[TOC]
0x00 前言导读
Q: 什么是 Web UI (Dashboard) ?
答: Kubernetes Dashboard 是一个通用的、基于web的Kubernetes集群UI。它允许用户管理在集群中运行的应用程序并对它们进行故障排除,以及管理集群本身。
Q: 为什么要使用 Dashboard?
答: 您可以使用 Dashboard 来概述集群上运行的应用程序,以及创建或修改单个Kubernetes资源(例如Deployments,Jobs,DaemonSets等)例如,您可以使用部署向导来扩展部署,启动滚动更新,重新启动Pod或部署新应用程序。
并且仪表板还提供有关集群中Kubernetes资源状态以及可能发生的任何错误的信息。
附录:
K8s官网介绍: https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/
项目地址: https://github.com/kubernetes/dashboard
0x01 安装部署
(1) 环境准备
Kubernetes 环境: 集群环境实现业务高可用以及快速扩容缩
1 | ~$ kubectl get nodes |
(2) 安装流程
描述: 我们可以通过原生的dashboard
yaml资源清单文件或者helm的方式进行安装
官方 安装方式
安装参考: https://github.com/kubernetes/dashboard/blob/master/docs/user/installation.md
Step 1.要部署仪表板请执行以下命令:
1
$ wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.1.0/aio/deploy/recommended.yaml -O dashboard-v2.1.0.yaml
Step 2.默认情况下会生成自签名证书并将其存储在内存中,而如果您想使用自定义证书请按照以下步骤操作
PS: 访问Dashboard应使用有效证书来建立安全的HTTPS连接(可以使用公共信任的证书颁发机构如Let's Encrypt生成它们
,或者Cert-Manager可以自动颁发和自动更新它们)
1 | # (1) 自定义证书必须存储在 kubernetes-dashboard-certs 与 Kubernetes 仪表板创建的名称空间中的secret中。 |
Step 3.仪表板仅通过HTTP公开不使用证书方式部署(不推荐)
1
kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.1/aio/deploy/alternative.yaml
Step 4.权限修改
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27# (1) kubernetes-dashboard 管理员角色添加修改
cat > dashboard-role-admin.yaml <<'EOF'
apiVersion: v1
kind: ServiceAccount
metadata:
name: kubernetes-dashboard
namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kubernetes-dashboard
# 权限来源
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
# 绑定对象
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kube-system
EOF
kubectl apply -f dashboard-role-admin.yaml
# (2) dashboard 资源清单构建
kubectl create -f dashboard-v2.1.0.yamlStep 5.集群网络访问端口修改
1
2
3
4
5
6
7
8
9
10
11
12# (1) 修改 SVC 访问方式为 NodePort (30443)
~/k8s/dashboard$ kubectl edit svc -n kubernetes-dashboard
# service/dashboard-metrics-scraper skipped
# service/kubernetes-dashboard edited
# (2) kubernetes-dashboard NodePort 为 10.96.167.225:443 => 30443
~$ kubectl get svc -n kubernetes-dashboard
# NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
# dashboard-metrics-scraper ClusterIP 10.108.185.162 <none> 8000/TCP 14h
# kubernetes-dashboard NodePort 10.96.167.225 <none> 443:30443/TCP 14h
# (3) 代理访问 kubectl -n kubernetes-dashboardport-forward kubernetes-dashboard 443:443Step 6.Dashboard 认证 Token 获取
1
2
3
4
5
6
7
8
9
10
11
12
13$ kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | grep kubernetes-dashboard-token | cut -d " " -f 1)
Name: kubernetes-dashboard-token-mssqb
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubernetes-dashboard
kubernetes.io/service-account.uid: 71b738ab-0f07-4e2c-99f9-0236cddd9bb4
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1066 bytes
namespace: 20 bytes
token: eyJhbG.....Step 7.访问 https://192.168.11.107:30443/#/login 进入 Kubernetes Dashboard 登陆页面选择 Token 认证登陆即可

WeiyiGeek.Kubernetes Dashboard
参考地址: https://github.com/kubernetes/dashboard/blob/master/README.md
Helm 安装方式
操作流程: 此处对于helm安装不再累述,二进制安装没有什么好说的;1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24$ helm repo add k8s-dashboard https://kubernetes.github.io/dashboard
# "k8s-dashboard" has been added to your repositories
$ helm pull k8s-dashboard/kubernetes-dashboard --untar
~/K8s/Day10/dashboard$ tar -xzvf kubernetes-dashboard-3.0.0.tgz
~/K8s/Day10/dashboard$ ls kubernetes-dashboard
# charts Chart.yaml README.md requirements.lock requirements.yaml templates values.yaml
~/K8s/Day10/dashboard$ helm install kubernetes-dashboard kubernetes-dashboard/ --namespace kube-system
