参考博客
登录centos7 root:root, 解决网络不通问题资料
准备工作
首先准备Kubernets的安装,这里我使用的是virtualbox上安装centos7, Kubernetes v1.5.2 Docker version 1.12.6
关闭CentOS自带的防火墙服务:
查看防火墙服务状态
firewall-cmd --state
关闭
systemctl disable firewalld
systemctl stop firewalld
安装
yum install docker etcd kubernetes -y
启动服务
systemctl enable 服务(设置开机自启)
systemctl start etcd
systemctl start docker
systemctl start kube-apiserver
systemctl start kube-controller-manager
systemctl start kube-scheduler
systemctl start kubelet
systemctl start kube-proxy
复制代码
检查服务版本和启动状态
检查版本
ectdctl -v
docker -v
kubectl version
复制代码
查看启动状态
etcdctl member list
docker ps
复制代码
创建mysql rc
vim mysql-rc.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: mysql
spec:
replicas: 1
selector:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
复制代码
执行创建 mysql Rc
kubectl create -f mysql-rc.yaml
查看rc和pod
kubectl get rc
kubectl get pods
问题资料1 资料2有效
- 创建rc与pod的时候会出现pod无法创建但是rc能创建
解决办法是编辑/etc/kubernetes/apiserver 去除
KUBE_ADMISSION_CONTROL 中的 SecurityContextDeny,ServiceAccount ,并重启kube-apiserver.service服务
复制代码
# vim /etc/kubernetes/apiserver
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
# systemctl restart kube-apiserver.service
复制代码
删除RC,重新执行前面的步骤就可以看到Pods的生成了
复制代码
# kubectl delete -f filename.yam
replicationcontroller "rcname" deleted
# kubectl create -f filename.yam
replicationcontroller "rcname" created
# kubectl get pods
NAME READY STATUS RESTARTS AGE
mysql-sgvzt 0/1 ContainerCreating 0 3s
复制代码
2.pod状态一直都是pending博客
kubectl describe pod mypod查看错误信息
用kubectl describe查看 pods的详情,发现 registry.access.redhat.com/rhel7/pod-infrastructure:latest 镜像报错
问题是比较明显的,就是没有/etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt文件,用ls -l查看之后发现是一个软链接,链接到/etc/rhsm/ca/redhat-uep.pem,但是这个文件不存在,使用yum search rhsm命令:
- 安装python-rhsm-certificates包:
# yum install python-rhsm-certificates -y
复制代码
这里又出现问题了:
python-rhsm-certificates <= 1.20.3-1 被 (已安裝) subscription-manager-rhsm-certificates-1.20.11-1.el7.centos.x86_64 取代
复制代码
那么怎么办呢,我们直接然后下载python-rhsm-certificates包:
# wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
# rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem
复制代码
再次使用使用docker pull 拉取镜像
docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
复制代码