问题1: k3s-agent启动成功但是提示错误信息
错误信息示例:
[root@host122 ~]# k3s agent --server ${K3S_URL} --token ${K3S_TOKEN}
INFO[0000] Preparing data dir /var/lib/rancher/k3s/data/2492a28b74abfbdbd3f943c8109a93e979669647bbbe95eadae43b60c667df69
INFO[2019-11-27T00:37:00.465328558-05:00] Starting k3s agent v1.0.0 (18bd921c)
INFO[2019-11-27T00:37:00.466031302-05:00] module overlay was already loaded
INFO[2019-11-27T00:37:00.466065090-05:00] module nf_conntrack was already loaded
INFO[2019-11-27T00:37:00.466082470-05:00] module br_netfilter was already loaded
INFO[2019-11-27T00:37:00.468531171-05:00] Running load balancer 127.0.0.1:36065 -> [192.168.163.121:6443]
ERRO[2019-11-27T00:37:00.472709375-05:00] failed to get CA certs at https://127.0.0.1:36065/cacerts: Get https://127.0.0.1:3606
错误原因:k3s的server端iptables设定不正确。
问题2: 缺省安装是否需要设定防火墙、iptables和SELINUX
在最小化的CentOS 7.6下缺省安装,firewalld服务启动状态,SELINUX缺省状态,并未特意做任何设定。使用离线安装方式,k3s可以正常启动和使用。SELINUX缺省状态下只需要保证semanage所在的包policycoreutils-python安装了即可。
问题3: kubectl cluster-info仅显示127.0.0.1下能够连接节点成功么
服务器端缺省安装,使用kubectl cluster-info命令中返回的机器信息均为127.0.0.1,这是因为server的bind_address缺省设定的原因,在服务器端设定此项即可解决问题。但是如下状态之下,并不影响agent的连接和kubectl get node的节点显示。
[root@host121 ~]# kubectl cluster-info
Kubernetes master is running at https://127.0.0.1:6443
CoreDNS is running at https://127.0.0.1:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Metrics-server is running at https://127.0.0.1:6443/api/v1/namespaces/kube-system/services/https:metrics-server:/proxy
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
[root@host121 ~]#