Kubeadm初始化遇到的问题

最新推荐文章于 2024-05-14 14:53:53 发布
最新推荐文章于 2024-05-14 14:53:53 发布
阅读量7k 收藏 12
点赞数 3
分类专栏: 实验室环境 文章标签: kubernetes
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_38146924/article/details/117519139
版权

指令操作

标题

初始化

kubeadm init --apiserver-advertise-address=10.16.8.135 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.21.1 --service-cidr=10.96.0.0/16 --pod-network-cidr=10.244.0.0/16

重置

kubeadm reset

问题1

初始化失败报错

error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR SystemVerification]: unexpected kernel config: CONFIG_CGROUP_PIDS
[ERROR SystemVerification]: missing required cgroups: pids
[preflight] If you know what you are doing, you can make a check non-fatal with --ignore-preflight-errors=...
To see the stack trace of this error execute with --v=5 or higher

解决方法

首先,你要在cat /boot/config-uname -r | grep CGROUP这个文件里面加CONFIG_CGROUP_PIDS=y
然后你再升级一下内核就可以了。

内核升级参考

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
yum --disablerepo="*" --enablerepo="elrepo-kernel" list available
yum --enablerepo=elrepo-kernel install kernel-ml
cp /etc/default/grub  /etc/default/grub_bak
vi /etc/default/grub
grub2-mkconfig -o /boot/grub2/grub.cfg
 systemctl enable docker.service
reboot

问题2

CoreDNS下载失败

[root@docker-jjy-1 ~]# kubeadm init --apiserver-advertise-address=10.16.8.135 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.21.1 --service-cidr=10.96.0.0/16 --pod-network-cidr=10.244.0.0/16
[init] Using Kubernetes version: v1.21.1
[preflight] Running pre-flight checks
        [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
error execution phase preflight: [preflight] Some fatal errors occurred:
        [ERROR ImagePull]: failed to pull image registry.aliyuncs.com/google_containers/coredns/coredns:v1.8.0: output: Error response from daemon: pull access denied for registry.aliyuncs.com/google_containers/coredns/coredns, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
, error: exit status 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

解决方法

自己下载一个coredns,再改名成需要的名字

[root@docker-jjy-1 ~]# docker pull coredns/coredns:1.8.0
1.8.0: Pulling from coredns/coredns
c6568d217a00: Pull complete 
5984b6d55edf: Pull complete 
Digest: sha256:cc8fb77bc2a0541949d1d9320a641b82fd392b0d3d8145469ca4709ae769980e
Status: Downloaded newer image for coredns/coredns:1.8.0
docker.io/coredns/coredns:1.8.0

[root@docker-jjy-1 ~]# docker tag coredns/coredns:1.8.0 registry.aliyuncs.com/google_containers/coredns/coredns:v1.8.0
[root@docker-jjy-1 ~]# docker images
REPOSITORY                                                        TAG        IMAGE ID       CREATED        SIZE
registry.aliyuncs.com/google_containers/kube-apiserver            v1.21.1    771ffcf9ca63   3 weeks ago    126MB
registry.aliyuncs.com/google_containers/kube-controller-manager   v1.21.1    e16544fd47b0   3 weeks ago    120MB
registry.aliyuncs.com/google_containers/kube-scheduler            v1.21.1    a4183b88f6e6   3 weeks ago    50.6MB
registry.aliyuncs.com/google_containers/kube-proxy                v1.21.1    4359e752b596   3 weeks ago    131MB
registry.aliyuncs.com/google_containers/pause                     3.4.1      0f8457a4c2ec   4 months ago   683kB
coredns/coredns                                                   1.8.0      296a6d5035e2   7 months ago   42.4MB
registry.aliyuncs.com/google_containers/coredns/coredns           v1.8.0     296a6d5035e2   7 months ago   42.4MB
registry.aliyuncs.com/google_containers/etcd                      3.4.13-0   0369cf4303ff   9 months ago   253MB

问题3

etcd启动报错,会出现访问127.0.0.1:2379这个访问不到的问题

其实这个是要改其中的配置

 - --listen-client-urls=https://0.0.0.0:2379,https://0.0.0.0:2379(这里改成0.0.0.0)
 - --listen-metrics-urls=http://127.0.0.1:2381
 - --listen-peer-urls=https://0.0.0.0:2380(这里改成0.0.0.0)

