在GKE中配置功能门时出错

时间:2018-10-02 01:06:03

标签: kubernetes google-kubernetes-engine

我试图在节点版本为1.9.7的GKE节点上运行kubelet parameters add --feature-gates=ReadOnlyAPIDataVolumes=false

然后我遇到以下错误:

I1002 00:56:53.617596   13469 feature_gate.go:226] feature gates: &{{} map[ReadOnlyAPIDataVolumes:false]}
I1002 00:56:53.617724   13469 controller.go:114] kubelet config controller: starting controller
I1002 00:56:53.617729   13469 controller.go:118] kubelet config controller: validating combination of defaults and flags
error: error reading /var/lib/kubelet/pki/kubelet.key, certificate and key must be supplied as a pair

如果我运行sudo kubelet parameters add --feature-gates=ReadOnlyAPIDataVolumes=false,那么我得到

error: unrecognized key: ReadOnlyAPIDataVolumes

我的问题:

  • 通常,是否应以root用户身份执行kubelet命令?
  • 具体如何成功运行“ kubelet parameters add”命令?

1 个答案:

答案 0 :(得分:1)

  1. 是的。尽管可能以non-root的身份运行,但kubelet可以控制系统上的许多不同组件,因此很难与non-root的所有组件进行对话。

    < / li>

  2. 我真的不确定kubelet parameters add的来源或在GKE上的设置方式(我相信它是旧的kube-up.sh脚本),但是通常,您可以更改kubelet参数在systemd级别。例如,根据以下/var/lib/kubelet/kubeadm-flags.env服务定义,我使用kubeadm并在systemd中更改/添加标志,或仅在kubelet命令行上内联:

    $ systemctl cat kubelet
# /lib/systemd/system/kubelet.service
[Unit]
Description=kubelet: The Kubernetes Node Agent
Documentation=https://kubernetes.io/docs/home/

[Service]
ExecStart=/usr/bin/kubelet
Restart=always
StartLimitInterval=0
RestartSec=10

[Install]
WantedBy=multi-user.target

# /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
# Note: This dropin only works with kubeadm and kubelet v1.11+
[Service]
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap- kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --hostname-override=ip-x-x-x-x.us-east-1.compute.internal"
Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"
# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically
EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env
# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use
# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file.
EnvironmentFile=-/etc/default/kubelet
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS
相关问题
最新问题