修复由于docker、k8s的引擎不一致导致的报错: 调整为cgroups

k8s版本:1.15

docker版本:18.09.7

报错信息:

 W0701 15:05:59.697391    9931 watcher.go:87] Error while processing event ("/sys/fs/cgroup/devices/libcontainer_34389_systemd_test_default.slice": 0x40000100 == IN_CREATE|IN_ISDIR): inotify_add_watch /sys/fs/cgroup/devices/libcontainer_34389_systemd_test_default.slice: no such file or directory

这个报错,是因为 docker 的 cgroups 参数与 k8s 的cgroups 参数不一致导致:

参考:https://www.cnblogs.com/cuishuai/p/11114696.html

可以通过修改:

docker 的 守护参数: /etc/docker/daemon.json

"exec-opts": ["native.cgroupdriver=cgroupfs"]

k8s 的启动参数:

/usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf

参考文章中的路径是:/etc/systemd/system/kubelet.service.d/10-kubeadm.conf

这个路径要具体情况具体确认,可以使用 find 命令确认。

 

实际实践时,我发现使用 docker 的 exec-opts 参数指定引擎会导致docker无法重启,去除  /etc/docker/daemon.json 中

"exec-opts": ["native.cgroupdriver=systemd"] 之后,重启docker,引擎会自动调整到cgroups, 这点觉得有点奇怪,查看

/usr/lib/systemd/system/docker.service 中的 ExecStart 参数,也没有发现关于 cgroupdriver 的描述,为什么按照参考中的

修改会不行嘞? 这个有待后期观察。

 

另外,对于 k8s 除了修改 10-kubeadm.conf 中的

--cgroup-driver=cgroupfs 外,还需要添加:

--runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice

否则 kubelet 会有新的报错。

 

修改完成后,需要重启docker、kubelet,完成验证信息:

 

重启docker:

systemctl  daemon-reload
systemctl restart docker

验证: docker info

[root@master1 k8s]# docker info
Containers: 53
 Running: 26
 Paused: 0
 Stopped: 27
Images: 72
Server Version: 18.09.7
Storage Driver: overlay2
 Backing Filesystem: xfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: bb71b10fd8f58240ca47fbb579b9d1028eea7c84
runc version: 2b18fe1d885ee5083ef9f0838fee39b62d653e30
init version: fec3683
Security Options:
 seccomp
  Profile: default
Kernel Version: 5.1.0-1.el7.elrepo.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 15.63GiB
Name: vass-master1
ID: 6OHU:45DM:FPK5:GV6Z:RCWO:JTU2:25KZ:P3U3:IT7J:2U4B:XJZ3:NZL3
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Registry Mirrors:
 https://hib07n79.mirror.aliyuncs.com/
Live Restore Enabled: false
Product License: Community Engine

重启kubelet:

systemctl daemon-reload
systemctl restart kubelet

查看kubelet的状态:

systemctl status kubelet -l

[k8s@master1 ~]$ systemctl status kubelet -l
● kubelet.service - kubelet: The Kubernetes Node Agent
   Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/kubelet.service.d
           └─10-kubeadm.conf
   Active: active (running) since Wed 2019-11-20 14:40:01 CST; 4 days ago
     Docs: https://kubernetes.io/docs/
 Main PID: 64471 (kubelet)
    Tasks: 0
   Memory: 119.9M
   CGroup: /system.slice/kubelet.service
           ‣ 64471 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice --cgroup-driver=cgroupfs --network-plugin=cni --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1

你可能感兴趣的:(k8s)