LoginSignup
1
0

More than 3 years have passed since last update.

@Tsu_hao_Zhang(Tsu_hao Zhang)

Kubernetesの新規ノード追加時にError execution phase kubelet-start: configmaps "kubelet-config-1.14" is forbidden: User "system:bootstrap:g651e8" cannot get resource "configmaps" in API group "" in the namespace "kube-system" と怒られる

Last updated at Posted at 2019-06-12

お約束

実行内容

出力結果

[root@master ~]# cat /etc/redhat-release

CentOS Linux release 7.6.1810 (Core)
Kubeadm,Kubectl,Kubeletを使用。

事象

Master PC

ノード追加のトークンを再生成する

 [root@master ~]#  kubeadm token create --print-join-command

実行結果
kubeadm join 192.168.1.2:6443 --token ffx82v.saaefe32df23 --di
scovery-token-ca-cert-hash sha256:fddskdnj3n5kjhu9ln9de9
41fgjf83asbgdeffg8fgse332m1

出力されたコマンドを追加したいNodeで実行する

Node PC

ノード追加実行

[root@node ~]# kubeadm join 192.168.1.2:6443 --token ffx82v.saaefe32df23 --di
scovery-token-ca-cert-hash sha256:fddskdnj3n5kjhu9ln9de9
41fgjf83asbgdeffg8fgse332m1

すると
Error execution phase kubelet-start: configmaps "kubelet-config-1.14" is forbidden: User "system:bootstrap:g651e8" cannot get resource "configmaps" in API group "" in the namespace "kube-system"

原因と解決方法

原因

MasterとNodeのKubernetesのバージョンが一致していない(離れすぎ?)

Master

[root@master ~]# kubelet --version

Kubernetes v1.13.3

[root@master ~]# kubeadm version

kubeadm version: &version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.3",

[root@master ~]# kubectl version

Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.3",
Server Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.3",

(出力結果一部省略)

Node

[root@master ~]# kubelet --version

Kubernetes v1.14.1

[root@master ~]# kubeadm version

kubeadm version: &version.Info{Major:"1", Minor:"13", GitVersion:"v1.14.1",

[root@master ~]# kubectl version

Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.14.1",
Server Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.14.1",

解決方法

NodeのKubernetesを再インストール

ますはアンインストール(Replaceでもよい)

[root@node ~]# yum remove kubelet, kubeadm, kubectl

パッケージ名を検索

[root@node ~]# yum --showduplicates search kubectl

kubeadm-1.13.3-0.x86_64
(1.13.3のみ抜粋)

[root@node ~]# yum install -y kubeadm-1.13.3-0.x86_64

これをKubelet,kubectlにも行う

その後再びNodeで

[root@node ~]# kubeadm join 192.168.1.2:6443 --token ffx82v.saaefe32df23 --di
scovery-token-ca-cert-hash sha256:fddskdnj3n5kjhu9ln9de9
41fgjf83asbgdeffg8fgse332m1

[discovery] Successfully established connection with API
Server "192.168.1.2:6443"

確認のため、Masterにて

[root@master ~]# kubectl get nodes

NAME STATUS ROLES AGE VERSION
master Ready master 1m v1.13.3
node1 Ready <none> 1m v1.13.3
node2 Ready <none> 1m v1.13.3

参考

1
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
1
0