rkt를 사용하여 CoreOS alpha (1284.2.0)에 의해 컨테이너 Linux에서 kubernetes 1.5.2를 사용하려고합니다.kubernetes 노드가 등록되지 않았습니다
호스트 이름이 coreos-2.tux-in.com
인 두 개의 코어 서버 (하나는 컨트롤러 + 작업자)이고 두 번째 코어 호스트 서버는 호스트 이름이 coreos-3.tux-in.com
인 작업입니다.
지금 컨트롤러에 + coreos-2.tux-in.com
을 (를) 설치하고 있습니다.
일반적으로 나는 https://coreos.com/kubernetes/docs/latest/의 지시 사항을 따르고 일부 수정을가했습니다.
대신 kboeconfig를 사용합니다.
나는 데 문제가 KUBE-프록시 포드가 다음 오류 메시지와 함께 실패한다는 것입니다 :
kubeconfig가 함께/etc/kubernetes/controller-kubeconfig.yaml
에 위치
Jan 14 23:27:34 coreos-2.tux-in.com rkt[11555]: [ 220.477192] kube-proxy[5]: E0114 23:27:34.900184 5 server.go:421] Can't get Node "coreos-2.tux-in.com", assuming iptables proxy, err: nodes "coreos-2.tux-in.com" not found
Jan 14 23:27:34 coreos-2.tux-in.com rkt[11555]: [ 220.479181] kube-proxy[5]: I0114 23:27:34.902440 5 server.go:215] Using iptables Proxier.
Jan 14 23:27:34 coreos-2.tux-in.com rkt[11555]: [ 220.480503] kube-proxy[5]: W0114 23:27:34.903771 5 server.go:468] Failed to retrieve node info: nodes "coreos-2.tux-in.com" not found
Jan 14 23:27:34 coreos-2.tux-in.com rkt[11555]: [ 220.481175] kube-proxy[5]: F0114 23:27:34.903829 5 server.go:222] Unable to create proxier: can't set sysctl net/ipv4/conf/all/route_localnet: open /proc/sys/net/ipv4/conf/all/route_localnet: read-only file system
다음
apiVersion: v1
kind: Config
clusters:
- cluster:
server: http://127.0.0.1:8080
name: tuxin-coreos-cluster
contexts:
- context:
cluster: tuxin-coreos-cluster
name: tuxin-coreos-context
kind: Config
preferences:
colors: true
users:
- name: kubelet
user:
client-certificate: /etc/kubernetes/ssl/apiserver.pem
client-key: /etc/kubernetes/ssl/apiserver-key.pem
current-context: tuxin-coreos-context
이 kube-apisever의 매니페스트입니다.
apiVersion: v1
kind: Pod
metadata:
name: kube-apiserver
namespace: kube-system
spec:
hostNetwork: true
containers:
- name: kube-apiserver
image: quay.io/coreos/hyperkube:v1.5.2_coreos.0
command:
- /hyperkube
- apiserver
- --bind-address=0.0.0.0
- --etcd-servers=http://127.0.0.1:4001
- --allow-privileged=true
- --service-cluster-ip-range=10.3.0.0/24
- --secure-port=443
- --advertise-address=10.79.218.2
- --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota
- --tls-cert-file=/etc/kubernetes/ssl/apiserver.pem
- --tls-private-key-file=/etc/kubernetes/ssl/apiserver-key.pem
- --client-ca-file=/etc/kubernetes/ssl/ca.pem
- --service-account-key-file=/etc/kubernetes/ssl/apiserver-key.pem
- --runtime-config=extensions/v1beta1/networkpolicies=true
- --anonymous-auth=false
livenessProbe:
httpGet:
host: 127.0.0.1
port: 8080
path: /healthz
initialDelaySeconds: 15
timeoutSeconds: 15
ports:
- containerPort: 443
hostPort: 443
name: https
- containerPort: 8080
hostPort: 8080
name: local
volumeMounts:
- mountPath: /etc/kubernetes/ssl
name: ssl-certs-kubernetes
readOnly: true
- mountPath: /etc/ssl/certs
name: ssl-certs-host
readOnly: true
volumes:
- hostPath:
path: /etc/kubernetes/ssl
name: ssl-certs-kubernetes
- hostPath:
path: /usr/share/ca-certificates
name: ssl-certs-host
이며 이것은 th입니다. E 매니페스트 KUBE 프록시 :
apiVersion: v1
kind: Pod
metadata:
name: kube-proxy
namespace: kube-system
spec:
hostNetwork: true
containers:
- name: kube-proxy
image: quay.io/coreos/hyperkube:v1.5.2_coreos.0
command:
- /hyperkube
- proxy
- --kubeconfig=/etc/kubernetes/controller-kubeconfig.yaml
securityContext:
privileged: true
volumeMounts:
- mountPath: /etc/kubernetes/controller-kubeconfig.yaml
name: "kubeconfig"
readOnly: true
- mountPath: /etc/kubernetes/ssl
name: "etc-kube-ssl"
readOnly: true
- mountPath: /var/run/dbus
name: dbus
readOnly: false
volumes:
- name: "ssl-certs"
hostPath:
path: "/usr/share/ca-certificates"
- name: "kubeconfig"
hostPath:
path: "/etc/kubernetes/controller-kubeconfig.yaml"
- name: "etc-kube-ssl"
hostPath:
path: "/etc/kubernetes/ssl"
- hostPath:
path: /var/run/dbus
name: dbus
/etc/kubernetes/manifests
또한 운하 KUBE 제어기 매니저, KUBE 스케쥴러와는 Kubernetes - 대시 보드를 포함한다. 나는 ~/.kube/config
에서 다음과 같이 구성 내 바탕 화면에 kubectl
이
:
apiVersion: v1
clusters:
- cluster:
certificate-authority: /Users/ufk/Projects/tuxin-coreos/kubernetes/certs/ca.pem
server: https://coreos-2.tux-in.com
name: tuxin-coreos-cluster
contexts:
- context:
cluster: tuxin-coreos-cluster
user: default-admin
name: tuxin-coreos-context
current-context: tuxin-coreos-context
kind: Config
preferences: {}
users:
- name: default-admin
user:
username: kubelet
client-certificate: /Users/ufk/Projects/tuxin-coreos/kubernetes/certs/client.pem
client-key: /Users/ufk/Projects/tuxin-coreos/kubernetes/certs/client-key.pem
을 내가 kubectl get nodes
을 실행할 때 내가 지금 어떻게 든 현재 노드가 등록되지 않은 No resources found.
를 얻기를 ...
이것은 내 kubelet.service
파일입니다.
[Service]
Environment=KUBELET_IMAGE_TAG=v1.5.2_coreos.0
Environment="RKT_RUN_ARGS=--uuid-file-save=/var/run/kubelet-pod.uuid \
--volume var-log,kind=host,source=/var/log \
--mount volume=var-log,target=/var/log \
--volume dns,kind=host,source=/etc/resolv.conf \
--mount volume=dns,target=/etc/resolv.conf \
--volume cni-bin,kind=host,source=/opt/cni/bin \
--mount volume=cni-bin,target=/opt/cni/bin \
--volume rkt,kind=host,source=/opt/bin/host-rkt \
--mount volume=rkt,target=/usr/bin/rkt \
--volume var-lib-rkt,kind=host,source=/var/lib/rkt \
--mount volume=var-lib-rkt,target=/var/lib/rkt \
--volume stage,kind=host,source=/tmp \
--mount volume=stage,target=/tmp"
ExecStartPre=/usr/bin/mkdir -p /opt/cni/bin
ExecStartPre=/usr/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/usr/bin/mkdir -p /var/log/containers
ExecStartPre=-/usr/bin/rkt rm --uuid-file=/var/run/kubelet-pod.uuid
ExecStart=/usr/lib/coreos/kubelet-wrapper \
--kubeconfig=/etc/kubernetes/controller-kubeconfig.yaml \
--register-schedulable=false \
--network-plugin=cni \
--container-runtime=rkt \
--rkt-path=/usr/bin/rkt \
--allow-privileged=true \
--pod-manifest-path=/etc/kubernetes/manifests \
--hostname-override=coreos-2.tux-in.com \
--cluster_dns=10.3.0.10 \
--cluster_domain=cluster.local
ExecStop=-/usr/bin/rkt stop --uuid-file=/var/run/kubelet-pod.uuid
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
나는 --hostname-override=coreos-2.tux-in.com
세트를 가지고 있으므로 노드를 등록해야한다고 생각하지만 그렇지 않습니다.
여기서부터 어떻게해야합니까?