注:本文基于CentOS 7.4编写
根据yaml文件创建rc后,查询pods状态时,一直显示ContainerCreating,
[root@CentOS-7-4 /home/k8s]# kubectl get pods
NAME READY STATUS RESTARTS AGE
redis-master-5zn2z 0/1 ContainerCreating 0 13s
查看这个pods的详细信息,
[root@CentOS-7-4 /home/k8s]# kubectl describe pod redis-master-5zn2z
Name: redis-master-5zn2z
Namespace: default
Node: 192.168.0.29/192.168.0.29
Start Time: Wed, 16 Jan 2019 07:50:04 -0500
Labels: name=redis-master
Status: Pending
IP:
Controllers: ReplicationController/redis-master
Containers:
master:
Container ID:
Image: kubeguide/redis-master
Image ID:
Port: 6379/TCP
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Volume Mounts:
Environment Variables:
Conditions:
Type Status
Initialized True
Ready False
PodScheduled True
No volumes.
QoS Class: BestEffort
Tolerations:
Events:
FirstSeen LastSeen Count From SubObjectPath TypeReason Message
--------- -------- ----- ---- ------------- -------- ------ -------
1m 1m 1 {default-scheduler } Normal Scheduled Successfully assigned redis-master-5zn2z to 192.168.0.29
1m 18s 4 {kubelet 192.168.0.29} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
1m 6s 4 {kubelet 192.168.0.29} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
可见,是缺少了/etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt文件,
[root@CentOS-7-4 /home/k8s]# ll /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt
lrwxrwxrwx. 1 root root 27 May 16 2018 /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt -> /etc/rhsm/ca/redhat-uep.pem
[root@CentOS-7-4 /home/k8s]# ll /etc/rhsm/ca/redhat-uep.pem
ls: cannot access /etc/rhsm/ca/redhat-uep.pem: No such file or directory
使用yum查询/etc/rhsm/ca/redhat-uep.pem是哪个rpm包提供的,
[root@CentOS-7-4 /home/k8s]# yum provides */redhat-uep.pem
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.cn99.com
* extras: mirrors.cn99.com
* updates: mirrors.cn99.com
python-rhsm-certificates-1.19.10-1.el7_4.x86_64 : Certificates required to communicate with a
: Red Hat Unified Entitlement Platform
Repo : base
Matched from:
Filename : /etc/rhsm/ca/redhat-uep.pem
因此,安装python-rhsm-certificates组件即可。
但事实并不如此。。。。
[root@CentOS-7-4 /home/k8s]# yum install python-rhsm-certificates -y
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.cn99.com
* extras: mirrors.cn99.com
* updates: mirrors.cn99.com
Package python-rhsm-certificates is obsoleted by subscription-manager-rhsm-certificates, trying to install subscription-manager-rhsm-certificates-1.21.10-3.el7.centos.x86_64 instead
python-rhsm-certificates不再被允许安装,改而使用subscription-manager-rhsm-certificates。其实用哪个倒无所谓,但是新的这个组件没有提供/etc/rhsm/ca/redhat-uep.pem文件,所以还是会出现ContainerCreating的情况。
所以只能用以下方式安装,也就是直接下载python-rhsm-certificates,然后手动安装。
[root@CentOS-7-4 /home/k8s]# yumdownloader python-rhsm-certificates
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.cn99.com
* extras: mirrors.cn99.com
* updates: mirrors.cn99.com
python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | 41 kB 00:00:00
[root@CentOS-7-4 /home/k8s]# ls
. .. python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
[root@CentOS-7-4 /home/k8s]# rpm -e subscription-manager-rhsm-certificates
[root@CentOS-7-4 /home/k8s]# rpm -ivh python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
Preparing... ################################# [100%]
Updating / installing...
1:python-rhsm-certificates-1.19.10-################################# [100%]
[root@CentOS-7-4 /home/k8s]# ll /etc/rhsm/ca/redhat-uep.pem
-rw-r--r-- 1 root root 7732 Oct 19 2017 /etc/rhsm/ca/redhat-uep.pem
同时需要注意的是,其他所有结点也都要这样安装,因为每个结点都有可能需要运行这个pod。
都安装好后,稍等一会( 一分钟左右)再查看,就可以看到running状态的pod了。
[root@CentOS-7-4 /home/k8s]# kubectl get pods
NAME READY STATUS RESTARTS AGE
redis-master-nslvc 1/1 Running 0 12h