在kubernetes v1.21.0的apiserver清单文件中包含额外的标志似乎没有任何效果
我正在尝试将以下两个标志添加到/etc/kubernetes/manifests/kube-apiserver.yaml文件中的apiserver:在kubernetes v1.21.0的apiserver清单文件中包含额外的标志似乎没有任何效果,kubernetes,kube-apiserver,nodeselector,Kubernetes,Kube Apiserver,Nodeselector,我正在尝试将以下两个标志添加到/etc/kubernetes/manifests/kube-apiserver.yaml文件中的apiserver: spec: containers: - command: - kube-apiserver - --enable-admission-plugins=NodeRestriction,PodNodeSelector - --admission-control-config-file=/vagrant/admi
spec:
containers:
- command:
- kube-apiserver
- --enable-admission-plugins=NodeRestriction,PodNodeSelector
- --admission-control-config-file=/vagrant/admission-control.yaml
[...]
我没有为/vagrant/admission-control.yaml文件装入卷或装入点。它完全可以从节点主机访问,因为它由vagrant创建的VM共享:
vagrant@master-1:~$ cat /vagrant/admission-control.yaml
apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- name: PodNodeSelector
path: /vagrant/podnodeselector.yaml
vagrant@master-1:~$
Kubernetes版本:
vagrant@master-1:~$ kubectl version
Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.0", GitCommit:"cb303e613a121a29364f75cc67d3d580833a7479", GitTreeState:"clean", BuildDate:"2021-04-08T16:31:21Z", GoVersion:"go1.16.1", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.0", GitCommit:"cb303e613a121a29364f75cc67d3d580833a7479", GitTreeState:"clean", BuildDate:"2021-04-08T16:25:06Z", GoVersion:"go1.16.1", Compiler:"gc", Platform:"linux/amd64"}
链接到正在运行的集群正在使用的/etc/kubernetes/manifests/kube-apiserver.yaml文件
不幸的是,“kubectl描述pod kube-apiserver-master-1-n kube系统”只通知pod已重新创建。标志不按需要显示。未报告任何错误
任何建议都会有帮助
多谢各位
注:
sudo tee ${KUBEADM_INIT_CONFIG_FILE} <<EOF
apiVersion: kubeadm.k8s.io/v1beta2
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: "${INTERNAL_IP}"
bindPort: 6443
---
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: ${KUBERNETES_VERSION}
controlPlaneEndpoint: "${LOADBALANCER_ADDRESS}:6443"
networking:
podSubnet: "10.244.0.0/16"
apiServer:
extraArgs:
advertise-address: ${INTERNAL_IP}
enable-admission-plugins: NodeRestriction,PodNodeSelector
admission-control-config-file: ${ADMISSION_CONTROL_CONFIG_FILE}
extraVolumes:
- name: admission-file
hostPath: ${ADMISSION_CONTROL_CONFIG_FILE}
mountPath: ${ADMISSION_CONTROL_CONFIG_FILE}
readOnly: true
- name: podnodeselector-file
hostPath: ${PODNODESELECTOR_CONFIG_FILE}
mountPath: ${PODNODESELECTOR_CONFIG_FILE}
readOnly: true
EOF
sudo kubeadm init phase control-plane apiserver --config=${KUBEADM_INIT_CONFIG_FILE}
sudotee${KUBEADM_INIT_CONFIG_FILE}您需要创建一个hostPath
卷装载,如下所示
volumeMounts:
- mountPath: /vagrant
name: admission
readOnly: true
...
volumes:
- hostPath:
path: /vagrant
type: DirectoryOrCreate
name: admission
嗨,谢谢你的建议。/etc/kubernetes/manifests/kube-apiserver.yaml文件中的任何更改都不会生效。我删除了kube-apiserver pod,但是“kubectl get-n kube-system pod kube-apiserver-master-1-o yaml”命令没有显示任何更改。我找到了一个解决方法。我将更新描述。
volumeMounts:
- mountPath: /vagrant
name: admission
readOnly: true
...
volumes:
- hostPath:
path: /vagrant
type: DirectoryOrCreate
name: admission