docker - kubeadm 初始化错误:kubeadm 等待条件超时
问题描述
我尝试执行
kubeadm init --apiserver-advertise-address 49.232.211.230 --pod-network-cidr=10.244.0.0/16 -v=9
打印日志:
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
I0426 01:21:19.624413 30483 round_trippers.go:435] curl -k -v -XGET -H "Accept: application/json, */*" -H "User-Agent: kubeadm/v1.21.0 (linux/amd64) kubernetes/cb303e6" 'https://49.232.211.230:6443/healthz?timeout=10s'
I0426 01:21:19.626723 30483 round_trippers.go:454] GET https://49.232.211.230:6443/healthz?timeout=10s in 0 milliseconds
I0426 01:21:19.626800 30483 round_trippers.go:460] Response Headers:
I0426 01:21:20.127086 30483 round_trippers.go:435] curl -k -v -XGET -H "User-Agent: kubeadm/v1.21.0 (linux/amd64) kubernetes/cb303e6" -H "Accept: application/json, */*" 'https://49.232.211.230:6443/healthz?timeout=10s'
I0426 01:21:20.127764 30483 round_trippers.go:454] GET https://49.232.211.230:6443/healthz?timeout=10s in 0 milliseconds
I0426 01:21:20.127782 30483 round_trippers.go:460] Response Headers:
I0426 01:21:20.627098 30483 round_trippers.go:435] curl -k -v -XGET -H "Accept: application/json, */*" -H "User-Agent: kubeadm/v1.21.0 (linux/amd64) kubernetes/cb303e6" 'https://49.232.211.230:6443/healthz?timeout=10s'
I0426 01:21:20.627747 30483 round_trippers.go:454] GET https://49.232.211.230:6443/healthz?timeout=10s in 0 milliseconds
最后:
Unfortunately, an error has occurred:
timed out waiting for the condition
This error is likely caused by:
- The kubelet is not running
- The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)
If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands:
- 'systemctl status kubelet'
- 'journalctl -xeu kubelet'
Additionally, a control plane component may have crashed or exited when started by the container runtime.
To troubleshoot, list all containers using your preferred container runtimes CLI.
Here is one example how you may list all Kubernetes containers running in docker:
- 'docker ps -a | grep kube | grep -v pause'
Once you have found the failing container, you can inspect its logs with:
- 'docker logs CONTAINERID'
couldn't initialize a Kubernetes cluster
k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/init.runWaitControlPlanePhase
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/init/waitcontrolplane.go:114
k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow.(*Runner).Run.func1
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow/runner.go:234
k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow.(*Runner).visitAll
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow/runner.go:421
k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow.(*Runner).Run
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow/runner.go:207
k8s.io/kubernetes/cmd/kubeadm/app/cmd.newCmdInit.func1
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/init.go:152
k8s.io/kubernetes/vendor/github.com/spf13/cobra.(*Command).execute
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/github.com/spf13/cobra/command.go:850
k8s.io/kubernetes/vendor/github.com/spf13/cobra.(*Command).ExecuteC
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/github.com/spf13/cobra/command.go:958
k8s.io/kubernetes/vendor/github.com/spf13/cobra.(*Command).Execute
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/github.com/spf13/cobra/command.go:895
k8s.io/kubernetes/cmd/kubeadm/app.Run
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/kubeadm.go:50
main.main
_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/kubeadm.go:25
runtime.main
/usr/local/go/src/runtime/proc.go:225
runtime.goexit
/usr/local/go/src/runtime/asm_amd64.s:1371
error execution phase wait-control-plane
k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow.(*Runner).Run.func1
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow/runner.go:235
k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow.(*Runner).visitAll
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow/runner.go:421
k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow.(*Runner).Run
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow/runner.go:207
k8s.io/kubernetes/cmd/kubeadm/app/cmd.newCmdInit.func1
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/init.go:152
k8s.io/kubernetes/vendor/github.com/spf13/cobra.(*Command).execute
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/github.com/spf13/cobra/command.go:850
k8s.io/kubernetes/vendor/github.com/spf13/cobra.(*Command).ExecuteC
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/github.com/spf13/cobra/command.go:958
k8s.io/kubernetes/vendor/github.com/spf13/cobra.(*Command).Execute
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/github.com/spf13/cobra/command.go:895
k8s.io/kubernetes/cmd/kubeadm/app.Run
/workspace/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/kubeadm.go:50
main.main
_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/kubeadm.go:25
runtime.main
/usr/local/go/src/runtime/proc.go:225
runtime.goexit
/usr/local/go/src/runtime/asm_amd64.s:1371
执行失败后的配置文件:“/var/lib/kubelet/config.yaml” 38L, 921C
apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
anonymous:
enabled: false
webhook:
cacheTTL: 0s
enabled: true
x509:
clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 0s
cacheUnauthorizedTTL: 0s
cgroupDriver: systemd
clusterDNS:
- 10.96.0.10
clusterDomain: cluster.local
cpuManagerReconcilePeriod: 0s
evictionPressureTransitionPeriod: 0s
fileCheckFrequency: 0s
healthzBindAddress: 127.0.0.1
healthzPort: 10248
httpCheckFrequency: 0s
imageMinimumGCAge: 0s
kind: KubeletConfiguration
logging: {}
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
resolvConf: /run/systemd/resolve/resolv.conf
rotateCertificates: true
runtimeRequestTimeout: 0s
shutdownGracePeriod: 0s
shutdownGracePeriodCriticalPods: 0s
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
volumeStatsAggPeriod: 0s
我什至重装了系统,但还是这样。
我尝试了 kubernetes 文档中的所有 kubeadm 方法。
一直都是这样,没办法。
谢谢,请帮助我。
解决方案
正如 kubeadm init 命令日志中提到的,这是 kubelet 服务器问题或 CRI 问题,请使用 kubeadm reset -f 命令休息您的集群并尝试按顺序执行以下步骤:
- 停止 Kubelet 和 CRI 服务:
sudo systemctl stop kubelet
sudo systemctl stop docker (if you are using docker)
- 刷新 iptables 并关闭 swapoff(重要的是,如果任何防火墙服务正在运行,请验证kubernetes_cluster_ports 已启用):
sudo iptables -F && sudo iptables -t nat -F && sudo iptables -t mangle -F && sudo iptables -X
sudo swapoff -a
- 启动 CRI 和 kubelet 服务并验证它是否工作正常(处于激活状态):
sudo systemctl start --now docker
sudo systemctl start --now kubelet
sudo systemctl status kubelet
- 初始化你的集群
sudo kubeadm init
如果所有这些步骤都完成了,但您仍然遇到问题,请验证您的网络配置,因为网络问题,docker 无法为控制平面初始化特定的 pod。
推荐阅读
- mysql - sql server中mysql的from_days()相当于什么?
- apache - Apache - 只允许通过 URL 打开位于特定文件夹中的文件
- python - 如何关闭/退出从 multiprocessing.Pool 生成的 Selenium Chrome 驱动程序?
- excel - 将文本文件导入单个 Excel 电子表格的 VBA 脚本
- javascript - 文本框上的 Jquery 更改事件
- java - 转换集合流
列出 [] - javascript - 如何在 React Native 中用两条语句编写 if 条件
- c# - 如何使用代理用户请求访问 NiFi
- excel - VBA 连接两个范围
- javascript - 带有高级工具的波尔图主题基本表的问题