k8s一路安装到flannel网络时卡主了我不少时间,查看大量资料无法解决问题,始终报错,flanel容器不断重启,CrashLoopBackoff,截图如下:
容器截图如下:
Failed to create SubnetManager: error retrieving pod spec for 'kube-system/kube-flannel-ds-amd64-jlc9f': Get https://10.0.0.1:443/api/v1/namespaces/kube-system/pods/kube-flannel-ds-amd64-jlc9f: dial tcp 10.0.0.1:443: i/o timeout
解决办法:
ETCD查看已经创建的网络资源:
#/opt/apps/etcd/etcdctl ls /coreos.com/network/subnets/
/coreos.com/network/subnets/172.7.76.0-24
# /opt/apps/etcd/etcdctl get /coreos.com/network/config
{"Network": "172.7.0.0/16", "Backend": {"Type": "host-gw"}}
# /opt/apps/etcd/etcdctl get /coreos.com/network/subnets/172.7.76.0-24
{"PublicIP":"192.168.91.76","BackendType":"host-gw"}
这是在etcd已经注册创建好的网络资源,比如我的是172.7.76.0/24网段,这里要符合2大条件,才能进行容器之间宿主机的pod 容器通信
1. 查看自己docker容器的IP网段:
#ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.7.76.1 netmask 255.255.255.0 broadcast 172.7.76.255
这里设置的网络必须设置与宿主机前面查看的已经创建的网络资源 172.7.76.0/24 在同一网段,然后请添加设置: "bip": "172.7.76.1/24"
# vim /etc/docker/daemon.json
{
"graph": "/data/docker",
"storage-driver": "overlay2",
"insecure-registries": ["harbor.vv.com"],
"registry-mirrors": ["https://registry.docker-cn.com"],
"bip": "172.7.76.1/24",
"exec-opts": ["native.cgroupdriver=systemd"],
"live-restore": true
}
2. 查看k8s cluster-cidr是否是上面查出来的172.7.0.016,大多数是10.244.0.0/16,通常在kube-contrellor-manger配置文件中有写
cat opt/kubernetes/cfg/kube-controller-manager.conf KUBE_CONTROLLER_MANAGER_OPTS="--logtostderr=false --v=2 --log-dir=/opt/kubernetes/logs --leader-elect=true --master=127.0.0.1:8080 --bind-address=127.0.0.1 --allocate-node-cidrs=true --cluster-cidr=172.7.0.0/16 --service-cluster-ip-range=192.168.0.0/24 --cluster-signing-cert-file=/opt/kubernetes/ssl/ca.pem --cluster-signing-key-file=/opt/kubernetes/ssl/ca-key.pem --root-ca-file=/opt/kubernetes/ssl/ca.pem --service-account-private-key-file=/opt/kubernetes/ssl/ca-key.pem --experimental-cluster-signing-duration=87600h0m0s"
踩了好多天坑,今天终于解决了,特此记录