部署流程
所有基础流程见此教程,很详细:
从零搭建k8s集群 - 许大仙 - 博客园 (cnblogs.com)
记得在写配置文件时细心点,注意修改自己的ip地址,以及看在哪个主机上操作
这里记得写自己的token
常见报错及解决方法
我只在下边讲我在部署时遇到的所有问题几顿解决方法:
cfssl证书下载失败
可以直接访问图中的网址,用windows 的浏览器下载,然后上传到虚拟机中
之后很多需要下载的也可以使用此方法,如果在windows的浏览器还是下载不了,那就使用科学上网方式
kubelete启动失败
启动失败会导致你在master中输入
kubectl get nodes 报错
我当时启动kubelete失败然后查看原因是因为docker的驱动方式是systemd,而kubelet不是
只要你是照这个教程操作的应该都会有这个问题
解决方法:
1,修改docker/dameon.json
vim /etc/docker/dameon.json
删掉其中的“exec-opts”这行
2,在/opt/kubernetes/cfg/kubelet.conf中添加这么一行,也就是上面的配置文件
–-cgroup-driver=systemdkubectl get nodes 没有master
原因:master节点没有安装kubelet
解决方法:
把刚刚解压的软件包中(如图)的kubelet拷贝到/opt/kubernetes/bin
cd ~/TLS/k8s/kubernetes/server/binscp kubelet /opt/kubernetes/bin然后添加如下的配置文件到/opt/kubernetes/cfg/kubelet.conf
cat > /opt/kubernetes/cfg/kubelet.conf << EOF
KUBELET_OPTS="--logtostderr=false \\
--v=2 \\
--log-dir=/opt/kubernetes/logs \\
--hostname-override=master \\
--network-plugin=cni \\
--kubeconfig=/opt/kubernetes/cfg/kubelet.kubeconfig \\
--bootstrap-kubeconfig=/opt/kubernetes/cfg/bootstrap.kubeconfig \\
--cert-dir=/opt/kubernetes/ssl \\
--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0"
--cgroup-driver=systemd
EOF如果你刚刚使用的是删除/docker/daemon.json中的“exec-opts”,忽略--cgroup-driver=systemd,请删除他
然后把上一步脚本生成bootstrap.kubeconfig复制到/opt/kubernetes/cfg
cp /root/bootstrap.kubeconfig /opt/kubernetes/cfg在配置一份systemd
cat > /usr/lib/systemd/system/kubelet.service << EOF
[Unit]
Description=Kubernetes Kubelet
After=docker.service
[Service]
EnvironmentFile=/opt/kubernetes/cfg/kubelet.conf
ExecStart=/opt/kubernetes/bin/kubelet \$KUBELET_OPTS
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
EOF
然后启动就行了
systemctl daemon-reload
systemctl enable kubelet
systemctl start kubeletkubectl get node 显示not ready
问题1:关于flannel 的镜像拉取失败
解决方法:
在yml中找到所需要的镜像,然后在windows的Docker Desktop手动拉去并上传,如果你之前没有安装Docker Desktop,希望你在这里慢一点,下载一个,从此根治你的docker pull 镜像失败。当然要用科学上网方式。
这里提供Docker Desktop的下载地址(科学上网)
Docker Desktop: The #1 Containerization Tool for Developers | Docker
在此提供kube-flannel.yml的内容
---
kind: Namespace
apiVersion: v1
metadata:name: kube-flannellabels:k8s-app: flannelpod-security.kubernetes.io/enforce: privileged
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:labels:k8s-app: flannelname: flannel
rules:
- apiGroups:- ""resources:- podsverbs:- get
- apiGroups:- ""resources:- nodesverbs:- get- list- watch
- apiGroups:- ""resources:- nodes/statusverbs:- patch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:labels:k8s-app: flannelname: flannel
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: flannel
subjects:
- kind: ServiceAccountname: flannelnamespace: kube-flannel
---
apiVersion: v1
kind: ServiceAccount
metadata:labels:k8s-app: flannelname: flannelnamespace: kube-flannel
---
kind: ConfigMap
apiVersion: v1
