美文网首页k8s
基于kubeadm方式部署kubernetes v1.12.1

基于kubeadm方式部署kubernetes v1.12.1

作者: 码二哥 | 来源:发表于2018-10-09 14:11 被阅读0次

    <center>基于kubeadm方式部署kubernetes v1.12.1</center>

    参考文献如下:
    https://blog.csdn.net/jq0123/article/details/80471625
    https://www.kubernetes.org.cn/3808.html
    http://blog.51cto.com/devingeng/2096495
    https://www.linuxidc.com/Linux/2018-10/154548.htm

    说明:

    1. 目前k8s组件并没有全部安装成功,dns目前处于running状态,但,无法提供服务。
    2. 其他服务可以正常使用
    3. 仅供参考

    ============
    2018.10.16 更新,
    按照当前博文可以安装成功,上面提到的dns服务异常,
    其实,dns服务一开始就成功了,是测试工具的问题
    ============

    一、 初始化环境介绍

    系统类型 IP role cpu memory hostname
    CentOS 7.4.1708 172.16.91.135 master 4 2G master
    CentOS 7.4.1708 172.16.91.136 worker 2 1G slave1
    CentOS 7.4.1708 172.16.91.137 worker 2 1G slave2

    二、 安装环境准备工作

    2.1 主机映射(所有节点)

    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

172.16.91.135   master
172.16.91.136   slave1
172.16.91.137   slave2

    2.2 ssh免密码登陆(在master节点上 )

    • ssh-keygen
    • ssh-copy-id root@slave1
    • ssh-copy-id root@slave2

    2.3 关闭防火墙(所有节点)

    • systemctl stop firewalld
    • systemctl disable firewalld

    2.4 关闭Swap(所有节点)

    • swapoff -a
    • sed -i 's/.swap./#&/' /etc/fstab

    2.5 设置内核(所有节点)

    2.5.1 设置netfilter模块

    modprobe br_netfilter
cat <<EOF >  /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf
ls /proc/sys/net/bridge

    2.5.2 打开ipv4的转发功能 (所有节点)

    如果不打开的话,在将从节点加入到集群时,会报以下的问题?

    image
    解决措施? 
    # 执行下面的命令
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf  
# 保存执行
sysctl -p

    2.5.3 更新内核参数

    echo "* soft nofile 65536" >> /etc/security/limits.conf
echo "* hard nofile 65536" >> /etc/security/limits.conf
echo "* soft nproc 65536"  >> /etc/security/limits.conf
echo "* hard nproc 65536"  >> /etc/security/limits.conf
echo "* soft  memlock  unlimited"  >> /etc/security/limits.conf
echo "* hard memlock  unlimited"  >> /etc/security/limits.conf  
或者  
echo "* soft nofile 65536" >> /etc/security/limits.conf && 
echo "* hard nofile 65536" >> /etc/security/limits.conf && 
echo "* soft nproc 65536"  >> /etc/security/limits.conf &&  
echo "* hard nproc 65536"  >> /etc/security/limits.conf && 
echo "* soft  memlock  unlimited"  >> /etc/security/limits.conf && 
echo "* hard memlock  unlimited"  >> /etc/security/limits.conf

    2.5.4 关闭Selinux(所有节点)

    setenforce  0 
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux 
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config 
sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/sysconfig/selinux 
sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/selinux/config

    2.6 更新yum源 并 安装相关依赖包(所有节点)

    2.6.1 更新yum源(添加k8s源)

    cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

    2.6.2 添加相关依赖包

    yum install -y epel-release
yum install -y yum-utils device-mapper-persistent-data lvm2 net-tools conntrack-tools wget vim  ntpdate libseccomp libtool-ltdl

    2.7 配置ntp(所有节点)

    systemctl enable ntpdate.service
echo '*/30 * * * * /usr/sbin/ntpdate time7.aliyun.com >/dev/null 2>&1' > /tmp/crontab2.tmp
crontab /tmp/crontab2.tmp
systemctl start ntpdate.service

    2.7.1 发现系统时间跟实际时间不对,如何解决

    cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime  
ntpdate us.pool.ntp.org  
date

    三、 部署

    3.1 部署docker

    具体可以参考其他文章,
    目前使用的版本是:

