span>/run/flannel <span style="color: rgba(0, 0, 255, 1)">from</span><span style="color: rgba(0, 0, 0, 1)"> run (rw)
</span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/run/secrets/kubernetes.io/serviceaccount <span style="color: rgba(0, 0, 255, 1)">from</span> kube-api-access-<span style="color: rgba(0, 0, 0, 1)">j5mrk (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
run:
Type: HostPath (bare host directory volume)
Path: </span>/run/<span style="color: rgba(0, 0, 0, 1)">flannel
HostPathType:
cni</span>-<span style="color: rgba(0, 0, 0, 1)">plugin:
Type: HostPath (bare host directory volume)
Path: </span>/opt/cni/<span style="color: rgba(0, 0, 0, 1)">bin
HostPathType:
cni:
Type: HostPath (bare host directory volume)
Path: </span>/etc/cni/<span style="color: rgba(0, 0, 0, 1)">net.d
HostPathType:
flannel</span>-<span style="color: rgba(0, 0, 0, 1)">cfg:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: kube</span>-flannel-<span style="color: rgba(0, 0, 0, 1)">cfg
Optional:</span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
kube</span>-api-access-<span style="color: rgba(0, 0, 0, 1)">j5mrk:
Type: Projected (a volume that contains injected data </span><span style="color: rgba(0, 0, 255, 1)">from</span><span style="color: rgba(0, 0, 0, 1)"> multiple sources)
TokenExpirationSeconds:</span><span style="color: rgba(128, 0, 128, 1)">3607</span><span style="color: rgba(0, 0, 0, 1)">
ConfigMapName: kube</span>-root-<span style="color: rgba(0, 0, 0, 1)">ca.crt
ConfigMapOptional: </span><nil><span style="color: rgba(0, 0, 0, 1)">
DownwardAPI: </span><span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">
QoS Class: Burstable
Node</span>-Selectors: <none><span style="color: rgba(0, 0, 0, 1)">
Tolerations: :NoSchedule op</span>=<span style="color: rgba(0, 0, 0, 1)">Exists
node.kubernetes.io</span>/disk-pressure:NoSchedule op=<span style="color: rgba(0, 0, 0, 1)">Exists
node.kubernetes.io</span>/memory-pressure:NoSchedule op=<span style="color: rgba(0, 0, 0, 1)">Exists
node.kubernetes.io</span>/network-unavailable:NoSchedule op=<span style="color: rgba(0, 0, 0, 1)">Exists
node.kubernetes.io</span>/not-ready:NoExecute op=<span style="color: rgba(0, 0, 0, 1)">Exists
node.kubernetes.io</span>/pid-pressure:NoSchedule op=<span style="color: rgba(0, 0, 0, 1)">Exists
node.kubernetes.io</span>/unreachable:NoExecute op=<span style="color: rgba(0, 0, 0, 1)">Exists
node.kubernetes.io</span>/unschedulable:NoSchedule op=<span style="color: rgba(0, 0, 0, 1)">Exists
Events:
Type Reason Age From Message
</span>---- ------ ---- ---- -------<span style="color: rgba(0, 0, 0, 1)">
Normal Scheduled57m </span><span style="color: rgba(0, 0, 255, 1)">default</span>-schedulerSuccessfully assigned kube-system/kube-flannel-ds-<span style="color: rgba(0, 0, 0, 1)">s4qmj to mcw9
Normal Pulling 57m kubelet Pulling image </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">rancher/mirrored-flannelcni-flannel-cni-plugin:v1.0.0</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Normal Pulled 57m kubelet Successfully pulled image </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">rancher/mirrored-flannelcni-flannel-cni-plugin:v1.0.0</span><span style="color: rgba(128, 0, 0, 1)">"</span> <span style="color: rgba(0, 0, 255, 1)">in</span> <span style="color: rgba(128, 0, 128, 1)">7</span><span style="color: rgba(0, 0, 0, 1)">.945886633s
Normal Created 57m kubelet Created container install</span>-cni-<span style="color: rgba(0, 0, 0, 1)">plugin
Normal Started 57m kubelet Started container install</span>-cni-<span style="color: rgba(0, 0, 0, 1)">plugin
Normal Pulling 57m kubelet Pulling image </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">quay.io/coreos/flannel:v0.15.1</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
Normal Created 55m kubelet Created container install</span>-<span style="color: rgba(0, 0, 0, 1)">cni
Normal Pulled 55m kubelet Successfully pulled image </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">quay.io/coreos/flannel:v0.15.1</span><span style="color: rgba(128, 0, 0, 1)">"</span> <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> 1m31.255703561s
