K8S 故障处理经验积累(网络)

最新推荐文章于 2024-06-10 12:20:04 发布
最新推荐文章于 2024-06-10 12:20:04 发布
阅读量1.8w 收藏 20
点赞数 7
分类专栏: Kubernetes 文章标签: k8s部署问题 kubernetes k8s 故障处理
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/yujia_666/article/details/107719919
版权

1 .1cni网络问题导致coredns起不来

NetworkPlugin cni failed to set up pod "coredns-5c98db65d4-fr9nk_kube-system" network: failed to set bridge addr: "cni0" already has an IP address different from 172.21.0.1/24NetworkPlugin cni failed to set up pod "coredns-5c98db65d4-fr9nk_kube-system" network: failed to set bridge addr: "cni0" already has an IP address different from 172.21.0.1/24

解决:k8s集群reset之后,重新发布kube-flannel

flannel的资源限制要关闭,不然,会OOM

1. 2 还有一种coredns起不来,是因为dns解析的问题

nameserver xxx.xxx.xxx.xxx这个值不能为空,否则coredns也起不来

vim /etc/resolv.conf
nameserver 114.114.114.114
systemctl daemon-reload
systemctl restart kubelet

2.k8s  reset之后彻底清除上次初始化

kubeadm reset

iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X
systemctl stop kubelet
systemctl stop docker
rm -rf /var/lib/cni/*
rm -rf /var/lib/kubelet/*
rm -rf /etc/cni/*
ifconfig cni0 down
ifconfig flannel.1 down
ifconfig docker0 down
ip link delete cni0
ip link delete flannel.1
systemctl start docker

之后重新kubeadm init

3.  journalctl -u kubelet 查看kubectl日志发现报错如下


Kubernetes启动报错

kubelet cgroup driver: "systemd" is different from docker cgroup driver: "cgroupfs"

错误原因:

    docker和k8s使用的cgroup不一致导致





解决办法:

    修改二者一致,统一使用systemd或者cgroupfs进行资源管理。由于k8s官方文档中提示使用cgroupfs管理docker和k8s资源,而使用systemd管理节点上其他进程资源在资源压力大时会出现不稳定,因此推荐修改docker和k8s统一使用systemd管理资源。





Cgroup drivers

When systemd is chosen as the init system for a Linux distribution, the init process generates and consumes a root control group (cgroup) and acts as a cgroup manager. Systemd has a tight integration with cgroups and will allocate cgroups per process. It’s possible to configure your container runtime and the kubelet to use cgroupfs. Using cgroupfs alongside systemd means that there will then be two different cgroup managers.

Control groups are used to constrain resources that are allocated to processes. A single cgroup manager will simplify the view of what resources are being allocated and will by default have a more consistent view of the available and in-use resources. When we have two managers we end up with two views of those resources. We have seen cases in the field where nodes that are configured to use cgroupfs for the kubelet and Docker, and systemd for the rest of the processes running on the node becomes unstable under resource pressure.





docker修改方法:

    修改或创建/etc/docker/daemon.json,加入下面的内容:

cat > /etc/docker/daemon.json <<EOF

{

"exec-opts": ["native.cgroupdriver=systemd"]

}

EOF
 

重启docker:

systemctl restart docker





k8s修改方法:    

修改kubelet:

修改docker,只需在/etc/docker/daemon.json中,添加"exec-opts": ["native.cgroupdriver=systemd"]即可,本文最初的docker配置可供参考。

修改kubelet:

cat > /var/lib/kubelet/config.yaml <<EOF
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd
EOF

vim /var/lib/kubelet/kubeadm-flags.env

KUBELET_KUBEADM_ARGS="--cgroup-driver=systemd --hostname-override=10.249.176.86 --network-plugin=cni --pod-infra-container-image=k8s.gcr.io/pause:3.1"

添加如下内容--cgroup-driver=systemd

需要重启 kubelet:

systemctl daemon-reload

systemctl restart kubelet

4.kubernetes认证namespace,默认default的namespace变成操作自定义namespace    yujia-k8s

示例:kubectl get pod -n yujia-k8s    <<---等价于-->>   kubectl get pod

vim /root/.kube/config


contexts:的下面加上自己想要修改的namespace

contexts:
#- context:
#    cluster: kubernetes
#    user: kubernetes-admin
#  name: kubernetes-admin@kubernetes
#current-context: kubernetes-admin@kubernetes
- context:
    cluster: kubernetes
    namespace: yujia-k8s
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:

