問題:公司內網由於防火牆的原因,上不了外網,而這個時候k8s集羣pods以來的pasue容器是依賴的外部鏡像源,這會造成k8s節點重啓後無法起pods.
解決:
我們知道在kubelet的配置中有這樣一個參數:
kubernetes中默認的配置參數是:
KUBELET_POD_INFRA_CONTAINER=–pod-infra-container-image=k8s.gcr.io/pause-amd64:3.1
Pause容器,是可以自己來定義,官方使用的gcr.io/google_containers/pause-amd64:3.0容器的代碼見Github,使用C語言編寫。
更改:
[root@k8s-master-1 ~]# cat /etc/systemd/system/kubelet.service.d/10-kubelet.conf
[Service]
Environment="KUBELET_POD_INFRA_CONTAINER=–pod-infra-container-image=registry.bst-1.cns.bstjpc.com:5000/k8s.gcr.io/pause-amd64:3.1"
Environment=“KUBELET_KUBECONFIG_ARGS=–kubeconfig=/etc/kubernetes/kubelet.conf”
Environment=“KUBELET_SYSTEM_PODS_ARGS=–pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true”
Environment=“KUBELET_DNS_ARGS=–cluster-dns=10.96.0.10 --cluster-domain=cluster.local”
Environment=“KUBELET_CADVISOR_ARGS=–cadvisor-port=4194”
Environment="KUBELET_VOLUME_ARGS=–volume-plugin-dir=/var/lib/kubelet/volumeplugins --feature-gates=DevicePlugins=true,BlockVolume=true,PodPriority=true --volume-stats-agg-period=0 "
Environment=“KUBELET_EXTRA_ARGS=–fail-swap-on=false --node-labels=node-role.kubernetes.io/master=’’ --logtostderr=true --v=0”
Environment=“KUBELET_NETWORK_ARGS=–network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin”
Environment=“KUBELET_AUTHZ_ARGS=–authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/ca.pem”
Environment=“KUBELET_CERTIFICATE_ARGS=–rotate-certificates=true --cert-dir=/var/lib/kubelet/pki”
ExecStart=
ExecStart=/usr/local/bin/kubelet $KUBELET_POD_INFRA_CONTAINER $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_DNS_ARGS $KUBELET_CADVISOR_ARGS $KUBELET_VOLUME_ARGS $KUBELET_EXTRA_ARGS