K8S：helm 添加heapster及异常

2019-07-24 本文已影响0人佑岷

用helm添加heapster：

helm install stable/heapster -n heapster --namespace kube-system

而后会保持，image pull异常，多正常

 Normal   Scheduled  2m15s                default-scheduler  Successfully assigned kube-system/heapster-5f5bb94d57-cv4zd to node2
  Warning  Failed     73s                  kubelet, node2     Error: ImagePullBackOff
  Normal   Pulling    59s (x3 over 2m13s)  kubelet, node2     Pulling image "k8s.gcr.io/heapster:v1.5.2"
  Warning  Failed     44s (x3 over 118s)   kubelet, node2     Failed to pull image "k8s.gcr.io/heapster:v1.5.2": rpc error: code = Unknown desc = Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
  Warning  Failed     44s (x3 over 118s)   kubelet, node2     Error: ErrImagePull
  Normal   Pulling    44s (x3 over 118s)   kubelet, node2     Pulling image "k8s.gcr.io/addon-resizer:1.7"
  Warning  Failed     29s (x3 over 103s)   kubelet, node2     Failed to pull image "k8s.gcr.io/addon-resizer:1.7": rpc error: code = Unknown desc = Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
  Warning  Failed     29s (x3 over 103s)   kubelet, node2     Error: ErrImagePull
  Normal   BackOff    18s (x2 over 73s)    kubelet, node2     Back-off pulling image "k8s.gcr.io/heapster:v1.5.2"
  Warning  Failed     18s (x2 over 73s)    kubelet, node2     Error: ImagePullBackOff
  Normal   BackOff    18s (x2 over 73s)    kubelet, node2     Back-off pulling image "k8s.gcr.io/addon-resizer:1.7"
[root@LFA-L0170086 kubernetes]# kubectl edit deploymnet heapster -n kube-system

阿里云下载后retag：

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/heapster:v1.5.2 
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/addon-resizer:1.7
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/heapster:v1.5.2  k8s.gcr.io/heapster:v1.5.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/addon-resizer:1.7 k8s.gcr.io/addon-resizer:1.7
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/heapster:v1.5.2
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/addon-resizer:1.7

遇到连接不到各节点kubelet端口异常，实际端口是10250：

E0724 09:31:05.007335       1 manager.go:101] Error in scraping containers from kubelet_summary:100.65.16.32:10255: Get http://100.65.16.32:10255/stats/summary/: dial tcp 100.65.16.32:10255: getsockopt: connection refused
E0724 09:31:05.011228       1 manager.go:101] Error in scraping containers from kubelet_summary:100.65.16.6:10255: Get http://100.65.16.6:10255/stats/summary/: dial tcp 100.65.16.6:10255: getsockopt: connection refused
E0724 09:31:05.013799       1 manager.go:101] Error in scraping containers from kubelet_summary:100.65.16.82:10255: Get http://100.65.16.82:10255/stats/summary/: dial tcp 100.65.16.82:10255: getsockopt: connection refused
W0724 09:31:25.000428       1 manager.go:152] Failed to get all responses in time (got 0/3)

按照代码bug修复改动配置：

    content = content.replace("kubernetes.summary_api:''", "kubernetes.summary_api:https://kubernetes.default?kubeletPort=10250&kubeletHttps=true")

编辑deployment heapster：kubectl edit deployment heapster -n kube-system 找到并替换

spec:
      containers:
      - command:
        - /heapster
        - --source=kubernetes.summary_api:'' 
替换为： - --source=kubernetes.summary_api:https://kubernetes.default?kubeletPort=10250&kubeletHttps=true&insecure=true

然后。。。。。。又遇到错误：

E0724 10:18:05.020187       1 manager.go:101] Error in scraping containers from kubelet_summary:100.65.16.6:10250: request failed - "403 Forbidden", response: "Forbidden (user=system:serviceaccount:kube-system:heapster, verb=get, resource=nodes, subresource=stats)"
E0724 10:18:05.022748       1 manager.go:101] Error in scraping containers from kubelet_summary:100.65.16.82:10250: request failed - "403 Forbidden", response: "Forbidden (user=system:serviceaccount:kube-system:heapster, verb=get, resource=nodes, subresource=stats)"
E0724 10:18:05.024463       1 manager.go:101] Error in scraping containers from kubelet_summary:100.65.16.32:10250: request failed - "403 Forbidden", response: "Forbidden (user=system:serviceaccount:kube-system:heapster, verb=get, resource=nodes, subresource=stats)"

这个需要为角色授权：

kubectl edit clusterrole/system:heapster
追加：
- apiGroups:
  - ""
  resources:
  - nodes/stats
  verbs:
  - get

完工

K8S：helm 添加heapster及异常

猜你喜欢

热点阅读