1、hello-world-pod.yaml 脚本:
# cat hello-world-pod.yaml apiVersion: v1 kind: Pod metadata: name: hello-world spec: restartPolicy: OnFailure containers: - name: hello image: "ubuntu:14.04" command: ["/bin/echo","Hello","world"]
2、pod的创建、更新和删除
# kubectl create -f hello-world-pod.yaml // 创建 hello world pod # kubectl get pod hello-world // 查询,也可以用kubectl describe pod helloworld # kubectl logs hello-world // # kubectl delete pod hello // 删除 pod # kubctl replace hello-world.yaml // 更新 pod
3、创建pod过程踩到的坑
3.1 错误信息如下:
# kubectl create -f hello-world-pod.yaml Error from server (ServerTimeout): error when creating "hello-world-pod.yaml": No API token found for service account "default", retry after the token is automatically created and added to the service account
3.2 解决方法:
方法一:
禁用ServiceAccount,将ServiceAccount参数删除即可 ,这种方式可能会遇到必须要用ServiceAccount的情况,不推荐使用
# vim /etc/kubenetes/apiserver: 将
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota" 改为: KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
方法二:
配置ServiceAccount,一般推荐使用这种方法。
1、首先生成密钥: openssl genrsa -out /etc/kubernetes/serviceaccount.key 2048 2、编辑/etc/kubenetes/apiserver 添加以下内容: KUBE_API_ARGS="--service_account_key_file=/etc/kubernetes/serviceaccount.key" 3、再编辑/etc/kubernetes/controller-manager 添加以下内容: KUBE_CONTROLLER_MANAGER_ARGS="--service_account_private_key_file=/etc/kubernetes/serviceaccount.key" 4、重启kubernetes服务: systemctl restart etcd kube-apiserver kube-controller-manager kube-scheduler