开源软件k8s、docker使用过程中遇到的问题总结。
1.
unexpected kernel config:
CONFIG_CGROUP_PIDS
|
error
execution phase preflight: [preflight] Some fatal errors occurred: [ERROR SystemVerification]:
unexpected kernel config: CONFIG_CGROUP_PIDS [ERROR SystemVerification]: missing
required cgroups: pids [preflight]
If you know what you are doing, you can make a check non-fatal with
`--ignore-preflight-errors=...` To see the stack trace of this error execute with --v=5 or
higher |
内核版本低引起,需要升级linux 内核,Docker is only designed to run on Linux kernel version 3.8 and
higher;3.10也有类似问题
2.
kubelet cgroup driver:
"systemd" is different from docker cgroup driver:
"cgroupfs"
|
error
execution phase preflight: [preflight] Some fatal errors occurred: [ERROR SystemVerification]:
unexpected kernel config: CONFIG_CGROUP_PIDS [ERROR SystemVerification]: missing
required cgroups: pids [preflight]
If you know what you are doing, you can make a check non-fatal with
`--ignore-preflight-errors=...` To see the stack trace of this error execute with --v=5 or
higher |
Kubelet与docker要使用一致的cgroup driver;
确认docker的 Cgroup
[root@k8s-node-2
sysconfig]# docker info |grep Driver
Storage
Driver: overlay2
WARNING:
IPv4 forwarding is disabled
Logging
Driver: json-file
Cgroup
Driver: cgroupfs
这样改:
[root@k8s-node-2
docker]# pwd
/etc/docker
[root@k8s-node-2
docker]# vi daemon.json (没有这个文件就新建一个)
添加:
{
"exec-opts":
["native.cgroupdriver=systemd"]
}
3.
Get https://k8s.gcr.io/v2/:
net/http: request canceled while waiting for connection
|
CreatePodSandbox
for pod
"nginx-554b9c67f9-2h6pk_default(4b8ff9c6-5e82-4607-a4c7-3d31ab9c1f61)"
failed:
rpc error: code = Unknown desc = failed pulling image
"k8s.gcr.io/pause:3.1": Error
response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled
while waiting for connection (Client.Timeout exceeded while awaiting headers) |
访问不了国外网站k8s.gcr.io,只能通过国内网站如: registry.cn-hangzhou.aliyuncs.com去拉取镜像,再用tag修改标签;
4.
yum install -y docker相关依赖包下载不来
配置163或者aliyun镜像代替,例如
wget http://mirrors.163.com/.help/CentOS7-Base-163.repo
wget http://mirrors.aliyun.com/repo/Centos-7.repo
替换 /etc/yum.repos.d/CentOS-Base.repo
5.
kube-flannel.yml下载不来
|
wget https://github.com/flannel-io/flannel/releases/download/v0.14.0/flanneld-v0.14.0-amd64.docker 通过flanneld-v0.14.0-amd64.docker去拉镜像再改标签 docker load < flanneld-v0.14.0-amd64.docker
&& \\ docker tag quay.io/coreos/flannel:v0.14.0-amd64
quay.io/coreos/flannel:v0.14.0 && \\ docker rmi
quay.io/coreos/flannel:v0.14.0-amd64 |
6.
applying cgroup
configuration for process caused \"No such device or address\"":
unknown
|
调整kubelet
--cgroup-driver 来适配 docker 服务默认采用的 cgroupfs 驱动 [root@k8s-node-2 kubelet.service.d]# cat -n
/var/lib/kubelet/config.yaml |grep systemd cgroupDriver: systemd 改为: cgroupDriver: cgroupfs dockers: vi
/etc/docker/daemon.json "exec-opts": ["native.cgroupdriver=systemd"] 改为 "exec-opts":
["native.cgroupdriver=cgroupfs"] 然后重启 [root@k8s-node-2 kubelet.service.d]# systemctl stop
kubelet [root@k8s-node-2 kubelet.service.d]# systemctl restart
docker [root@k8s-node-2 kubelet.service.d]# systemctl start
kubelet |
7.