Normal Started 55m kubelet Started container install</span>-<span style="color: rgba(0, 0, 0, 1)">cni
Normal Pulled 54m (x4 over 55m) kubelet Container image </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">quay.io/coreos/flannel:v0.15.1</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)"> already present on machine
Normal Created 54m (x4 over 55m) kubelet Created container kube</span>-<span style="color: rgba(0, 0, 0, 1)">flannel
Normal Started 54m (x4 over 55m) kubelet Started container kube</span>-<span style="color: rgba(0, 0, 0, 1)">flannel
WarningBackOff 2m23s (x245 over 55m)kubelet Back</span>-<span style="color: rgba(0, 0, 0, 1)">off restarting failed container
$
继续查看,Pod的情况,从restart这一列可以看到,重试次数和最后一次重试时间。重试这里指的是重新去
docker pull拉取镜像。但是这里显没有成功过,状态一直是非running的正常状态。我们也可以手动去docker pull镜像的
$ kubectl <span style="color: rgba(0, 0, 255, 1)">get</span> pod --all-<span style="color: rgba(0, 0, 0, 1)">namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube</span>-system coredns-6d8c4cb4d-2296m <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)"> (165m ago) 6h35m
kube</span>-system coredns-6d8c4cb4d-lphb2 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)"> (165m ago) 6h35m
kube</span>-system etcd-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> 6h36m
kube</span>-system kube-apiserver-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)"> 6h36m
kube</span>-system kube-controller-manager-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">4</span><span style="color: rgba(0, 0, 0, 1)"> (165m ago) 6h36m
kube</span>-system kube-flannel-ds-5pxmj <span style="color: rgba(128, 0, 128, 1)">0</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> CrashLoopBackOff <span style="color: rgba(128, 0, 128, 1)">24</span><span style="color: rgba(0, 0, 0, 1)"> (96s ago) 104m
kube</span>-system kube-flannel-ds-8gzfq <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)"> 170m
kube</span>-system kube-flannel-ds-s4qmj <span style="color: rgba(128, 0, 128, 1)">0</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> CrashLoopBackOff <span style="color: rgba(128, 0, 128, 1)">17</span><span style="color: rgba(0, 0, 0, 1)"> (2m33s ago) 67m
kube</span>-system kube-proxy-4lmsx <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)"> 104m
kube</span>-system kube-proxy-c5zmm <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)"> 6h35m
kube</span>-system kube-proxy-npmtv <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)"> 67m
kube</span>-system kube-scheduler-mcw7 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">1</span> Running <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)"> (165m ago) 6h36m
虽然查看Pod状态不是running,但是我么查看k8s节点,状态都已经是ready状态
$ kubectl <span style="color: rgba(0, 0, 255, 1)">get</span><span style="color: rgba(0, 0, 0, 1)"> nodes
NAME STATUS ROLES AGE VERSION
mcw7 Ready control</span>-plane,master 6h43m v1.<span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
mcw8 Ready </span><none> 111m v1.<span style="color: rgba(128, 0, 128, 1)">23.1</span><span style="color: rgba(0, 0, 0, 1)">
mcw9 Ready </span><none> 74m v1.<span style="color: rgba(128, 0, 128, 1)">23.1</span></pre>
</div>
<p> </p>
<p>$ docker ps |awk '{print $3,"\t",$NF}'IMAGE NAMES"/usr/local/bin/kube…" k8s_kube-proxy_kube-proxy-c5zmm_kube-system_5897b315-6a17-4d8b-82c6-7712ade54560_0"/pause" k8s_POD_kube-proxy-c5zmm_kube-system_5897b315-6a17-4d8b-82c6-7712ade54560_0"kube-scheduler k8s_kube-scheduler_kube-scheduler-mcw7_kube-system_5a3a66c7da6759d92afea91cd2972f6e_2"kube-apiserver k8s_kube-apiserver_kube-apiserver-mcw7_kube-system_fc840a9b537be965fe104fc9cbddd14f_2"kube-controller-man…" k8s_kube-controller-manager_kube-controller-manager-mcw7_kube-system_3e1d477612039be74973ec7803946c3a_3"etcd k8s_etcd_etcd-mcw7_kube-system_93c9b21b665d4c633156ae2d5739fb33_3"/pause" k8s_POD_kube-scheduler-mcw7_kube-system_5a3a66c7da6759d92afea91cd2972f6e_0"/pause" k8s_POD_kube-controller-manager-mcw7_kube-system_3e1d477612039be74973ec7803946c3a_0"/pause" k8s_POD_kube-apiserver-mcw7_kube-system_fc840a9b537be965fe104fc9cbddd14f_0"/pause" k8s_POD_etcd-mcw7_kube-system_93c9b21b665d4c633156ae2d5739fb33_0$ </p>
<p> </p>
