Kubernetes 1.8 Kubeadm 配置 kubelet 未在节点上启动
Kubernetes 1.8 Kubeadm configuration kubelet not starting on node
我已经使用 kuebadm 配置了 1.8 集群 1 master,2 nodes。当我关闭并重新启动节点时,kubelet 没有启动,它正在编译证书。相同的步骤适用于旧版本的 Kubernetes。
Oct 2 22:02:32 k8sn-01 kubelet: I1002 22:02:32.854542 2795 client.go:75] Connecting to docker on unix:///var/run/docker.sock
Oct 2 22:02:32 k8sn-01 kubelet: I1002 22:02:32.854569 2795 client.go:95] Start docker client with request timeout=2m0s
Oct 2 22:02:32 k8sn-01 kubelet: I1002 22:02:32.860544 2795 feature_gate.go:156] feature gates: map[]
Oct 2 22:02:32 k8sn-01 kubelet: W1002 22:02:32.860638 2795 server.go:289] --cloud-provider=auto-detect is deprecated. The desired cloud provider should be set explicitly
Oct 2 22:02:32 k8sn-01 kubelet: W1002 22:02:32.861608 2795 server.go:381] invalid kubeconfig: invalid configuration: [unable to read client-cert /var/run/kubernetes/kubelet-client.crt for default-auth due to open /var/run/kubernetes/kubelet-client.crt: no such file or directory, unable to read client-key /var/run/kubernetes/kubelet-client.key for default-auth due to open /var/run/kubernetes/kubelet-client.key: no such file or directory]
Oct 2 22:02:32 k8sn-01 kubelet: error: failed to run Kubelet: no client provided, cannot use webhook authorization
Oct 2 22:02:32 k8sn-01 systemd: kubelet.service: main process exited, code=exited, status=1/FAILURE
Oct 2 22:02:32 k8sn-01 systemd: Unit kubelet.service entered failed state.
Oct 2 22:02:32 k8sn-01 systemd: kubelet.service failed.
不确定为什么在重启后缺少证书。我删除并重新创建了集群多次相同的结果。
NAME STATUS ROLES AGE VERSION
k8sm-01 Ready master 10m v1.8.0
k8sn-01 NotReady <none> 6m v1.8.0
k8sn-02 NotReady <none> 6m v1.8.0
有解决此问题的提示吗?
谢谢
SR
这是由于https://github.com/kubernetes/kubernetes/issues/53288
对于 kubeadm,这个问题刚刚通过更新包(rpm 1.8.0-1,deb 1.8.0-01)中的配置更改得到解决
如果您已有处于此状态的节点,则必须删除现有的 /etc/kubernetes/kubelet.conf 文件,其中还包含对已删除证书文件的引用。
我已经使用 kuebadm 配置了 1.8 集群 1 master,2 nodes。当我关闭并重新启动节点时,kubelet 没有启动,它正在编译证书。相同的步骤适用于旧版本的 Kubernetes。
Oct 2 22:02:32 k8sn-01 kubelet: I1002 22:02:32.854542 2795 client.go:75] Connecting to docker on unix:///var/run/docker.sock
Oct 2 22:02:32 k8sn-01 kubelet: I1002 22:02:32.854569 2795 client.go:95] Start docker client with request timeout=2m0s
Oct 2 22:02:32 k8sn-01 kubelet: I1002 22:02:32.860544 2795 feature_gate.go:156] feature gates: map[]
Oct 2 22:02:32 k8sn-01 kubelet: W1002 22:02:32.860638 2795 server.go:289] --cloud-provider=auto-detect is deprecated. The desired cloud provider should be set explicitly
Oct 2 22:02:32 k8sn-01 kubelet: W1002 22:02:32.861608 2795 server.go:381] invalid kubeconfig: invalid configuration: [unable to read client-cert /var/run/kubernetes/kubelet-client.crt for default-auth due to open /var/run/kubernetes/kubelet-client.crt: no such file or directory, unable to read client-key /var/run/kubernetes/kubelet-client.key for default-auth due to open /var/run/kubernetes/kubelet-client.key: no such file or directory]
Oct 2 22:02:32 k8sn-01 kubelet: error: failed to run Kubelet: no client provided, cannot use webhook authorization
Oct 2 22:02:32 k8sn-01 systemd: kubelet.service: main process exited, code=exited, status=1/FAILURE
Oct 2 22:02:32 k8sn-01 systemd: Unit kubelet.service entered failed state.
Oct 2 22:02:32 k8sn-01 systemd: kubelet.service failed.
不确定为什么在重启后缺少证书。我删除并重新创建了集群多次相同的结果。
NAME STATUS ROLES AGE VERSION
k8sm-01 Ready master 10m v1.8.0
k8sn-01 NotReady <none> 6m v1.8.0
k8sn-02 NotReady <none> 6m v1.8.0
有解决此问题的提示吗?
谢谢 SR
这是由于https://github.com/kubernetes/kubernetes/issues/53288
对于 kubeadm,这个问题刚刚通过更新包(rpm 1.8.0-1,deb 1.8.0-01)中的配置更改得到解决
如果您已有处于此状态的节点,则必须删除现有的 /etc/kubernetes/kubelet.conf 文件,其中还包含对已删除证书文件的引用。