V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
V2EX 提问指南
wueryi
V2EX  ›  问与答

pve 下 lxc 容器安装 k3s 的问题

  •  
  •   wueryi · 2023-07-20 10:42:58 +08:00 · 906 次点击
    这是一个创建于 490 天前的主题,其中的信息可能已经有所发展或是发生改变。

    有个小主机安装了 pve 并且创建了一个 ubuntu 的 lxc 容器 在这个容器里安装 k3s 但是 pod 一直没有创建成功 kubectl describe 查看原因是

    mount: /var/lib/kubelet/pods/6357e3c9-f6f5-499f-ab87-c51e7a6699cf/volumes/kubernetes.io~projected/kube-api-access-dc9xv: must be superuser to use mount.
           dmesg(1) may have more information after failed mount system call.
           
    

    导致 但是我使用 root 账户执行也出现这个错误 strace 查看是

    readlink("/var/lib/kubelet/pods/6357e3c9-f6f5-499f-ab87-c51e7a6699cf/volumes/kubernetes.io~projected/kube-api-access-dc9xv", 0x7ffea40078d0, 1023) = -1 EINVAL (Invalid argument)
    newfstatat(AT_FDCWD, "/sbin/mount.tmpfs", 0x7ffea4006d30, 0) = -1 ENOENT (No such file or directory)
    newfstatat(AT_FDCWD, "/sbin/fs.d/mount.tmpfs", 0x7ffea4006d30, 0) = -1 ENOENT (No such file or directory)
    newfstatat(AT_FDCWD, "/sbin/fs/mount.tmpfs", 0x7ffea4006d30, 0) = -1 ENOENT (No such file or directory)
    getuid()                                = 0
    geteuid()                               = 100000
    newfstatat(AT_FDCWD, "/run/mount/utab", 0x7ffea4007eb0, AT_SYMLINK_NOFOLLOW) = -1 ENOENT (No such file or directory)
    mkdir("/run/mount", 0755)               = -1 EACCES (Permission denied)
    mount("tmpfs", "/var/lib/kubelet/pods/6357e3c9-f6f5-499f-ab87-c51e7a6699cf/volumes/kubernetes.io~projected/kube-api-access-dc9xv", "tmpfs", 0, "size=2147483648") = -1 EPERM (Operation not permitted)
    geteuid()                               = 100000
    write(2, "mount: ", 7mount: )                  = 7
    write(2, "/var/lib/kubelet/pods/6357e3c9-f"..., 128/var/lib/kubelet/pods/6357e3c9-f6f5-499f-ab87-c51e7a6699cf/volumes/kubernetes.io~projected/kube-api-access-dc9xv: must be superu) = 128
    write(2, "ser to use mount.", 17ser to use mount.)       = 17
    write(2, "\n", 1
    )                       = 1
    write(2, "       dmesg(1) may have more in"..., 74       dmesg(1) may have more information after failed mount system call.
    ) = 74
    ioctl(2, TCGETS, {c_iflag=ICRNL|IXON|IXOFF|IUTF8, c_oflag=NL0|CR0|TAB0|BS0|VT0|FF0|OPOST|ONLCR, c_cflag=B38400|CS8|CREAD|HUPCL, c_lflag=ISIG|ICANON|ECHO|ECHOE|ECHOK|ECHOCTL|ECHOKE, ...}) = 0
    newfstatat(AT_FDCWD, "/run/systemd/systemd-units-load", {st_mode=S_IFREG|0444, st_size=0, ...}, 0) = 0
    newfstatat(AT_FDCWD, "/etc/fstab", {st_mode=S_IFREG|0644, st_size=37, ...}, 0) = 0
    dup(1)                                  = 3
    close(3)                                = 0
    dup(2)                                  = 3
    close(3)                                = 0
    exit_group(32)                          = ?
    +++ exited with 32 +++
    
    

    有大佬能帮忙分析下原因吗

    3 条回复    2023-09-27 13:33:31 +08:00
    nedved13
        1
    nedved13  
       2023-07-20 19:14:14 +08:00
    ```
    swap: 0
    features: fuse=1,mount=nfs,nesting=1
    lxc.apparmor.profile: unconfined
    lxc.cgroup.devices.allow: a
    lxc.cap.drop:
    lxc.mount.auto: "proc:rw sys:rw"
    ```
    lxc 配置文件
    wueryi
        2
    wueryi  
    OP
       2023-07-21 09:13:56 +08:00
    @nedved13 #1 除了 swap 的配置 您给的配置我都设置了😬 一会儿我再试试关闭 swap 感觉应该还是一样的结果
    Fooooo0
        3
    Fooooo0  
       2023-09-27 13:33:31 +08:00
    请参考这个: https://gist.github.com/triangletodd/02f595cd4c0dc9aac5f7763ca2264185
    不过我 pve8 ,怎么弄都还是解决不了加载`br_netfilter`的问题:
    ```
    Process: 158 ExecStartPre=/sbin/modprobe br_netfilter (code=exited, status=1/FAILURE)
    Process: 160 ExecStartPre=/sbin/modprobe overlay (code=exited, status=1/FAILURE)
    ```
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   3697 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 21ms · UTC 10:34 · PVG 18:34 · LAX 02:34 · JFK 05:34
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.