k8s 1.12.1 的坑和解决方法
k8s 1.12.1 的坑和解决方法
pull 镜像:
gcr.io 被墙,需要 pull 自己的镜像,然后改 tag。具体需要 pull 哪些镜像呢,kubeadm config images 可查看
我自己 build 的都放到了 https://github.com/FingerLiu/... , 需要的话也可以直接用里面的脚本:
wget -O - https://raw.githubusercontent.com/FingerLiu/k8s.gcr.io/master/pull.sh | bash
提示没权限:
kubeadm reset 重复安装的时候,.kube 文件夹不会清空,但 key 已经重新生成了,所有会key secret 不匹配。解决办法是清空 .kube 目录,然后将 /etc/kubernetes/kube-admin.json 拷贝过来
coredns
pending,network not ready:安装对应版本的 flannel。kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
1 node(s) had taints that the pod didn't tolerate:
默认 k8s 不允许往 master 节点装东西,强行设置下允许:kubectl taint nodes --all node-role.kubernetes.io/master-
azure xxx:
kubelet 自己的 bug, 无视
The connection to the server localhost:8080 was refused :
sudo cp /etc/kubernetes/admin.conf $HOME/ sudo chown $(id -u):$(id -g) $HOME/admin.conf export KUBECONFIG=$HOME/admin.conf
helm 没权限
That's because you don't have permission to deploy tiller, add an account for it:
kubectl create serviceaccount --namespace kube-system tiller
serviceaccount "tiller" created
kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
clusterrolebinding "tiller-cluster-rule" created
kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
deployment "tiller-deploy" patched
Then run below to check it :
helm list
helm repo update
相关推荐
###host字段指定授权使用该证书的etcd节点IP或子网列表,需要将etcd集群的3个节点都添加其中。cp etcd-v3.3.13-linux-amd64/etcd* /opt/k8s/bin/