admin管理员组

文章数量:1627758

之前的k8s环境都是通过kubeadm安装,安装完成后通过kubectl run nginx --image=nginx 验证环境Ok,都正常运行。 今天的k8s采用二进制安装的方式,结果运行kubectl run一致在 ContainerCreating状态,通过kubectl describe pod xxx, 错误如下:

问题

Events:
  FirstSeen     LastSeen        Count   From                    SubObjectPath   Type            Reason        Message
  ---------     --------        -----   ----                    -------------   --------        ------        -------
  26s           26s             1       {default-scheduler }                    Normal          Schedu        led     Successfully assigned nginx-app-3633824185-mq71j to node1
  27s           12s             2       {kubelet node1}                         Warning         Failed        Sync    Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request.  details: (open /etc/docker/certs.d/registry.access.redhat/redhat-ca.crt: no such file or directory)"


根据错误查看对应目录去,确实没有/etc/docker/certs.d/registry.access.redhat/redhat-ca.crt: no such file or directory,

具体解决命令

安装 yum install python-rhsm-certificates
然后执行cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem

pod恢复正常

然后手动验证pod-infrastructure:latest镜像可以下载了,nginx deployment也正常了。

另外一种解决办法

[root@node2 ca]# cat /etc/kubernetes/kubelet
###
# kubernetes kubelet (minion) config

# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=0.0.0.0"

# The port for the info server to serve on
KUBELET_PORT="--port=10250"

# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname-override=node2"

# location of the api-server
KUBELET_API_SERVER="--api-servers=http://192.168.119.137:8080"

# pod infrastructure container
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat/rhel7/pod-infrastructure:latest"

# Add your own!
KUBELET_ARGS=""
[root@node2 ca]#

我们可以从其他位置下载pod-infrastructure:latest, 也就是修改/etc/kubernetes/kubelet文件并重启kubelet。

cpio指令具体意义

,请参考http://www.gnu/software/cpio/

本文标签: 错误RegistryK8sPodAccess

版权声明:本文标题:k8s pod 无法运行,错误registry.access.redhat.comrhel7pod-infrastructure:latest 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:https://www.elefans.com/dianzi/1729000998a1182593.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。