这样做能让我们操作默认default的namespace变成操作yujia-k8s  命名空间下面的资源,提升了简便性

5.node节点加不进去

'curl -sSL http://localhost:10248/healthz' failed with error: Get http://localhost:10248/healthz: dial tcp 127.0.0.1:10248: connect: connection refused

kubelet没有这个文件

open /var/lib/kubelet/pki/kubelet.crt: no such file or directory

解决办法:复制其他node节点的这个证书

6. 容器无法被调度:OCI runtime state failed: fork/exec /usr/bin/runc: resource temporarily unavailable: : unknown

 failed to start shim: fork/exec /usr/bin/containerd-shim: resource temporarily unavailable: unknown

判断:应该资源限制了,节点资源问题,进程数大于主机设置之类的

一个 Pod 被创建后, 一直卡在ContainerCreating的状态, 执行describe命令查看该 Pod 详细信息后发现如下 Event

1
2
3
4
5
6
7

Events:
  Type     Reason                  Age               From                            Message
  ----     ------                  ----              ----                            -------
  Normal   Scheduled               2m                default-scheduler               Successfully assigned 61f983b5-19ca-4b33-8647-6b279ae93812 to k8node3
  Normal   SuccessfulMountVolume   2m                kubelet, k8node3  MountVolume.SetUp succeeded for volume "default-token-7r9jt"
  Warning  FailedCreatePodSandBox  2m (x12 over 2m)  kubelet, k8node3  Failed create pod sandbox: rpc error: code = Unknown desc = failed to start sandbox container for pod "61f983b5-19ca-4b33-8647-6b279ae93812": Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused "process_linux.go:286: decoding sync type from init pipe caused \"read parent: connection reset by peer\""
  Normal   SandboxChanged          2m (x12 over 2m)  kubelet, k8node3  Pod sandbox changed, it will be killed and re-created.

以上 Event 信息中, 能解读到的信息极其有限

  • Failed create pod sandbox: Google 提供的 pause 容器启动失败
  • oci runtime error: 运行时接口出的问题, 我的环境中运行时环境为 docker
  • connection reset by peer: 连接被重置
  • Pod sandbox changed, it will be killed and re-created: pause 容器引导的 Pod 环境被改变, 重新创建 Pod 中的 pause 引导

