xiaotian 取消置顶
KubeSphere v4 安装指南
3 个月 后
请问下,我从3.4.1升级到4.1.2成功后,想将k8s也升级从1.26.5升级到1.30.6。修改了config-sample.yaml
通过./kk upgrade -f config-sample.yaml -a kubesphere-4.1.2.tar.gz进行升级,提示错误如下,这是为什么?我应该如何升级呢?
7 天 后
“Reconciler error” err=<failed to reconcile cluster mainland: failed to install KS Core in cluster mainland: unable to build kubernetes objects from release manifest: resource mapping not found for name: “restart-extensions-museum” namespace: “kubesphere-system” from "": no matches for kind “CronJob” in version “batch/v1beta1” ensure CRDs are installed first> controller=“cluster” controllerGroup=“cluster.kubesphere.io” controllerKind=“Cluster” Cluster=“mainland” namespace="" name=“mainland” reconcileID=“7f29ac92-f2bb-4c8e-ba58-b7eddc117fb5”
真的要迷死了,不知道怎么处理,v4加入member集群,host集群ks-controller-manager报出的异常。
️6 天 后
什么时候出无痛升级,生产环境这样风险太高了
13 天 后
client.go:134: [debug] creating 1 resource(s)
install.go:160: [debug] CRD storageclasscapabilities.storage.kubesphere.io is already present. Skipping.
client.go:134: [debug] creating 1 resource(s)
install.go:160: [debug] CRD workspaces.tenant.kubesphere.io is already present. Skipping.
client.go:134: [debug] creating 1 resource(s)
install.go:160: [debug] CRD workspacetemplates.tenant.kubesphere.io is already present. Skipping.
Error: rendered manifests contain a resource that already exists. Unable to continue with install: GlobalRole "authenticated" in namespace "" exists and cannot be imported into the current release: invalid ownership metadata; label validation error: missing key "app.kubernetes.io/managed-by": must be set to "Helm"; annotation validation error: missing key "meta.helm.sh/release-name": must be set to "ks-core"; annotation validation error: missing key "meta.helm.sh/release-namespace": must be set to "kubesphere-system"
helm.go:84: [debug] GlobalRole "authenticated" in namespace "" exists and cannot be imported into the current release: invalid ownership metadata; label validation error: missing key "app.kubernetes.io/managed-by": must be set to "Helm"; annotation validation error: missing key "meta.helm.sh/release-name": must be set to "ks-core"; annotation validation error: missing key "meta.helm.sh/release-namespace": must be set to "kubesphere-system"
rendered manifests contain a resource that already exists. Unable to continue with install
helm.sh/helm/v3/pkg/action.(*Install).RunWithContext
helm.sh/helm/v3/pkg/action/install.go:320
main.runInstall
helm.sh/helm/v3/cmd/helm/install.go:286
main.newUpgradeCmd.func2
helm.sh/helm/v3/cmd/helm/upgrade.go:130
github.com/spf13/cobra.(*Command).execute
github.com/spf13/cobra@v1.6.1/command.go:916
github.com/spf13/cobra.(*Command).ExecuteC
github.com/spf13/cobra@v1.6.1/command.go:1044
github.com/spf13/cobra.(*Command).Execute
github.com/spf13/cobra@v1.6.1/command.go:968
main.main
helm.sh/helm/v3/cmd/helm/helm.go:83
runtime.main
runtime/proc.go:250
runtime.goexit求助,在host重新安装4.1.2失败了,好像是v3.4.1没有卸载干净
请问,新版本的 示例 应用 bookinfo 自带的镜像 都是 examples-bookinfo-xxx-v1:1.10.1 版本,拉取不到镜像了(v1:1.20.2 版本可以拉取) , 除了直接去编辑pod的yaml里image配置,还有什么更好的办法解决吗?
安装插件卡住了,咋办
请问在v4.1.2中添加EKS集群时,点击创建以后无反应,应该如何解决呢?