    [root@slave2 ~]# docker version
Client:
 Version:      17.03.2-ce
 API version:  1.27
 Go version:   go1.7.5
 Git commit:   f5ec1e2
 Built:        Tue Jun 27 02:21:36 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.03.2-ce
 API version:  1.27 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   f5ec1e2
 Built:        Tue Jun 27 02:21:36 2017
 OS/Arch:      linux/amd64
 Experimental: false

    3.1.1 添加镜像加速器(所有节点)

    如果没有的话,可以在阿里云上注册,获取自己的镜像加速器;

    sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://xxxxx.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

    3.2 部署以rpm包方式部署kubelet,kubedam, kubectl, kubernetes-cni(所有节点)

    yum install -y kubelet kubeadm kubectl kubernetes-cni
systemctl enable kubelet

    安装成功后,显示安装的版本:

    kubeadm.x86_64 0:1.12.0-0              kubectl.x86_64 0:1.12.0-0              kubelet.x86_64 0:1.12.0-0              kubernetes-cni.x86_64 0:0.6.0-0

    通过下面的方式,可以安装制定版本的二进制文件

    yum install -y kubelet-1.12.0 kubeadm-1.12.0 kubectl-1.12.0 kubernetes-cni-0.6.0

    3.3 更新kubelet配置文件(所有节点)

    1. 更新配置文件(选做)
      vim /etc/systemd/system/kubelet.service.d/10-kubeadm.conf 
      #修改这一行
Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=cgroupfs"
#添加这一行
Environment="KUBELET_EXTRA_ARGS=--v=2 --fail-swap-on=false --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/k8sth/pause-amd64:3.0"

        说明:
        为什么要添加pause-amd64:3.0?
        kubelet就不会在启动pod的时候去墙外的k8s仓库拉取pause-amd64:3.0镜像了
        可以先在master节上更新,然后通过scp命令,传递给slave1,slave2

    scp /etc/systemd/system/kubelet.service.d/10-kubeadm.conf root@slave1:/etc/systemd/system/kubelet.service.d/10-kubeadm.conf
    scp /etc/systemd/system/kubelet.service.d/10-kubeadm.conf root@slave2:/etc/systemd/system/kubelet.service.d/10-kubeadm.conf

    说明:
    pause镜像已经下载到本地的话,可以不用这么配置的,

    1. 重新启动kubelet服务 
      systemctl daemon-reload  
systemctl enable kubelet
    2. 命令部署效果:(master节点上部署即可)(选做)
    yum install -y bash-completion
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc

    3.4 初始化集群(master节点)

    3.4.1 关于镜像

    国内某种原因,对于镜像要特别处理

    1. 查看kubeadm用到的镜像
      kubeadm config images list

      image

    2. 在阿里云或者docker hub,或者其他。。。。。 下载所需要的镜像
      我用的阿里云镜像(图片显示的版本是v1.12.0)

      image

    3. 相关镜像下载地址
      已经上传到阿里云上了,可以直接下载

      名称 地址
      kube-proxy registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-proxy:v1.12.1
      kube-scheduler registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-scheduler:v1.12.1
      kube-controller-manage registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-controller-manager:v1.12.1
      kube-apiserver registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-apiserver:1.12.1
      coredns registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/coredns:1.2.2
      pause registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/pause:3.1
      etcd registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/etcd:3.2.24
      calico-cni registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/calico-cni:v3.1.3
      calico-node registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/calico-node:v3.1.3

      如:
      docker pull registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/pause:1.12.1
      即可下载

    4. 将下载好的镜像,修改成正确的镜像名称

      image

      最后删除掉没用的镜像标签(选做)

      image
      在master节点上,操作
      其中:
      etcd-master、apiserver、controller-manager、scheduler 这些都是部署在master节点上的,镜像不用copy到其他节点 
    #!/bin/bash

docker pull registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-proxy:v1.12.1
docker pull registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-scheduler:v1.12.1
docker pull registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-controller-manager:v1.12.1
docker pull registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-apiserver:1.12.1
docker pull registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/coredns:1.2.2
docker pull registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/pause:3.1
docker pull registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/etcd:3.2.24
docker pull registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/calico-cni:v3.1.3
docker pull registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/calico-node:v3.1.3

