一、Node加入集群时K8S报错cgroupfs驱动问题
错误信息:
detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
解决方法:修改启动方式为systemd
1.修改docker的配置文件
vim打开/etc/docker/daemon.json文件,改成以下内容。
{ "registry-mirrors": ["https://x3nqjrcg.mirror.aliyuncs.com"], "exec-opts": ["native.cgroupdriver=systemd"]}
重启docker服务
systemctl daemon-reload
systemctl restart docker
2.修改kubelet配置
新建/etc/systemd/system/kubelet.service.d/10-kubeadm.conf文件,并添加以下内容。
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --cgroup-driver=cgroupfs"
3.重启kubelet
systemctl daemon-reload
systemctl restart kubelet
二、Node节点加入集群时卡住 “[preflight] Running pre-flight checks”
3个解决方法:
1.时间异常:同步NTP时间,node和master节点要时间正常
master和node执行以下
yum install ntpdate
ntpdate ntp1.aliyun.com;hwclock --systohc
date;hwclock2.token过期失效:重新获取token和加入命令
node执行以下
kubeadm token create --ttl 0 --print-join-command
3.node未关闭防火墙
node和master执行以下关闭
systemctl disable firewalld
systemctl stop firewalld
systemctl status firewalld
三、node加入k8s集群报错this Docker version is not on the list of validated versions: 20.10.17. Latest validated...
详细报错:[preflight] Running pre-flight checks
[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 20.10.17. Latest validated version: 18.09
查看源支持安装的版本列表:yum list docker-ce --showduplicates | sort -r
降级到1806版本(1809会报错):yum downgrade --setopt=obsoletes=0 -y docker-ce-18.09.9-3.el7 docker-ce-cli-18.09.9-3.el7 containerd.io
重启docker随后查看版本
systemctl start docker
docker version
四、kubernetes-dashboard无证书,浏览器无法打开访问
生成个证书就好了
#Step 1: 新建目录:
mkdir key && cd key
#Step 2: 生成 SSL 证书
openssl genrsa -out dashboard.key 2048
#Step 3: 我这里写的自己的 node1 节点,因为我是通过 nodeport 访问的;如果通过 apiserver 访问,可以写成自己的 master 节点 ip
openssl req -new -out dashboard.csr -key dashboard.key -subj '/CN=192.168.9.143'
openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt
#Step 4: 删除原有的证书 secret
kubectl delete secret kubernetes-dashboard-certs -n kubernetes-dashboard
#Step 5: 创建新的证书 secret
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard
#Step 6: 查看 pod
kubectl get pod -n kubernetes-dashboard
#Step 7: 重启 pod
kubectl delete pod kubernetes-dashboard-7b5bf5d559-gn4ls -n kubernetes-dashboard
获取token:kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep dashboard-admin | awk '{print $1}')
版权属于:JiuXia2025
本文链接:https://blog.inekoxia.com/index.php/archives/677.html
转载时须注明出处及本声明