先准备好一个etcd.yaml 文件,再执行初始化的时候,就以最快的速度一直强制修改/etc/kubernetes/manifests/下的文件,这样才能让启动的docker读到对的配置
cp -rf etcd.yaml /etc/kubernetes/manifests/
手快是解决这个问题的关键。

#最后终于成功
###感动的想哭。

[root@docker-jjy-1 ~]# kubeadm reset
[reset] Reading configuration from the cluster...
[reset] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
W0603 11:09:08.782649   20656 reset.go:99] [reset] Unable to fetch the kubeadm-config ConfigMap from cluster: failed to get config map: configmaps "kubeadm-config" not found
[reset] WARNING: Changes made to this host by 'kubeadm init' or 'kubeadm join' will be reverted.
[reset] Are you sure you want to proceed? [y/N]: y
[preflight] Running pre-flight checks
W0603 11:09:09.791985   20656 removeetcdmember.go:79] [reset] No kubeadm config, using etcd pod spec to get data directory
[reset] Stopping the kubelet service
[reset] Unmounting mounted directories in "/var/lib/kubelet"
[reset] Deleting contents of config directories: [/etc/kubernetes/manifests /etc/kubernetes/pki]
[reset] Deleting files: [/etc/kubernetes/admin.conf /etc/kubernetes/kubelet.conf /etc/kubernetes/bootstrap-kubelet.conf /etc/kubernetes/controller-manager.conf /etc/kubernetes/scheduler.conf]
[reset] Deleting contents of stateful directories: [/var/lib/etcd /var/lib/kubelet /var/lib/dockershim /var/run/kubernetes /var/lib/cni]

The reset process does not clean CNI configuration. To do so, you must remove /etc/cni/net.d

The reset process does not reset or clean up iptables rules or IPVS tables.
If you wish to reset iptables, you must do so manually by using the "iptables" command.

If your cluster was setup to utilize IPVS, run ipvsadm --clear (or similar)
to reset your system's IPVS tables.

