报错信息
time="2023-12-14T09:30:38Z" level=info msg="namespace [kube-system], Mode: [ARP], Features(s): Control Plane:[true], Services:[false]"
time="2023-12-14T09:30:38Z" level=info msg="prometheus HTTP server started"
time="2023-12-14T09:30:38Z" level=info msg="Starting Kube-vip Manager with the ARP engine"
time="2023-12-14T09:30:38Z" level=info msg="Beginning cluster membership, namespace [kube-system], lock name [plndr-cp-lock], id [lima-cp-1]"
I1214 09:30:38.362358 1 leaderelection.go:250] attempting to acquire leader lease kube-system/plndr-cp-lock...
E1214 09:30:38.907904 1 leaderelection.go:332] error retrieving resource lock kube-system/plndr-cp-lock: leases.coordination.k8s.io "plndr-cp-lock" is forbidden: User "kubernetes-admin" cannot get resource "leases" in API group "coordination.k8s.io" in the namespace "kube-system"
E1214 09:30:40.258727 1 leaderelection.go:332] error retrieving resource lock kube-system/plndr-cp-lock: leases.coordination.k8s.io "plndr-cp-lock" is forbidden: User "kubernetes-admin" cannot get resource "leases" in API group "coordination.k8s.io" in the namespace "kube-system"
问题原因
在 k8s v1.29
以后,社区给 /etc/kubernetes/
目录中添加了 super-admin.conf
配置
kubernetes_v1.29_changeLog
所以不能继续使用 /etc/kubernetes/admin.conf
配置作为 kube-vip
配置文件
修改方式
#!/bin/bash
VIP="10.10.10.10"
INTERFACE="ens3"
KVVERSION="v0.8.2"
nerdctl run --network=host --rm ghcr.io/kube-vip/kube-vip:$KVVERSION manifest pod \
--interface $INTERFACE \
--address $VIP \
--controlplane \
--services \
--arp \
--leaderElection | tee /root/kube-vip.yaml
sed -i "s#path: /etc/kubernetes/super-admin.conf#path: /etc/kubernetes/admin.conf#g" /root/kube-vip.yaml
cp /root/kube-vip.yaml /etc/kubernetes/manifests/kube-vip.yaml
参考 issuse
kube-vip requires super-admin.conf
没有回复内容