# NAME: kubernetes-dashboard
# LAST DEPLOYED: Sun Dec 6 21:45:22 2020
# NAMESPACE: kube-system
# STATUS: deployed
# REVISION: 1
# TEST SUITE: None
# NOTES:
# *********************************************************************************
# *** PLEASE BE PATIENT: kubernetes-dashboard may take a few minutes to install ***
# ********************************************************************************
# Get the Kubernetes Dashboard URL by running:
# export POD_NAME=$(kubectl get pods -n kube-system -l "app.kubernetes.io/name=kubernetes-dashboard,app.kubernetes.io/instance=kubernetes-dashboard" -o jsonpath="{.items[0].metadata.name}") # kubernetes-dashboard-879457794-kxvcr
# echo https://127.0.0.1:8443/
# kubectl -n kube-system port-forward $POD_NAME 8443:8443 # 端口转发
查看结果:1
2
3
4
5
6
7
8
9
10
11
12
13
14
15~/K8s/Day10/dashboard$ helm list -n kube-system
# NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
# kubernetes-dashboard kube-system 1 2020-12-06 11:44:44.821856156 +0800 CST deployed kubernetes-dashboard-3.0.0 2.0.4
~/K8s/Day10/dashboard$ helm history kubernetes-dashboard -n kube-system
# REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
# 1 Sun Dec 6 21:45:22 2020 deployed kubernetes-dashboard-3.0.0 2.0.4 Install complete
# 查看 Dashboard Pod 信息以及标签
~/K8s/Day10/dashboard$ kubectl get pod -n kube-system -o wide --show-labels | grep "kubernetes-dashboard-879457794-kxvcr"
# kubernetes-dashboard-879457794-kxvcr 1/1 Running 0 11m 10.244.2.55 k8s-node-5 app.kubernetes.io/component=kubernetes-dashboard,app.kubernetes.io/instance=kubernetes-dashboard,app.kubernetes.io/managed-by=Helm,app.kubernetes.io/name=kubernetes-dashboard,app.kubernetes.io/version=2.0.4,helm.sh/chart=kubernetes-dashboard-3.0.0,pod-template-hash=879457794
# 查看 Dashboard 的 SVC
~/K8s/Day10/dashboard$ kubectl get svc -n kube-system -o wide | grep "kubernetes-dashboard"
# kubernetes-dashboard ClusterIP 10.104.18.192 <none> 443/TCP 13m app.kubernetes.io/component=kubernetes-dashboard,app.kubernetes.io/instance=kubernetes-dashboard,app.kubernetes.io/name=kubernetes-dashboard
以NodePort的方式进行访问:1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40~/K8s/Day10/dashboard$ kubectl edit svc -n kube-system kubernetes-dashboard
service/kubernetes-dashboard edited
# 目的: 将通过集群IP:443访问的模式变成节点IP:30443进行访问
apiVersion: v1
kind: Service
metadata:
annotations:
meta.helm.sh/release-name: kubernetes-dashboard
meta.helm.sh/release-namespace: kube-system
creationTimestamp: "2020-12-06T13:45:22Z"
labels:
app.kubernetes.io/component: kubernetes-dashboard
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: kubernetes-dashboard
app.kubernetes.io/version: 2.0.4
helm.sh/chart: kubernetes-dashboard-3.0.0
kubernetes.io/cluster-service: "true"
name: kubernetes-dashboard
namespace: kube-system
resourceVersion: "6111082"
selfLink: /api/v1/namespaces/kube-system/services/kubernetes-dashboard
uid: 51025b69-7c65-4ac0-a8f2-93a243a33e7d
spec:
clusterIP: 10.104.18.192
ports:
- name: https
port: 443
protocol: TCP
targetPort: https
nodePort: 30443 # 修改点
selector:
app.kubernetes.io/component: kubernetes-dashboard
app.kubernetes.io/instance: kubernetes-dashboard
app.kubernetes.io/name: kubernetes-dashboard
sessionAffinity: None
type: NodePort # 修改点 修改 ClusterIP 为 NodePort
status:
loadBalancer: {}
简单使用:
- 1) 认证的 Token 查看
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17~/K8s/Day10/dashboard$ kubectl -n kube-system get secret | grep kubernetes-dashboard-token
