minikube-1.29.0安装笔记

环境：centos7.6、containerd-1.6.20、cri-dockerd-0.3.1、docker-ce-cli-23.0.2、kubernetes-1.26.1、minikube-1.29.0。

增加docker和k8s的yum源：

docker-ce.repo：

wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

kubernetes.repo：

[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0

kubectl命令自动补全：

yum install -y bash-completion
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
echo 'source <(kubectl completion bash)' >> ~/.bashrc

docker命令自动补全：

curl -L https://raw.githubusercontent.com/docker/cli/v23.0.2/contrib/completion/bash/docker -o ~/.bash_docker_completion
source ~/.bash_docker_completion
echo 'source ~/.bash_docker_completion' >> ~/.bashrc

采用裸机安装minikube，安装命令：

minikube start --image-mirror-country='cn' -v=6 --kubernetes-version='v1.26.1' --driver=none --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers

遇到的错误1，kubelet启动pod失败：

[kubelet-check] Initial timeout of 40s passed.
This error is likely caused by:
        - The kubelet is not running
        - The kubelet is unhealthy due to a misconfiguration

查看kubelet日志：

sudo tail -f /var/log/messages | grep kubelet

如下：

kuberuntime_manager.go:782] "CreatePodSandbox for pod failed" err="rpc error: code = Unknown desc = failed pulling image \"registry.k8s.io/pause:3.6\": Error response from daemon: Head \"https://asia-east1-docker.pkg.dev/v2/k8s-artifacts-prod/images/pause/manifests/3.6\": dial tcp 74.125.23.82:443: connect: connection refused" pod="kube-system/kube-controller-manager-control-plane.minikube.internal"

解决办法：

docker pull k8simage/pause:3.6
id=`docker images -q k8simage/pause:3.6`
docker tag $id registry.k8s.io/pause:3.6

遇到的错误2，kubectl非root账号执行报错：

执行 kubectl get pod 显示：error: unable to read client-key: permission denied

解决办法：

sudo cp -r /root/.minikube/ $HOME/.minikube/                  
sudo chown $USER -R $HOME/.minikube/

再次执行 kubectl get pod 显示：x509: certificate signed by unknown authority

解决办法：

sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config

遇到的错误3，node状态NotReady：

$ kubectl get nodes
NAME                              STATUS     ROLES    AGE   VERSION
control-plane.minikube.internal   NotReady      28m   v1.26.1

查看kubelet日志：kubelet.go:2475] "Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized"

解决办法：

#安装bridge、vlan、macvlan、tuning等二进制插件
curl -O -L https://github.com/containernetworking/plugins/releases/download/v1.2.0/cni-plugins-linux-amd64-v1.2.0.tgz
mkdir -p /opt/cni/bin
tar -C /opt/cni/bin -xzf cni-plugins-linux-amd64-v1.2.0.tgz

遇到的错误4，minikube重启报错certificate apiserver not signed：

error execution phase certs/apiserver: [certs] certificate apiserver not signed by CA certificate ca: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "minikubeCA")

解决办法：

#重来一遍
minikube stop
minikube delete
minikube start --image-mirror-country='cn' --kubernetes-version='v1.26.1' --driver=none --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers

 遇到的错误5，The 'none driver does not support multiple profiles

当试图启动多个node时：

minikube start --image-mirror-country='cn' -v=5 --kubernetes-version='v1.26.1' --driver=none --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --nodes 2 -p multinode-demo

报错：X Exiting due to DRV_UNSUPPORTED_PROFILE: The 'none driver does not support multiple profiles: https://minikube.sigs.k8s.io/docs/reference/drivers/none/

多节点支持相关文档：

https://minikube.sigs.k8s.io/docs/drivers/none/

Using Multi-Node Clusters | minikube

Add `local-path-provisioner` addon by presztak · Pull Request #15062 · kubernetes/minikube · GitHub

GitHub - rancher/local-path-provisioner: Dynamically provisioning persistent local storage with Kubernetes