k8s+ovs三节点部署,及kubenetes无法创建pod/创建RC时无法自动创建pod的问题

准备工作：

配置yum源及关闭防火墙

# systemctl stop firewalld
# systemctl disable firewalld

安装mster

yum install etcd kubernetes-master

安装node

yum install kubernetes-node

以上参考链接：

https://blog.csdn.net/magerguo/article/details/72123259?locationNum=3&fps=1

网络配置：

本地docker0网络配置：

修改文件 /etc/docker/daemon.json 添加内容 {"bip": "172.17.1.1/24"}

docker源 /etc/docker/daemon.json配置：

{"registry-mirrors":["https://docker.mirrors.ustc.edu.cn"]}

1.flannel网络

note节点安装flannel，并在etcd中定义flannel网络

    # etcdctl mk /atomic.io/network/config '{"Network":"172.17.0.0/16"}'

参考链接：

https://blog.csdn.net/magerguo/article/details/72123259?locationNum=3&fps=1

2.ovs网络（注意环路）

1.  yum install openvswitch
2. 关闭selinux
3. 创建网桥

ovs-vsctl add-br br0
     

　　 4.创建gre

ovs-vsctl add-port br0 gre103 --set interface gre103 type=gre option:remote_ip=192.168.71.103

       5.添加br0到本地docker0，使容器流量流经tunnel

brctl addif docker0 br0

　　6.开启端口发布路由

 ip link set dev br0 up
 ip link set dev docker0 up
 ip route add 172.17.0.0/16 dev docker0
 iptables -t nat -F;iptables -F

　　

kubernetes启动后的两个问题

（1）kubenetes无法创建pod/创建RC时无法自动创建pod的问题：

主要命令：kubectl describe rs/redis-master-1258987832

参考链接：https://blog.csdn.net/jinzhencs/article/details/51435020

创建pod:

# kubectl create -f nginx.yaml
此时有如下报错：

Error from server: error when creating "nginx.yaml": Pod "nginx" is forbidden: no API token found for service account default/default, retry after the token is automatically created and added to the service account
解决办法是编辑/etc/kubernetes/apiserver 去除 KUBE_ADMISSION_CONTROL中的SecurityContextDeny,ServiceAccount，并重启kube-apiserver.service服务：

（2）pod服务一直处于 ContainerCreating状态的原因查找与解决

vents:
  FirstSeen    LastSeen    Count    From                SubObjectPath    Type        Reason        Message
  ---------    --------    -----    ----                -------------    --------    ------        -------
  5m        5m        1    {default-scheduler }                Normal        Scheduled    Successfully assigned nginx-deployment-148880595-0jprz to 192.168.71.102
  5m        2m        5    {kubelet 192.168.71.102}            Warning        FailedSync    Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request.  details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"

  4m    6s    19    {kubelet 192.168.71.102}        Warning    FailedSync    Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image "registry.access.redhat.com/rhel7/pod-infrastructure:latest""

主要命令：yum install *rhsm* -y

参考链接：https://blog.csdn.net/learner198461/article/details/78036854

                  https://blog.csdn.net/d7185540/article/details/80868816