Docker CrashLoopbackOff中的Kubernetes仪表板:初始化与Kubernetes apiserve的连接时出错
我在一个3节点集群(ubuntu 16.04,VirtualBox)上安装了kubernetes,使用kubadm:Docker CrashLoopbackOff中的Kubernetes仪表板:初始化与Kubernetes apiserve的连接时出错,docker,kubernetes,Docker,Kubernetes,我在一个3节点集群(ubuntu 16.04,VirtualBox)上安装了kubernetes,使用kubadm: kubeadm version: &version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.3", GitCommit:"2bba0127d85d5a46ab4b778548be28623b32d0b0", GitTreeState:"clean", BuildDate:"2018-05-21T09:05:
kubeadm version: &version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.3", GitCommit:"2bba0127d85d5a46ab4b778548be28623b32d0b0", GitTreeState:"clean", BuildDate:"2018-05-21T09:05:37Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
我使用标准yaml定义安装了kubernetes仪表板:
kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
但是我看到吊舱一直在崩溃:
kube-proxy-6bzmx 1/1 Running 2 1d
kube-proxy-9jp98 1/1 Running 2 1d
kube-proxy-bppbp 1/1 Running 0 1d
kube-scheduler-kubemaster 1/1 Running 2 1d
kubernetes-dashboard-7d5dcdb6d9-9snln 0/1 CrashLoopBackOff 1 1m
我修改了apiserver url行a,如下所示:
--apiserver-host=https://127.0.0.1:6443
我可以成功地从api服务器url卷曲响应:
root@kubemaster:~/dashboard# curl -k https://192.168.99.20:6443/version
{
"major": "1",
"minor": "10",
"gitVersion": "v1.10.3",
"gitCommit": "2bba0127d85d5a46ab4b778548be28623b32d0b0",
"gitTreeState": "clean",
"buildDate": "2018-05-21T09:05:37Z",
"goVersion": "go1.9.3",
"compiler": "gc",
"platform": "linux/amd64"
}
以及:
这甚至可以在主机上通过docker启动的容器内工作:
root@79e42d97e37d:/# curl -k https://192.168.99.20:6443/version
{
"major": "1",
"minor": "10",
"gitVersion": "v1.10.3",
"gitCommit": "2bba0127d85d5a46ab4b778548be28623b32d0b0",
"gitTreeState": "clean",
"buildDate": "2018-05-21T09:05:37Z",
"goVersion": "go1.9.3",
"compiler": "gc",
"platform": "linux/amd64"
以及从其中一个从属节点:
root@kubenode1:~# curl -k https://192.168.99.20:6443/version
{
"major": "1",
"minor": "10",
"gitVersion": "v1.10.3",
"gitCommit": "2bba0127d85d5a46ab4b778548be28623b32d0b0",
"gitTreeState": "clean",
"buildDate": "2018-05-21T09:05:37Z",
"goVersion": "go1.9.3",
"compiler": "gc",
"platform": "linux/amd64"
}
但是,重新部署仍然会导致pod以CrashloopBackup结束,并出现相同的错误:
停止节点以强制在主机上部署仪表板只会导致pod永远处于挂起状态:
Every 2.0s: kubectl get po -n kube-system Tue Jun 5 05:04:56 2018
NAME READY STATUS RESTARTS AGE
etcd-kubemaster 1/1 Running 8 1d
kube-apiserver-kubemaster 1/1 Running 9 1d
kube-controller-manager-kubemaster 1/1 Running 8 1d
kube-dns-86f4d74b45-kf8mr 3/3 Running 21 1d
kube-flannel-ds-5cl8l 1/1 Running 5 1d
kube-flannel-ds-8fgk6 1/1 Running 1 1d
kube-flannel-ds-hmzdb 1/1 Running 9 1d
kube-proxy-6bzmx 1/1 Running 8 1d
kube-proxy-9jp98 1/1 Running 3 1d
kube-proxy-bppbp 1/1 Running 1 1d
kube-scheduler-kubemaster 1/1 Running 9 1d
kubernetes-dashboard-7f86dc5d9c-sdtb5 0/1 Pending 0 4m
但是,我从kube代理日志中看到,kube代理也无法访问API(“拨号tcp 192.168.99.20:6443:getsockopt:connection-Deceed”):
到目前为止我已经尝试过的事情:
1) 在linux主机上禁用ipv6
2) 停止所有节点并确保仪表板仅部署在主机上
3) 将API url从http更改为https
这是一个已知的问题吗?或者,如何获得运行的仪表板:-)
提前感谢您的帮助 kubernetes仪表板必须在主节点上运行 事实证明,我必须绝对确保它现在可以部署到集群中其他两个节点中的任何一个节点上,在这种情况下,只需关闭每个节点上的kube服务
更好的解决方案是添加一个限制将仪表板部署到主节点的约束。我隐约记得有此错误,我相信通过删除仪表板机密或创建一个新的机密解决了此问题。您可以提供其他信息:
kubectl description pods my pod
在描述的最后,您将找到一些错误消息。相同的问题/解决方案。但是在官方文档中,我可以在哪里检查它是否必须在主节点上运行?
Every 2.0s: kubectl get po -n kube-system Tue Jun 5 05:04:56 2018
NAME READY STATUS RESTARTS AGE
etcd-kubemaster 1/1 Running 8 1d
kube-apiserver-kubemaster 1/1 Running 9 1d
kube-controller-manager-kubemaster 1/1 Running 8 1d
kube-dns-86f4d74b45-kf8mr 3/3 Running 21 1d
kube-flannel-ds-5cl8l 1/1 Running 5 1d
kube-flannel-ds-8fgk6 1/1 Running 1 1d
kube-flannel-ds-hmzdb 1/1 Running 9 1d
kube-proxy-6bzmx 1/1 Running 8 1d
kube-proxy-9jp98 1/1 Running 3 1d
kube-proxy-bppbp 1/1 Running 1 1d
kube-scheduler-kubemaster 1/1 Running 9 1d
kubernetes-dashboard-7f86dc5d9c-sdtb5 0/1 Pending 0 4m
E0609 20:49:25.816749 1 reflector.go:205] k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/factory.go:86: Failed to list *core.Service: Get https://192.168.99.20:6443/api/v1/services?limit=500&resourceVersion=0: dial tcp 192.168.99.20:6443: getsockopt: connection refused