我使用kubeadm在GCE上设置了一个自定义kubernetes集群。我正在尝试将StatefulSets与持久存储一起使用。
我有以下配置:
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: gce-slow
provisioner: kubernetes.io/gce-pd
parameters:
type: pd-standard
zones: europe-west3-b
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: myname
labels:
app: myapp
spec:
serviceName: myservice
replicas: 1
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: mycontainer
image: ubuntu:16.04
env:
volumeMounts:
- name: myapp-data
mountPath: /srv/data
imagePullSecrets:
- name: sitesearch-secret
volumeClaimTemplates:
- metadata:
name: myapp-data
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: gce-slow
resources:
requests:
storage: 1Gi
我收到以下错误:
Nopx@vm0:~$ kubectl describe pvc
Name: myapp-data-myname-0
Namespace: default
StorageClass: gce-slow
Status: Pending
Volume:
Labels: app=myapp
Annotations: volume.beta.kubernetes.io/storage-provisioner=kubernetes.io/gce-pd
Finalizers: [kubernetes.io/pvc-protection]
Capacity:
Access Modes:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning ProvisioningFailed 5s persistentvolume-controller Failed to provision volume
with StorageClass "gce-slow": Failed to get GCE GCECloudProvider with error <nil>
我在黑暗中跋涉,不知道遗失了什么。它没有用,似乎合乎逻辑,因为供应商从不对GCE进行身份验证。非常感谢任何提示和指示。
修改
我通过使用kubeadm config upload from-file编辑kubeadm中的配置文件来尝试解决方案here,但错误仍然存在。 kubadm配置现在看起来像这样:
api:
advertiseAddress: 10.156.0.2
bindPort: 6443
controlPlaneEndpoint: ""
auditPolicy:
logDir: /var/log/kubernetes/audit
logMaxAge: 2
path: ""
authorizationModes:
- Node
- RBAC
certificatesDir: /etc/kubernetes/pki
cloudProvider: gce
criSocket: /var/run/dockershim.sock
etcd:
caFile: ""
certFile: ""
dataDir: /var/lib/etcd
endpoints: null
image: ""
keyFile: ""
imageRepository: k8s.gcr.io
kubeProxy:
config:
bindAddress: 0.0.0.0
clientConnection:
acceptContentTypes: ""
burst: 10
contentType: application/vnd.kubernetes.protobuf
kubeconfig: /var/lib/kube-proxy/kubeconfig.conf
qps: 5
clusterCIDR: 192.168.0.0/16
configSyncPeriod: 15m0s
conntrack:
max: null
maxPerCore: 32768
min: 131072
tcpCloseWaitTimeout: 1h0m0s
tcpEstablishedTimeout: 24h0m0s
enableProfiling: false
healthzBindAddress: 0.0.0.0:10256
hostnameOverride: ""
iptables:
masqueradeAll: false
masqueradeBit: 14
minSyncPeriod: 0s
syncPeriod: 30s
ipvs:
minSyncPeriod: 0s
scheduler: ""
syncPeriod: 30s
metricsBindAddress: 127.0.0.1:10249
mode: ""
nodePortAddresses: null
oomScoreAdj: -999
portRange: ""
resourceContainer: /kube-proxy
udpIdleTimeout: 250ms
kubeletConfiguration: {}
kubernetesVersion: v1.10.2
networking:
dnsDomain: cluster.local
podSubnet: 192.168.0.0/16
serviceSubnet: 10.96.0.0/12
nodeName: mynode
privilegedPods: false
token: ""
tokenGroups:
- system:bootstrappers:kubeadm:default-node-token
tokenTTL: 24h0m0s
tokenUsages:
- signing
- authentication
unifiedControlPlaneImage: ""
修改
感谢Anton Kostenko在评论中解决了这个问题。与kubeadm upgrade结合的最后一次编辑解决了这个问题。
答案 0 :(得分:0)
答案花了我一段时间,但现在是:
在Google Kubernetes Engine之外的Kubernetes中使用GCECloudProvider具有以下先决条件(最后一点是Kubeadm特定的):
需要使用有权配置磁盘的服务帐户运行VM。可以找到有关如何使用服务帐户运行VM的信息here
Kubelet需要使用参数KUBELET_KUBECONFIG_ARGS运行。为此,必须编辑/etc/systemd/system/kubelet.service.d/10-kubeadm.conf中的
sudo systemctl restart kubelet。然后可以使用/etc/kubernetes/cloud-config
需要配置Kubernetes cloud-config文件。该文件可以在[Global]
project-id = "<google-project-id>"
找到,以下内容足以让云提供商工作:
nodeName Kubeadm需要将GCE配置为其云提供商。在问题中发布的配置可以正常工作。但是,必须更改const express = require('express');
const bodyParser = require('body-parser');
const passport = require('passport');
const flash = require('connect-flash');
const morgan = require('morgan');
const cookieParser = require('cookie-parser');
const session = require('express-session');
const Data = require('./app/models/data.js');
const User = require('./app/models/user.js');
require('./config/passport')(passport)
// create express app
const app = express();
// set the view engine to ejs
app.set('view engine', 'ejs');
// parse requests of content-type - application/x-www-form-urlencoded
app.use(bodyParser.urlencoded({ extended: true }))
// parse requests of content-type - application/json
app.use(bodyParser.json())
// Configuring the database
const dbConfig = require('./config/database.js');
const mongoose = require('mongoose');
mongoose.Promise = global.Promise;
// Connecting to the database
mongoose.connect(dbConfig.url)
.then(() => {
console.log("Successfully connected to the database");
}).catch(err => {
console.log('Could not connect to the database. Exiting now...');
process.exit();
});
// log every request to the console
app.use(morgan(':remote-user :referrer :method :url :status :res[content-length] - :response-time ms :req[header] :res[header]'));
// read cookies (needed for auth)
app.use(cookieParser());
// required for passport
app.use(session({
secret: 'ilovescotchscotchyscotchscotch',
resave: false,
saveUninitialized: false
})); // session secret
app.use(passport.initialize());
app.use(passport.session()); // persistent login sessions
// use connect-flash for flash messages stored in session
app.use(flash());
// Define start route <url>'/'
app.get('/', (req, res) => {
res.render('pages/index');
});
// Require routes
require('./app/routes/routes.data.js')(app);
require('./app/routes/routes.user.js')(app, passport);
// All loaded, start server
// listen for requests
app.listen(3000, () => {
console.log("Server is listening on port 3000");
});。
答案 1 :(得分:0)
在Google云虚拟机的Kubernetes节点中创建动态持久卷。
GCP角色:
将角色添加到GCP VM:
在所有节点的kubelet中添加GCE参数。
添加值:
添加此参数。 [全球] project-id =“ xxxxxxxxxxxx”
然后重新启动控制平面。
运行ps -ef | grep控制器,然后在控制器输出中必须看到“ gce”。
注意:不建议在生产系统上使用上述方法,请使用kubeadm config更新控制器管理器设置。