k8s一路安裝到flannel網絡時卡主了我不少時間,查看大量資料無法解決問題,始終報錯,flanel容器不斷重啟,CrashLoopBackoff,截圖如下:
容器截圖如下:
Failed to create SubnetManager: error retrieving pod spec for 'kube-system/kube-flannel-ds-amd64-jlc9f': Get https://10.0.0.1:443/api/v1/namespaces/kube-system/pods/kube-flannel-ds-amd64-jlc9f: dial tcp 10.0.0.1:443: i/o timeout
解決辦法:
ETCD查看已經創建的網絡資源:
#/opt/apps/etcd/etcdctl ls /coreos.com/network/subnets/
/coreos.com/network/subnets/172.7.76.0-24
# /opt/apps/etcd/etcdctl get /coreos.com/network/config
{"Network": "172.7.0.0/16", "Backend": {"Type": "host-gw"}}
# /opt/apps/etcd/etcdctl get /coreos.com/network/subnets/172.7.76.0-24
{"PublicIP":"192.168.91.76","BackendType":"host-gw"}
這是在etcd已經注冊創建好的網絡資源,比如我的是172.7.76.0/24網段,這里要符合2大條件,才能進行容器之間宿主機的pod 容器通信
1. 查看自己docker容器的IP網段:
#ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.7.76.1 netmask 255.255.255.0 broadcast 172.7.76.255
這里設置的網絡必須設置與宿主機前面查看的已經創建的網絡資源 172.7.76.0/24 在同一網段,然后請添加設置: "bip": "172.7.76.1/24"
# vim /etc/docker/daemon.json
{
"graph": "/data/docker",
"storage-driver": "overlay2",
"insecure-registries": ["harbor.vv.com"],
"registry-mirrors": ["https://registry.docker-cn.com"],
"bip": "172.7.76.1/24",
"exec-opts": ["native.cgroupdriver=systemd"],
"live-restore": true
}
2. 查看k8s cluster-cidr是否是上面查出來的172.7.0.016,大多數是10.244.0.0/16,通常在kube-contrellor-manger配置文件中有寫
cat opt/kubernetes/cfg/kube-controller-manager.conf KUBE_CONTROLLER_MANAGER_OPTS="--logtostderr=false \ --v=2 \ --log-dir=/opt/kubernetes/logs \ --leader-elect=true \ --master=127.0.0.1:8080 \ --bind-address=127.0.0.1 \ --allocate-node-cidrs=true \ --cluster-cidr=172.7.0.0/16 \ --service-cluster-ip-range=192.168.0.0/24 \ --cluster-signing-cert-file=/opt/kubernetes/ssl/ca.pem \ --cluster-signing-key-file=/opt/kubernetes/ssl/ca-key.pem \ --root-ca-file=/opt/kubernetes/ssl/ca.pem \ --service-account-private-key-file=/opt/kubernetes/ssl/ca-key.pem \ --experimental-cluster-signing-duration=87600h0m0s"
踩了好多天坑,今天終於解決了,特此記錄