# kubernetes-dashboard-token-6nrqk kubernetes.io/service-account-token 3 19m
kubectl describe secret kubernetes-dashboard-token-6nrqk -n kube-system
# Name: kubernetes-dashboard-token-6nrqk
# Namespace: kube-system
# Labels: <none>
# Annotations: kubernetes.io/service-account.name: kubernetes-dashboard
# kubernetes.io/service-account.uid: a1685c3b-247e-4802-9d2e-28d5f48e432a
# Type: kubernetes.io/service-account-token
# Data
# ====
# ca.crt: 1066 bytes
# namespace: 11 bytes
# token: .......

WeiyiGeek.Kubernetes-仪表盘
PS : 需要注意令牌过期时间,登录账户将自动退出;
- 2) 登录Dashboard仪表盘控制台,可以看相关资源控制器下面的所属资源

WeiyiGeek.Dashboard仪表盘主页
参考地址:https://artifacthub.io/packages/helm/k8s-dashboard/kubernetes-dashboard?modal=install
(3) MetricServer
Q: MetricServer 是什么?
答: 它是kubernetes集群资源使用情况的聚合器,收集数据给kubernetes集群内使用,如 kubectl,hpa,scheduler等。
Kubernetes 推荐使用 metrics-server , 因为 heapster (https:/github.com/kubernetes/heapster) 已经DEPRECATED ,并从 Kubernetes 1.12开始将从 Kubernetes 各种安装脚本中移除,
PS : 如果采用官方的安装dashboard的方式则默认将Metric Server
进行安装使用,而采用helm安装dashboard时候默认是将metrics-server禁用的需要手动启用;
helm 安装方式
下面我们使用Helm部署Dashboard
时也可以利用第三方依赖进行安装metrics-server
,只需要修改一个小小的注释1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70# (1) 启用Metrics-server以及插件
$ ~/K8s/Day10/dashboard/kubernetes-dashboard$ vim +200 values.yaml
## Enable this is you don't already have metrics-server enabled on your cluster and
## want to use it with dashboard metrics-scraper
## refs:
## - https://hub.helm.sh/charts/stable/metrics-server
## - https://github.com/kubernetes-sigs/metrics-server
metrics-server:
enabled: true
## Example for additional args
args:
- --logtostderr
- --kubelet-preferred-address-types=InternalIP
- --kubelet-insecure-tls
# (2) 此时如果需要更新部署时需要将SVC改回集群IP通信
~/K8s/Day10/dashboard$ kubectl edit svc -n kube-system kubernetes-dashboard
service/kubernetes-dashboard edited
# (3) 更新指定的RELEASE_NAME
~/K8s/Day10/dashboard$ helm upgrade kubernetes-dashboard kubernetes-dashboard/ -n kube-system
# (4) 查看与dashboard相关的Pod信息
~/K8s/Day10/dashboard$ kubectl get pod -n kube-system -o wide | grep "kubernetes-dashboard"
# kubernetes-dashboard-879457794-kxvcr 1/1 Running 0 23h 10.244.2.55 k8s-node-5
# kubernetes-dashboard-metrics-server-7bc85c65bc-vrxft 0/1 ImagePullBackOff # 关键点 0 10m 10.244.2.57 k8s-node-5
# (5) 发现镜像拉取失败下面我们手动查看并下载该镜像
~/K8s/Day10/dashboard$ kubectl describe pod kubernetes-dashboard-metrics-server-7bc85c65bc-vrxft -n kube-system kubernetes-dashboard
# GFW 没办法,解决利用阿里云镜像站进行手动下载然后上传到node-5节点中(或者在安全前选择修改该k8s.gcr.io镜像源)
Warning Failed 10m (x4 over 12m) kubelet Failed to pull image "k8s.gcr.io/metrics-server-amd64:v0.3.6": rpc error: code = Unknown desc = Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
~/K8s/Day10/dashboard$ docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-server-amd64:v0.3.6
~/K8s/Day10/dashboard$ docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-server-amd64:v0.3.6 k8s.gcr.io/metrics-server-amd64:v0.3.6
~/K8s/Day10/dashboard$ docker save k8s.gcr.io/metrics-server-amd64:v0.3.6 -o metrics-server-amd64.tar
~/K8s/Day10/dashboard$ scp -P 20211 metrics-server-amd64.tar weiyigeek@10.10.107.215:~
