问题一:
MountVolume.SetUp failed for volume etcd-certs : secret etcd-certs not found文章源自靠谱运维-https://www.ixdba.net/archives/1667
解决方案:
kubectl -n kube-system create secret generic etcd-certs --from-file=/etc/kubernetes/pki/etcd/server.crt --from-file=/etc/kubernetes/pki/etcd/server.key文章源自靠谱运维-https://www.ixdba.net/archives/1667
然后重新启动文章源自靠谱运维-https://www.ixdba.net/archives/1667
问题二:
cannot find cgroup mount destination: unknown文章源自靠谱运维-https://www.ixdba.net/archives/1667
结果方案:
mkdir /sys/fs/cgroup/systemd
mount -t cgroup -o none,name=systemd cgroup /sys/fs/cgroup/systemd如果上述方案不行,就启动终极方案: 重启文章源自靠谱运维-https://www.ixdba.net/archives/1667
问题三:
部署harbor服务文章源自靠谱运维-https://www.ixdba.net/archives/1667
docker login 10.3.131.2
Username: tiger
Password:
Error response from daemon: Get https://10.3.131.2/v2/: dial tcp 10.3.131.2:443: connect: connection refused出现这问题的原因是:Docker自从1.3.X之后docker registry交互默认使用的是HTTPS,但是搭建私有镜像默认使用的是HTTP服务,所以与私有镜像交时出现以上错误。文章源自靠谱运维-https://www.ixdba.net/archives/1667
解决方案:
客户端
# cat /etc/docker/daemon.conf
{
insecure-registries: [http://10.3.131.2]
}
# cat /usr/lib/systemd/system/docker.service |grep ExecStart
ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry 10.3.131.2 --containerd=/run/containerd/containerd.sock
# systemctl daemon-reload
# systemctl restart dockerserver端:
[root@docker1 harbor]# cat /etc/docker/daemon.conf
{
insecure-registries: [http://10.3.131.2]
}
[root@docker1 harbor]# cat /usr/lib/systemd/system/docker.service |grep ExecStart
ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry 10.3.131.2:5000 --containerd=/run/containerd/containerd.sock
# systemctl daemon-reload
# systemctl restart docker
# docker-compose down -v
# docker-compose up -d客户端测试
# docker login -u admin -p Harbor12345 http://10.3.131.2
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
docker login
Login Succeeded原因
这是因为docker1.3.2版本开始默认docker registry使用的是https,我们设置Harbor默认http方式,所以当执行用docker login、pull、push等命令操作非https的docker regsitry的时就会报错。文章源自靠谱运维-https://www.ixdba.net/archives/1667
问题四:
配置国内镜像加速后 dockers服务器无法启动文章源自靠谱运维-https://www.ixdba.net/archives/1667
解决方案:
检查加速是否配置正确,如果配置正确但无法启动文章源自靠谱运维-https://www.ixdba.net/archives/1667
将/etc/docker/daemon.json 改为/etc/docker/daemon.conf
重新启动,原因暂时未知文章源自靠谱运维-https://www.ixdba.net/archives/1667
问题五:
no matches for kind Deployment in version apps/v1beta2
集群报错 在部署k8s1.16.1的dashboard时:文章源自靠谱运维-https://www.ixdba.net/archives/1667
[root@k8s-master dashboard]# /opt/kubernetes/bin/kubectl create -f dashboard-deployment.yaml
error: unable to recognize dashboard-deployment.yaml: no matches for kind Deployment in version apps/v1beta2解决方案:
原因:
这是因为 API 版本已正式发布,不再是 beta 了。
解决方法:
将 apps/v1beta1 改为 apps/v1文章源自靠谱运维-https://www.ixdba.net/archives/1667
问题六:
dashboard 界面报错
报错内容: namespaces is forbidden: User system:serviceaccount:kubernetes-dashboard:kubernetes-dashboard cannot list resource namespaces in API group at the cluster scope文章源自靠谱运维-https://www.ixdba.net/archives/1667
解决方案:
发现是dashboard的版本和kubernetes的版本不一致
从 https://github.com/kubernetes/dashboard/releases 找到对应版本的 dashboard 的 yaml 重新部署, 即可解决文章源自靠谱运维-https://www.ixdba.net/archives/1667
问题七:
kubeadm初始化失败文章源自靠谱运维-https://www.ixdba.net/archives/1667
报错:
主要内容文章源自靠谱运维-https://www.ixdba.net/archives/1667
[kubelet-check] Initial timeout of 40s passed.
error execution phase upload-config/kubelet:
Error writing Crisocket information for the control-plane node: timed out waiting for the condition解决方案
swapoff -a && kubeadm reset && systemctl daemon-reload && systemctl restart kubelet && iptable
评论