作者前言
本文章为记录使用k8s遇到的问题和解决方法,文章持续更新中...
目录
-
- 作者前言
- 正常配置ingress,但是访问错误
- 添加工作节点报错
- 安装k8s报错
- 使用kubectl命令报错
- container没有运行
- 安装会出现kubelet异常,无法识别
- 删除k8s集群
- 访问dashboard报错
- k8s服务器重启后kubectl命令使用不了
- k8s手动卸载不干净
- [kubectl get pods 失败](#kubectl get pods 失败)
- 安装k8s加载内核模块报错
正常配置ingress,但是访问错误
curl: (7) Failed connect to test.com:8080; Connection refused
bash
在/etc/hosts加下记录
ip 域名添加工作节点报错
error execution phase kubelet-start: error uploading crisocket: Unauthorized To see the stack trace
bash
rm -rf $HOME/.kube/config
kubeadm reset安装k8s报错
bash
情况一:
[preflight] Running pre-flight checks
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR FileAvailable--etc-kubernetes-kubelet.conf]: /etc/kubernetes/kubelet.conf already exists
[ERROR Port-10250]: Port 10250 is in use
[ERROR FileAvailable--etc-kubernetes-pki-ca.crt]: /etc/kubernetes/pki/ca.crt already exists
[preflight] If you know what you are doing, you can make a check non-fatal with --ignore-preflight-errors=...
To see the stack trace of this error execute with --v=5 or higher
先删除文件
rm -rf /etc/kubernetes/kubelet.conf
rm -rf /etc/kubernetes/pki/ca.crt
lsof -i :10250
kill -9 进程号
情况2:
[ERROR DirAvailable--var-lib-etcd]: /var/lib/etcd is not empty
rm -rf /var/lib/etcd使用kubectl命令报错
bash
The connection to the server 本机ip:6443 was refused - did you specify the right host or port?
排错思路
1、集群硬件时间和系统时间不同步
hwclock和data查看后修改
2、查看端口是否被占用或被防火墙拦截
netstat -antup | grep 端口号
firewalld --list-zones
iptables -nL
3、更改主机名了、重启服务器了
hostnamectl set-hostname 原名
重启kubelet服务
4、查看服务是否正常,重启服务
kubelet、containerd、docker等container没有运行
bash
container runtime is not running: output: time="2023-08-11T15:37:57+08:00" l
解决:
vim /etc/containerd/config.toml
#disabled_plugins = ["cri"]安装会出现kubelet异常,无法识别
bash
--node-labels 字段问题,原因如下。
将 --node-labels=node.kubernetes.io/node='' 替换为 --node-labels=node.kubernetes.io/node= 将 '' 删除删除k8s集群
bash
先停服
systemctl stop kubelet etcd docker containerd
卸载k8s
kubeadm reset -f
删除k8s相关目录
rm -rf ~/.kube/
rm -rf /etc/kubernetes/
rm -rf /etc/systemd/system/kubelet.service.d
rm -rf /etc/systemd/system/kubelet.service
rm -rf /usr/bin/kube*
rm -rf /etc/cni
rm -rf /opt/cni
rm -rf /var/lib/etcd
rm -rf /var/etcd
卸载k8s软件包
yum -y remove kubeadm-1.xxx kubelet-1.xxx kubectl-1.xxx
更新yum源
yum clean all
yum -y update
yum makecache访问dashboard报错
网页提示信息Client sent an HTTP request to an HTTPS server.
原因:
因为直接使用ip:端口的方式是http协议
解决方法:
访问需要加上https
https://ip:端口
如果还是无法访问提示此报错
原因:被浏览器安全阻拦了
点击页面空白处,键盘输入thisunsafe就可以正常连接了
k8s服务器重启后kubectl命令使用不了
bash
重启前需要配置自启动
systemctl enable docker &&systemctl start docker
systemctl enable kubelet && sytemctl start kubelet
systemctl enable containerd && sytemctl start containerd
systemctl daemon-reload
重启后kubectl命令不了,一般重启器kubelet服务就可以了
sytemctl restart kubeletk8s手动卸载不干净
bash
使用以下命令进行操作
kubeadm reset -fkubectl get pods 失败
bash
E0816 23:01:08.370695 3256 memcache.go:265] couldn't get current server API group list: Get "https://ip/api?timeout=32s": dial tcp ip:6443: connect: connection refused
查看kubelet服务状态
systemctl status kubelet
$KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS
网上查阅后是k8s集群的版本问题,因为不小心升级了yum update
kubelet --version查看版本是1.28的,之前安装是1.25的
#解决方法,降级
查看包
rpm -qa | grep kube
删除包
yum remove -y kubeadm-1.28.0-0.x86_64 kubernetes-cni-1.2.0-0.x86_64 kubectl-1.28.0-0.x86_64 kubelet-1.28.0-0.x86_64
yum install -y kubelet-1.25.0 kubeadm-1.25.0 kubectl-1.25.0
systemctl enable kubelet
再次kubectl get pods显示正常了安装k8s加载内核模块报错
bash
加载内核参数net.bridge.bridge-nf-call-ip6tables和net.bridge.bridge-nf-call-iptables
报错cannot stat /proc/sys/net/bridge/bridge-nf-call-ip6tables: No such file or directoryfcannot stat /proc/sys/net/bridge/bridge-nf-call-iptables: No such file or directory
#解决方法
modeprobe br_netfilter