部署的k8s的flannel网络
k8s版本1.22,flannel3.4
下述普通的命名空间应该是可以删掉的
~~
1查看flannel的节点的日志,发现集群中没有授权
[root@k8s-master1 ~]# kubectl logs kube-flannel-ds-amd64-bs8fd -n kube-system
I0824 01:49:33.394036 1 main.go:514] Determining IP address of default interface
I0824 01:49:33.394348 1 main.go:527] Using interface with name enp0s8 and address 10.0.3.15
I0824 01:49:33.394366 1 main.go:544] Defaulting external address to interface address (10.0.3.15)
E0824 01:49:33.499192 1 main.go:241] Failed to create SubnetManager: error retrieving pod spec for ‘kube-system/kube-flannel-ds-amd64-bs8fd’: Unauthorized
2 删除flannel网络
[root@k8s-master1 ~]# kubectl get namespaces kube-system -o json > devtesting.json
[root@k8s-master1 ~]# cat devtesting.json
{
"apiVersion": "v1",
"kind": "Namespace",
"metadata": {
"creationTimestamp": "2021-08-18T08:30:46Z",
"labels": {
"kubernetes.io/metadata.name": "kube-system"
},
"name": "kube-system",
"resourceVersion": "34360",
"uid": "cb268973-77ca-4898-a5b8-90062ea203c0"
},
"spec": {},
"status": {
"phase": "Active"
}
}
3 开启一个端口
[root@k8s-master1 ~]# kubectl proxy --port=8080
再开启一个终端
[root@k8s-master1 ~]# curl http://127.0.0.1:8080/api/
{
"kind": "APIVersions",
"versions": [
"v1"
],
"serverAddressByClientCIDRs": [
{
"clientCIDR": "0.0.0.0/0",
"serverAddress": "192.168.56.200:6443"
}
]
}
[root@k8s-master1 ~]# curl -k -H "Content-Type: application/json" -X PUT --data-binary @devtesting.json http://127.0.0.1:8080/api/v1/namespaces/kube-system/finalize
{
"kind": "Namespace",
"apiVersion": "v1",
"metadata": {
"name": "kube-system",
"uid": "cb268973-77ca-4898-a5b8-90062ea203c0",
"resourceVersion": "34360",
"creationTimestamp": "2021-08-18T08:30:46Z",
"labels": {
"kubernetes.io/metadata.name": "kube-system"
},
"managedFields": [
{
"manager": "kube-apiserver",
"operation": "Update",
"apiVersion": "v1",
"time": "2021-08-18T08:30:46Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:metadata":{"f:labels":{".":{},"f:kubernetes.io/metadata.name":{}}}}
}
]
},
"spec": {
},
"status": {
"phase": "Active"
}
}
4 强制删除命名空间
[root@k8s-master1 ~]# kubectl delete namespaces kube-system
Error from server (Forbidden): namespaces "kube-system" is forbidden: this namespace may not be deleted
[root@k8s-master1 ~]# kubectl delete namespaces kube-system --force --grace-period=0
warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.
Error from server (Forbidden): namespaces "kube-system" is forbidden: this namespace may not be deleted
不知道为什么就是删不掉
主要原因
[root@k8s-master1 ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
kube-flannel-ds-kf7sd 0/1 CrashLoopBackOff 9 (51s ago) 8m49s
查看docker容器的报错
Failed to create SubnetManager: error retrieving pod spec for 'kube-system/kube-flannel-ds-kf7sd': Unauthorized
[root@k8s-master1 package]# kubectl logs kube-flannel-ds-qktl7 -n kube-system
I0824 12:11:47.598635 1 main.go:520] Determining IP address of default interface
I0824 12:11:47.599485 1 main.go:533] Using interface with name enp0s8 and address 10.0.3.15
I0824 12:11:47.599527 1 main.go:550] Defaulting external address to interface address (10.0.3.15)
W0824 12:11:47.599561 1 client_config.go:608] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
E0824 12:11:47.796194 1 main.go:251] Failed to create SubnetManager: error retrieving pod spec for 'kube-system/kube-flannel-ds-qktl7': Unauthorized