繼上篇,排查 kubelet、kubeadm init 問題
Last updated
Last updated
在這篇 “手工 Installing kubeadm” 文末,出現錯誤訊息: failed to load Kubelet config file /var/lib/kubelet/config.yaml 是可以省略的,原因是在進行 kubeadm init 步驟階段,會自行產生。 這是自己在進行 kubeadm init 步驟發現的情況。
在這篇 “手工 Installing CRI-O、kubeadm init” 過程裡,kubeadm init 並沒有順利完成初始化目的 先從 log 查看:
sudo journalctl -xeu kubelet
# 重點資訊:
RunPodSandbox from runtime service failed: rpc error: code = Unknown desc = cri-o configured with systemd cgroup manager
# kubeadm init log
This error is likely caused by:
- The kubelet is not running
- The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)在大多的官方、網友教學文章中都是以 docker 作為 Container Runtime Interface, 但是我選擇 CRI-O,故在 cgroup 部分需要特別指定。 預設是 docker cgroupfs,可以不需特別指定,CRI-O 需要指定 systemd。
# 查看 CRI-O 的 cgroup driver
[vagrant@kk8s-1 ~]$ cat /etc/crio/crio.conf | grep cgroup_manager
# cgroup_manager is the cgroup management implementation to be used
cgroup_manager = "systemd"
[vagrant@kk8s-1 ~]$
# 設定 cgroup-driver & ExecStart 增加 $KUBELET_CGROUP_ARGS
[vagrant@kk8s-1 ~]$ sudo vi /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
協助我找到問題的原因,除了上述 log 資訊,另外透過 Google 搜尋查看下列文章,補強我的觀念 https://blog.csdn.net/zzq900503/article/details/81710319 以上,解決了 kubeadm init 失敗的原因了
如使用 docker CRI,則需查看 docker cgroup-driver 資訊:
方式一 $ less /etc/docker/daemon.json
方式二 $ sudo docker info |grep Cgroup
Cgroup Driver: systemd
依循查到的 cgroup 而決定 K8s 引用什麼 --cgroup-driver=systemd | cgroupfs
查看目前 k8s 啟用的 cgroup
$ sudo less /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
>> 10-kubeadm.conf 裡頭有引用下面 flags.env,裡頭有 cgroup driver 設定
$ sudo less /var/lib/kubelet/kubeadm-flags.env
# 提醒
# 因 kubelet config file 有異動,必須進行 reload & restart kubelet
$ sudo systemctl daemon-reload
$ sudo systemctl restart kubelet完成排除後,kubelet 確認運作正常,重新進行初始化動作~ 但是,不可馬上下 kubeadm init 指令,會偵測到目前相關環境已經 Ready,故須進行下面步驟:
[vagrant@kk8s-1 ~]$ sudo kubeadm reset
[vagrant@kk8s-1 ~]$ systemctl stop kubelet
# 發現 kube apiserver 運作中,需要 kill
[vagrant@kk8s-1 ~]$ ps aux |grep kube
[vagrant@kk8s-1 ~]$ sudo kill 31941 31965重新進行 kubeadm init 指令,經過幾分鐘後,此時 K8s Master node 確認運作正常了
[vagrant@kk8s-1 ~]$ sudo kubeadm init --cri-socket="/var/run/crio/crio.sock" --apiserver-advertise-address=192.168.42.191
[init] using Kubernetes version: v1.12.2
[preflight] running pre-flight checks
...... <略過> ......
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
kubeadm join 192.168.42.191:6443 --token sll2r4.z7dlw7e2yt1e8b3p --discovery-token-ca-cert-hash sha256:c06f9142687d0b34871aa1e3a2a6dcbfe0edf752bed5e7891a77e2d4fcc60dac
[vagrant@kk8s-1 ~]$
# 執行本機帳號配置設定
[vagrant@kk8s-1 ~]$ mkdir -p $HOME/.kube
[vagrant@kk8s-1 ~]$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[vagrant@kk8s-1 ~]$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
# 檢查 K8s node status
[vagrant@kk8s-1 ~]$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
kk8s-1 Ready master 16m v1.12.2