kubelet无法找到CPU的安装点

时间:2019-09-02 19:01:22

标签: linux docker kubernetes cgroups kubelet

我在Debian 10破坏者1.15.3上使用kubeadm 18.09,docker-ce 5.2.9-2,并且在journalctl -xe | grep kubelet中看到错误:

  

server.go:273]无法运行Kubelet:找不到用于CPU的mountpoint

我的/sys/fs/cgroup包含:

-r--r--r--  1 root root 0 Sep  2 18:49 cgroup.controllers
-rw-r--r--  1 root root 0 Sep  2 18:50 cgroup.max.depth
-rw-r--r--  1 root root 0 Sep  2 18:50 cgroup.max.descendants
-rw-r--r--  1 root root 0 Sep  2 18:49 cgroup.procs
-r--r--r--  1 root root 0 Sep  2 18:50 cgroup.stat
-rw-r--r--  1 root root 0 Sep  2 18:49 cgroup.subtree_control
-rw-r--r--  1 root root 0 Sep  2 18:50 cgroup.threads
-rw-r--r--  1 root root 0 Sep  2 18:50 cpu.pressure
-r--r--r--  1 root root 0 Sep  2 18:50 cpuset.cpus.effective
-r--r--r--  1 root root 0 Sep  2 18:50 cpuset.mems.effective
drwxr-xr-x  2 root root 0 Sep  2 18:49 init.scope
-rw-r--r--  1 root root 0 Sep  2 18:50 io.pressure
-rw-r--r--  1 root root 0 Sep  2 18:50 memory.pressure
drwxr-xr-x 20 root root 0 Sep  2 18:49 system.slice
drwxr-xr-x  2 root root 0 Sep  2 18:49 user.slice

docker.service运行正常,并且运行/etc/docker/daemon.json

{
  "exec-opts": [
    "native.cgroupdriver=systemd"
  ],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2"
}

kubeadm文档说如果使用docker,则将自动检测到cgroup驱动程序,但无论如何我还是尝试提供它-无需更改。

使用mountcgroupfs-mount

$ mount -t cgroup -o all cgroup /sys/fs/cgroup
mount: /sys/fs/cgroup: cgroup already mounted on /sys/fs/cgroup/cpuset.
$ cgroupfs-mount
mount: /sys/fs/cgroup/cpu: cgroup already mounted on /sys/fs/cgroup/cpuset.
mount: /sys/fs/cgroup/blkio: cgroup already mounted on /sys/fs/cgroup/cpuset.
mount: /sys/fs/cgroup/memory: cgroup already mounted on /sys/fs/cgroup/cpuset.
mount: /sys/fs/cgroup/pids: cgroup already mounted on /sys/fs/cgroup/cpuset.

问题出在cpuset而不是cpu吗?我试图创建符号链接,但是root对/sys/fs/cgroup没有写权限。 (大概我可以更改它,但我认为这是足够的警告,不要干预。)

如何让kubelet找到我的CPU cgroup挂载?

1 个答案:

答案 0 :(得分:1)

我想说的是,您安装的docker-ce非常奇怪,而不是kubelet。您正在寻找显示映射问题的正确方向。

我在GCPAWS环境实例上尝试了3种不同的docker版本。 我注意到比较我们的结果时发现-/sys/fs/cgroup下的文件夹结构错误。请注意,与您的输出相比,我在/sys/fs/cgroup中拥有更多权限。这就是我的结果:

root@instance-3:~# docker version
Client: Docker Engine - Community
 Version:           19.03.1
 API version:       1.39 (downgraded from 1.40)
 Go version:        go1.12.5
 Git commit:        74b1e89
 Built:             Thu Jul 25 21:21:24 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.1
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.6
  Git commit:       4c52b90
  Built:            Wed Jan  9 19:02:44 2019
  OS/Arch:          linux/amd64
  Experimental:     false


root@instance-3:~# ls -la /sys/fs/cgroup
total 0
drwxr-xr-x 14 root root 360 Sep  3 11:30 .
drwxr-xr-x  6 root root   0 Sep  3 11:30 ..
dr-xr-xr-x  5 root root   0 Sep  3 11:30 blkio
lrwxrwxrwx  1 root root  11 Sep  3 11:30 cpu -> cpu,cpuacct
dr-xr-xr-x  5 root root   0 Sep  3 11:30 cpu,cpuacct
lrwxrwxrwx  1 root root  11 Sep  3 11:30 cpuacct -> cpu,cpuacct
dr-xr-xr-x  2 root root   0 Sep  3 11:30 cpuset
dr-xr-xr-x  5 root root   0 Sep  3 11:30 devices
dr-xr-xr-x  2 root root   0 Sep  3 11:30 freezer
dr-xr-xr-x  5 root root   0 Sep  3 11:30 memory
lrwxrwxrwx  1 root root  16 Sep  3 11:30 net_cls -> net_cls,net_prio
dr-xr-xr-x  2 root root   0 Sep  3 11:30 net_cls,net_prio
lrwxrwxrwx  1 root root  16 Sep  3 11:30 net_prio -> net_cls,net_prio
dr-xr-xr-x  2 root root   0 Sep  3 11:30 perf_event
dr-xr-xr-x  5 root root   0 Sep  3 11:30 pids
dr-xr-xr-x  2 root root   0 Sep  3 11:30 rdma
dr-xr-xr-x  5 root root   0 Sep  3 11:30 systemd
dr-xr-xr-x  5 root root   0 Sep  3 11:30 unified



root@instance-3:~# ls -la /sys/fs/cgroup/unified/
total 0
dr-xr-xr-x  5 root root   0 Sep  3 11:37 .
drwxr-xr-x 14 root root 360 Sep  3 11:30 ..
-r--r--r--  1 root root   0 Sep  3 11:42 cgroup.controllers
-rw-r--r--  1 root root   0 Sep  3 11:42 cgroup.max.depth
-rw-r--r--  1 root root   0 Sep  3 11:42 cgroup.max.descendants
-rw-r--r--  1 root root   0 Sep  3 11:30 cgroup.procs
-r--r--r--  1 root root   0 Sep  3 11:42 cgroup.stat
-rw-r--r--  1 root root   0 Sep  3 11:42 cgroup.subtree_control
-rw-r--r--  1 root root   0 Sep  3 11:42 cgroup.threads
drwxr-xr-x  2 root root   0 Sep  3 11:30 init.scope
drwxr-xr-x 52 root root   0 Sep  3 11:30 system.slice
drwxr-xr-x  3 root root   0 Sep  3 11:30 user.slice

鼓励您从头开始完全重新安装docker(或重新创建实例并再次安装docker)。那应该有帮助。 让我与您分享我的docker-ce安装步骤:

$ sudo apt update
$ sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common
$ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
$ sudo apt update
$ apt-cache policy docker-ce
$ sudo apt install docker-ce=5:18.09.1~3-0~debian-buster

我在Kubelet: mountpoint for cpu not found问题答案中也看到了一个工作原理,但也没有获得root的权限来修复它:

mkdir /sys/fs/cgroup/cpu,cpuacct
mount -t cgroup -o cpu,cpuacct none /sys/fs/cgroup/cpu,cpuacct
相关问题
最新问题