docker tag registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-proxy:v1.12.1 k8s.gcr.io/kube-proxy:v1.12.1
docker tag registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-scheduler:v1.12.1  k8s.gcr.io/kube-scheduler:v1.12.1
docker tag registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-controller-manager:v1.12.1 k8s.gcr.io/kube-controller-manager:v1.12.1
docker tag registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-apiserver:1.12.1 k8s.gcr.io/kube-apiserver:v1.12.1
docker tag registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/coredns:1.2.2 k8s.gcr.io/coredns:1.2.2
docker tag registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/pause:3.1 k8s.gcr.io/pause:3.1 
docker tag registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24


docker rmi -f registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-controller-manager:v1.12.1
docker rmi -f registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-proxy:v1.12.1
docker rmi -f registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-scheduler:v1.12.1
docker rmi -f registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/kube-apiserver:1.12.1
docker rmi -f registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/etcd:3.2.24
docker rmi -f registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/coredns:1.2.2
docker rmi -f registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/pause:3.1
    1. 需要将pause镜像、kube-proxy拷贝到其他从节点上去,
      拷贝镜像,重新打tag为k8s.gcr.io/pause:1.12.0、k8s.gcr.io/kube-proxy:v1.12.1
      因为创建pod时需要这些镜像, 尤其是pause镜像

    3.4.2 更新kubeadm配置文件config.yaml (master节点)

    配置文件名字随便起的;
    vim kubeadm-config-v1.12.1.yaml

    apiVersion: kubeadm.k8s.io/v1alpha3
kind: ClusterConfiguration
etcd:
  external: 
    endpoints:
    - https://172.16.91.222:2379
    caFile: /root/ca-k8s/ca.pem
    certFile: /root/ca-k8s/etcd.pem
    keyFile: /root/ca-k8s/etcd-key.pem
    dataDir: /var/lib/etcd
networking:
  podSubnet: 192.168.0.0/16
kubernetesVersion: v1.12.1
api:
  advertiseAddress: "172.16.91.135"
token: "ivxcdu.wub0bx69mk91qo6w"
tokenTTL: "0s"
apiServerCertSANs:
- master
- slave1
- slave2
- 172.16.91.135
- 172.16.91.136
- 172.16.91.137
- 172.16.91.222
featureGates:
  CoreDNS: true

    注意:

    • 不同kubeadm的版本 对应的配置文件的属性是不一样的,要注意
    • 上面配置文件里,etcd需要根据自己的实际情况进行配置, 由于我本地环境有etcd,因此就不需要kubeadm自带的etcd了,因此这里需要配置一下,设置成external属性,

    3.4.3 初始化master节点(master节点)

    方案一: 不使用配置文件(最后采纳了这种方案)

    kubeadm init --kubernetes-version=v1.9.0 --pod-network-cidr=10.244.0.0/16  --service-cidr=10.96.0.0/12

    指定镜像仓库方式
    如镜像如下:
    registry.aliyuncs.com/google_containers/kube-proxy:v1.15.1时,可以指定镜像仓库

     kubeadm init --kubernetes-version="v1.15.1" --pod-network-cidr=192.168.0.0/16 --image-repository=registry.aliyuncs.com/google_containers | tee kubeadm-init.log

    https://www.cnblogs.com/AutoSmart/p/11230268.html
    方案二: 使用配置文件(这种方案可能有问题)

    kubeadm init --config kubeadm-config-v1.12.1.yaml

    报错如下:

    error ensuring dns addon: unable to create/update the DNS service: Service "kube-dns" is invalid: spec.clusterIP: Invalid value: "10.96.0.10": field is immutable

    原因?
    很明显值的类型不符合要求
    解决措施?
    需要将kind的类型,改成InitConfiguration
    最终配置文件的内容如下所示:
    vim kubeadm-config-v1.12.1.yaml

    apiVersion: kubeadm.k8s.io/v1alpha3
kind: InitConfiguration
etcd:
  external:
    endpoints:
    - https://172.16.91.222:2379
    caFile: /root/ca-k8s/ca.pem
    certFile: /root/ca-k8s/etcd.pem
    keyFile: /root/ca-k8s/etcd-key.pem
    dataDir: /var/lib/etcd
networking:
  podSubnet: 192.168.0.0/16
token: "ivxcdu.wub0bx69mk91qo6w"
tokenTTL: "0"
apiServerCertSANs:
- master
- slave1
- slave2
- 172.16.91.135
- 172.16.91.136
- 172.16.91.137
- 172.16.91.222
- 127.0.0.1

