k8s安装遇到问题合集

已于 2024-04-20 17:01:42 修改
阅读量682 收藏 7
点赞数 9
分类专栏: k8s 文章标签: kubernetes 容器 云原生
于 2024-04-13 21:44:03 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_27627985/article/details/137720745
版权

文章目录

一、报错A

  • 安装flannel报错

[root@master ~]# kubectl apply -f kube-flannel.yml
error: error parsing kube-flannel.yml: error converting YAML to JSON: yaml: line 2: found character that cannot start any token

报错原因:yml文件中有格式符或编码问。或有类似的问题,大部分都是kube-flannel.yml的问题,这里建议使用我的文件上传到主节点即可

  • kube-flannel.yml免费下载地址(提取码:000a):网盘

二、报错B

在主节点使用这个命令:

kubectl get node

发现节点一直处于NotReady状态
通过命令在该节点查看相关kubectl日志提示如下错误:

主节点输入这个命令:[root@master ~]# journalctl -f -u kubelet

[failed to find plugin “flannel” in path [/opt/cni/bin]]

查看 /opt/cni/bin 缺少 flannel
解决方式:
需要下载CNI插件:
CNI plugins v0.8.6github下载地址:
https://github.com/containernetworking/plugins/releases/tag/v0.8.6
(在1.0.0版本后CNI Plugins中没有flannel)

  • CNI Plugins免费下载地址(提取码:000b):网盘

  • 我这边通过windterm上传到主节点(直接将文件丢进去,软件会自动上传。前提是节点已经安装过这个: [root@master bin]# yum -y install lrzsz)
    在这里插入图片描述

  • 上传到主节点这个位置:
    [root@master bin]# pwd /opt/cni/bin

  • 开始解压软件
    [root@master bin]# tar zxvf cni-plugins-linux-amd64-v0.8.6.tgz
    在这里插入图片描述

  • 验证主节点状态
    [root@master bin]# kubectl get nodes
    在这里插入图片描述

  • 其他从节点也是同样操作

在其他从节点也是上传此文件并解压(从节点也需要)。cni-plugins-linux-amd64-v0.8.6.tgz

从节点解压完成后在主节点查看所有节点状态都是ready[root@master bin]# kubectl get nodes
在这里插入图片描述

三、报错C

  • 在dashboard页面发现报错(且左侧点击后没有内容)
    -
    在这里插入图片描述
    报错信息如下(或类似):
customresourcedefinitions.apiextensions.k8s.io is forbidden: User "system:serviceaccount:kubernetes-dashboard:kubernetes-dashboard" cannot list resource "customresourcedefinitions" in API group "apiextensions.k8s.io" at the cluster scope
或
storageclasses.storage.k8s.io is forbidden: User "system:serviceaccount:kubernetes-dashboard:kubernetes-dashboard" cannot list resource "storageclasses" in API group "storage.k8s.io" at the cluster scope
或
persistentvolumes is forbidden: User "system:serviceaccount:kubernetes-dashboard:kubernetes-dashboard" cannot list resource "persistentvolumes" in API group "" at the cluster scope
或
nodes is forbidden: User "system:serviceaccount:kubernetes-dashboard:kubernetes-dashboard" cannot list resource "nodes" in API group "" at the cluster scope
  • 解决方式(主节点执行):

[root@master ~]# kubectl create clusterrolebinding
serviceaccounts-cluster-admin --clusterrole=cluster-admin
–group=system:serviceaccounts

在这里插入图片描述
参考:报错参考

四、报错D

k8s的Dashboard再次web登录时无法登录,问题解决方式
安装完k8s的Dashboard后,第一次可以web页面访问。过几天后重新再访问时发现不能访问

dashboard的镜像拉取成功,容器创建成功,但容器在启动的时候启动失败,状态为CrashLoopBackOff
查看pod状态:[root@master ~]# kubectl get po,svc -n kubernetes-dashboard
在这里插入图片描述

  • 故障排查:
    1)查看dashboard pod的详细信息,在最后的Events中看到容器的状态异常(Back-off restarting failed container):
[root@master ~]# kubectl describe po -n kubernetes-dashboard dashboard-metrics-scraper-c79c65bb7-vwjws