<h2>当其它两个node节点加入到集群后,查看master节点中的容器</h2>
<div class="cnblogs_code">
<pre>$ docker ps|awk <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{print $2,"\t",$3,"\t",$NF}</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
ID IMAGE NAMES
a4ca41631cc7 </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/coredns k8s_coredns_coredns-6d8c4cb4d-lphb2_kube-system_ee417258-6ed4-44e7-a495-b9ef2f1525f0_1</span>
a4ca41631cc7 <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/coredns k8s_coredns_coredns-6d8c4cb4d-2296m_kube-system_016cc499-613c-41b9-a2dc-858cafaf7106_1</span>
f51846a4fd28 <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-controller-man…</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_kube-controller-manager_kube-controller-manager-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_3e1d477612039be74973ec7803946c3a_4
71d575efe628 </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-scheduler k8s_kube-scheduler_kube-scheduler-mcw7_kube-system_5a3a66c7da6759d92afea91cd2972f6e_3</span>
registry.aliyuncs.com/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_coredns-6d8c4cb4d-lphb2_kube-system_ee417258-6ed4-44e7-a495-<span style="color: rgba(0, 0, 0, 1)">b9ef2f1525f0_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_coredns-6d8c4cb4d-2296m_kube-system_016cc499-613c-41b9-a2dc-<span style="color: rgba(0, 0, 0, 1)">858cafaf7106_0
e6ea68648f0c </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/opt/bin/flanneld k8s_kube-flannel_kube-flannel-ds-8gzfq_kube-system_69c727fc-d4ce-4bee-94ce-fcff4c5bd5bf_0</span>
registry.aliyuncs.com/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-flannel-ds-8gzfq_kube-system_69c727fc-d4ce-4bee-94ce-<span style="color: rgba(0, 0, 0, 1)">fcff4c5bd5bf_0
b46c42588d51 </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/usr/local/bin/kube…</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_kube-proxy_kube-proxy-c5zmm_kube-system_5897b315-6a17-4d8b-82c6-<span style="color: rgba(0, 0, 0, 1)">7712ade54560_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-proxy-c5zmm_kube-system_5897b315-6a17-4d8b-82c6-<span style="color: rgba(0, 0, 0, 1)">7712ade54560_0
b6d7abedde39 </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-apiserver k8s_kube-apiserver_kube-apiserver-mcw7_kube-system_fc840a9b537be965fe104fc9cbddd14f_2</span>
25f8c7f3da61 <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd k8s_etcd_etcd-mcw7_kube-system_93c9b21b665d4c633156ae2d5739fb33_3</span>
registry.aliyuncs.com/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-scheduler-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_5a3a66c7da6759d92afea91cd2972f6e_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-controller-manager-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_3e1d477612039be74973ec7803946c3a_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-apiserver-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_fc840a9b537be965fe104fc9cbddd14f_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_etcd-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_93c9b21b665d4c633156ae2d5739fb33_0
$
$ docker ps|awk <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{print $2,"\t",$3,"\t",$NF}</span><span style="color: rgba(128, 0, 0, 1)">'</span>|wc -<span style="color: rgba(0, 0, 0, 1)">l
</span><span style="color: rgba(128, 0, 128, 1)">17</span><span style="color: rgba(0, 0, 0, 1)">
$ docker ps|awk <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{print $2,"\t",$3,"\t",$NF}</span><span style="color: rgba(128, 0, 0, 1)">'</span>|<span style="color: rgba(0, 0, 0, 1)">grep flannel
e6ea68648f0c </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/opt/bin/flanneld k8s_kube-flannel_kube-flannel-ds-8gzfq_kube-system_69c727fc-d4ce-4bee-94ce-fcff4c5bd5bf_0</span>
registry.aliyuncs.com/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-flannel-ds-8gzfq_kube-system_69c727fc-d4ce-4bee-94ce-<span style="color: rgba(0, 0, 0, 1)">fcff4c5bd5bf_0
$ docker ps|awk <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{print $2,"\t",$3,"\t",$NF}</span><span style="color: rgba(128, 0, 0, 1)">'</span>|<span style="color: rgba(0, 0, 0, 1)">grep POD
