kubernetes Error creating: No API token found for service account “default”
Mar062017
近期在研究kubernetes集群,搭建过程中也中有这样那样的错误,接下来会将我这边遇到的坑一一列出来,给各位先探探路。
执行测试创建docker:
|
1 2 3 4 5 |
kubectl run nginxexample --image=nginx kubectl get pods -l run=nginxexample NAME READY STATUS RESTARTS AGE nginxexample-2412748312-8grvr 0/1 ContainerCreating 0 1m |
日志中有很多报错:
|
1 2 3 4 5 6 7 8 9 10 11 12 |
Mar 6 11:54:01 sudops-vm04 kube-controller-manager: E0306 11:54:01.936464 3206 replica_set.go:505] unable to create pods: No API token found for service account "default", retry after the token is automatically created and added to the service account Mar 6 11:54:01 sudops-vm04 kube-controller-manager: I0306 11:54:01.936540 3206 event.go:217] Event(api.ObjectReference{Kind:"ReplicaSet", Namespace:"default", Name:"nginxexample-2412748312", UID:"26cc3dec-0220-11e7-8463-52540017b78a", APIVersion:"extensions", ResourceVersion:"4633", FieldPath:""}): type: 'Warning' reason: 'FailedCreate' Error creating: No API token found for service account "default", retry after the token is automatically created and added to the service account Mar 6 11:54:31 sudops-vm04 kube-controller-manager: E0306 11:54:31.937162 3206 replica_set.go:505] unable to create pods: No API token found for service account "default", retry after the token is automatically created and added to the service account Mar 6 11:54:31 sudops-vm04 kube-controller-manager: I0306 11:54:31.937634 3206 event.go:217] Event(api.ObjectReference{Kind:"ReplicaSet", Namespace:"default", Name:"nginxexample-2412748312", UID:"26cc3dec-0220-11e7-8463-52540017b78a", APIVersion:"extensions", ResourceVersion:"4633", FieldPath:""}): type: 'Warning' reason: 'FailedCreate' Error creating: No API token found for service account "default", retry after the token is automatically created and added to the service account Mar 6 11:55:01 sudops-vm04 systemd: Created slice user-995.slice. Mar 6 11:55:01 sudops-vm04 systemd: Starting user-995.slice. Mar 6 11:55:01 sudops-vm04 systemd: Started Session 1271 of user pcp. Mar 6 11:55:01 sudops-vm04 systemd: Starting Session 1271 of user pcp. Mar 6 11:55:01 sudops-vm04 systemd: Removed slice user-995.slice. Mar 6 11:55:01 sudops-vm04 systemd: Stopping user-995.slice. Mar 6 11:55:01 sudops-vm04 kube-controller-manager: E0306 11:55:01.936908 3206 replica_set.go:505] unable to create pods: No API token found for service account "default", retry after the token is automatically created and added to the service account Mar 6 11:55:01 sudops-vm04 kube-controller-manager: I0306 11:55:01.937365 3206 event.go:217] Event(api.ObjectReference{Kind:"ReplicaSet", Namespace:"default", Name:"nginxexample-2412748312", UID:"26cc3dec-0220-11e7-8463-52540017b78a", APIVersion:"extensions", ResourceVersion:"4633", FieldPath:""}): type: 'Warning' reason: 'FailedCreate' Error creating: No API token found for service account "default", retry after the token is automatically created and added to the service account |
下面是解决办法:
|
1 2 3 4 5 6 7 8 9 |
# cat /etc/kubernetes/apiserver 去掉SecurityContextDeny,ServiceAccount 编辑如下行: #KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota" 改成: KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota" 重启kube-apiserver服务 # systemctl restart kube-apiserver.service |
稍后可以再次看下,pod状态:
|
1 2 3 |
# kubectl get pods -l run=nginxexample NAME READY STATUS RESTARTS AGE nginxexample-2412748312-8grvr 1/1 Running 0 1h |
本文固定链接: https://www.sudops.com/kubernetes-no-api-token-found.html | 运维·速度
kubernetes Error creating: No API token found for service account “default”:等您坐沙发呢!
发表评论
欢迎关注 运维·速度 微信公众号
