前言
记录下k8s部署pod遇到的坑
vi nginx_pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app: web
spec:
containers:
- name: nginx
image: nginx:1.13
ports:
- containerPort: 80
kubectl create -f nginx_pod.yaml
错误1
kubectl create -f nginx_pod.yaml
Error from server (ServerTimeout): error when creating "nginx_pod.yaml": No API token
found for service account "default", retry after the token is automatically created
and added to the service account
- 解决方案
vim /etc/kubernetes/apiserver
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,
ResourceQuota“
systemctl restart kube-apiserver.service
错误2
- 解决方案
vim /etc/kubernetes/kubelet
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=docker.io/tianyebj/pod-infrastructure:latest"
systemctl restart kubelet.service
镜像加速:
vim /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --registry-mirror=https://registry.docker-cn.com --insecure-registry=192.168.56.121:5000'
- 错误2:终极解决方法,搭建私有仓库
docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry registry
setenforce 0 关闭selinux
vim /etc/docker/daemon.json
{
"insecure-registries":[
"192.168.56.121:5000"
]
}
systemctl daemon-reload
systemclt restart docker
docker tag docker.io/tianyebj/pod-infrastructure 192.168.56.121:5000/pod-infrastructure:latest
docker push docker.io/tianyebj/pod-infrastructure 192.168.56.121:5000/pod-infrastructure:latest
docker tag docker.io/nginx:1.13 192.168.56.121:5000/nginx:1.13
docker push 192.168.56.121:5000/nginx:1.13
vim /etc/kubernetes/kubelet
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=192.168.56.121:5000/pod-infrastructure:latest"
- 修改pod中nginx的镜像地址
[root@k8s-master nginx]# vim nginx_pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app: web
spec:
containers:
- name: nginx
image: 192.168.56.121:5000/nginx:1.13
ports:
- containerPort: 80
kubectl create -f nginx_pod.yaml
kubectl get pod -o wide
kubectl describe pod nginx