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_coredns-6d8c4cb4d-lphb2_kube-system_ee417258-6ed4-44e7-a495-<span style="color: rgba(0, 0, 0, 1)">b9ef2f1525f0_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_coredns-6d8c4cb4d-2296m_kube-system_016cc499-613c-41b9-a2dc-<span style="color: rgba(0, 0, 0, 1)">858cafaf7106_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-flannel-ds-8gzfq_kube-system_69c727fc-d4ce-4bee-94ce-<span style="color: rgba(0, 0, 0, 1)">fcff4c5bd5bf_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-proxy-c5zmm_kube-system_5897b315-6a17-4d8b-82c6-<span style="color: rgba(0, 0, 0, 1)">7712ade54560_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-scheduler-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_5a3a66c7da6759d92afea91cd2972f6e_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-controller-manager-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_3e1d477612039be74973ec7803946c3a_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_kube-apiserver-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_fc840a9b537be965fe104fc9cbddd14f_0
registry.aliyuncs.com</span>/google_containers/pause:<span style="color: rgba(128, 0, 128, 1)">3.6</span> <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/pause</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_POD_etcd-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_93c9b21b665d4c633156ae2d5739fb33_0
$ docker ps|awk <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{print $2,"\t",$3,"\t",$NF}</span><span style="color: rgba(128, 0, 0, 1)">'</span>|grep POD|wc -<span style="color: rgba(0, 0, 0, 1)">l
</span><span style="color: rgba(128, 0, 128, 1)">8</span><span style="color: rgba(0, 0, 0, 1)">
$ docker ps|awk <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{print $2,"\t",$3,"\t",$NF}</span><span style="color: rgba(128, 0, 0, 1)">'</span>|grep -<span style="color: rgba(0, 0, 0, 1)">v POD
ID IMAGE NAMES
a4ca41631cc7 </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/coredns k8s_coredns_coredns-6d8c4cb4d-lphb2_kube-system_ee417258-6ed4-44e7-a495-b9ef2f1525f0_1</span>
a4ca41631cc7 <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/coredns k8s_coredns_coredns-6d8c4cb4d-2296m_kube-system_016cc499-613c-41b9-a2dc-858cafaf7106_1</span>
f51846a4fd28 <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-controller-man…</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_kube-controller-manager_kube-controller-manager-mcw7_kube-<span style="color: rgba(0, 0, 0, 1)">system_3e1d477612039be74973ec7803946c3a_4
71d575efe628 </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-scheduler k8s_kube-scheduler_kube-scheduler-mcw7_kube-system_5a3a66c7da6759d92afea91cd2972f6e_3</span>
e6ea68648f0c <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/opt/bin/flanneld k8s_kube-flannel_kube-flannel-ds-8gzfq_kube-system_69c727fc-d4ce-4bee-94ce-fcff4c5bd5bf_0</span>
b46c42588d51 <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/usr/local/bin/kube…</span><span style="color: rgba(128, 0, 0, 1)">"</span> k8s_kube-proxy_kube-proxy-c5zmm_kube-system_5897b315-6a17-4d8b-82c6-<span style="color: rgba(0, 0, 0, 1)">7712ade54560_0
b6d7abedde39 </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-apiserver k8s_kube-apiserver_kube-apiserver-mcw7_kube-system_fc840a9b537be965fe104fc9cbddd14f_2</span>
25f8c7f3da61 <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd k8s_etcd_etcd-mcw7_kube-system_93c9b21b665d4c633156ae2d5739fb33_3</span>
$ docker ps|awk <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{print $2,"\t",$3,"\t",$NF}</span><span style="color: rgba(128, 0, 0, 1)">'</span>|grep -v POD|wc -<span style="color: rgba(0, 0, 0, 1)">l
</span><span style="color: rgba(128, 0, 128, 1)">9</span><span style="color: rgba(0, 0, 0, 1)">
$ </pre>
</div>
<p> </p>
<p>cat > /etc/docker/daemon.json <<EOF { "registry-mirrors":["https://reg-mirror.qiniu.com/","https://docker.mirrors.ustc.edu.cn/","https://hub-mirror.c.163.com/"], "exec-opts": ["native.cgroupdriver=systemd"] }EOF<br>systemctl daemon-reload systemctl restart docker.service </p><br><br>
来源:https://www.cnblogs.com/machangwei-8/p/15759077.html
頁:
[1]