The reset process does not clean your kubeconfig files and you must remove them manually.
Please, check the contents of the $HOME/.kube/config file.
[root@docker-jjy-1 ~]# 
[root@docker-jjy-1 ~]# kubeadm init --apiserver-advertise-address=10.16.8.135 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.21.1 --service-cidr=10.96.0.0/16 --pod-network-cidr=10.244.0.0/16
[init] Using Kubernetes version: v1.21.1
[preflight] Running pre-flight checks
        [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [docker-jjy-1.novalocal kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.16.8.135]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [docker-jjy-1.novalocal localhost] and IPs [10.16.8.135 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [docker-jjy-1.novalocal localhost] and IPs [10.16.8.135 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Starting the kubelet
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[apiclient] All control plane components are healthy after 12.003554 seconds
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.21" in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Skipping phase. Please see --upload-certs
[mark-control-plane] Marking the node docker-jjy-1.novalocal as control-plane by adding the labels: [node-role.kubernetes.io/master(deprecated) node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]
[mark-control-plane] Marking the node docker-jjy-1.novalocal as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: wgpqyb.qg685fw8jq7ytixt
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to get nodes
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 10.16.8.135:6443 --token wgpqyb.qg685fw8jq7ytixt \
        --discovery-token-ca-cert-hash sha256:2285ae813e5e743e2277ae98ac6737f1fd0128dec4aab26d0da8fe9d0f149a4c 
[root@docker-jjy-1 ~]#
JerryJi9314
关注
  • 3
    点赞
  • 12
    收藏
    觉得还不错? 一键收藏
  • 2
    评论
专栏目录
1-k8s集群安装报错CGROUPS_CPU: missing
u011197085的博客
04-24 454
加入集群报错 解决办法: 在 RHEL 9 上配置和启用 cgroups,特别是 CPU 类型的 cgroups,你可以按照以下步骤操作:首先,需要确认你的系统是否已经启用了 CPU cgroups。通常,这应该是默认启用的,但如果由于某些原因被禁用了,你需要手动启用它。如果发现 CPU cgroups 没有启用,你可以通过编辑 GRUB 的启动参数来启用它。执行以下命令来编辑 GRUB 配置文件: 在文件中找到 这一行,确保包含以下参数: 如果没有这个参数,请添加上去。参数应该在引号内,多个参数之间用空
kubeadm初始化Kubenates集群时提示ERROR
dkgee
07-03 2091
[init] Using Kubernetes version: v1.14.0 [preflight] Running pre-flight checks error execution phase preflight: [preflight] Some fatal errors occurred: [ERROR Port-6443]: Port 6443 is in use [ERROR Port-10251]: Port 10251 is in use [ERROR Port-10252]: .
Kubeadm初始化一直失败,kubelet显示无法成功启动的解决办法
最新发布
llllllllpc的博客
05-14 392
本人前几天学习过程中也碰到了初始化失败的问题,尝试了无数种方法皆失败了,并且出现装特定版本成功(v1.28),其他版本不成功的情况(v1.29,v1.30),百思不得其解,苦苦钻研四天,最终放弃。当kubeadm init时出现kubelet启动不了的错误,在排除了kubelet版本不对等问题后,有可能就是k8s其他组件有问题导致初始化失败(而不是kubelet导致的),再次按流程尝试部署k8s时,竟非常顺利的一遍成功。所以特来提醒大家不要钻牛角尖,
已解决:error execution phase preflight: [preflight] Some fatal errors occurred: [ERROR Port-6443]: Por
魏波
06-15 3860
1、问题描述 重启k8s集群时出现以下报错: [root@k8s-master01 ~]# kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log Flag --experimental-upload-certs has been deprecated, use --upload-certs instead [init] Using Kubernetes version:.
Kubernetes】k8s初始化报错:error execution phase preflight: [preflight]
爱意随风起,人生不可弃。
10-29 2580
这表明我们使用的Docker版本与Kubernetes不兼容,需要升级到支持的版本。在安装和配置Kubernetes集群时,"error execution phase preflight"错误是一个常见的问题。然而,在运行Kubernetes集群时,通常建议禁用交换空间,因为它可能导致性能下降和不可预测的行为。此外,了解Kubernetes版本选择、容器运行时选择和网络插件选择等相关内容,可以帮助你更好地理解和配置Kubernetes集群。不同版本的Kubernetes可能具有不同的功能和修复的漏洞。
初始化 Kubernetes 问题(端口占用)
u013004700的专栏
08-01 2万+
[root@k8s-master01 ~]# kubeadm init --config config.yaml [init] Using Kubernetes version: v1.10.0 [init] Using Authorization modes: [Node RBAC] [preflight] Running pre-flight checks. [preflight] Some...
初始化Kubenetes报错2:error execution phase preflight: [preflight] Some fatal errors occurred: [ER
