Fatal编程技术网
  • kubernetes/
  • 在kubernetes v1.21.0的apiserver清单文件中包含额外的标志似乎没有任何效果

在kubernetes v1.21.0的apiserver清单文件中包含额外的标志似乎没有任何效果

kubernetes

在kubernetes v1.21.0的apiserver清单文件中包含额外的标志似乎没有任何效果,kubernetes,kube-apiserver,nodeselector,Kubernetes,Kube Apiserver,Nodeselector,我正在尝试将以下两个标志添加到/etc/kubernetes/manifests/kube-apiserver.yaml文件中的apiserver: spec: containers: - command: - kube-apiserver - --enable-admission-plugins=NodeRestriction,PodNodeSelector - --admission-control-config-file=/vagrant/admi

我正在尝试将以下两个标志添加到/etc/kubernetes/manifests/kube-apiserver.yaml文件中的apiserver:

spec:
   containers:
   - command:
     - kube-apiserver
     - --enable-admission-plugins=NodeRestriction,PodNodeSelector
     - --admission-control-config-file=/vagrant/admission-control.yaml

[...]
我没有为/vagrant/admission-control.yaml文件装入卷或装入点。它完全可以从节点主机访问,因为它由vagrant创建的VM共享:

vagrant@master-1:~$ cat /vagrant/admission-control.yaml 
apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- name: PodNodeSelector
  path: /vagrant/podnodeselector.yaml
vagrant@master-1:~$
Kubernetes版本:

vagrant@master-1:~$ kubectl version

Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.0", GitCommit:"cb303e613a121a29364f75cc67d3d580833a7479", GitTreeState:"clean", BuildDate:"2021-04-08T16:31:21Z", GoVersion:"go1.16.1", Compiler:"gc", Platform:"linux/amd64"}

Server Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.0", GitCommit:"cb303e613a121a29364f75cc67d3d580833a7479", GitTreeState:"clean", BuildDate:"2021-04-08T16:25:06Z", GoVersion:"go1.16.1", Compiler:"gc", Platform:"linux/amd64"}
链接到正在运行的集群正在使用的/etc/kubernetes/manifests/kube-apiserver.yaml文件

不幸的是,“kubectl描述pod kube-apiserver-master-1-n kube系统”只通知pod已重新创建。标志不按需要显示。未报告任何错误

任何建议都会有帮助

多谢各位

注:

  • 我还尝试在apiserver的configmap上制作补丁。 该修补程序已应用,但在新版本中不会生效 跑动吊舱
  • 我还试图通过kubeadm传递文件中的两个标志 init--config,但关于如何放置这些 配置文件中需要的apiserver的两个标志和所有其他标志,以便重新安装主节点
    • 更新:

    我希望这对每个面临同样问题的人都有用

    经过两天的互联网搜索和大量的测试,我只按照以下步骤进行了操作:

    sudo tee ${KUBEADM_INIT_CONFIG_FILE} <<EOF
apiVersion: kubeadm.k8s.io/v1beta2
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: "${INTERNAL_IP}"
  bindPort: 6443
---
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: ${KUBERNETES_VERSION}
controlPlaneEndpoint: "${LOADBALANCER_ADDRESS}:6443"
networking:
  podSubnet: "10.244.0.0/16"
apiServer:
  extraArgs:
    advertise-address: ${INTERNAL_IP}
    enable-admission-plugins: NodeRestriction,PodNodeSelector
    admission-control-config-file: ${ADMISSION_CONTROL_CONFIG_FILE}
  extraVolumes:
    - name: admission-file
      hostPath: ${ADMISSION_CONTROL_CONFIG_FILE}
      mountPath: ${ADMISSION_CONTROL_CONFIG_FILE}
      readOnly: true
    - name: podnodeselector-file
      hostPath: ${PODNODESELECTOR_CONFIG_FILE}
      mountPath: ${PODNODESELECTOR_CONFIG_FILE}
      readOnly: true
EOF


sudo kubeadm init phase control-plane apiserver --config=${KUBEADM_INIT_CONFIG_FILE}

    sudotee${KUBEADM_INIT_CONFIG_FILE}您需要创建一个
    hostPath
    卷装载,如下所示
    

    volumeMounts:
- mountPath: /vagrant
  name: admission
  readOnly: true
...
volumes:
- hostPath:
    path: /vagrant
    type: DirectoryOrCreate
  name: admission

    

    嗨,谢谢你的建议。/etc/kubernetes/manifests/kube-apiserver.yaml文件中的任何更改都不会生效。我删除了kube-apiserver pod,但是“kubectl get-n kube-system pod kube-apiserver-master-1-o yaml”命令没有显示任何更改。我找到了一个解决方法。我将更新描述。

    volumeMounts:
- mountPath: /vagrant
  name: admission
  readOnly: true
...
volumes:
- hostPath:
    path: /vagrant
    type: DirectoryOrCreate
  name: admission