RKE

rke部署问题

环境: centos7.3 Docker version 17.06.1-ce, build 874a737 用root部署: INFO Building Kubernetes cluster INFO Setup tunnel for host FATA Failed to set up SSH tunneling for Etcd host : Can't retrieve Docker Info: error during connect: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.24/info: Failed to dial to Docker socket: ssh: rejected: administratively prohibited (open failed) 据培训视频了解到,是centos 的root用户问题,故切换到普通用户。 $ ssh 10.39.10.222 Last login: Sat Jan 20 03:41:44 2018 from 10.39.10.221 $ $ ./rke_linux-amd64 up INFO Building Kubernetes cluster INFO Setup tunnel for host FATA Failed to set up SSH tunneling for Etcd host : Can't retrieve Docker Info: error during connect: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.24/info: Failed to dial sshusing address : ssh: handshake failed: ssh: unable to authenticate, attempted methods , no supported methods remain 没有解决思路了。必须要切换到Ubuntu吗?
已邀请:
```
: ssh: handshake failed: ssh: unable to authenticate, attempted methods , no supported methods remain
```

切换非root用户后,你的ssh key检查过可以使用么?

王伟军 - 分享技术,分享快乐

1、培训老师认为配置免密ssh登录是基本功,使用ssh-keygen创建秘钥对,使用ssh-copy-id分发秘钥,没有详细介绍
http://blog.csdn.net/wind520/article/details/38421359  

2、需要开启 docker 远程访问(支持TCP调用http://blog.csdn.net/wangtaoking1/article/details/44494847  文档有点老,而且需要对应你使用的Docker版本解决)

3、建议使用Ubuntu 16.04.3

4、RKE安装实验: https://anjia0532.github.io/2018/01/05/rke/   

5、示例文件cluster.yml:
---

auth:
strategy: x509
options:
foo: bar
# supported plugins are:
# flannel
# calico
# canal
# weave
#
# If you are using calico on AWS, use the network plugin config option:
# 'cloud_provider: aws'
network:
plugin: flannel
options:
flannel_image: quay.io/coreos/flannel:v0.9.1
flannel_cni_image: quay.io/coreos/flannel-cni:v0.2.0


nodes:
    []address: 192.168.0.2[/]
user: rootrole:
    []address: 192.168.0.3[/]
user: rootrole:
    []address: 192.168.0.4[/]
user: root
role:

services:
etcd:
image: quay.io/coreos/etcd:latest
kube-api:
image: rancher/k8s:v1.8.3-rancher2
service_cluster_ip_range: 10.233.0.0/18
extra_args:
v: 4
kube-controller:
image: rancher/k8s:v1.8.3-rancher2
cluster_cidr: 10.233.64.0/18
service_cluster_ip_range: 10.233.0.0/18
scheduler:
image: rancher/k8s:v1.8.3-rancher2
kubelet:
image: rancher/k8s:v1.8.3-rancher2
cluster_domain: cluster.local
cluster_dns_server: 10.233.0.3
infra_container_image: registry.cn-shenzhen.aliyuncs.com/rancher_cn/pause-amd64:3.0
kubeproxy:
image: rancher/k8s:v1.8.3-rancher2


system_images:
alpine: alpine:latest
nginx_proxy: rancher/rke-nginx-proxy:0.1.0
cert_downloader: rancher/rke-cert-deployer:0.1.0
kubedns_image: registry.cn-shenzhen.aliyuncs.com/rancher_cn/k8s-dns-kube-dns-amd64:1.14.5
dnsmasq_image: registry.cn-shenzhen.aliyuncs.com/rancher_cn/k8s-dns-dnsmasq-nanny-amd64:1.14.5
kubedns_sidecar_image: registry.cn-shenzhen.aliyuncs.com/rancher_cn/k8s-dns-sidecar-amd64:1.14.5
kubedns_autoscaler_image: googlecontainer/cluster-proportional-autoscaler-amd64:1.0.0

王伟军 - 分享技术,分享快乐

看一下这里RKE的需求:
https://github.com/rancher/rke#requirements

Requirements

Docker versions 1.12.6, 1.13.1, or 17.03 should be installed for Kubernetes 1.8.
OpenSSH 7.0+ must be installed on each node for stream local forwarding to work.
The SSH user used for node access must be a member of the docker group:

usermod -aG docker

Ports 6443, 2379, and 2380 should be opened between cluster nodes.

===========================
1、你的docker版本太高,降下来再试试?
2、usermod -aG docker test 这步做了吗?
这步我当时也出现这个问题了。当时弄个免密的ssh就好了

要回复问题请先登录注册