# metrics-server-amd64.tar 100% 39MB 187.5MB/s 00:00
~/K8s/Day10/dashboard$ ssh -p 20211 weiyigeek@10.10.107.215 "docker load -i metrics-server-amd64.tar"
# Loaded image: k8s.gcr.io/metrics-server-amd64:v0.3.6
# (6) 此时可以看见metrics-server已经成功安装了
~/K8s/Day10/dashboard$ kubectl get pod -n kube-system -o wide | grep "kubernetes-dashboard-metrics-server-7bc85c65bc-vrxft"
# kubernetes-dashboard-metrics-server-7bc85c65bc-vrxft 1/1 Running 0 27m 10.244.2.57 k8s-node-5 <none> <none>
# (7) 验证安装的 metrics-server 它获取到关于集群节点基本的指标信息:
~$ kubectl top pod
# NAME CPU(cores) MEMORY(bytes)
# dashboard-create-696f45d5db-fj5dg 0m 2Mi
~$ kubectl top node
# NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
# ubuntu 194m 2% 1377Mi 17%
# k8s-node-4 32m 1% 1351Mi 35%
# k8s-node-5 26m 1% 1134Mi 29%
# (8) 采用port-forward转发的方式访问我们创建的应用,此处访问master节点的端口还是30443端口->Pod暴露的8443端口之中
export POD_NAME=$(kubectl get pods -n kube-system -l "app.kubernetes.io/name=kubernetes-dashboard,app.kubernetes.io/instance=kubernetes-dashboard" -o jsonpath="{.items[0].metadata.name}")
echo https://127.0.0.1:30443/
~/K8s/Day10/dashboard$ kubectl -n kube-system port-forward --address 10.10.107.202 $POD_NAME 30443:8443
# Forwarding from 10.10.107.202:30443 -> 8443
# Handling connection for 30443
# 新开一个Terminal获取访问的token
~/K8s/Day10/dashboard$ kubectl describe secrets -n kube-system kubernetes-dashboard-token-6nrqk
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IkNsYzNjT0FWNnFySDlrMGlQZlJzcEIyYjZ0UTEtdElRNGdRUDZ5eFRHY3MifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi02bnJxayIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImExNjg1YzNiLTI0N2UtNDgwMi05ZDJlLTI4ZDVmNDhlNDMyYSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.KEWLtVGXcS4EEpBthHPt8_gbV55nhX65wjm56rKe_hfrcgPx7UG_tD3PcMErgIt6HbG6k02AgRS3sJMyT6KjuA4fmUajlaOYSiOp1QRYBKGgpf5PDsz1GYa6A87CMcQLuAt_IA8keHIPhlddYrJ3ow4wpXX-apKIz-gs4Lyqw-yxbh5BUhp8ulVRYTwTDFd12xwwavGI9Qe4JHPK4Cnq17JMUZWU8aKWzqGy6Y-1d8yoqL6g7fBVFB1-ADEo60Iqo_yVFYj_wj8fJFjIFGZY3qqcv19x_2DFoOOyIOWgaVWgkkPa9on7t5t2fabnU1RoWQqx8v8fjknTWtKLBDUk-Q
# (9) 补充附录
~$ helm get all -n kube-system kubernetes-dashboard # 查看实际执行的资源清单
~$ helm uninstall kubernetes-dashboard -n kube-system # 卸载 Helm 安装的 kubernetes-dashboard
release "kubernetes-dashboard" uninstalled

WeiyiGeek.K8s-metrics-server
0x03 使用实践
Dashboard-小试牛刀
- Step 1.右上角点击
+
进行创建Deployment管理的Pod,按图所示输入应用名称和容器镜像名称,其次是Services资源控制器设置为内部的Internal;

WeiyiGeek.创建Deployment管理的Pod
Step 2.点击左边Workloads中的Deployments子菜单查看创建的Deployments资源
1
2
3~$ kubectl get pod -o wide --show-labels
# NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
# dashboard-create-696f45d5db-fj5dg 1/1 Running 0 4m23s 10.244.2.56 k8s-node-5 <none> <none> k8s-app=dashboard-create,pod-template-hash=696f45d5dbWeiyiGeek.Deployments
Step 3.同样点击Service中的Services子菜单将可以看见我们创建的Service相关资源信息
1
2
3~$ kubectl get svc -o wide --show-labels
# NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR LABELS
# dashboard-create ClusterIP 10.102.184.126 <none> 80/TCP 4m53s k8s-app=dashboard-create k8s-app=dashboard-create

WeiyiGeek.Service
- Step 4.#验证 集群IP地址访问 以及 Pod地址访问效果一致
1
2
3~$ curl http://10.102.184.126/host.html && curl http://10.244.2.56/host.html