看完上面的报错信息并不能准确定位到问题的根源, 只能大致了解到是因为创建SandBox失败导致的, 接下来查看 kubelet 的日志

1
2
3
4
5
6
7
8
9
10

Oct 31 16:33:57 k8node3 kubelet[1865]: E1031 16:33:57.551282    1865 remote_runtime.go:92] RunPodSandbox from runtime service failed: rpc error: code = Unknown desc = failed to start sandbox container for pod "61f983b5-19ca-4b33-8647-6b279ae93812": Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused "process_linux.go:286: decoding sync type from init pipe caused \"read parent: connection reset by peer\""
Oct 31 16:33:57 k8node3 kubelet[1865]: E1031 16:33:57.551415    1865 kuberuntime_sandbox.go:54] CreatePodSandbox for pod "61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)" failed: rpc error: code = Unknown desc = failed to start sandbox container for pod "61f983b5-19ca-4b33-8647-6b279ae93812": Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused "process_linux.go:286: decoding sync type from init pipe caused \"read parent: connection reset by peer\""
Oct 31 16:33:57 k8node3 kubelet[1865]: E1031 16:33:57.551459    1865 kuberuntime_manager.go:646] createPodSandbox for pod "61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)" failed: rpc error: code = Unknown desc = failed to start sandbox container for pod "61f983b5-19ca-4b33-8647-6b279ae93812": Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused "process_linux.go:286: decoding sync type from init pipe caused \"read parent: connection reset by peer\""
Oct 31 16:33:57 k8node3 kubelet[1865]: E1031 16:33:57.551581    1865 pod_workers.go:186] Error syncing pod 77b2b948-dce4-11e8-afec-b82a72cf3061 ("61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)"), skipping: failed to "CreatePodSandbox" for "61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)" with CreatePodSandboxError: "CreatePodSandbox for pod \"61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)\" failed: rpc error: code = Unknown desc = failed to start sandbox container for pod \"61f983b5-19ca-4b33-8647-6b279ae93812\": Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused \"process_linux.go:286: decoding sync type from init pipe caused \\\"read parent: connection reset by peer\\\"\""
Oct 31 16:33:58 k8node3 kubelet[1865]: E1031 16:33:58.718255    1865 remote_runtime.go:92] RunPodSandbox from runtime service failed: rpc error: code = Unknown desc = failed to start sandbox container for pod "61f983b5-19ca-4b33-8647-6b279ae93812": Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused "process_linux.go:286: decoding sync type from init pipe caused \"read parent: connection reset by peer\""
Oct 31 16:33:58 k8node3 kubelet[1865]: E1031 16:33:58.718406    1865 kuberuntime_sandbox.go:54] CreatePodSandbox for pod "61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)" failed: rpc error: code = Unknown desc = failed to start sandbox container for pod "61f983b5-19ca-4b33-8647-6b279ae93812": Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused "process_linux.go:286: decoding sync type from init pipe caused \"read parent: connection reset by peer\""
Oct 31 16:33:58 k8node3 kubelet[1865]: E1031 16:33:58.718443    1865 kuberuntime_manager.go:646] createPodSandbox for pod "61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)" failed: rpc error: code = Unknown desc = failed to start sandbox container for pod "61f983b5-19ca-4b33-8647-6b279ae93812": Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused "process_linux.go:286: decoding sync type from init pipe caused \"read parent: connection reset by peer\""
Oct 31 16:33:58 k8node3 kubelet[1865]: E1031 16:33:58.718597    1865 pod_workers.go:186] Error syncing pod 77b2b948-dce4-11e8-afec-b82a72cf3061 ("61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)"), skipping: failed to "CreatePodSandbox" for "61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)" with CreatePodSandboxError: "CreatePodSandbox for pod \"61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)\" failed: rpc error: code = Unknown desc = failed to start sandbox container for pod \"61f983b5-19ca-4b33-8647-6b279ae93812\": Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused \"process_linux.go:286: decoding sync type from init pipe caused \\\"read parent: connection reset by peer\\\"\""
Oct 31 16:36:02 k8node3 kubelet[1865]: E1031 16:36:02.114171    1865 kubelet.go:1644] Unable to mount volumes for pod "61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)": timeout expired waiting for volumes to attach or mount for pod "default"/"61f983b5-19ca-4b33-8647-6b279ae93812". list of unmounted volumes=[default-token-7r9jt]. list of unattached volumes=[default-token-7r9jt]; skipping pod
Oct 31 16:36:02 k8node3 kubelet[1865]: E1031 16:36:02.114262    1865 pod_workers.go:186] Error syncing pod 77b2b948-dce4-11e8-afec-b82a72cf3061 ("61f983b5-19ca-4b33-8647-6b279ae93812_default(77b2b948-dce4-11e8-afec-b82a72cf3061)"), skipping: timeout expired waiting for volumes to attach or mount for pod "default"/"61f983b5-19ca-4b33-8647-6b279ae93812". list of unmounted volumes=[default-token-7r9jt]. list of unattached volumes=[default-token-7r9jt]

kubelet 的日志中, 与 describe 出来的信息差不多, tail 的时候更直观的感觉到频繁的Sandbox创建的过程, 既然是 OCI 运行时报错, 只能去 docker 的日志中找找看了

1
2
3
4
5
6
7
8
9
10

Oct 31 16:33:58 k8node3 dockerd[1715]: time="2018-10-31T16:33:58.671146675+08:00" level=error msg="containerd: start container" error="oci runtime error: container_linux.go:247: starting container process caused \"process_linux.go:286: decoding sync type from init pipe caused \\\"read parent: connection reset by peer\\\"\"\n" id=029d9e843eedb822370c285b5abf1f37556461083d3bda2c7af38b3b00695b0f
Oct 31 16:33:58 k8node3 dockerd[1715]: time="2018-10-31T16:33:58.671871096+08:00" level=error msg="Create container failed with error: oci runtime error: container_linux.go:247: starting container process caused \"process_linux.go:286: decoding sync type from init pipe caused \\\"read parent: connection reset by peer\\\"\"\n"
Oct 31 16:33:58 k8node3 dockerd[1715]: time="2018-10-31T16:33:58.717553371+08:00" level=error msg="Handler for POST /v1.27/containers/029d9e843eedb822370c285b5abf1f37556461083d3bda2c7af38b3b00695b0f/start returned error: oci runtime error: container_linux.go:247: starting container process caused \"process_linux.go:286: decoding sync type from init pipe caused \\\"read parent: connection reset by peer\\\"\"\n"
Oct 31 16:34:22 k8node3 dockerd[1715]: time="2018-10-31T16:34:22.759631102+08:00" level=error msg="Handler for POST /v1.27/containers/207f0ffb4b5ecc5f8261af40cd7a2c4c2800a2c30b027c4fb95648f8c1b00274/stop returned error: Container 207f0ffb4b5ecc5f8261af40cd7a2c4c2800a2c30b027c4fb95648f8c1b00274 is already stopped"
Oct 31 16:34:22 k8node3 dockerd[1715]: time="2018-10-31T16:34:22.768603351+08:00" level=error msg="Handler for POST /v1.27/containers/03bf9bfcf4e3f66655b0124d6779ff649b2b00219b83645ca18b4bb08d1cc573/stop returned error: Container 03bf9bfcf4e3f66655b0124d6779ff649b2b00219b83645ca18b4bb08d1cc573 is already stopped"
Oct 31 16:34:22 k8node3 dockerd[1715]: time="2018-10-31T16:34:22.777073508+08:00" level=error msg="Handler for POST /v1.27/containers/7b37f5aee7afe01f209bcdc6b3568b522fb0bbda5cb4b322e10b05ec603f5728/stop returned error: Container 7b37f5aee7afe01f209bcdc6b3568b522fb0bbda5cb4b322e10b05ec603f5728 is already stopped"
Oct 31 16:34:22 k8node3 dockerd[1715]: time="2018-10-31T16:34:22.785774443+08:00" level=error msg="Handler for POST /v1.27/containers/1a01419973e4701b231556d74c619c30e0966889948e810b46567f08475ec431/stop returned error: Container 1a01419973e4701b231556d74c619c30e0966889948e810b46567f08475ec431 is already stopped"
Oct 31 16:34:22 k8node3 dockerd[1715]: time="2018-10-31T16:34:22.794198279+08:00" level=error msg="Handler for POST /v1.27/containers/c3c4049e7b1942395b3cc3a45cf0cc69b34bab6271cb940a70c7d9aed3ba6176/stop returned error: Container c3c4049e7b1942395b3cc3a45cf0cc69b34bab6271cb940a70c7d9aed3ba6176 is already stopped"
Oct 31 16:34:22 k8node3 dockerd[1715]: time="2018-10-31T16:34:22.802698120+08:00" level=error msg="Handler for POST /v1.27/containers/8d2c8a4cd5b43b071a9976251932955937d5b1f0f34dca1482cde4195df4747d/stop returned error: Container 8d2c8a4cd5b43b071a9976251932955937d5b1f0f34dca1482cde4195df4747d is already stopped"
Oct 31 16:34:22 k8node3 dockerd[1715]: time="2018-10-31T16:34:22.811103238+08:00" level=error msg="Handler for POST /v1.27/containers/7fdb697e251cec249c0a17f1fdcc6d76fbec13a60929eb0217c744c181702c1f/stop returned error: Container 7fdb697e251cec249c0a17f1fdcc6d76fbec13a60929eb0217c744c181702c1f is already stopped"

Docker 的日志中, 除了已经看了很多遍的connection reset by peer之外, 还有一些新的发现

  • xxx is already stopped: 看日志, 感觉是向容器接口发送了 POST 请求以 stop 容器, 但是该容器已经被 stop 掉了

Docker 的日志和 kubelet 的日志的共同点就是, kubelet 频繁 recreate Sandbox

执行 docker container ls -a 命令发现存在大量 create 状态的 pause 容器

查看 demesg -T 信息, 发现了大量 oom-killer 的字眼的日志, 初步判断是由于内存溢出, 导致系统主动 kill 进程.

发生这样的情况的概率并不高, 一般情况下有两种类型的 oom kill

  • 由于 pod 内进程超出了 pod 指定 Limit 限制的值, 将导致 oom kill, 此时 pod 退出的 Reason 会显示 OOMKilled
  • 另一种情况是 pod 内的进程给自己设置了可用内存, 比如 jvm 内存限制设置为2G, pod Limit 设置为6G, 此时由于程序的原因导致内存使用超过2G 时, 也会引发 oom kill

这两种内存溢出的 kill 区别是第一种原因直接显示在 pod 的 Event 里; 第二种你在 Event 里找不到, 在宿主机的 dmesg 里面可以找到 invoked oom-killer 的日志

这次的情况看起来像属于第二种情况, 于是赶紧再次 describe pod, 查看 Limit 限制

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

Containers:
  61f983b5-19ca-4b33-8647-6b279ae93812:
    Container ID:
    Image:          reg.lvrui.io/public/testpublish:latest
    Image ID:
    Port:           <none>
    Host Port:      <none>
    State:          Waiting
      Reason:       ContainerCreating
    Ready:          False
    Restart Count:  0
    Limits:
      cpu:     1
      memory:  2k
    Requests:
      cpu:     1
      memory:  2k
    Environment:
      key:  value
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-7r9jt (ro)

终于找到了原因, 就是因为对内存的 Limit 导致的. 这里显示内存 Limit 为2k, 实际上是因为在创建资源时, 写的是 2000(不加单位时, 默认单位为 bytes), k8s 自动转成了以小写 k 的单位表示方式, 所以就变成了2k

理论上来说, 按照之前的经验, 此种情况(实际使用内存超过 Limit 内存的情况)应该属于第一种, 会在 Event 里显示的由于 OOMkilled 原因导致 Terminated 状态. 但实际情况却是在 Event 里找不到 oom kill 的日志, 且 pod 状态处于 ContainerCreating 状态.

  • 由于 OOMkilled 处于 Terminated 的状态是因为 pod 已经正常被引导创建后, 导致的内存溢出
  • 由于系统 invoked oom-killer 导致的处于 ContainerCreating 状态的 pod 是因为 pod 还没正常被创建, pod 中的 pause 容器都没有被正常引导就已经被 cgroup 的内存限制而招来杀身之祸

Kubernetes中内存资源限制引发的报错 | Polar Snow Documentation

解决:k8s pod数量我们设置的是300,但是docker启动文件service设置只有226默认,导致容器无法被调度,注释这一行重启docker

解决 docker 的 read unix @->/run/containerd/s/xxx read: connection reset by peer: unknown · zhangguanzhang's Blog

