kubernetes 集群部署问题点统计

标签：endpoint run kubernetes 部署 containerd sock unix 集群 kube

1、安装网络插件报错

error unable to recognize "calico.yaml": no matches for kind "DaemonSet" in version "extensions/v1"'

描述：版本不匹配

解决办法：

地址：https://projectcalico.docs.tigera.io/archive/v3.21/getting-started/kubernetes/self-managed-onprem/onpremises

下载：curl https://docs.projectcalico.org/archive/v3.21/manifests/calico.yaml -O

安装：kubectl apply -f calico.yaml

2、集群初始化报错

问题：

[root@master ~]# kubeadm init --config kubeadm-config.yaml
[init] Using Kubernetes version: v1.25.0
[preflight] Running pre-flight checks
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR FileContent--proc-sys-net-ipv4-ip_forward]: /proc/sys/net/ipv4/ip_forward contents are not set to 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

解决办法：

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0
vm.overcommit_memory=1
vm.panic_on_oom=0
fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=1048576
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720         
EOF
sysctl --system

3、证书由未知机构签名

问题：虚拟机部署 kubernetes 集群，服务器重启后报这个错误

[root@master ~]# kubectl get node
Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes")
# 无法连接到服务器：x509：证书由未知授权机构签名（可能是因为在尝试验证 candi 时出现“crypto/rsa：验证错误”日期权威证书“kubernetes”）

解决办法：

配置用户使用 kubectl 访问集群

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

root 用户执行以下，设置环境变量：

export KUBECONFIG=/etc/kubernetes/admin.conf

4、无法确定运行时api版本

问题1：

[root@master ~]# crictl ps
WARN[0000] runtime connect using default endpoints: [unix:///var/run/dockershim.sock unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead.
ERRO[0000] unable to determine runtime API version: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix /var/run/dockershim.sock: connect: no such file or directory"
WARN[0000] image connect using default endpoints: [unix:///var/run/dockershim.sock unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead.
ERRO[0000] unable to determine image API version: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix /var/run/dockershim.sock: connect: no such file or directory"

问题2：

[root@node1 ~]# crictl ps
I1128 17:01:24.056664   24303 util_unix.go:104] "Using this endpoint is deprecated, please consider using full URL format" endpoint="/run/containerd/containerd.sock" URL="unix:///run/containerd/containerd.sock"
I1128 17:01:24.061791   24303 util_unix.go:104] "Using this endpoint is deprecated, please consider using full URL format" endpoint="/run/containerd/containerd.sock" URL="unix:///run/containerd/containerd.sock"

解决办法：

crictl config runtime-endpoint unix:///run/containerd/containerd.sock
crictl config image-endpoint unix:///run/containerd/containerd.sock

查看：

[root@master ~]# crictl ps
CONTAINER           IMAGE               CREATED             STATE               NAME                      ATTEMPT             POD ID              POD
e7878752e4ae6       b6e6ee0788f20       30 minutes ago      Running             calico-node               1                   b5934818396e3       calico-node-f6xfz
f589de8f6f6ca       58a9a0c6d96f2       30 minutes ago      Running             kube-proxy                1                   001b4ae7fedf5       kube-proxy-grx5m
2cf2f96c4d4fc       bef2cf3115095       30 minutes ago      Running             kube-scheduler            3                   7c294db1f3e0c       kube-scheduler-master
054ad592ffac9       a8a176a5d5d69       30 minutes ago      Running             etcd                      2                   a8c6650e2382e       etcd-master
a8becb1e17be7       1a54c86c03a67       30 minutes ago      Running             kube-controller-manager   2                   070b5d24d34d0       kube-controller-manager-master
065ef061923aa       4d2edfd10d3e3       30 minutes ago      Running             kube-apiserver            2                   f5c40d1e9cc76       kube-apiserver-master

　　

 

标签：endpoint,run,kubernetes,部署,containerd,sock,unix,集群,kube
From： https://www.cnblogs.com/yangzp/p/16380803.html