- 博文地址https://www.cnblogs.com/lvlinguang/p/15682696.html
安装k8s ,注意安装前卸载docker,避免出错
yum install -y etcd kubernetes
启动和关闭脚本 ```shell vim k8sStart.sh
!/bin/bash
systemctl start etcd systemctl start docker systemctl start kube-apiserver systemctl start kube-controller-manager systemctl start kube-scheduler systemctl start kubelet systemctl start kube-proxy
vim k8sStop.sh
!/bin/bash
systemctl stop etcd systemctl stop docker systemctl stop kube-apiserver systemctl stop kube-controller-manager systemctl stop kube-scheduler systemctl stop kubelet systemctl stop kube-proxy
4. 创建pod文件 vim 02-create-pod.yaml```shellapiVersion: v1kind: Podmetadata:name: pod1spec:containers:- name: ngninx-podimage: nginx:latestports:- name: nginxportcontainerPort: 80
应用pod资源清单文件
kubectl apply -f 02-create-pod.yaml
如果报错Error from server (ServerTimeout): error when creating “busybox.yaml”: No API token found for service account “default”, retry after the token is automatically created and added to the service account
方式一:禁用ServiceAccount
编辑/etc/kubenetes/apiserver:
将以下这行中的ServiceAccount删除即可
KUBE_ADMISSION_CONTROL=”—admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota”
改为:
KUBE_ADMISSION_CONTROL=”—admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota”
这种方式比较粗暴,可能会遇到必须要用ServiceAccount的情况。
方式二:配置ServiceAccount
1、首先生成密钥:
openssl genrsa -out /etc/kubernetes/serviceaccount.key 2048
2、编辑/etc/kubenetes/apiserver
添加以下内容:
KUBE_API_ARGS=”—service_account_key_file=/etc/kubernetes/serviceaccount.key”
3、再编辑/etc/kubernetes/controller-manager
添加以下内容:
KUBE_CONTROLLER_MANAGER_ARGS=”—service_account_private_key_file=/etc/kubernetes/serviceaccount.key”
最后无论是哪种解决方式都需要再重启kubernetes服务:
systemctl restart etcd kube-apiserver kube-controller-manager kube-scheduler
在这里推荐使用第二种方式,因为在后面配置默认从私有仓库拉取镜像也必须要有ServiceAccount
验证pod是否被创建
kubectl get pods
若有收获,就点个赞吧
0 人点赞