docker exec 失败问题排查之旅 | Stupig

牛牛Blog
关注
  • 7
    点赞
  • 20
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
k8s问题跟进
SSJWWWCX的博客
12-17 374
可能出现问题networkPlugin cni failed to set up pod “nginx-pod-c9f8889f9-zrpg4_default” network: failed to set bridge addr: “cni0” already has an IP address different from 10.224.2.1/24 解决办法: #rm -rf /va...
处理一次k8s、calico无法分配podIP的心路历程
gao2175的博客
10-13 1181
又一次偷偷化解了可能发生的重大事故。不想看过程的可以直接跳到末尾看处理方案。 一个网络错误 某天,上kplcloud构建一个测试应用,构建完成之后发现新pod一直启动失败,并且抛出了以下错误信息: Failed create pod sandbox: rpc error: code = Unknown desc = NetworkPlugin cni failed to set up pod "xxxxxx-fc4cb949f-gpkm2_xxxxxxx" network: netplugin failed
Pod提示NetworkPlugin cni failed to set up .. network:open/run/flannel/subnet.env:nosuchfileordirectory
hedao0515的专栏
02-15 4782
k8s创建Pod提示NetworkPlugin cni failed to set up .. network:open/ run/flannel/subnet.env: no such file or directory
failed to load admin kubeconfig: open /etc/kubernetes/admin.conf: no such file or directory
小泽
06-10 398
node节点执行命令kubectl get nodes报错。
k8s 重装flannel . 解决cni failed to set up pod “xxxxx“ network: failed to set bridge addr
张伯毅的专栏
08-28 945
在安装k8s的时候,采用了flannel组件. 安装完之后, 有报错. 应该是多次安装的时候, flannel没清理干净.
[新手踩坑]k8s部署遇到的问题及可参考的解决办法
热门推荐
zuber123的博客
07-15 1万+
1.部署流程 项目需要最近在了解k8s,尝试使用虚拟机模拟集群环境,结合了不同的部署教程,给出一个基本的安装流程,以及遇到的问题。 安装环境:windows10+vmware(模拟集群环境)+ubuntu 16.04 思路:利用虚拟机模拟集群环境,虚拟机上安装ubuntu 16.04系统,创建了两个虚拟机,一个作为master节点(集群的总控节点,相当于集群的大脑),一个作为从节点node(相当于集群里可供调度的资源),二者的关系相当于将军-士兵,将军只有一个,士兵可以有很多,供将军调配。需要在所有的节点(
networkPlugin cni failed to teardown pod nginx network: invalid version \“\“: the version is empty“
Kainx
03-02 8267
networkPlugin cni failed to teardown pod nginx network: invalid version \"\": the version is empty" 问题修复
[原创] k8s 部署文档
张志鹏的博客
06-17 4026
k8s note, support all cni plugin. master first install docker curl -fsSL https://get.docker.com -o get-docker.sh bash get-docker.sh systemctl enable docker && systemctl start docker docker ps ...
k8s异常处理.docx
08-09
Kubernetesk8s)集群管理中,异常处理是一项至关重要的任务,因为任何系统都可能出现故障或不稳定的情况。本文将详细阐述如何处理k8s中的异常情况,并提供重装命令,以帮助恢复集群到正常运行状态。 首先,当k8...
k8s-calico网络容器镜像包
最新发布
06-26
部署k8s的calico网络时需要的calico镜像包,需要本地上传,导入使用
K8s外部网络访问之Ingress附件
10-25
KubernetesK8s)集群中,Ingress是一种用于管理外部访问服务的重要机制,它提供了统一的入口点,使得外部网络可以方便地与内部运行的应用进行交互。本篇文章将详细探讨Kubernetes Ingress及其附件,帮助你理解...
k8s搭建Kubernetesk8s)集群用到的部署CNI网络插件
02-21
问题场景:由于k8s安装master一直处于NotReady状态查看日志出现 failed to find plugin “flannel” in path [/opt/cni/bin]【CentOS7.9】(ps:不需要积分) 解决办法:下载CNI插件,在此提供amd和arm,其他可访问链接...
k8s fannel网络插件
02-20
k8s fannel网络插件
k8s——排错指南
星辰大海_的博客
03-29 4909
一般的k8s排错步骤:查看node状态→查看pod状态→查看kubelet系统日志 一、常用命令: 1、查看各节点状态:kubectl get node <node - name> 2、查看node事件:kubectl describe node <node - name> 3、查看Pod状态:kubectl get pod -o wide 4、查看Pod事件:kubectl describe pod <pod - name> 5、查看Pod日志文件:kubec
Kubernetesnetwork: network: failed to set bridge addr: “cni0“ already has an IP address different
justinsun221的博客
03-27 1115
在使用Kubernetes部署应用时发现有Pod一直不能创建成功,使用kubectl describe pods -n 得到的结果如下图 Failed to create pod sandbox: rpc error: code = Unknown desc = failed to set up sandbox container “ff533db509f4040f7674464940ff3165f98275173bad84f43530b5c2d633d1a0” network for pod “ngi
Failed create pod sandbox: rpc error: code = Unknown desc = NetworkPlugin cni failed to set up pod
m0_46913617的博客
11-28 551
Warning FailedCreatePodSandBox 8h (x11 over 8h) kubelet, ecsnode03 Failed create pod sandbox: rpc error: code = Unknown desc = NetworkPlugin cni failed to set up pod "ecs-web-desktop-7cbc98dcdb-nw4fw_ecs-local-area" network: could not initialize etcdv
记录pod启动报错的处理方法 network: failed to set bridge addr: “cni0“ already has an IP address different
weixin_66997758的博客
01-05 419
记录pod启动报错的处理方法 network: failed to set bridge addr: "cni0" already has an IP address different
k8s】创建pod报错,一直处于 ContainerCreating 状态
瑾瑜的博客
03-09 1090
Failed to create pod sandbox: rpc error: code = Unknown desc = [failed to set up sandbox container "e2f6c863f35f9d597fa7989883409ad3d23e3c2cb723a41695dadffdaaf3b0a2" network for pod "nginx": networkPlugin cni failed to set up pod "nginx_default" network:
k8s集群整体迁移
y_chen_007的博客
05-27 1万+
# 继上次迁移计算节点把部分节点由虚机转换为‘物理机’后,资源还是吃紧 (内存+磁盘), 毕竟vm1的kernel和rootfs都要占用宝贵的资源,所以这次准备把vm1也给禁用掉,所有原来抛在vm1 master节点上的资源都跑到hostubuntu上,也就是准备把hostubuntu作为master节点以及平时的工作节点。 这篇文章记录下操作过程已经中间碰到的问题: 重新生成kube-apis...
k8s node故障处理
10-11
当一个 Kubernetes 节点出现故障时,可以采取以下步骤进行处理: 1. 确认节点是否真的故障,可以通过检查节点的状态和日志来判断。 2. 如果节点无法恢复,可以将其从集群中删除。 3. 如果节点上运行了一些 Pod,可以将这些 Pod 调度到其他节点上。 4. 如果节点上运行了一些 DaemonSet,可以等待 Kubernetes 自动将它们调度到其他节点上。 5. 如果节点上运行了一些静态 Pod,可以手动将它们删除或者将它们的配置文件修改后重新创建。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值