pod启动失败,查看pod详情(kubectl describe pods podname)
Events:
FirstSeen LastSeen Count From SubobjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
56s 56s 1 {default-scheduler } Normal Scheduled Successfully assigned nfs-rc-fc2w8 to duni-node1
11s 11s 1 {kubelet duni-node1} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for gcr.io/google_containers/pause-amd64:3.0, this may be because there are no credentials on this request. details: (Get https://gcr.io/v1/_ping: dial tcp 74.125.203.82:443: i/o timeout)"
方法一:如果服务器可以访问外网,则可在docker daemon的启动参数中加上 --insecure-registry gcr.io
1、修改docker配置文件( vim /etc/sysconfig/docker )
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --registry-mirror=https://olzwzeg2.mirror.aliyuncs.com --insecure-registry gcr.io'
2、重启docker服务
$ systemctl restart docker
方法二、
如果kubernetes集群在内网环境中,无法访问gcr.io网站,则可先通过一台能访问gcr.io的机器下载pause镜像,导出后再导入内网的docker私有镜像仓库中,并在kubelet的启动参数中加上--pod_infra_container_image,然后重启kubelet
到docker hub 下载pause镜像
$ docker pull kubernetes/pause
假设你已搭建私有的镜像仓库地址为:192.168.10.12:5000,如何搭建自己的镜像私有仓库
修改pause镜像标签
$ docker tag docker.io/kubernetes/pause:latest 192.168.10.12:5000/google_containers/pause-amd64.3.0
上传镜像到私有仓库
$ docker push 192.168.10.12:5000/google_containers/pause-amd64.3.0
vim /etc/kubernetes/kubelet 配置为:
KUBELET_ARGS="--pod_infra_container_image=192.168.10.12:5000/google_containers/pause-amd64.3.0"
重启kubelet
$ systemctl restart kubelet