报错信息:
Events:Type Reason Age From Message
/ ---- ------ ---- ---- -------
Warning Unhealthy 5m54s (x199 over 5d23h) kubelet, slave1 Liveness probe failed: Get http://10.244.1.3:8000/: dial tcp 10.244.1.3:8000: connect: connection refused
Warning BackOff 67s (x746 over 5d22h) kubelet, slave1 Back-off restarting failed container
在这里插入图片描述
然后再然后马上查看dashboard pod的日志

[root@master ~]# kubectl logs -f -n kubernetes-dashboard kubernetes-dashboard-55fd8c78bd-776rt 

报错信息:
panic: Get "https://10.96.0.1:443/api/v1/namespaces/kubernetes-dashboard/secrets/kubernetes-dashboard-csrf": dial tcp 10.96.0.1:443: connect: no route to host
goroutine 1 [running]:
github.com/kubernetes/dashboard/src/app/backend/client/csrf.(*csrfTokenManager).init(0xc0004fa200)

在这里插入图片描述
把报错信息去搜索引擎搜索了下,说可能是ipatables规则问题,于是查看了下iptables规则:

iptables -L -n --line-numbers | grep dashboard

在这里插入图片描述
根据上图可以很明显看到,dashboard的数据包直接被REJECT(拒绝)了,找到原因就好办了,设置成允许(ACCEPT)就行

1)先把现有的防火墙规则保存下

[root@master ~]# iptables-save > iptables.rules

2)执行以下命令以确保默认策略为ACCEPT

[root@master ~]# iptables -P INPUT ACCEPT
[root@master ~]# iptables -P FORWARD ACCEPT
[root@master ~]# iptables -P OUTPUT ACCEPT
[root@master ~]# iptables -F

4)把创建的dashboard pod删掉并重启下docker,再次创建dashboard,创建成功

# 只在主节点操作(两个pod都删除)
[root@master ~]# kubectl delete pod dashboard-metrics-scraper-c79c65bb7-mkh8h -n kubernetes-dashboard
pod "dashboard-metrics-scraper-c79c65bb7-vwjws" deleted
[root@master ~]# kubectl delete pod kubernetes-dashboard-55fd8c78bd-8ptbk  -n kubernetes-dashboard
pod "kubernetes-dashboard-55fd8c78bd-776rt" deleted

# 重启docker 所有节点
[root@slave1 ~]# systemctl restart docker

5)再次查看状态

[root@master ~]# kubectl get pods -n kubernetes-dashboard
# 下面状态为running 则正常

在这里插入图片描述
6).重新登陆页面:
一般上述操作完等一会儿.试试自己的各个节点访问(之前第一次安装成功是是主节点地址,现在是192.168.30.101访问),访问重新获取一些ak登录即可:

[root@master ~]# kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')

