Table of contents
"Using kubeadm to install Kubernetes 1.15" original text
问题1:not find the requested resource
Issue 2: pod STATUS: ImagePullBackOff
"Using kubeadm to install Kubernetes 1.15" original text
Helm installation
Helm consists of the client-side helm command-line tool and the server-side tiller. The installation of Helm is very simple. Download the helm command-line tool to /usr/local/bin of the master node node1, the version 2.14.1 downloaded here:
curl -O https://get.helm.sh/helm-v2.14.1-linux-amd64.tar.gz
tar -zxvf helm-v2.14.1-linux-amd64.tar.gz
cd linux-amd64/
cp helm /usr/local/bin/
In order to install the server tiller, you also need to configure the kubectl tool and kubeconfig file on this machine to ensure that the kubectl tool can access the apiserver on this machine and use it normally. The node1 node here has been configured with kubectl.
Because Kubernetes APIServer has enabled RBAC access control, you need to create the service account used by tiller: tiller and assign appropriate roles to it. For details, see Role-based Access Control in the helm documentation . For the sake of simplicity, directly assign the built-in ClusterRole of cluster-admin to it. Create the helm-rbac.yaml file:
apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system
implement:
kubectl create -f helm-rbac.yaml
serviceaccount/tiller created
clusterrolebinding.rbac.authorization.k8s.io/tiller created
Next use helm to deploy tiller:
helm init --service-account tiller --skip-refresh
Creating /root/.helm
Creating /root/.helm/repository
Creating /root/.helm/repository/cache
Creating /root/.helm/repository/local
Creating /root/.helm/plugins
Creating /root/.helm/starters
Creating /root/.helm/cache/archive
Creating /root/.helm/repository/repositories.yaml
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com
Adding local repo with URL: http://127.0.0.1:8879/charts
$HELM_HOME has been configured at /root/.helm.
Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.
Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation
Happy Helming!
问题1:not find the requested resource
# helm init --service-account tiller --skip-refresh
Error:
Error: error installing: the server could not find the requested resource
----The server cannot find the requested resource
After searching a series of articles, I finally found the "Kubernetes Guide" to solve:
Error: error installing: the server could not find the requested resource
For versions above Kubernetes v1.16.0, errors may be encountered . This is due to extensions/v1beta1
being apps/v1
superseded, the workaround is:
kubectl create serviceaccount --namespace kube-system tiller
kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
helm init --service-account tiller --override spec.selector.matchLabels.'name'='tiller',spec.selector.matchLabels.'app'='helm' --output yaml | sed 's@apiVersion: extensions/v1beta1@apiVersion: apps/v1@' | kubectl apply -f -
Update the list of charts:
helm repo update
The result is OK:
Issue 2: pod STATUS: ImagePullBackOff
View status found STATUS: ImagePullBackOff
# tiller默认被部署在k8s集群中的 kube-system 这个namespace下
# kubectl get pods -n kube-system
View pod events
# kubectl describe pod tiller-deploy-cf88b7d9-zlb7s -n kube-system
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 11m default-scheduler Successfully assigned kube-system/tiller-deploy-cf88b7d9-zlbe2
Normal Pulling 8m44s (x4 over 11m) kubelet, node2 Pulling image "gcr.io/kubernetes-helm/tiller:v2.14.1"
Warning Failed 8m29s (x4 over 10m) kubelet, node2 Failed to pull image "gcr.io/kubernetes-helm/tiller:v2.14.1"or: code = Unknown desc = Error response from daemon: Get https://gcr.io/v2/: net/http: request canceled while waiting foron (Client.Timeout exceeded while awaiting headers)
Warning Failed 8m29s (x4 over 10m) kubelet, node2 Error: ErrImagePull
Normal BackOff 8m15s (x6 over 10m) kubelet, node2 Back-off pulling image "gcr.io/kubernetes-helm/tiller:v2.14.
Warning Failed 54s (x35 over 10m) kubelet, node2 Error: ImagePullBackOff
Obviously, the acquisition of gcr.io/kubernetes-helm/tiller:v2.14 image failed.
Need to manually pull the image
1. View available images
[root@node1 linux-amd64]# docker search tiller
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
jessestuart/tiller Nightly multi-architecture (amd64, arm64, ar… 19 [OK]
sapcc/tiller Mirror of https://gcr.io/kubernetes-helm/til… 9
ist0ne/tiller https://gcr.io/kubernetes-helm/tiller 3 [OK]
rancher/tiller 2
jmgao1983/tiller from gcr.io/kubernetes-helm/tiller 2 [OK]
ibmcom/tiller Docker Image for IBM Cloud private-CE (Commu… 1
luxas/tiller 1
itinerisltd/tiller [Deprecated] Use https://circleci.com/orbs/r… 1
ansibleplaybookbundle/tiller-apb An APB that deploys tiller for use with helm. 1 [OK]
cfplatformeng/tiller-ubuntu 0
I chose: sapcc/tiller Mirror of https://gcr.io/kubernetes-helm/til…
2. Go to dockerhub to confirm
3. Download the image:
docker pull sapcc/tiller:v2.16.3
View local mirror
[root@node1 linux-amd64]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
sapcc/tiller v2.16.3 6a79bebf87f5 7 days ago 91.2MB
...
4. Edit the configuration file
# kubectl edit deployment tiller-deploy -n kube-system
...
template:
metadata:
creationTimestamp: null
labels:
app: helm
name: tiller
spec:
automountServiceAccountToken: true
containers:
- env:
- name: TILLER_NAMESPACE
value: kube-system
- name: TILLER_HISTORY_MAX
value: "0"
# image:改成手动下载的镜像的 NAME:TAG
image: sapcc/tiller:v2.16.3
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /liveness
port: 44135
scheme: HTTP
initialDelaySeconds: 1
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
name: tiller
...
Another way is
Find the image pull strategy and make the following changes:
imagePullPolicy:
Never
IfNotPresent :如果本地存在镜像就优先使用本地镜像。 Never:直接不再去拉取镜像了,使用本地的;如果本地不存在就报异常了
5. Then update the charts list
helm repo update
7. Check pod status, Running!
[root@node1 linux-amd64]# kubectl get pod -n kube-system -l app=helm
NAME READY STATUS RESTARTS AGE
tiller-deploy-655f8745d9-zgkwc 1/1 Running 0 98m
reference:
https://feisky.gitbooks.io/kubernetes/content/apps/helm.html