pve 下 lxc 容器安装 k3s 的问题

2023-07-20 10:42:58 +08:00
 wueryi

有个小主机安装了 pve 并且创建了一个 ubuntu 的 lxc 容器 在这个容器里安装 k3s 但是 pod 一直没有创建成功 kubectl describe 查看原因是

mount: /var/lib/kubelet/pods/6357e3c9-f6f5-499f-ab87-c51e7a6699cf/volumes/kubernetes.io~projected/kube-api-access-dc9xv: must be superuser to use mount.
       dmesg(1) may have more information after failed mount system call.

导致 但是我使用 root 账户执行也出现这个错误 strace 查看是

readlink("/var/lib/kubelet/pods/6357e3c9-f6f5-499f-ab87-c51e7a6699cf/volumes/kubernetes.io~projected/kube-api-access-dc9xv", 0x7ffea40078d0, 1023) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "/sbin/mount.tmpfs", 0x7ffea4006d30, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/sbin/fs.d/mount.tmpfs", 0x7ffea4006d30, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/sbin/fs/mount.tmpfs", 0x7ffea4006d30, 0) = -1 ENOENT (No such file or directory)
getuid()                                = 0
geteuid()                               = 100000
newfstatat(AT_FDCWD, "/run/mount/utab", 0x7ffea4007eb0, AT_SYMLINK_NOFOLLOW) = -1 ENOENT (No such file or directory)
mkdir("/run/mount", 0755)               = -1 EACCES (Permission denied)
mount("tmpfs", "/var/lib/kubelet/pods/6357e3c9-f6f5-499f-ab87-c51e7a6699cf/volumes/kubernetes.io~projected/kube-api-access-dc9xv", "tmpfs", 0, "size=2147483648") = -1 EPERM (Operation not permitted)
geteuid()                               = 100000
write(2, "mount: ", 7mount: )                  = 7
write(2, "/var/lib/kubelet/pods/6357e3c9-f"..., 128/var/lib/kubelet/pods/6357e3c9-f6f5-499f-ab87-c51e7a6699cf/volumes/kubernetes.io~projected/kube-api-access-dc9xv: must be superu) = 128
write(2, "ser to use mount.", 17ser to use mount.)       = 17
write(2, "\n", 1
)                       = 1
write(2, "       dmesg(1) may have more in"..., 74       dmesg(1) may have more information after failed mount system call.
) = 74
ioctl(2, TCGETS, {c_iflag=ICRNL|IXON|IXOFF|IUTF8, c_oflag=NL0|CR0|TAB0|BS0|VT0|FF0|OPOST|ONLCR, c_cflag=B38400|CS8|CREAD|HUPCL, c_lflag=ISIG|ICANON|ECHO|ECHOE|ECHOK|ECHOCTL|ECHOKE, ...}) = 0
newfstatat(AT_FDCWD, "/run/systemd/systemd-units-load", {st_mode=S_IFREG|0444, st_size=0, ...}, 0) = 0
newfstatat(AT_FDCWD, "/etc/fstab", {st_mode=S_IFREG|0644, st_size=37, ...}, 0) = 0
dup(1)                                  = 3
close(3)                                = 0
dup(2)                                  = 3
close(3)                                = 0
exit_group(32)                          = ?
+++ exited with 32 +++

有大佬能帮忙分析下原因吗

887 次点击
所在节点    问与答
3 条回复
nedved13
2023-07-20 19:14:14 +08:00
```
swap: 0
features: fuse=1,mount=nfs,nesting=1
lxc.apparmor.profile: unconfined
lxc.cgroup.devices.allow: a
lxc.cap.drop:
lxc.mount.auto: "proc:rw sys:rw"
```
lxc 配置文件
wueryi
2023-07-21 09:13:56 +08:00
@nedved13 #1 除了 swap 的配置 您给的配置我都设置了😬 一会儿我再试试关闭 swap 感觉应该还是一样的结果
Fooooo0
2023-09-27 13:33:31 +08:00
请参考这个: https://gist.github.com/triangletodd/02f595cd4c0dc9aac5f7763ca2264185
不过我 pve8 ,怎么弄都还是解决不了加载`br_netfilter`的问题:
```
Process: 158 ExecStartPre=/sbin/modprobe br_netfilter (code=exited, status=1/FAILURE)
Process: 160 ExecStartPre=/sbin/modprobe overlay (code=exited, status=1/FAILURE)
```

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/958221

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX