本文主要是介绍rocky-8.9 使用 kubeadm 部署 1.26 版本 kubernetes 问题汇总,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
文章目录
- @[toc]
- 内核模块加载报错
- 内核参数报错
- 以 master 身份加入集群报错
文章目录
- @[toc]
- 内核模块加载报错
- 内核参数报错
- 以 master 身份加入集群报错
整体部署流程可以参照我之前的博客:
kubeadm + containerd 部署 k8s-v1.23.3 (含证书升级)
内核模块加载报错
rocky-8.9 是
4.18.0-513.5.1.el8_9.x86_64
版本的内核,已经没有nf_conntrack_ipv4
这个内核参数了,执行modprobe nf_conntrack_ipv4
会有如下的报错
modprobe: FATAL: Module nf_conntrack_ipv4 not found in directory /lib/modules/4.18.0-513.5.1.el8_9.x86_64
这个问题不影响,只需要执行
modprobe nf_conntrack
这个就行了,我的部署文档里面有这一步,可以把modprobe nf_conntrack_ipv4
这一步删了就行
内核参数报错
同上,
net.ipv4.tcp_tw_recycle
执行sysctl -p
有如下报错
sysctl: cannot stat /proc/sys/net/ipv4/tcp_tw_recycle: No such file or directory
这是从 4.12 内核版本开始移除了
tcp_tw_recycle
配置,有兴趣的,可以看看这个博客:Linux 从 4.12 内核版本开始移除了 tcp_tw_recycle 配置。 tcp_max_tw_buckets TIME-WAIT 稳定值 time wait
以 master 身份加入集群报错
其他 master 节点没有 ca 证书,导致加入节点有以下报错(worker 节点加入不会有异常)
[preflight] Running pre-flight checks[WARNING FileExisting-tc]: tc not found in system path
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
error execution phase preflight:
One or more conditions for hosting a new control plane instance is not satisfied.[failure loading certificate for CA: couldn't load the certificate file /etc/kubernetes/pki/ca.crt: open /etc/kubernetes/pki/ca.crt: no such file or directory, failure loading key for service account: couldn't load the private key file /etc/kubernetes/pki/sa.key: open /etc/kubernetes/pki/sa.key: no such file or directory, failure loading certificate for front-proxy CA: couldn't load the certificate file /etc/kubernetes/pki/front-proxy-ca.crt: open /etc/kubernetes/pki/front-proxy-ca.crt: no such file or directory, failure loading certificate for etcd CA: couldn't load the certificate file /etc/kubernetes/pki/etcd/ca.crt: open /etc/kubernetes/pki/etcd/ca.crt: no such file or directory]Please ensure that:
* The cluster has a stable controlPlaneEndpoint address.
* The certificates that must be shared among control plane instances are provided.To see the stack trace of this error execute with --v=5 or higher
把对应的证书分发到其他 master 节点,重新加入节点即可
ssh k8s-master-2 "mkdir -p /etc/kubernetes/pki/etcd"
scp /etc/kubernetes/pki/{ca.crt,ca.key,sa.key,sa.pub,front-proxy-ca.crt,front-proxy-ca.key} k8s-master-2:/etc/kubernetes/pki/
scp /etc/kubernetes/pki/etcd/{ca.crt,ca.key} k8s-master-2:/etc/kubernetes/pki/etcd/
这篇关于rocky-8.9 使用 kubeadm 部署 1.26 版本 kubernetes 问题汇总的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!