kubernetes 问题汇总--kube-apiserver无法正常启动

kubernetes 问题汇总

1、新安装kubernetes到服务器，在创建rc之后，无法启动pod。yaml文件如下：

apiVersion: v1
kind: ReplicationController
metadata:
name: redis-master
  labels:
    name: redis-master
spec:
  replicas: 1
  selector:
    name: redis-master
  template:
    metadata:
      labels:
        name: redis-master
    spec:
      containers:
      - name: master
        image: kubeguide/redis-master
        ports:
        - containerPort: 6379

2、执行以下指令创建rc，结果未成功创建pod
[root@izwz98e5znt7xgdg8aj0cfz Guestbook]# kubectl create -f redis-master-controller.yaml
3、查看rc的events信息
[root@izwz98e5znt7xgdg8aj0cfz ~]# kubectl describe rc redis-master
Name: redis-master
Namespace: default
Image(s): kubeguide/redis-master
Selector: name=redis-master
Labels: name=redis-master
Replicas: 0 current / 1 desired
Pods Status: 0 Running / 0 Waiting / 0 Succeeded / 0 Failed
No volumes.
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
——— ——– —– —- ————- ——– —— ——-
4h 2m 57 {replication-controller } Warning FailedCreate Error creating: No API token found for created and added to the service account
4、问题原因：kubeapiserver启动参数问题导致
5、解决办法：
[root@izwz98e5znt7xgdg8aj0cfz Guestbook]# vim /etc/kubernetes/apiserver
编辑kube-apiserver的配置文件，找到权限控制部分，删除SecurityContextDeny,ServiceAccount后保存
KUBE_ADMISSION_CONTROL=”–admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota”
重启kube-apiserver
systemctl restart kube-apiserver