在这里插入图片描述

在这里插入图片描述
参考:学习

工作中的程序员
关注
  • 9
    点赞
  • 7
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
k8s集群安装过程中的相关问题和解决
u013374645的博客
10-06 1万+
前言 断点续传模式~ 记录 我用的是ubuntu16.04,首先要做的是配置apt源,这里推荐阿里云的源地址https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg,centos的在这儿https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64,用梯子的...
k8s安装过程中遇到问题的一些记录
qq735679552的博客
04-10 648
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-apiserver:v1.14.1: output: Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Cl...
kube-flannel.yml
08-11
--- apiVersion: extensions/v1beta1 kind: PodSecurityPolicy metadata: name: psp.flannel.unprivileged annotations: seccomp.security.alpha.kubernetes.io/allowedProfileNames: docker/default seccomp.security.alpha.kubernetes.io/defaultProfileName: docker/default apparmor.security.beta.kubernetes.io/allowedProfileNames: runtime/default apparmor.security.beta.kubernetes.io/defaultProfileName: runtime/default spec: privileged: false volumes: - configMap - secret - emptyDir - hostPath allowedHostPaths: - pathPrefix: "/etc/cni/net.d" - pathPrefix: "/etc/kube-flannel" - pathPrefix: "/run/flannel" readOnlyRootFilesystem: false # Users and groups runAsUser: rule: RunAsAny supplementalGroups: rule: RunAsAny fsGroup: rule: RunAsAny # Privilege Escalation allowPrivilegeEscalation: false defaultAllowPrivilegeEscalation: false # Capabilities allowedCapabilities: ['NET_ADMIN'] defaultAddCapabilities: [] requiredDropCapabilities: [] # Host namespaces hostPID: false hostIPC: false hostNetwork: true hostPorts: - min: 0 max: 65535 # SELinux seLinux: # SELinux is unsed in CaaSP rule: 'RunAsAny' --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: flannel rules: - apiGroups: ['extensions'] resources: ['podsecuritypolicies'] verbs: ['use'] resourceNames: ['psp.flannel.unprivileged'] - apiGroups: - "" resources: - pods verbs: - get - apiGroups: - "" resources: - nodes verbs: - list - watch - apiGroups: - "" resources: - nodes/status verbs: - patch --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: flannel roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: flannel subjects: - kind: ServiceAccount name: flannel namespace: kube-system --- apiVersion: v1 kind: ServiceAccount metadata: name: flannel namespace: kube-system --- kind: ConfigMap apiVersion: v1 metadata: name: kube-flannel-cfg namespace: kube-system labels: tier: node app: flannel data: cni-conf.json: | { "name": "cbr0", "plugins": [ { "type": "flannel", "delegate": { "hairpinMode": true, "isDefaultGateway": true } }, { "type": "portmap", "capabilities": { "portMappings": true } } ] } net-conf.json: | { "Network": "10.244.0.0/16", "Backend": { "Type": "vxlan" } } --- apiVersion: extensions/v1beta1 kind: DaemonSet metadata: name: kube-flannel-ds-amd64 namespace: kube-system labels: tier: node app: flannel spec: template: metadata: labels: tier: node app: flannel spec: hostNetwork: true nodeSelector: beta.kubernetes.io/arch: amd64 tolerations: - operator: Exists effect: NoSchedule serviceAccountName: flannel initContainers: - name: install-cni image: jmgao1983/flannel:v0.11.0-amd64 command: - cp args: - -f - /etc/kube-flannel/cni-conf.json - /etc/cni/net.d/10-flannel.conflist volumeMounts: - name: cni mountPath: /etc/cni/net.d - name: flannel-cfg mountPath: /etc/kube-flannel/ containers: - name: kube-flannel image: jmgao1983/flannel:v0.11.0-amd64 command: - /opt/bin/flanneld args: - --ip-masq - --kube-subnet-mgr resources: requests: cpu: "100m" memory: "50Mi" limits: cpu: "100m" memory: "50Mi" securityContext: privileged: false capabilities: add: ["NET_ADMIN"] env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace volumeMounts: - name: run mountPath: /run/flannel - name: flannel-cfg mountPath: /etc/kube-flannel/ volumes: - name: run hostPath: path: /run/flannel - name: cni hostPath: path: /etc/cni/net.d - name: flannel-cfg configMap: name: kube-flannel-cfg --- apiVersion: extensions/v1beta1 kind: DaemonSet metadata: name: kube-flannel-ds-arm64 