首页 > 其他分享 >kubernetes 集群部署问题点统计

kubernetes 集群部署问题点统计

时间:2022-11-28 17:12:12浏览次数:48  
标签:endpoint run kubernetes 部署 containerd sock unix 集群 kube

1、安装网络插件报错

error unable to recognize "calico.yaml": no matches for kind "DaemonSet" in version "extensions/v1"'

描述:版本不匹配

解决办法:

地址:https://projectcalico.docs.tigera.io/archive/v3.21/getting-started/kubernetes/self-managed-onprem/onpremises

下载:curl https://docs.projectcalico.org/archive/v3.21/manifests/calico.yaml -O

安装:kubectl apply -f calico.yaml

2、集群初始化报错

问题:

[root@master ~]# kubeadm init --config kubeadm-config.yaml
[init] Using Kubernetes version: v1.25.0
[preflight] Running pre-flight checks
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR FileContent--proc-sys-net-ipv4-ip_forward]: /proc/sys/net/ipv4/ip_forward contents are not set to 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

解决办法:

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0
vm.overcommit_memory=1
vm.panic_on_oom=0
fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=1048576
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720         
EOF
sysctl --system

3、证书由未知机构签名

问题:虚拟机部署 kubernetes 集群,服务器重启后报这个错误

[root@master ~]# kubectl get node
Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes")
# 无法连接到服务器:x509:证书由未知授权机构签名(可能是因为在尝试验证 candi 时出现“crypto/rsa:验证错误”日期权威证书“kubernetes”)

解决办法:

配置用户使用 kubectl 访问集群

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

root 用户执行以下,设置环境变量:

export KUBECONFIG=/etc/kubernetes/admin.conf

4、无法确定运行时api版本

问题1:

[root@master ~]# crictl ps
WARN[0000] runtime connect using default endpoints: [unix:///var/run/dockershim.sock unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead.
ERRO[0000] unable to determine runtime API version: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix /var/run/dockershim.sock: connect: no such file or directory"
WARN[0000] image connect using default endpoints: [unix:///var/run/dockershim.sock unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead.
ERRO[0000] unable to determine image API version: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix /var/run/dockershim.sock: connect: no such file or directory"

问题2:

[root@node1 ~]# crictl ps
I1128 17:01:24.056664   24303 util_unix.go:104] "Using this endpoint is deprecated, please consider using full URL format" endpoint="/run/containerd/containerd.sock" URL="unix:///run/containerd/containerd.sock"
I1128 17:01:24.061791   24303 util_unix.go:104] "Using this endpoint is deprecated, please consider using full URL format" endpoint="/run/containerd/containerd.sock" URL="unix:///run/containerd/containerd.sock"

解决办法:

crictl config runtime-endpoint unix:///run/containerd/containerd.sock
crictl config image-endpoint unix:///run/containerd/containerd.sock

查看:

[root@master ~]# crictl ps
CONTAINER           IMAGE               CREATED             STATE               NAME                      ATTEMPT             POD ID              POD
e7878752e4ae6       b6e6ee0788f20       30 minutes ago      Running             calico-node               1                   b5934818396e3       calico-node-f6xfz
f589de8f6f6ca       58a9a0c6d96f2       30 minutes ago      Running             kube-proxy                1                   001b4ae7fedf5       kube-proxy-grx5m
2cf2f96c4d4fc       bef2cf3115095       30 minutes ago      Running             kube-scheduler            3                   7c294db1f3e0c       kube-scheduler-master
054ad592ffac9       a8a176a5d5d69       30 minutes ago      Running             etcd                      2                   a8c6650e2382e       etcd-master
a8becb1e17be7       1a54c86c03a67       30 minutes ago      Running             kube-controller-manager   2                   070b5d24d34d0       kube-controller-manager-master
065ef061923aa       4d2edfd10d3e3       30 minutes ago      Running             kube-apiserver            2                   f5c40d1e9cc76       kube-apiserver-master

  

 

标签:endpoint,run,kubernetes,部署,containerd,sock,unix,集群,kube
From: https://www.cnblogs.com/yangzp/p/16380803.html

相关文章

  • k8s容器中通过Prometheus Operator部署Kafka Exporter监控Kafka集群
    写在前面在按照下面步骤操作之前,请先确保服务器已经部署k8s,prometheus,prometheusoperator以及kafka集群,关于这些环境的部署,可以自行查找相关资料安装部署,本文档便不在此......
  • 图数据平台解决方案:单节点部署
    图数据平台解决方案:单节点部署​​图数据平台解决方案:单节点部署​​​​一、下载ONgDB部署文件​​​​二、Windows系统部署​​​​三、CentOS系统部署​​Here’sthet......
  • 图数据平台解决方案:Docker部署
    图数据平台解决方案:Docker部署​​图数据平台解决方案:Docker部署​​​​一、安装Docker​​​​二、使用Docker安装单节点​​​​三、使用Docker安装集群​​Here’sthe......
  • ONgDB集群测试
    ONgDB项目是neo4j企业版的一个开源分支。另外ONgDB的发起组织也在快速更新。目前最新是3.6.0版本,与企业版neo4j-3.6.0版本功能基本一致。目前企业版neo4j已经更新到4.0版本,......
  • Kubernetes应用程序开发认证(CKAD) 经验分享
    众所周知,Kubernetes在容器编排器大战中脱颖而出后,从2020年以来变得越发的火热。那么云原生计算基金会(CNCF)联合Linux基金会就适时的推出了皆在考察相关从业者对Kubernetes的......
  • 卸载K8S集群
    一、配置命令自动补全yuminstall-ybash-completionsource/usr/share/bash-completion/bash_completionsource<(kubectlcompletionbash)echo"source<(kubect......
  • 了解Oracle RAC Brain Split Resolution集群脑裂协议
    CSS工作原理在理解脑裂(BrainSplit)处理过程前,有必要介绍一下OracleRACCss(ClusterSynchronizationServices)的工作框架:OracleRACCSS提供2种后台服务包括群组管理(G......
  • centos7 部署Prometheus
    前言:一、前置环境说明1、关闭firewallsystemctlstopfirewalld.servicesystemctldisablefirewalld.service2、关闭selinuxvim/etc/selinux/configSELINUX=disa......
  • 集群部署看过来,低代码@AWS智能集群的架构与搭建方案
    为了帮助充分利用AWS的托管服务快速构建起一套集群环境,彻底去掉“单一故障点”,实现最高的可用性,我们准备了《低代码智能集群@AWS的架构与搭建方案》看完本文,带你掌握“基于......
  • 部署主从数据库
    Mysql主从配置:   大型网站为了软解大量的并发访问,除了在网站实现分布式负载均衡,远远不够。到了数据业务层、数据访问层,如果还是传统的数据结构,或者只是单单靠一台服务......