k8s版本:1.15
docker版本:18.09.7
報錯信息:
W0701 15:05:59.697391 9931 watcher.go:87] Error while processing event ("/sys/fs/cgroup/devices/libcontainer_34389_systemd_test_default.slice": 0x40000100 == IN_CREATE|IN_ISDIR): inotify_add_watch /sys/fs/cgroup/devices/libcontainer_34389_systemd_test_default.slice: no such file or directory
這個報錯,是因爲 docker 的 cgroups 參數與 k8s 的cgroups 參數不一致導致:
參考:https://www.cnblogs.com/cuishuai/p/11114696.html
可以通過修改:
docker 的 守護參數: /etc/docker/daemon.json
"exec-opts": ["native.cgroupdriver=cgroupfs"]
k8s 的啓動參數:
/usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf
參考文章中的路徑是:/etc/systemd/system/kubelet.service.d/10-kubeadm.conf
這個路徑要具體情況具體確認,可以使用 find 命令確認。
實際實踐時,我發現使用 docker 的 exec-opts 參數指定引擎會導致docker無法重啓,去除 /etc/docker/daemon.json 中
"exec-opts": ["native.cgroupdriver=systemd"] 之後,重啓docker,引擎會自動調整到cgroups, 這點覺得有點奇怪,查看
/usr/lib/systemd/system/docker.service 中的 ExecStart 參數,也沒有發現關於 cgroupdriver 的描述,爲什麼按照參考中的
修改會不行嘞? 這個有待後期觀察。
另外,對於 k8s 除了修改 10-kubeadm.conf 中的
--cgroup-driver=cgroupfs 外,還需要添加:
--runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice
否則 kubelet 會有新的報錯。
修改完成後,需要重啓docker、kubelet,完成驗證信息:
重啓docker:
systemctl daemon-reload
systemctl restart docker
驗證: docker info
[root@master1 k8s]# docker info
Containers: 53
Running: 26
Paused: 0
Stopped: 27
Images: 72
Server Version: 18.09.7
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: bb71b10fd8f58240ca47fbb579b9d1028eea7c84
runc version: 2b18fe1d885ee5083ef9f0838fee39b62d653e30
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 5.1.0-1.el7.elrepo.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 15.63GiB
Name: vass-master1
ID: 6OHU:45DM:FPK5:GV6Z:RCWO:JTU2:25KZ:P3U3:IT7J:2U4B:XJZ3:NZL3
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Registry Mirrors:
https://hib07n79.mirror.aliyuncs.com/
Live Restore Enabled: false
Product License: Community Engine
重啓kubelet:
systemctl daemon-reload
systemctl restart kubelet
查看kubelet的狀態:
systemctl status kubelet -l
[k8s@master1 ~]$ systemctl status kubelet -l
● kubelet.service - kubelet: The Kubernetes Node Agent
Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/kubelet.service.d
└─10-kubeadm.conf
Active: active (running) since Wed 2019-11-20 14:40:01 CST; 4 days ago
Docs: https://kubernetes.io/docs/
Main PID: 64471 (kubelet)
Tasks: 0
Memory: 119.9M
CGroup: /system.slice/kubelet.service
‣ 64471 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice --cgroup-driver=cgroupfs --network-plugin=cni --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1