namespace: kube-system labels: tier: node app: flannel spec: template: metadata: labels: tier: node app: flannel spec: hostNetwork: true nodeSelector: beta.kubernetes.io/arch: arm64 tolerations: - operator: Exists effect: NoSchedule serviceAccountName: flannel initContainers: - name: install-cni image: quay.io/coreos/flannel:v0.11.0-arm64 command: - cp args: - -f - /etc/kube-flannel/cni-conf.json - /etc/cni/net.d/10-flannel.conflist volumeMounts: - name: cni mountPath: /etc/cni/net.d - name: flannel-cfg mountPath: /etc/kube-flannel/ containers: - name: kube-flannel image: quay.io/coreos/flannel:v0.11.0-arm64 command: - /opt/bin/flanneld args: - --ip-masq - --kube-subnet-mgr resources: requests: cpu: "100m" memory: "50Mi" limits: cpu: "100m" memory: "50Mi" securityContext: privileged: false capabilities: add: ["NET_ADMIN"] env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace volumeMounts: - name: run mountPath: /run/flannel - name: flannel-cfg mountPath: /etc/kube-flannel/ volumes: - name: run hostPath: path: /run/flannel - name: cni hostPath: path: /etc/cni/net.d - name: flannel-cfg configMap: name: kube-flannel-cfg --- apiVersion: extensions/v1beta1 kind: DaemonSet metadata: name: kube-flannel-ds-arm namespace: kube-system labels: tier: node app: flannel spec: template: metadata: labels: tier: node app: flannel spec: hostNetwork: true nodeSelector: beta.kubernetes.io/arch: arm tolerations: - operator: Exists effect: NoSchedule serviceAccountName: flannel initContainers: - name: install-cni image: quay.io/coreos/flannel:v0.11.0-arm command: - cp args: - -f - /etc/kube-flannel/cni-conf.json - /etc/cni/net.d/10-flannel.conflist volumeMounts: - name: cni mountPath: /etc/cni/net.d - name: flannel-cfg mountPath: /etc/kube-flannel/ containers: - name: kube-flannel image: quay.io/coreos/flannel:v0.11.0-arm command: - /opt/bin/flanneld args: - --ip-masq - --kube-subnet-mgr resources: requests: cpu: "100m" memory: "50Mi" limits: cpu: "100m" memory: "50Mi" securityContext: privileged: false capabilities: add: ["NET_ADMIN"] env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace volumeMounts: - name: run mountPath: /run/flannel - name: flannel-cfg mountPath: /etc/kube-flannel/ volumes: - name: run hostPath: path: /run/flannel - name: cni hostPath: path: /etc/cni/net.d - name: flannel-cfg configMap: name: kube-flannel-cfg --- apiVersion: extensions/v1beta1 kind: DaemonSet metadata: name: kube-flannel-ds-ppc64le namespace: kube-system labels: tier: node app: flannel spec: template: metadata: labels: tier: node app: flannel spec: hostNetwork: true nodeSelector: beta.kubernetes.io/arch: ppc64le tolerations: - operator: Exists effect: NoSchedule serviceAccountName: flannel initContainers: - name: install-cni image: quay.io/coreos/flannel:v0.11.0-ppc64le command: - cp args: - -f - /etc/kube-flannel/cni-conf.json - /etc/cni/net.d/10-flannel.conflist volumeMounts: - name: cni mountPath: /etc/cni/net.d - name: flannel-cfg mountPath: /etc/kube-flannel/ containers: - name: kube-flannel image: quay.io/coreos/flannel:v0.11.0-ppc64le command: - /opt/bin/flanneld args: - --ip-masq - --kube-subnet-mgr resources: requests: cpu: "100m" memory: "50Mi" limits: cpu: "100m" memory: "50Mi" securityContext: privileged: false capabilities: add: ["NET_ADMIN"] env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace volumeMounts: - name: run mountPath: /run/flannel - name: flannel-cfg mountPath: /etc/kube-flannel/ volumes: - name: run hostPath: path: /run/flannel - name: cni hostPath: path: /etc/cni/net.d - name: flannel-cfg configMap: name: kube-flannel-cfg --- apiVersion: extensions/v1beta1 kind: DaemonSet metadata: name: kube-flannel-ds-s390x namespace: kube-system labels: tier: node app: flannel spec: template: metadata: labels: tier: node app: flannel spec: hostNetwork: true nodeSelector: beta.kubernetes.io/arch: s390x tolerations: - operator: Exists effect: NoSchedule serviceAccountName: flannel initContainers: - name: install-cni