쿠버네티스 설치 yum 명령어에서 오류를 만났다.

08 Jan 2020

Reading time ~2 minutes

쿠버네티스 설치 중 오류를 만났다.

1. 도커설치

쿠버네티스를 설치 하기 전에 도커를 설치 해야 한다.

$ yum install -y yum-utils device-mapper-persistent-data lvm2
$ yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
$ yum install docker-ce
$ systemctl start docker && systemctl enable docker

2. 쿠버네티스 설치

$ cat <<EOF > /etc/yum.repos.d/kubernetes.repo
$ [kubernetes]
$ name=Kubernetes
$ baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
$ enabled=1
$ gpgcheck=1
$ repo_gpgcheck=1
$ gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
$ EOF
 
$ # Set SELinux in permissive mode (effectively disabling it)
$ setenforce 0
$ sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
 
$ yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

$ systemctl enable --now kubelet

설치 과정을 따라 하던중, 이 부분에서 다음과 같은 오류를 만나게 되었다.

$ yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: ftp.iij.ad.jp
 * extras: ftp.iij.ad.jp
 * updates: mirror.navercorp.com
base                                                     | 3.6 kB     00:00
docker-ce-stable                                         | 3.5 kB     00:00
extras                                                   | 2.9 kB     00:00
https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64/repodata/repomd.xml: [Errno 14] curl#60 - "Peer's certificate issuer has been marked as not trusted by the user."
Trying other mirror.
It was impossible to connect to the CentOS servers.
This could mean a connectivity issue in your environment, such as the requirement to configure a proxy,
or a transparent proxy that tampers with TLS security, or an incorrect system clock.
You can try to solve this issue by using the instructions on https://wiki.centos.org/yum-errors
If above article doesn't help to resolve this issue please use https://bugs.centos.org/.

... 계속

문제 발생 이유로는 방화벽일 수도 있고, 보안 프로그램일수도 있다고 한다.

가장 쉽게 해결하는 방법은

sslverify=0을 /etc/yum.repos.d/kubernetes.repo 파일에 추가 하면 다음과 같이 넘거 간다.

$ yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: ftp.iij.ad.jp
 * extras: ftp.iij.ad.jp
 * updates: mirror.navercorp.com
base                                                     | 3.6 kB     00:00
docker-ce-stable                                         | 3.5 kB     00:00
extras                                                   | 2.9 kB     00:00
kubernetes/signature                                     |  454 B     00:00
Retrieving key from https://packages.cloud.google.com/yum/doc/yum-key.gpg
Importing GPG key 0xA7317B0F:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg
Retrieving key from https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
kubernetes/signature                                     | 1.4 kB     00:00 !!!

끝!!!

참고 자료