# Hostname: dashboard-create-696f45d5db-fj5dg ,Image Version: 3.0, Nginx Version: 1.19.4
# Hostname: dashboard-create-696f45d5db-fj5dg ,Image Version: 3.0, Nginx Version: 1.19.4
PS : 总结可以看出使用Kubernetes-Kuboard是可以非常简单的创建我们指定的应用到kubernetes之中;
0x04 入坑与出坑
问题1.pods is forbidden: User "system:serviceaccount:kube-system:namespace-controller"
cannot create resource clusterroles” in API group “rbac.authorization.k8s.io” at the cluster scope
问题原因:
- 1.API组中用户不能在默认命名空间创建Pod,也就是说使用原token认证登录的用户是无权操作
- 2.其次是采用Helm创建的时候只是将
kubernetes-dashboard-metrics
与集群角色绑定1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19# 绑定的角色
~/K8s/Day10/dashboard/kubernetes-dashboard$ kubectl get ClusterRoleBinding -n kube-system | grep "kubernetes-dashboard"
kubernetes-dashboard-metrics ClusterRole/kubernetes-dashboard-metrics
# 查看集群所有权限
~/K8s/Day10/dashboard/kubernetes-dashboard$ kubectl get clusterrole
# 权限非常有限
~/K8s/Day10/dashboard/kubernetes-dashboard$ kubectl get clusterrole kubernetes-dashboard-metrics -o yaml
rules:
- apiGroups:
- metrics.k8s.io
resources:
- pods
- nodes
verbs:
- get
- list
- watch
解决方法:1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49# 1.创建kubernetes-dashboard管理员角色
cat > k8s-admin.yaml <<'EOF'
apiVersion: v1
kind: ServiceAccount
metadata:
name: kubernetes-dashboard
namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
# 绑定对象
metadata:
name: kubernetes-dashboard
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kube-system
# 权限来源
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
EOF
kubectl create -f k8s-admin.yaml
# 3.验证查看 ClusterRoleBinding 资源
~/K8s/Day10/dashboard/$ kubectl get ClusterRoleBinding -n kube-system | grep "kubernetes-dashboard"
# NAME ROLE AGE
# kubernetes-dashboard ClusterRole/cluster-admin 17m
# kubernetes-dashboard-metrics ClusterRole/kubernetes-dashboard-metrics 70m
~/K8s/Day10/dashboard/$ kubectl describe ClusterRoleBinding -n kube-system kubernetes-dashboard
# Name: kubernetes-dashboard
# Labels: <none>
# Annotations: <none>
# Role:
# Kind: ClusterRole
# Name: cluster-admin
# Subjects:
# Kind Name Namespace
# ---- ---- ---------
# ServiceAccount kubernetes-dashboard kube-system
# 2.获取dashboard管理员角色token
kubectl describe secret kubernetes-dashboard-token-7z6zm -n kube-system
# 3.使用第二步第12行的token登陆kubernetes-dashboard web界面即可
PS : 在使用Helm创建Kubenertes-Dashboard时候已创建了ServiceAccount资源,所以只需要创建ClusterRoleBinding资源即可;
参考地址: https://blog.csdn.net/qq_38900565/article/details/100729686
问题2.采用Helm安装metric-server时镜像有误导致Pod状态ImagePullBackOff
错误信息:1
Warning Failed 10m (x4 over 12m) kubelet Failed to pull image "k8s.gcr.io/metrics-server-amd64:v0.3.6": rpc error: code = Unknown desc = Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
解决办法:
- 1.利用阿里云的K8s镜像站拉取metrics-server-amd64:v0.3.6镜像然后进行改名,随后上传到metrics-server运行的节点之上
- 2.在进行更新时候指定或者说修改配置文件中的
image.repository
;1
2
3~/K8s/Day10/dashboard$ grep "k8s.gcr.io" kubernetes-dashboard/charts/metrics-server/*
# kubernetes-dashboard/charts/metrics-server/values.yaml: repository: k8s.gcr.io/metrics-server-amd64
~/K8s/Day10/dashboard$ sed -i "s#k8s.gcr.io#registry.cn-hangzhou.aliyuncs.com/google_containers#g" kubernetes-dashboard/charts/metrics-server/values.yaml: