k8s+ovs三节点部署,及kubenetes无法创建pod/创建RC时无法自动创建pod的问题

准备工作:

配置yum源及关闭防火墙

# systemctl stop firewalld
# systemctl disable firewalld

安装mster

yum install etcd kubernetes-master

安装node

yum install kubernetes-node

以上参考链接:

https://blog.csdn.net/magerguo/article/details/72123259?locationNum=3&fps=1

 

网络配置:

本地docker0网络配置:

修改文件 /etc/docker/daemon.json 添加内容 {"bip": "172.17.1.1/24"}

docker源 /etc/docker/daemon.json配置:

{"registry-mirrors":["https://docker.mirrors.ustc.edu.cn"]}

 

1.flannel网络

note节点安装flannel,并在etcd中定义flannel网络

    # etcdctl mk /atomic.io/network/config '{"Network":"172.17.0.0/16"}'

参考链接:

https://blog.csdn.net/magerguo/article/details/72123259?locationNum=3&fps=1

 

2.ovs网络(注意环路)

  1.  yum install openvswitch
  2. 关闭selinux
  3. 创建网桥

 

ovs-vsctl add-br br0
     

 

   4.创建gre

ovs-vsctl add-port br0 gre103 --set interface gre103 type=gre option:remote_ip=192.168.71.103

       5.添加br0到本地docker0,使容器流量流经tunnel

brctl addif docker0 br0

  6.开启端口发布路由

 ip link set dev br0 up
 ip link set dev docker0 up
 ip route add 172.17.0.0/16 dev docker0
 iptables -t nat -F;iptables -F

  

kubernetes启动后的两个问题

(1)kubenetes无法创建pod/创建RC时无法自动创建pod的问题:

主要命令:kubectl describe rs/redis-master-1258987832

参考链接:https://blog.csdn.net/jinzhencs/article/details/51435020

创建pod:

# kubectl create -f nginx.yaml
此时有如下报错:

Error from server: error when creating "nginx.yaml": Pod "nginx" is forbidden: no API token found for service account default/default, retry after the token is automatically created and added to the service account
解决办法是编辑/etc/kubernetes/apiserver 去除 KUBE_ADMISSION_CONTROL中的SecurityContextDeny,ServiceAccount,并重启kube-apiserver.service服务:

(2)pod服务一直处于 ContainerCreating状态的原因查找与解决

vents:
  FirstSeen    LastSeen    Count    From                SubObjectPath    Type        Reason        Message
  ---------    --------    -----    ----                -------------    --------    ------        -------
  5m        5m        1    {default-scheduler }                Normal        Scheduled    Successfully assigned nginx-deployment-148880595-0jprz to 192.168.71.102
  5m        2m        5    {kubelet 192.168.71.102}            Warning        FailedSync    Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request.  details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"

  4m    6s    19    {kubelet 192.168.71.102}        Warning    FailedSync    Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""

主要命令:yum install *rhsm* -y

参考链接:https://blog.csdn.net/learner198461/article/details/78036854

                  https://blog.csdn.net/d7185540/article/details/80868816

 

posted @ 2018-08-17 14:42  Feiger.Lan  阅读(1459)  评论(0编辑  收藏  举报