一看必会系列:kubernetes排错及高级配置1

来源:本站原创 容器技术 超过20 views围观 0条评论

  kubectl get pod –all-namespaces
  kubectl get service –namespace=kube-system
  kubectl get pods –namespace=kube-system
  kubectl describe pod nginx-controller-mbs7l
——————-以下是排错及高级应用—————————
  kubectl get pod –all-namespaces
 
[root@master ~]# kubectl get pod –all-namespaces
NAMESPACE     NAME                                           READY     STATUS             RESTARTS   AGE
default       nginx-pod                                      1/1       Running            0          10h
kube-system   kubernetes-dashboard-latest-3308158392-8wj3w   0/1       ImagePullBackOff   0          10h

 
  kubectl get service –namespace=kube-system

[root@master ~]#   kubectl get service –namespace=kube-system
NAME                   CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE
kubernetes-dashboard   192.168.142.222   <none>        80/TCP    10h
 
  kubectl get pods –namespace=kube-system
 
[root@master ~]#   kubectl get pods –namespace=kube-system
NAME                                           READY     STATUS             RESTARTS   AGE
kubernetes-dashboard-latest-3308158392-8wj3w   0/1       ImagePullBackOff   0          10h
 
  kubectl get service –namespace=kube-system
 
[root@master ~]#   kubectl get service –namespace=kube-system
NAME                   CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE
kubernetes-dashboard   192.168.142.222   <none>        80/TCP    10h
 
  kubectl get pods –namespace=kube-system
  kubectl get  -f kubernetes-dashboard.yaml
 
 
 

   
—————–部署nginx测试——————-
nginx-pod.yaml
   
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
  name: nginx-pod
spec:
containers:
– name: nginx
   image: nginx
   ports:
   – containerPort: 80

   
   
http://blog.csdn.net/u013760355/article/details/68061976   
[root@master ~]# kubectl create -f /opt/dockerconfig/nginx-pod.yaml
Error from server (ServerTimeout): error when creating "/opt/dockerconfig/nginx-pod.yaml": No API token found for service account "default", retry after the token is automatically created and added to the service account

报错是验证产生的

[root@master ~]# vim /etc/kubernetes/apiserver

去掉相应配置
#KUBE_ADMISSION_CONTROL="–admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
KUBE_ADMISSION_CONTROL="–admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"

[root@master ~]# systemctl restart kube-apiserver
[root@master ~]#
解决

[root@master ~]# kubectl create -f /opt/dockerconfig/nginx-pod.yaml
pod "nginx-pod" created
[root@master ~]#

但是一直卡着
[root@master ~]# kubectl get pods
NAME        READY     STATUS              RESTARTS   AGE
nginx-pod   0/1       ContainerCreating   0          12m
[root@master ~]# kubectl get service
NAME         CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   192.168.142.1   <none>        443/TCP   1h
[root@master ~]#
主要是通过“kubectl describe pod PodName”指令查看pod发生的事件,从事件列表中可以查找到错误信息。
查状态
[root@master ~]# kubectl get pods
NAME        READY     STATUS              RESTARTS   AGE
nginx-pod   0/1       ContainerCreating   0          12m
[root@master ~]# kubectl get service
NAME         CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   192.168.142.1   <none>        443/TCP   1h
[root@master ~]# kubectl describe pod gninx
Error from server (NotFound): pods "gninx" not found
[root@master ~]# kubectl describe pod nginx
Name:        nginx-pod
Namespace:    default
Node:        192.168.142.131/192.168.142.131
Start Time:    Thu, 18 Jan 2018 08:39:59 -0500
Labels:        name=nginx-pod
Status:        Pending
IP:       
Controllers:    <none>
Containers:
  nginx:
    Container ID:       
    Image:            nginx
    Image ID:           
    Port:            80/TCP
    State:            Waiting
      Reason:            ContainerCreating
    Ready:            False
    Restart Count:        0
    Volume Mounts:        <none>
    Environment Variables:    <none>
Conditions:
  Type        Status
  Initialized     True
  Ready     False
  PodScheduled     True
No volumes.
QoS Class:    BestEffort
Tolerations:    <none>
Events:
  FirstSeen    LastSeen    Count    From                SubObjectPath Type        Reason        Message
  ———    ——–    —–    —-                ————- ——–    ——        ——-
  15m        15m        1    {default-scheduler }                  Normal        Scheduled    Successfully assigned nginx-pod to 192.168.142.131
  15m        4m        7    {kubelet 192.168.142.131}              Warning        FailedSync    Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request.  details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"

  14m    12s    64    {kubelet 192.168.142.131}        Warning    FailedSync    Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""

哈哈,你懂的
Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
[root@master ~]#

手动下载
[root@master ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure …
open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory
[root@master ~]#

———解决方法1 已失效,现版不知为毛这两包装了没用
[root@master ~]# yum install *rhsm* -y         —-安装

Installed:
  python-rhsm.x86_64 0:1.19.10-1.el7_4                                       python-rhsm-certificates.x86_64 0:1.19.10-1.el7_4                                     

Dependency Installed:
  python-dateutil.noarch 0:1.5-7.el7                                                                                                                                

Complete!

———-解决方法2

[root@master ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure …
latest: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure

26e5ed6899db: Pulling fs layer
66dbe984a319: Pulling fs layer
^C38e7863e08: Pulling fs layer

———前两个方案已失效用第三种
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm -ivh  python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
[root@k8s_master ~]# rpm -ivh python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
Preparing…                          ################################# [100%]
Updating / installing…
   1:python-rhsm-certificates-1.19.10-################################# [100%]
[root@k8s_master ~]# !ll
ll /etc/rhsm/ca/
total 8
-rw-r–r– 1 root root 7732 Oct 20  2017 redhat-uep.pem   ——就是这个文件

 

等10个小时就好了
[root@master ~]#   kubectl get pods
NAME        READY     STATUS    RESTARTS   AGE
nginx-pod   1/1       Running   0          11h

 

新建nginx-service.
[root@master dockerconfig]# kubectl create -f nginx-service.yaml
service "nginx-service" created
[root@master dockerconfig]# kubectl get -f nginx-service.yaml
NAME            CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
nginx-service   192.168.142.65   <nodes>       80:30001/TCP   8s
[root@master dockerconfig]#

访问 node1的 30001端口测试成功

———–
  在master节点上启动

systemctl enable flanneld.service
systemctl start flanneld.service
service docker restart
systemctl restart kube-apiserver.service
systemctl restart kube-controller-manager.service
systemctl restart kube-scheduler.service

for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler   kube-proxy  kubelet docker flanneld   ;
do systemctl restart   $SERVICES; systemctl enable $SERVICES; systemctl status $SERVICES; done;

在各个Nodes上启动

systemctl enable flanneld.service
systemctl start flanneld.service
service docker restart
systemctl restart kubelet.service
systemctl restart kube-proxy.service

node启动

for SERVICES in kube-proxy kubelet docker flanneld; do
        systemctl restart $SERVICES
        systemctl enable $SERVICES
        systemctl status $SERVICES
    done;

文章出自:CCIE那点事 http://www.jdccie.com/ 版权所有。本站文章除注明出处外,皆为作者原创文章,可自由引用,但请注明来源。 禁止全文转载。
本文链接:http://www.jdccie.com/?p=3830转载请注明转自CCIE那点事
如果喜欢:点此订阅本站
  • 相关文章
  • 为您推荐
  • 各种观点

暂时还木有人评论,坐等沙发!
发表评论

快捷键:Ctrl+Enter