image: quay.io/coreos/flannel:v0.11.0-s390x command: - cp args: - -f - /etc/kube-flannel/cni-conf.json - /etc/cni/net.d/10-flannel.conflist volumeMounts: - name: cni mountPath: /etc/cni/net.d - name: flannel-cfg mountPath: /etc/kube-flannel/ containers: - name: kube-flannel image: quay.io/coreos/flannel:v0.11.0-s390x command: - /opt/bin/flanneld args: - --ip-masq - --kube-subnet-mgr resources: requests: cpu: "100m" memory: "50Mi" limits: cpu: "100m" memory: "50Mi" securityContext: privileged: false capabilities: add: ["NET_ADMIN"] env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace volumeMounts: - name: run mountPath: /run/flannel - name: flannel-cfg mountPath: /etc/kube-flannel/ volumes: - name: run hostPath: path: /run/flannel - name: cni hostPath: path: /etc/cni/net.d - name: flannel-cfg configMap: name: kube-flannel-cfg
kubeadm安装kubernetes1.18.5集群
weixin_38849917的博客
07-23 1359
环境信息: 1.操作系统:CentOS Linux release 7.7.1908 (Core) 2.docker:19.03.12 3.kubernetes:1.18.5 组件配置信息: 节点名称 节点IP master 192.168.13.132 node1 192.168.13.130 node2 192.168.13.128 1. 准备环境,每个节点都需要执行: 1.1关闭防火墙,禁止防火墙开机启动 $ systemctl stop firewalld $ syste
kubeadmin搭建自建k8s集群
最新发布
xiaogg3678的专栏
04-23 1005
kubeadmin搭建自建k8s集群
【排错】error: error parsing recommended.yaml: error converting YAML to JSON: yaml: line 14:的解决方式
weixin_54628931的博客
12-29 7605
yaml文件要注意缩进和空格
error parsing pod-config.yaml: error converting YAML to JSON: yaml: line 20: did not find expected k
hedao0515的专栏
05-28 7552
error parsing pod-config.yaml: error converting YAML to JSON: yaml: line 20: did not find expected key
kubernetes手动创建kube-flannel.yml
踏浪归来
07-07 885
【代码】kubernetes手动创建kube-flannel.yml
k8s安装手册.docx
05-22
以上是k8s在有网络环境下的基本安装步骤,但请注意,实际操作中可能会遇到其他问题,需要根据错误提示进行排查和解决。此外,k8s安装配置过程可能会因不同版本或特定环境而有所不同,因此建议遵循官方文档或最新...
k8s 遇到问题及基础命令笔记
01-07
kubeadm join 192.168.101.104:6443 –token g7dylp.y6yup3cpc2g3lj8e –discovery-token-ca-cert-hash sha256:cc10c312f125c4d3c4c55390563c5b7bccce52dc78ca1f6d02661a6a22362deb **kubeadm reset ...
k8s-coredns-1.8.6镜像包和安装文件
12-01
总结来说,"k8s-coredns-1.8.6镜像包和安装文件"提供了在k8s集群中部署CoreDNS所需的一切资源。CoreDNS作为k8s的关键组成部分,负责服务发现和DNS解析,运维人员需要熟悉其工作原理和配置方式,以确保集群的高效运行...
k8s安装完整版 亲测
01-07
这个并不是合适每一个人 比如我这个菜鸡就遇到了很多问题,如下: 1 我是一台阿里云的ECS 一个轻量级服务器 这样的话 这两个不在一个网段 当把node节点加入时会出现卡壳 解决方法如下: ...主要是 开端口 认定ip...
kube-flannel.yml(已修改镜像下载数据源)
热门推荐
weixin_43298522的博客
11-18 1万+
手动创建 kube-flannel.yml文件 [root@k8smaster ~]# vim kube-flannel.yml 内容(镜像地址已经更换阿里数据源) --- apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: name: psp.flannel.unprivileged annotations: seccomp.security.alpha.kubernetes.io/allowedProfileName
Kubernetes 安装flannel组件(本地 kube-flannel.yml 文件)
Bertram的博客
03-06 2168
Kubernetes 安装flannel组件(本地 kube-flannel.yml 文件)
5004 - kube-flannel-rbac.yml kube-flannel.yml
数流坊
02-18 1273
kube-flannel-rbac.yml # Create the clusterrole and clusterrolebinding: # $ kubectl create -f kube-flannel-rbac.yml # Create the pod using the same namespace used by the flannel serviceaccount: # $ kub...
K8S部署及常见问题处理
韩利巍
05-05 3140
按照步骤开始部署就能成功,了解更多请查看官网
k8s安装nginx
07-28
Kubernetes安装Nginx可以通过以下步骤进行操作。首先,将Nginx的配置文件以数据卷的形式挂载出来,这样可以方便地修改配置文件。可以使用nfs等数据卷来支持挂载。如果使用pv、pvc,则还需要配置pv、pvc文件。在集群模式下,不建议使用host进行挂载,可以在测试时使用。部署步骤如下: 1. 切换到配置目录下,执行以下命令来启动服务: ``` kubectl apply -f demo-nginx.yaml ``` 2. 如果需要删除服务,可以执行以下命令: ``` kubectl delete -f demo-nginx.yaml ``` 在执行这些步骤时,可能会遇到一些错误。可以根据错误信息进行排查和解决。同时,需要注意配置文件的更新和修改。可以根据需要修改deploy.yaml文件中service对pod的选择label,以及更新nfs的挂载路径。此外,还可以更新nginx-configmap中default.conf的内容。如果遇到问题,可以联系相关人员进行咨询和解决。\[1\]\[2\]\[3\] #### 引用[.reference_title] - *1* *3* [k8s部署nginx的三种方式](https://blog.csdn.net/weixin_45710811/article/details/126256165)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v91^control_2,239^v3^insert_chatgpt"}} ] [.reference_item] - *2* [K8s部署nginx](https://blog.csdn.net/zhaohan___/article/details/121080478)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v91^control_2,239^v3^insert_chatgpt"}} ] [.reference_item] [ .reference_list ]

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值