部署的k8s的flannel网络

k8s版本1.22，flannel3.4
下述普通的命名空间应该是可以删掉的

~~
1查看flannel的节点的日志，发现集群中没有授权
[root@k8s-master1 ~]# kubectl logs kube-flannel-ds-amd64-bs8fd -n kube-system
I0824 01:49:33.394036 1 main.go:514] Determining IP address of default interface
I0824 01:49:33.394348 1 main.go:527] Using interface with name enp0s8 and address 10.0.3.15
I0824 01:49:33.394366 1 main.go:544] Defaulting external address to interface address (10.0.3.15)
E0824 01:49:33.499192 1 main.go:241] Failed to create SubnetManager: error retrieving pod spec for ‘kube-system/kube-flannel-ds-amd64-bs8fd’: Unauthorized

2 删除flannel网络

[root@k8s-master1 ~]# kubectl get namespaces kube-system  -o json > devtesting.json
[root@k8s-master1 ~]# cat devtesting.json 
{
    "apiVersion": "v1",
    "kind": "Namespace",
    "metadata": {
        "creationTimestamp": "2021-08-18T08:30:46Z",
        "labels": {
            "kubernetes.io/metadata.name": "kube-system"
        },
        "name": "kube-system",
        "resourceVersion": "34360",
        "uid": "cb268973-77ca-4898-a5b8-90062ea203c0"
    },
    "spec": {},
    "status": {
        "phase": "Active"
    }
}

3 开启一个端口

[root@k8s-master1 ~]# kubectl proxy --port=8080
再开启一个终端
[root@k8s-master1 ~]# curl http://127.0.0.1:8080/api/
{
  "kind": "APIVersions",
  "versions": [
    "v1"
  ],
  "serverAddressByClientCIDRs": [
    {
      "clientCIDR": "0.0.0.0/0",
      "serverAddress": "192.168.56.200:6443"
    }
  ]
}
[root@k8s-master1 ~]# curl -k -H "Content-Type: application/json" -X PUT --data-binary @devtesting.json   http://127.0.0.1:8080/api/v1/namespaces/kube-system/finalize
{
  "kind": "Namespace",
  "apiVersion": "v1",
  "metadata": {
    "name": "kube-system",
    "uid": "cb268973-77ca-4898-a5b8-90062ea203c0",
    "resourceVersion": "34360",
    "creationTimestamp": "2021-08-18T08:30:46Z",
    "labels": {
      "kubernetes.io/metadata.name": "kube-system"
    },
    "managedFields": [
      {
        "manager": "kube-apiserver",
        "operation": "Update",
        "apiVersion": "v1",
        "time": "2021-08-18T08:30:46Z",
        "fieldsType": "FieldsV1",
        "fieldsV1": {"f:metadata":{"f:labels":{".":{},"f:kubernetes.io/metadata.name":{}}}}
      }
    ]
  },
  "spec": {
    
  },
  "status": {
    "phase": "Active"
  }
}

4 强制删除命名空间

[root@k8s-master1 ~]# kubectl delete namespaces kube-system
Error from server (Forbidden): namespaces "kube-system" is forbidden: this namespace may not be deleted
[root@k8s-master1 ~]# kubectl delete namespaces kube-system --force --grace-period=0
warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.
Error from server (Forbidden): namespaces "kube-system" is forbidden: this namespace may not be deleted

不知道为什么就是删不掉

主要原因

[root@k8s-master1 ~]# kubectl get pods -n kube-system
NAME                    READY   STATUS             RESTARTS      AGE
kube-flannel-ds-kf7sd   0/1     CrashLoopBackOff   9 (51s ago)   8m49s

查看docker容器的报错
Failed to create SubnetManager: error retrieving pod spec for 'kube-system/kube-flannel-ds-kf7sd': Unauthorized

[root@k8s-master1 package]# kubectl logs kube-flannel-ds-qktl7 -n kube-system
I0824 12:11:47.598635       1 main.go:520] Determining IP address of default interface
I0824 12:11:47.599485       1 main.go:533] Using interface with name enp0s8 and address 10.0.3.15
I0824 12:11:47.599527       1 main.go:550] Defaulting external address to interface address (10.0.3.15)
W0824 12:11:47.599561       1 client_config.go:608] Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
E0824 12:11:47.796194       1 main.go:251] Failed to create SubnetManager: error retrieving pod spec for 'kube-system/kube-flannel-ds-qktl7': Unauthorized