No such
image:rancher/mirrored-flannelcni-flannel-cni-plugin:v1.0.0
|
level=error
msg="Handler for GET
/v1.26/images/rancher/mirrored-flannelcni-flannel-cni-plugin:v1.0.0/json
returned error: No such image: rancher/mirrored-flannelcni-flannel-cni-plugin:v1.0.0" |
手工拉取检查:docker pull
rancher/mirrored-flannelcni-flannel-cni-plugin:v1.0.0,如果不行检查dns;
8.
failed to find plugin
\"portmap\" in path [/opt/cni/bin]
|
Error validating CNI config list"
configList="{\n
\"name\": \"cbr0\",\n \"cniVersion\":
\"0.3.1\",\n
\"plugins\": [\n
{\n \"type\":
\"flannel\",\n
\"delegate\": {\n
\"hairpinMode\": true,\n \"isDefaultGateway\":
true\n }\n },\n
{\n \"type\":
\"portmap\",\n
\"capabilities\": {\n \"portMappings\":
true\n }\n }\n
]\n}\n" err="[failed to find plugin \"portmap\" in
path [/opt/cni/bin]]" |
这是因为pod需要的cni插件没有安装,此时可以手动安装。在https://github.com/containernetworking/plugins/releases里面找到对应的版本,下载后解压到/opt/cni/bin之后重启kubectl即可
9.
SELinux is not supported
with the overlay2 graph driver on this kernel
|
Error starting daemon: SELinux is not supported with the overlay2
graph driver on this kernel. Either boot into a newer kernel or disable
selinux in docker (--selinux-enabled=false) |
vi
/etc/selinux/config
SELINUX=disabled
重启 os 就可以了;
10.
http: server gave HTTP
response to HTTPS client
|
registry交互默认使用的是HTTPS,但是搭建私有镜像默认使用的是HTTP服务,所以与私有镜像交时出现以上错误。 可以通过以下办法解决: 1.vim
/etc/docker/daemon.json 增加一行(ip端口为对应拉取的) {
"insecure-registries":["192.168.1.100:5000"] } 保存退出 2.重启docker服务 systemctl daemon-reload systemctl restart docker |
11.
dial tcp 127.0.0.1:10251: connect: connection
refused
|
# kubectl get cs Warning: v1 ComponentStatus is deprecated in v1.19+ NAME
STATUS MESSAGE
ERROR scheduler
Unhealthy Get
"http://127.0.0.1:10251/healthz": dial tcp 127.0.0.1:10251:
connect: connection refused etcd-0
Healthy
{"health":"true"}
controller-manager
Healthy ok
|
cd
/etc/kubernetes/manifests
# vi kube-scheduler.yaml
注释 - --port=0
systemctl restart kubelet
12.
[kubelet-check] Initial
timeout of 40s passed
|
[kubelet-start] preserving the crisocket
information for the node 19:01:34.448002
1639732 patchnode.go:31] [patchnode] Uploading the CRI Socket information
"/var/run/dockershim.sock" to the Node API object
"k8s-node-1" as an annotation [kubelet-check] Initial timeout of 40s passed. |
使用kubeadm reset 重置,重新配置一般都能正常
13.
package
kubelet-1.22.4-0.x86_64 does not have a compatible architecture
|
Problem 1: cannot install the best candidate for the
job - package
kubelet-1.22.4-0.x86_64 does not have a compatible architecture - nothing
provides libdl.so.2(GLIBC_2.2.5)(64bit) needed by kubelet-1.22.4-0.x86_64 - nothing
provides libpthread.so.0(GLIBC_2.2.5)(64bit) needed by
kubelet-1.22.4-0.x86_64 - nothing
provides libpthread.so.0(GLIBC_2.3.2)(64bit) needed by
kubelet-1.22.4-0.x86_64 - nothing provides
libc.so.6(GLIBC_2.2.5)(64bit) needed by kubelet-1.22.4-0.x86_64 |
uname -a检查cpu架构,配置对应的yum源比如是aarch64 还是x86_64;
