我正在尝试在vsphere私有云中设置一个非常简单的2节点K8S 1.13.3群集。VM正在运行Ubuntu 18.04。防火墙被关闭以进行测试。然而,由于拒绝连接,初始化正在失败。除了被阻止的端口外,还有其他可能导致的吗?我是K8的新手,正在试图将所有这些缠住。
我将vsphere.conf放在/etc/kubernetes/中,如本要点所示。https://gist.github.com/spstratis/0395073ac3aac3ba6dc24349582b43894a77
我还创建了一个配置文件,以指向我运行kubeadm init时。这是IT s内容的示例。https://gist.github.com/spstratis/086f08a1a4033138a0c42f80aef5ab40
当我跑步时 sudo kubeadm init --config /etc/kubernetes/kubeadminitmaster.yaml它会出现以下错误。
[kubelet-check] Initial timeout of 40s passed.
[kubelet-check] It seems like the kubelet isn't running or healthy.
[kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get http://localhost:10248/healthz: dial tcp 127.0.0.1:10248: connect: connection refused.
检查sudo systemctl status kubelet向我显示kubelet正在运行。我现在关闭了主VM上的防火墙,以测试pupusos,以便我可以验证群集将自行引导。
Loaded: loaded (/lib/systemd/system/kubelet.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/kubelet.service.d
└─10-kubeadm.conf
Active: active (running) since Sat 2019-02-16 18:09:58 UTC; 24s ago
Docs: https://kubernetes.io/docs/home/
Main PID: 16471 (kubelet)
Tasks: 18 (limit: 4704)
CGroup: /system.slice/kubelet.service
└─16471 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --cloud-config=/etc/kubernetes/vsphere.conf --cloud-provider=vsphere --cgroup-driver=systemd --network-plugin=cni --pod-i
以下还有一些其他日志,显示与https://192.168.0.12:6443/的连接被拒绝。所有这些似乎都导致库贝特失败并防止Init过程完成。
Feb 16 18:10:22 k8s-master-1 kubelet[16471]: E0216 18:10:22.633721 16471 kubelet.go:2266] node "k8s-master-1" not found
Feb 16 18:10:22 k8s-master-1 kubelet[16471]: E0216 18:10:22.668213 16471 reflector.go:134] k8s.io/kubernetes/pkg/kubelet/kubelet.go:453: Failed to list *v1.Node: Get https://192.168.0.12:6443/api/v1/nodes?fieldSelector=metadata.name%3Dk8s-master-1&limit=500&resourceVersion=0: dial tcp 192.168.0.1
Feb 16 18:10:22 k8s-master-1 kubelet[16471]: E0216 18:10:22.669283 16471 reflector.go:134] k8s.io/kubernetes/pkg/kubelet/kubelet.go:444: Failed to list *v1.Service: Get https://192.168.0.12:6443/api/v1/services?limit=500&resourceVersion=0: dial tcp 192.168.0.12:6443: connect: connection refused
Feb 16 18:10:22 k8s-master-1 kubelet[16471]: E0216 18:10:22.670479 16471 reflector.go:134] k8s.io/kubernetes/pkg/kubelet/config/apiserver.go:47: Failed to list *v1.Pod: Get https://192.168.0.12:6443/api/v1/pods?fieldSelector=spec.nodeName%3Dk8s-master-1&limit=500&resourceVersion=0: dial tcp 192.1
Feb 16 18:10:22 k8s-master-1 kubelet[16471]: E0216 18:10:22.734005 16471 kubelet.go:2266] node "k8s-master-1" not found
为了解决错误(拨号TCP 127.0.0.1:10248:连接:连接拒绝。),运行以下内容:
sudo mkdir /etc/docker
cat <<EOF | sudo tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
sudo systemctl enable docker
sudo systemctl daemon-reload
sudo systemctl restart docker
sudo kubeadm reset
sudo kubeadm init
如果在配置工作者节点时发生相同的错误。
您不能使用 bootstrap-kubeconfig初始化主库贝特(Master)的kubelet,因为 - 您正在经历 - 它没有可以联系的API服务器来生成其私钥和证书。捕获22。我大约80%的人可以从库贝特(Kubelet)args中删除--bootstrap-kubeconfig会有所帮助。我希望 kubelet已经在/var/lib/kubelet/pki中具有其钥匙和证书,因此也可能值得检查。
另外,假设您使用/etc/kubernetes/manifests目录运行Apiserver和ControllerManager,请确保/var/lib/kubelet/config.yaml中的staticPodPath:指向正确的目录。这不太可能是问题,但是检查超级便宜。
尝试将以下添加到vi /etc/docker/daemon.json
{ "exec-opts": ["native.cgroupdriver=systemd"] }
,然后是SystemCtl重新启动Docker。
另外,是的,/etc/docker的守护程序。