热门推荐
非著名运维的博客
07-27 2万+
报错信息: error execution phase preflight: [preflight] Some fatal errors occurred: [ERROR Port-6443]: Port 6443 is in use [ERROR Port-10251]: Port 10251 is in use [ERROR Port-10252]: Port 10252 is in use [ERROR FileAvailable--et
kubeadm.zip
11-02
2. **网络插件**:在kubeadm初始化过程中,需要选择一个网络插件来实现Pod和Service之间的网络通信。常见的网络插件有Flannel、Calico和Cilium等。例如,使用`--pod-network-cidr`参数指定Pod网络的CIDR范围。 3. *...
kubeadm +kubernetes +1.25.5
01-12
在IT行业中,Kubernetes(通常称为K8s)是一个强大的容器编排系统,它使得部署、管理和扩展容器化应用程序变得更加简单。...在实际操作中,遇到问题时,查阅官方文档和社区资源通常是解决问题的有效途径。
kubeadm-playbook:Ansible剧本,用于在CentOS 7节点上运行kubeadm
01-31
在这个场景中,`kubeadm` 是Kubernetes提供的命令行工具,用于初始化和管理集群。它简化了设置和维护Kubernetes集群的过程,尤其适合小型到中型规模的部署。`kubeadm-playbook` 利用Ansible的剧本功能,将`kubeadm` ...
k8s-51cto-kubeadm部署k8s1.13.0-笔记总结
06-28
在主节点上执行kubeadm初始化命令,这会创建必要的kubelet配置、证书和kubeconfig文件。初始化命令可能如下: ``` sudo kubeadm init --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.13.0 ``` 注意,`--...
vagrant-kube:使用vagrant和kubeadm引导k8s集群
02-06
- 当遇到问题时,可以使用`kubectl get pods -A`查看所有命名空间的Pod状态,`kubectl describe pod <pod-name>`获取Pod的详细信息,或者查看虚拟机的日志。 通过`vagrant-kube`,用户可以在本地快速构建一个可...
kubernetes安装问题记录
写Bug的小白的博客
07-27 3204
解决:修改镜像地址为阿里的,注意每个安装有 kubelet 的节点都需要修改。查询 kubelet 状态时已运行,查看 kubelet 日志。发现没有启动,因为之前重启过,所以导致它没有自启,所以运行。检查 containerd 进程状态。关闭swap并且修改fstab文件。再次查看 kubelet 日志。发现 cri 模块禁用了。自启加启动查看状态。重新安装 cni 模块。
问题解决】error execution phase preflight: [preflight] Some fatal errors occurred
流氓兔的博客
03-05 1万+
背景 运行kubeadm join 命令加入集群时,报如下错 命令如下 root@zrs:~# kubeadm join 192.168.1.62:6443 --token r6omg1.wf03wzc5a13u7ubi --discovery-token-ca-cert-hash sha256:de0da2432966401f76b217870bc296c5c21b8a059522885c90e7809f5c2d98dd 报错信息 [preflight] Running pre-flight c
Kubeadm 安装 k8s kubelet status failed
隔壁老瓦的专栏
11-14 1566
kubeinit。
error execution phase preflight: [preflight] Some fatal errors occurred 解决处理错误
qq_19381487的博客
08-04 260
解决方案:镜像文件为/etc/docker/daemon.json,则修改daemon.json文件后缀为daemon.conf即可正常启动docker。参考技术A参考链接:https://blog.csdn.net/qq_33733970/article/details/103858722。kubeadm join *****:6443提示。查看docker状态提示。
kubeadm初始化kubernetes报错
一颗红小豆
05-28 2509
kubeadm初始化kubernetes报错: error execution phase preflight: [preflight] Some fatal errors occurred: [ERROR FileAvailable–etc-kubernetes-manifests-kube-apiserver.yaml]: /etc/kubernetes/manifests/kube-apiserver.yaml already exists [ERROR FileAvailable–etc-kuber
k8s missing required cgroups: pids
qq_15138049的博客
11-18 5702
kubeadm reset error execution phase preflight: [preflight] Some fatal errors occurred: [ERROR SystemVerification]: unexpected kernel config: CONFIG_CGROUP_PIDS [ERROR SystemVerification]: missing required cgroups: pids [preflight] If you know what you a.
使用sealos安装k8s集群的时候,报错 [WARNING SystemVerification]: missing optional cgroups: hugetlb [WARNING SystemVerification]: unexpected kernel config: CONFIG_CGROUP_CPUACCT [WARNING SystemVerification]: missing required cgroups: cpuacct
06-09
这个错误提示说明您在使用 Sealos 安装 Kubernetes 集群时,检测到了一些问题。具体来说,它提示 cgroups 配置存在问题。这可能会导致一些功能无法正常工作。具体而言,它提示 hugetlb cgroup 是可选的,但是您的系统缺少它;同时,它还提示您的内核配置中缺少 CONFIG_CGROUP_CPUACCT;最后,它提示您的系统缺少必需的 cgroups:cpuacct。 解决这个问题的方法是检查您的系统配置,确保它符合 Kubernetes 的要求。具体而言,您可以按照以下步骤进行操作: 1. 检查您的内核配置,确保 CONFIG_CGROUP_CPUACCT 已启用。您可以使用以下命令检查: ``` grep CONFIG_CGROUP_CPUACCT /boot/config-$(uname -r) ``` 如果命令输出 `CONFIG_CGROUP_CPUACCT=y`,则表示已启用;否则,您需要重新编译内核并启用它。 2. 检查您的系统是否已启用 hugetlb cgroup。您可以使用以下命令检查: ``` ls /sys/fs/cgroup/hugetlb/ ``` 如果命令输出 `ls: cannot access '/sys/fs/cgroup/hugetlb/': No such file or directory`,则表示未启用 hugetlb cgroup。您可以通过重新编译内核并启用它来解决这个问题。 3. 检查您的系统是否已启用 cpuacct cgroup。您可以使用以下命令检查: ``` ls /sys/fs/cgroup/cpuacct/ ``` 如果命令输出 `ls: cannot access '/sys/fs/cgroup/cpuacct/': No such file or directory`,则表示未启用 cpuacct cgroup。您可以通过重新编译内核并启用它来解决这个问题。 完成这些步骤后,您可以再次运行 Sealos 进行安装。
评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值