metadata:name: kube-flannel-cfgnamespace: kube-flannellabels:tier: nodek8s-app: flannelapp: flannel
data:cni-conf.json: |{"name": "cbr0","cniVersion": "0.3.1","plugins": [{"type": "flannel","delegate": {"hairpinMode": true,"isDefaultGateway": true}},{"type": "portmap","capabilities": {"portMappings": true}}]}net-conf.json: |{"Network": "10.244.0.0/16","EnableNFTables": false,"Backend": {"Type": "vxlan"}}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:name: kube-flannel-dsnamespace: kube-flannellabels:tier: nodeapp: flannelk8s-app: flannel
spec:selector:matchLabels:app: flanneltemplate:metadata:labels:tier: nodeapp: flannelspec:affinity:nodeAffinity:requiredDuringSchedulingIgnoredDuringExecution:nodeSelectorTerms:- matchExpressions:- key: kubernetes.io/osoperator: Invalues:- linuxhostNetwork: truepriorityClassName: system-node-criticaltolerations:- operator: Existseffect: NoScheduleserviceAccountName: flannelinitContainers:- name: install-cni-pluginimage: docker.io/flannel/flannel-cni-plugin:v1.5.1-flannel2command:- cpargs:- -f- /flannel- /opt/cni/bin/flannelvolumeMounts:- name: cni-pluginmountPath: /opt/cni/bin- name: install-cniimage: docker.io/flannel/flannel:v0.25.7command:- cpargs:- -f- /etc/kube-flannel/cni-conf.json- /etc/cni/net.d/10-flannel.conflistvolumeMounts:- name: cnimountPath: /etc/cni/net.d- name: flannel-cfgmountPath: /etc/kube-flannel/containers:- name: kube-flannelimage: docker.io/flannel/flannel:v0.25.7command:- /opt/bin/flanneldargs:- --ip-masq- --kube-subnet-mgrresources:requests:cpu: "100m"memory: "50Mi"securityContext:privileged: falsecapabilities:add: ["NET_ADMIN", "NET_RAW"]env:- name: POD_NAMEvalueFrom:fieldRef:fieldPath: metadata.name- name: POD_NAMESPACEvalueFrom:fieldRef:fieldPath: metadata.namespace- name: EVENT_QUEUE_DEPTHvalue: "5000"volumeMounts:- name: runmountPath: /run/flannel- name: flannel-cfgmountPath: /etc/kube-flannel/- name: xtables-lockmountPath: /run/xtables.lockvolumes:- name: runhostPath:path: /run/flannel- name: cni-pluginhostPath:path: /opt/cni/bin- name: cnihostPath:path: /etc/cni/net.d- name: flannel-cfgconfigMap:name: kube-flannel-cfg- name: xtables-lockhostPath:path: /run/xtables.locktype: FileOrCreate从yml中发现需要的镜像是flannel/flannel:v0.25.7和flannel/flannel-cni-plugin:v1.5.1-flannel2
所以在windows的docker中下载这两个镜像,并保存上传。
问题2:cni config uninitialized
在查看kubelet的日志时出现cni config uninitialized,当时已经把上一个问题解决了
解决方法:
wget https://github.com/containernetworking/plugins/releases/download/v0.7.1/cni-plugins-amd64-v0.7.1.tgz
mkdir -pv /opt/cni/bin
tar xf cni-plugins-amd64-v0.7.1.tgz -C /opt/cni/bin查了好多显示/opt/cni/bin中没有cni
所有干脆就下载一个cni,并且解压到对应地址,
执行完以上操作后,我的k8s集群就正常了,关于cni,我是参考的这篇文章
安装cni网络插件-非必须 - effortsing - 博客园 (cnblogs.com)
以上方法本人亲测有效
以上方法本人亲测有效
以上方法本人亲测有效
重要的事情说三遍,都是博主本人遇到过的问题,机器的解决方法,有什么问题可以在评论区提出来。
)
