1. 驱逐节点pod
kubectl drain hostname –force –ignore-daemonsets –delete-local-data
2.删除节点
kubectl delete node hostname
3. 节点删除后重新加入
kubeadm join 10.111.3.6:6443 –token ahzyvb.uz0k2j039zh4zuxf
–discovery-token-ca-cert-hash sha256:edce9b33fc11c5b33c8a2d8efb1891c2f41a20922581cdd678044cd69d650723
4.重新加入报错
出现如上问题的主要原因是之前 kubeadm init 初始化过,所以一些配置文件及服务均已存在,重新执行 kubeadm join 时必然
会导致冲突,解决方法如下:
1.先执行 kubeadm reset,重新初始化节点配置
2.然后执行 kubeadm join 添加节点到集群(如果 token 失效,到主节点执行:kubeadm token create 重新生成)kubeadm token create –print-join-command
3. 删除node1容器 docker ps -qa | xargs docker rm -f
4. 删除node1旧的配置文件 rm -f /etc/kubernetes/kubelet.conf systemctl restart docker kubelet rm -f /etc/kubernetes/pki/ca.crt
5. kubeadm join 10.111.3.6:6443 –token ahzyvb.uz0k2j039zh4zuxf
–discovery-token-ca-cert-hash sha256:edce9b33fc11c5b33c8a2d8efb1891c2f41a20922581cdd678044cd69d650723
5.
[root@k8s-master manifests]# kubectl get cs NAME STATUS MESSAGE ERROR scheduler Unhealthy Get http://127.0.0.1:10251/healthz: dial tcp 127.0.0.1:10251: connect: connection refused controller-manager Unhealthy Get http://127.0.0.1:10252/healthz: dial tcp 127.0.0.1:10252: connect: connection refused etcd-0 Healthy {"health":"true"}
解决方法:
出现这种情况,是/etc/kubernetes/manifests下的kube-controller-manager.yaml和kube-scheduler.yaml设置的默认端口是0,在文件中注释掉就可以了
kube-controller-manager.yaml文件修改:注释掉27行
1 apiVersion: v1 2 kind: Pod 3 metadata: 4 creationTimestamp: null 5 labels: 6 component: kube-controller-manager 7 tier: control-plane 8 name: kube-controller-manager 9 namespace: kube-system 10 spec: 11 containers: 12 - command: 13 - kube-controller-manager 14 - --allocate-node-cidrs=true 15 - --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf 16 - --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf 17 - --bind-address=127.0.0.1 18 - --client-ca-file=/etc/kubernetes/pki/ca.crt 19 - --cluster-cidr=10.244.0.0/16 20 - --cluster-name=kubernetes 21 - --cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt 22 - --cluster-signing-key-file=/etc/kubernetes/pki/ca.key 23 - --controllers=*,bootstrapsigner,tokencleaner 24 - --kubeconfig=/etc/kubernetes/controller-manager.conf 25 - --leader-elect=true 26 - --node-cidr-mask-size=24 27 # - --port=0 28 - --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt 29 - --root-ca-file=/etc/kubernetes/pki/ca.crt 30 - --service-account-private-key-file=/etc/kubernetes/pki/sa.key 31 - --service-cluster-ip-range=10.1.0.0/16 32 - --use-service-account-credentials=true
kube-scheduler.yaml配置修改:注释掉19行
1 apiVersion: v1 2 kind: Pod 3 metadata: 4 creationTimestamp: null 5 labels: 6 component: kube-scheduler 7 tier: control-plane 8 name: kube-scheduler 9 namespace: kube-system 10 spec: 11 containers: 12 - command: 13 - kube-scheduler 14 - --authentication-kubeconfig=/etc/kubernetes/scheduler.conf 15 - --authorization-kubeconfig=/etc/kubernetes/scheduler.conf 16 - --bind-address=127.0.0.1 17 - --kubeconfig=/etc/kubernetes/scheduler.conf 18 - --leader-elect=true 19 # - --port=0
然后三台机器均重启kubelet systemctl restart kubelet.service
再次查看 kubectl get cs
6. k8s集群拉取镜像仓库报错
Failed to pull image “registry-vpc.cn-beijing.aliyuncs.com/sjwd/wenduedu:platform-center-latest”: rpc error: code = Unknown desc = Error response from daemon: pull access denied for registry-vpc.cn-beijing.aliyuncs.com/sjwd/wenduedu, repository does not exist
解决办法 (1)创建secret
kubectl create secret docker-registry wenduedu –docker-server=registry-vpc.cn-beijing.aliyuncs.com/sjwd/wenduedu –docker-username=liruixin@wendu –docker-password=Wendu@2020 –[email protected]
(2) yaml文件添加
spec: imagePullSecrets: - name: wenduedu containers: - name: java-center image: registry-vpc.cn-beijing.aliyuncs.com/sjwd/wenduedu:platform-center-latest