后续所有安装都基于上一篇文章的1个master和3个node的基础。
yaml文件:区分大小写、使用空格而不是tab、键值之间有空格
- apiVersion: #api版本
- kind: #资源类型,pod、service、deployment等
- matedata: #属性
- spec: #详细信息
创建一个nginx的yaml文件
[root@master ~ ]# mkdir -p k8s/pod [root@master ~ ]# cd k8s/pod [root@master pod ]# vi nginx_pod.yaml apiVersion: v1 kind: Pod metadata: name: nginx labels: app: web spec: containers: - name: nginx image: nginx:1.13 ports: - containerPort: 80
基于yaml文件创建pod,命令为kubectl create -f yaml文件
[root@master pod]# kubectl create -f nginx_pod.yaml Error from server (ServerTimeout): error when creating "nginx_pod.yaml": No API token found for service account "default", retry after the token is automatically created and added to the service account
但是会报错,根据报错需要修改master的apiserver配置文件,删除ServiceAccount,修改后重新创建pod
[root@master pod ]# vi /etc/kubernetes/apiserver #删除ServiceAccount # default admission control policies KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota" [root@master pod ]# systemctl restart kube-apiserver [root@master pod]# kubectl create -f nginx_pod.yaml pod "nginx" created
但是查看这个pod的状态一直是ContainerCreating,此时需要查看日志
[root@master pod]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx 0/1 ContainerCreating 0 2m
通过kubectl describe pod nginx查看日志,显示该pod调度到node2上,并且在pull镜像pod-infrastructure:latest的时候报错,在node2上手动pull也显示没有该镜像
[root@master pod]# kubectl describe pod nginx Name: nginx Namespace: default Node: node2/192.168.85.32 Start Time: Sun, 30 Aug 2020 10:50:45 +0800 Labels: app=web Status: Pending IP: Controllers: <none> Containers: nginx: Container ID: Image: nginx:1.13 Image ID: Port: 80/TCP State: Waiting Reason: ContainerCreating Ready: False Restart Count: 0 Volume Mounts: <none> Environment Variables: <none> Conditions: Type Status Initialized True Ready False PodScheduled True No volumes. QoS Class: BestEffort Tolerations: <none> Events: FirstSeen LastSeen Count From SubObjectPath Type Reason Message --------- -------- ----- ---- ------------- -------- ------ ------- 3m 3m 1 {default-scheduler } Normal Scheduled Successfully assigned nginx to node2 3m 1m 4 {kubelet node2} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)" 2m 7s 10 {kubelet node2} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\"" [root@node2 ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory