k8s 1.12.1 的坑和解决方法

k8s 1.12.1 的坑和解决方法

pull 镜像:

gcr.io 被墙,需要 pull 自己的镜像,然后改 tag。具体需要 pull 哪些镜像呢,kubeadm config images 可查看
我自己 build 的都放到了 https://github.com/FingerLiu/... , 需要的话也可以直接用里面的脚本:

wget -O - https://raw.githubusercontent.com/FingerLiu/k8s.gcr.io/master/pull.sh | bash

提示没权限:

kubeadm reset 重复安装的时候,.kube 文件夹不会清空,但 key 已经重新生成了,所有会key secret 不匹配。解决办法是清空 .kube 目录,然后将 /etc/kubernetes/kube-admin.json 拷贝过来

coredns

pending,network not ready:安装对应版本的 flannel。kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

1 node(s) had taints that the pod didn't tolerate:

默认 k8s 不允许往 master 节点装东西,强行设置下允许:kubectl taint nodes --all node-role.kubernetes.io/master-

azure xxx:

kubelet 自己的 bug, 无视

The connection to the server localhost:8080 was refused :

sudo cp /etc/kubernetes/admin.conf $HOME/
sudo chown $(id -u):$(id -g) $HOME/admin.conf
export KUBECONFIG=$HOME/admin.conf

helm 没权限

That's because you don't have permission to deploy tiller, add an account for it:

kubectl create serviceaccount --namespace kube-system tiller
serviceaccount "tiller" created

kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
clusterrolebinding "tiller-cluster-rule" created

kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
deployment "tiller-deploy" patched
Then run below to check it :

helm list
helm repo update

相关推荐