    初始化正确结果,打印信息如下:

    [init] using Kubernetes version: v1.12.1
[preflight] running pre-flight checks
[preflight/images] Pulling images required for setting up a Kubernetes cluster
[preflight/images] This might take a minute or two, depending on the speed of your internet connection
[preflight/images] You can also perform this action in beforehand using 'kubeadm config images pull'
[kubelet] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[preflight] Activating the kubelet service
[certificates] Generated etcd/ca certificate and key.
[certificates] Generated etcd/peer certificate and key.
[certificates] etcd/peer serving cert is signed for DNS names [master localhost] and IPs [172.16.91.135 127.0.0.1 ::1]
[certificates] Generated etcd/healthcheck-client certificate and key.
[certificates] Generated apiserver-etcd-client certificate and key.
[certificates] Generated etcd/server certificate and key.
[certificates] etcd/server serving cert is signed for DNS names [master localhost] and IPs [127.0.0.1 ::1]
[certificates] Generated ca certificate and key.
[certificates] Generated apiserver certificate and key.
[certificates] apiserver serving cert is signed for DNS names [master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 172.16.91.135]
[certificates] Generated apiserver-kubelet-client certificate and key.
[certificates] Generated front-proxy-ca certificate and key.
[certificates] Generated front-proxy-client certificate and key.
[certificates] valid certificates and keys now exist in "/etc/kubernetes/pki"
[certificates] Generated sa key and public key.
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/admin.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/controller-manager.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/scheduler.conf"
[controlplane] wrote Static Pod manifest for component kube-apiserver to "/etc/kubernetes/manifests/kube-apiserver.yaml"
[controlplane] wrote Static Pod manifest for component kube-controller-manager to "/etc/kubernetes/manifests/kube-controller-manager.yaml"
[controlplane] wrote Static Pod manifest for component kube-scheduler to "/etc/kubernetes/manifests/kube-scheduler.yaml"
[etcd] Wrote Static Pod manifest for a local etcd instance to "/etc/kubernetes/manifests/etcd.yaml"
[init] waiting for the kubelet to boot up the control plane as Static Pods from directory "/etc/kubernetes/manifests" 
[init] this might take a minute or longer if the control plane images have to be pulled
[apiclient] All control plane components are healthy after 25.504521 seconds
[uploadconfig] storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.12" in namespace kube-system with the configuration for the kubelets in the cluster
[markmaster] Marking the node master as master by adding the label "node-role.kubernetes.io/master=''"
[markmaster] Marking the node master as master by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" to the Node API object "master" as an annotation
[bootstraptoken] using token: yj2qxf.s4fjen6wgcmo506w
[bootstraptoken] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstraptoken] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstraptoken] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstraptoken] creating the "cluster-info" ConfigMap in the "kube-public" namespace
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy

Your Kubernetes master has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of machines by running the following on each node
as root:

  kubeadm join 172.16.91.135:6443 --token yj2qxf.s4fjen6wgcmo506w --discovery-token-ca-cert-hash sha256:6d7d90a6ce931a63c96dfe9327691e0e6caa3f69082a9dc374c3643d0d685eb9

    3.4.4 初始化失败时的解决措施(2种方式) (master节点)

    • 方式一(推荐这种方式简单明了):

      kubeadm reset

    • 方式二:

      rm -rf /etc/kubernetes/.conf
      rm -rf /etc/kubernetes/manifests/      .yaml
      docker ps -a |awk '{print $1}' |xargs docker rm -f
      systemctl stop kubelet

    3.4.5 配置kubectl的认证信息(master节点)

    配置kubectl的配置文件

    • 若是非root用户

      mkdir -p HOME/.kube sudo cp -i /etc/kubernetes/admin.confHOME/.kube/config
      sudo chown (id -u):(id -g) $HOME/.kube/config

    • 若是root用户

      echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
      source ~/.bash_profile

    做了这一步操作后,就不会报类似这样的错误了:

    The connection to the server localhost:8080 was refused - did you specify the right host or port?

