在我创建pod时,该pod的状态一直如下:
[root@master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
mysql-w1f4m 0/1 ContainerCreating 0 18m
通过describe查看结果
[root@master ~]# kubectl describe pod mysql-w1f4m
Name: mysql-w1f4m
Namespace: default
Node: dmp-dn-001/10.4.255.196
Start Time: Fri, 07 Dec 2018 10:36:19 +0800
Labels: app=mysql
Status: Pending
IP:
Controllers: ReplicationController/mysql
Containers:
mysql:
Container ID:
Image: mysql
Image ID:
Port: 3306/TCP
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Volume Mounts: <none>
Environment Variables:
MYSQL_ROOT_PASSWORD: 123456
Conditions:
Type Status
Initialized True
Ready False
PodScheduled True
No volumes.
QoS Class: BestEffort
Tolerations: <none>
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
19m 19m 1 {default-scheduler } Normal Scheduled Successfully assigned mysql-w1f4m to dmp-dn-001
24m 8m 8 {kubelet dmp-dn-001} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
24m 5m 85 {kubelet dmp-dn-001} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
主要错误就是
FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with
ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-
infrastructure:latest, this may be because there are no credentials on this request.
details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file
or directory)"
我们在该节点上尝试拉取镜像
[root@dmp-dn-001 ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ...
open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory
通过错误可以看到没有证书文件/etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt,查看该文件:
[root@dmp-dn-001 ~]# ls -l /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt
lrwxrwxrwx. 1 root root 27 Dec 3 17:33 /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt -> /etc/rhsm/ca/redhat-uep.pem
可以看到是一个软连接,这是我们查看了/etc/rhsm文件为空,于是我安装了rhsm
yum install *rhsm*
安装完之后发现依然没有作用,因为 '/etc/rhsm/ca/' 依然为空
[root@dmp-dn-001 ~]# ls /etc/rhsm/ca
[root@dmp-dn-001 ~]#
卸载了rhsm重新安装
yum remove *rhsm*
下载rhsm
[root@dmp-dn-001 ~]# wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
安装rhsm
rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem
拉取镜像
[root@dmp-dn-001 ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ...
latest: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure
26e5ed6899db: Pull complete
66dbe984a319: Pull complete
9138e7863e08: Pull complete
Digest: sha256:92d43c37297da3ab187fc2b9e9ebfb243c1110d446c783ae1b989088495db931
Status: Downloaded newer image for registry.access.redhat.com/rhel7/pod-infrastructure:latest
镜像拉取成功,pod创建也是成功的。
好了,问题已经解决,有问题或者想结交技术类朋友,请加QQ群:526855734