使用kubeasz安装部署K8S时遇到kubeReserved的错误记录

ansible执行时到第四步显示轮询等待kubelet启动，systemctl status kubelet在各个节点查看，kubelet未启动

报错如下

fatal: [10.0.0.20]: FAILED! => {"changed": true, "cmd": ["/etc/kubeasz/bin/kubectl", "create", "clusterrolebinding", "kubernetes-crb", "--clusterrole=system:kubelet-api-admin", "--user=kubernetes"], "delta": "0:00:00.045336", "end": "2023-06-19 23:05:17.947568", "msg": "non-zero return code", "rc": 1, "start": "2023-06-19 23:05:17.902232", "stderr": "error: failed to create clusterrolebinding: Post \"https://10.0.0.10:6443/apis/rbac.authorization.k8s.io/v1/clusterrolebindings?fieldManager=kubectl-create&fieldValidation=Strict\": dial tcp 10.0.0.10:6443: connect: connection refused", "stderr_lines": ["error: failed to create clusterrolebinding: Post \"https://10.0.0.10:6443/apis/rbac.authorization.k8s.io/v1/clusterrolebindings?fieldManager=kubectl-create&fieldValidation=Strict\": dial tcp 10.0.0.10:6443: connect: connection refused"], "stdout": "", "stdout_lines": []}

 使用journalctl -u kubelet --no-pager查看日志发现是有关 /var/lib/kubelet/config.yaml的kubeReserved字段的错误；(这个文件是kubeasz自动生成的)

Jun 20 00:05:22 k8s-master1.sunce.io systemd[1]: kubelet.service: Main process exited, code=exited, status=1/FAILURE
Jun 20 00:05:22 k8s-master1.sunce.io systemd[1]: kubelet.service: Failed with result 'exit-code'.
Jun 20 00:05:27 k8s-master1.sunce.io systemd[1]: kubelet.service: Scheduled restart job, restart counter is at 35.
Jun 20 00:05:27 k8s-master1.sunce.io systemd[1]: Stopped Kubernetes Kubelet.
Jun 20 00:05:27 k8s-master1.sunce.io systemd[1]: Starting Kubernetes Kubelet...
Jun 20 00:05:27 k8s-master1.sunce.io systemd[1]: Started Kubernetes Kubelet.
Jun 20 00:05:27 k8s-master1.sunce.io kubelet[26224]: Flag --container-runtime-endpoint has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information.
Jun 20 00:05:27 k8s-master1.sunce.io kubelet[26224]: E0620 00:05:27.806557   26224 run.go:74] "command failed" err="failed to load kubelet config file, error: failed to load Kubelet config file /var/lib/kubelet/config.yaml, error failed to decode: json: cannot unmarshal number into Go struct field KubeletConfiguration.kubeReserved of type string, path: /var/lib/kubelet/config.yaml"

配置文件/var/lib/kubelet/config.yaml内容如下 

kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
address: 0.0.0.0
authentication:
  anonymous:
    enabled: false
  webhook:
    cacheTTL: 2m0s
    enabled: true
  x509:
    clientCAFile: /etc/kubernetes/ssl/ca.pem
authorization:
  mode: Webhook
  webhook:
    cacheAuthorizedTTL: 5m0s
    cacheUnauthorizedTTL: 30s
cgroupDriver: systemd 
cgroupsPerQOS: true
clusterDNS:
- 169.254.20.10
clusterDomain: sunce.local
configMapAndSecretChangeDetectionStrategy: Watch
containerLogMaxFiles: 3 
containerLogMaxSize: 10Mi
enforceNodeAllocatable:
- pods
- kube-reserved
eventBurst: 10
eventRecordQPS: 5
evictionHard:
  imagefs.available: 15%
  memory.available: 300Mi
  nodefs.available: 10%
  nodefs.inodesFree: 5%
evictionPressureTransitionPeriod: 5m0s
failSwapOn: true
fileCheckFrequency: 40s
hairpinMode: hairpin-veth 
healthzBindAddress: 0.0.0.0
healthzPort: 10248
httpCheckFrequency: 40s
imageGCHighThresholdPercent: 85
imageGCLowThresholdPercent: 80
imageMinimumGCAge: 2m0s
kubeReservedCgroup: /podruntime.slice
kubeReservedCgroup: kubeReserved
kubeReserved:
  cpu: 200m
  memory: 400Mi
  pid: 1000
kubeAPIBurst: 100
kubeAPIQPS: 50
makeIPTablesUtilChains: true
maxOpenFiles: 1000000
maxParallelImagePulls: 5
maxPods: 200
nodeLeaseDurationSeconds: 40
nodeStatusReportFrequency: 1m0s
nodeStatusUpdateFrequency: 10s
oomScoreAdj: -999
podPidsLimit: 1024
port: 10250
# disable readOnlyPort 
readOnlyPort: 0
resolvConf: /run/systemd/resolve/resolv.conf
runtimeRequestTimeout: 2m0s
serializeImagePulls: false
streamingConnectionIdleTimeout: 4h0m0s
syncFrequency: 1m0s
tlsCertFile: /etc/kubernetes/ssl/kubelet.pem
tlsPrivateKeyFile: /etc/kubernetes/ssl/kubelet-key.pem

报错中有一段很重要：error failed to decode: json: cannot unmarshal number into Go struct field KubeletConfiguration.kubeReserved of type string, path: /var/lib/kubelet/config.yaml"

是和字符转换有关，主要是kube-reserved 设置pid的时候是需要填写字符串而非数字；

所以我们把字段中pid: 1000这里的1000需要用双引号引起来，问题解决，kubelet成功启动；

kubeReserved:
  cpu: 200m
  memory: 400Mi
  pid: "1000"