    3.4.6 简单测试下

    • 查看master节点状态
      kubectl get node

      image

    • 查看pod资源情况
      kubectl get pod -n kube-system -o wide

      image

    • 查看组件运行状态
      kubectl get componentstatus

      image

    • 查看kubelet运行状况
      systemctl status kubelet

      image

    3.4.7 让master也运行pod(默认master不运行pod)(选做)

    kubectl taint nodes --all node-role.kubernetes.io/master-

    3.4.8 将其他从节点slave1,slave2添加到集群里

    分别登陆到slave1, slave2上,运行下面的命令即可了(注意,要改成自己的)

      kubeadm join 172.16.91.135:6443 --token yj2qxf.s4fjen6wgcmo506w --discovery-token-ca-cert-hash sha256:6d7d90a6ce931a63c96dfe9327691e0e6caa3f69082a9dc374c3643d0d685eb9

    假如:忘记上面的token,可以使用下面的命令,找回(master节点上执行)

    kubeadm token create --print-join-command

    3.4.9 再次查看pod的状态

    kubectl get pods --all-namespaces -owide

    image
    通过下面的命令,查看原因?
    kubectl describe pod coredns-576cbf47c7-4nd5t -nkube-system

    3.4.10 安装calico插件, 从而实现pod间的网络通信

    进入k8s官网,获取calico yaml

    image

    注意:
    kubernetes v1.12.1对应的calico版本是Calico Version v3.1.3
    直接运行下面的命令

    kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml  
kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml
    image

    四、 问题说明:

    1. 查看pod状态? 发现只有coredns pod 一直处于containercreating状态,没有分配到ip?
      查看kubelet日志,发现network cni插件状态为false
      可能是因为,在初始化master节点时, 配置文件里定义的属性podpodSubnet 没有生效
      因此,直接使用命令行的方式,
    2. 如果发现coredns pod 一直处于running,error等状态的话,
      查看日志
    [root@master /]#kubectl logs coredns-55f86bf584-7sbtj -n kube-system
.:53
2018/10/09 10:20:15 [INFO] CoreDNS-1.2.2
2018/10/09 10:20:15 [INFO] linux/amd64, go1.11, eb51e8b
CoreDNS-1.2.2
linux/amd64, go1.11, eb51e8b
2018/10/09 10:20:15 [INFO] plugin/reload: Running configuration MD5 = 86e5222d14b17c8b907970f002198e96
2018/10/09 10:20:15 [FATAL] plugin/loop: Seen "HINFO IN 2050421060481615995.5620656063561519376." more than twice, loop detected

    如何解决?

    image
    image
    通过下面的命令,进行编辑删除
    kubectl edit cm coredns -oyaml -nkube-system

    具体原因,暂时不再跟踪,目前主要想研究calico的network policy,此问题先放一边

    跟此问题相关的文章如下:
    https://github.com/coredns/coredns/issues/2087
    https://github.com/kubernetes/kubeadm/issues/998
    这里面有解决方案,不知道为什么我的集群不起作用

    补充:测试dns插件的方法

    1. 准备测试用的yaml, pod-for-dns.yaml 
      apiVersion: v1
kind: Pod
metadata:
name: dns-test
namespace: default
spec:
containers:
- image: busybox:1.28.4
    command:
    - sleep
    - "3600"   
    imagePullPolicy: IfNotPresent
    name: dns-test
restartPolicy: Always
      注意:busybox的版本号,有些版本号测试失败
    2. 创建pod 
      kubectl create -f pod-for-dns.yaml
    3. 测试dns服务 
      [root@master ~]# kubectl exec dns-test -- nslookup kubernetes
Server:    10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local

Name:      kubernetes
Address 1: 10.96.0.1 webapp.default.svc.cluster.local

    相关文章

      网友评论

        本文标题:基于kubeadm方式部署kubernetes v1.12.1

        本文链接:https://www.haomeiwen.com/subject/ngieaftx.html

        延伸阅读

        深度阅读

        • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

        栏目导航

        热点阅读

        k8s

        关于我们|服务条款|联系我们|基于kubeadm方式部署kubernetes v1.12.1|投稿指南|网站地图|RSS订阅|排版工具|手机版

        提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

        Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

        备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

        本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

        所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!