在网页的控制台上查看错误信息为:
Get “https://DA11ED6DEE5E65501CC969D43CC12F59.gr7.us-west-2.eks.amazonaws.com/api/v1/namespaces/kube-system?timeout=10s”: getting credentials: exec: executable aws not found
It looks like you are trying to use a client-go credential plugin that is not installed.
To learn more about this feature, consult the documentation available at:
https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins
执行下面命令 kubectl logs -n kubesphere-system ks-apiserver-686ddff57b-b99p4 得到的输出如下:
I0311 10:33:58.757629 1 filters.go:96] undefined - “GET /apis/cluster.kubesphere.io/v1alpha1/clusters/e HTTP/1.1” 404 232 3ms
I0311 10:33:59.190569 1 filters.go:96] undefined - “GET /apis/cluster.kubesphere.io/v1alpha1/clusters/eks HTTP/1.1” 404 236 3ms
I0311 10:34:01.698486 1 filters.go:96] undefined - “GET /apis/cluster.kubesphere.io/v1alpha1/clusters/eks HTTP/1.1” 404 236 3ms
E0311 10:34:36.135942 1 utils.go:65] /workspace/pkg/kapis/cluster/v1alpha1/handler.go:155 Get “https://56E7C1D89789B8E362CEE8E2094B0372.gr7.us-west-2.eks.amazonaws.com/api/v1/namespaces/kube-system?timeout=10s”: getting credentials: exec: executable aws not found
It looks like you are trying to use a client-go credential plugin that is not installed.
To learn more about this feature, consult the documentation available at:
https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins
hongmingK零SK壹S
- 已编辑
hongming
谢谢!
按照这个教程后,我执行了下面的操作:
在主集群的服务器,配置了aws credentials,然后执行了
aws eks --region us-west-2 update-kubeconfig --name xxxxxx
kubectl config use-context kubernetes-admin@cluster.local # 不执行这个,后面会报错
cat <<EOF >kubesphere-secret.yaml apiVersion: v1 kind: Secret metadata: name: kubesphere namespace: kubesphere-system annotations: kubernetes.io/service-account.name: "kubesphere" type: kubernetes.io/service-account-token EOF
kubectl apply -f kubesphere-secret.yaml
TOKEN=`kubectl -n kubesphere-system get secret kubesphere -o jsonpath='{.data.token}' | base64 -d` kubectl config set-credentials kubesphere --token=${TOKEN}
kubectl config set-context --current --user=kubesphere
最后得到了如下的config(删减了一些其他信息)
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CR【省略】 server: https://【省略】.gr7.us-west-2.eks.amazonaws.comname: arn:aws:eks:【省略】:cluster/pageguo
contexts:
- context:
cluster: arn:aws:eks:【省略】:cluster/pageguo user: kubespherename: arn:aws:eks:【省略】:cluster/pageguo
current-context: arn:aws:eks:【省略】:cluster/pageguo
kind: Config
preferences: {}
users:
- name: arn:aws:eks:【省略】:cluster/pageguo
user:
exec: apiVersion: client.authentication.k8s.io/v1beta1 args: - --region - us-west-2 - eks - get-token - --cluster-name -【省略】 command: aws env: null interactiveMode: IfAvailable provideClusterInfo: false- name: kubesphere
user:
token: eyJhbGciOiJSU【省略】
将上面的config添加到控制台以后,现在在网页控制台Network里提示:
Unauthorized
然后我执行了下面的命令:
kubectl logs -n kubesphere-system ks-apiserver-686ddff57b-b99p4
得到了如下的输出
error: You must be logged in to the server (Unauthorized)
我怀疑是EKS上没有安装Kubesphere导致的。但是我看帖子里都讲,现在不需要在EKS里安装KubeSphere了。尤其是在执行kubectl apply -f kubesphere-secret.yaml的时候,当前的context应该是哪个?
- 已编辑