一看必會系列:kubernetes排錯及高級配置1

來源:本站原創 容器技術 超過478 views圍觀 0條評論

  kubectl get pod –all-namespaces
  kubectl get service –namespace=kube-system
  kubectl get pods –namespace=kube-system
  kubectl describe pod nginx-controller-mbs7l
——————-以下是排錯及高級應用—————————
  kubectl get pod –all-namespaces
 
[[email protected] ~]# kubectl get pod –all-namespaces
NAMESPACE     NAME                                           READY     STATUS             RESTARTS   AGE
default       nginx-pod                                      1/1       Running            0          10h
kube-system   kubernetes-dashboard-latest-3308158392-8wj3w   0/1       ImagePullBackOff   0          10h

 
  kubectl get service –namespace=kube-system

[[email protected] ~]#   kubectl get service –namespace=kube-system
NAME                   CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE
kubernetes-dashboard   192.168.142.222   <none>        80/TCP    10h
 
  kubectl get pods –namespace=kube-system
 
[[email protected] ~]#   kubectl get pods –namespace=kube-system
NAME                                           READY     STATUS             RESTARTS   AGE
kubernetes-dashboard-latest-3308158392-8wj3w   0/1       ImagePullBackOff   0          10h
 
  kubectl get service –namespace=kube-system
 
[[email protected] ~]#   kubectl get service –namespace=kube-system
NAME                   CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE
kubernetes-dashboard   192.168.142.222   <none>        80/TCP    10h
 
  kubectl get pods –namespace=kube-system
  kubectl get  -f kubernetes-dashboard.yaml
 
 
 

   
—————–部署nginx測試——————-
nginx-pod.yaml
   
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
  name: nginx-pod
spec:
containers:
– name: nginx
   image: nginx
   ports:
   – containerPort: 80

   
   
http://blog.csdn.net/u013760355/article/details/68061976   
[[email protected] ~]# kubectl create -f /opt/dockerconfig/nginx-pod.yaml
Error from server (ServerTimeout): error when creating "/opt/dockerconfig/nginx-pod.yaml": No API token found for service account "default", retry after the token is automatically created and added to the service account

報錯是驗證產生的

[[email protected] ~]# vim /etc/kubernetes/apiserver

去掉相應配置
#KUBE_ADMISSION_CONTROL="–admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
KUBE_ADMISSION_CONTROL="–admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"

[[email protected] ~]# systemctl restart kube-apiserver
[[email protected] ~]#
解決

[[email protected] ~]# kubectl create -f /opt/dockerconfig/nginx-pod.yaml
pod "nginx-pod" created
[[email protected] ~]#

但是一直卡著
[[email protected] ~]# kubectl get pods
NAME        READY     STATUS              RESTARTS   AGE
nginx-pod   0/1       ContainerCreating   0          12m
[[email protected] ~]# kubectl get service
NAME         CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   192.168.142.1   <none>        443/TCP   1h
[[email protected] ~]#
主要是通過“kubectl describe pod PodName”指令查看pod發生的事件,從事件列表中可以查找到錯誤信息。
查狀態
[[email protected] ~]# kubectl get pods
NAME        READY     STATUS              RESTARTS   AGE
nginx-pod   0/1       ContainerCreating   0          12m
[[email protected] ~]# kubectl get service
NAME         CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   192.168.142.1   <none>        443/TCP   1h
[[email protected] ~]# kubectl describe pod gninx
Error from server (NotFound): pods "gninx" not found
[[email protected] ~]# kubectl describe pod nginx
Name:        nginx-pod
Namespace:    default
Node:        192.168.142.131/192.168.142.131
Start Time:    Thu, 18 Jan 2018 08:39:59 -0500
Labels:        name=nginx-pod
Status:        Pending
IP:       
Controllers:    <none>
Containers:
  nginx:
    Container ID:       
    Image:            nginx
    Image ID:           
    Port:            80/TCP
    State:            Waiting
      Reason:            ContainerCreating
    Ready:            False
    Restart Count:        0
    Volume Mounts:        <none>
    Environment Variables:    <none>
Conditions:
  Type        Status
  Initialized     True
  Ready     False
  PodScheduled     True
No volumes.
QoS Class:    BestEffort
Tolerations:    <none>
Events:
  FirstSeen    LastSeen    Count    From                SubObjectPath Type        Reason        Message
  ———    ——–    —–    —-                ————- ——–    ——        ——-
  15m        15m        1    {default-scheduler }                  Normal        Scheduled    Successfully assigned nginx-pod to 192.168.142.131
  15m        4m        7    {kubelet 192.168.142.131}              Warning        FailedSync    Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request.  details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"

  14m    12s    64    {kubelet 192.168.142.131}        Warning    FailedSync    Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""

哈哈,你懂的
Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
[[email protected] ~]#

手動下載
[[email protected] ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure …
open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory
[[email protected] ~]#

———解決方法1 已失效,現版不知為毛這兩包裝了沒用
[[email protected] ~]# yum install *rhsm* -y         —-安裝

Installed:
  python-rhsm.x86_64 0:1.19.10-1.el7_4                                       python-rhsm-certificates.x86_64 0:1.19.10-1.el7_4                                     

Dependency Installed:
  python-dateutil.noarch 0:1.5-7.el7                                                                                                                                

Complete!

———-解決方法2

[[email protected] ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure …
latest: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure

26e5ed6899db: Pulling fs layer
66dbe984a319: Pulling fs layer
^C38e7863e08: Pulling fs layer

———前兩個方案已失效用第三種
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm -ivh  python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
[[email protected]_master ~]# rpm -ivh python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
Preparing…                          ################################# [100%]
Updating / installing…
   1:python-rhsm-certificates-1.19.10-################################# [100%]
[[email protected]_master ~]# !ll
ll /etc/rhsm/ca/
total 8
-rw-r–r– 1 root root 7732 Oct 20  2017 redhat-uep.pem   ——就是這個文件

 

等10個小時就好了
[[email protected] ~]#   kubectl get pods
NAME        READY     STATUS    RESTARTS   AGE
nginx-pod   1/1       Running   0          11h

 

新建nginx-service.
[[email protected] dockerconfig]# kubectl create -f nginx-service.yaml
service "nginx-service" created
[[email protected] dockerconfig]# kubectl get -f nginx-service.yaml
NAME            CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
nginx-service   192.168.142.65   <nodes>       80:30001/TCP   8s
[[email protected] dockerconfig]#

訪問 node1的 30001端口測試成功

———–
  在master節點上啟動

systemctl enable flanneld.service
systemctl start flanneld.service
service docker restart
systemctl restart kube-apiserver.service
systemctl restart kube-controller-manager.service
systemctl restart kube-scheduler.service

for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler   kube-proxy  kubelet docker flanneld   ;
do systemctl restart   $SERVICES; systemctl enable $SERVICES; systemctl status $SERVICES; done;

在各個Nodes上啟動

systemctl enable flanneld.service
systemctl start flanneld.service
service docker restart
systemctl restart kubelet.service
systemctl restart kube-proxy.service

node啟動

for SERVICES in kube-proxy kubelet docker flanneld; do
        systemctl restart $SERVICES
        systemctl enable $SERVICES
        systemctl status $SERVICES
    done;

文章出自:CCIE那點事 http://www.qdxgqk.live/ 版權所有。本站文章除注明出處外,皆為作者原創文章,可自由引用,但請注明來源。 禁止全文轉載。
本文鏈接:http://www.qdxgqk.live/?p=3830轉載請注明轉自CCIE那點事
如果喜歡:點此訂閱本站
?
?
萌宠夺宝游戏