Fatal编程技术网
  • kubernetes/
  • 无法登录kubernetes仪表板拨号tcp 172.17.0.6:8443:连接:连接被拒绝

无法登录kubernetes仪表板拨号tcp 172.17.0.6:8443:连接:连接被拒绝

kubernetes

无法登录kubernetes仪表板拨号tcp 172.17.0.6:8443:连接:连接被拒绝,kubernetes,Kubernetes,我成功地部署了Kubernetes v1.15.2仪表板。正在检查群集信息: $ kubectl cluster-info Kubernetes master is running at http://172.19.104.231:8080 kubernetes-dashboard is running at http://172.19.104.231:8080/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/

我成功地部署了Kubernetes v1.15.2仪表板。正在检查群集信息:

$ kubectl cluster-info
Kubernetes master is running at http://172.19.104.231:8080
kubernetes-dashboard is running at http://172.19.104.231:8080/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
当我访问仪表板时,结果是:

[root@ops001 ~]# curl -L http://172.19.104.231:8080/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy
Error: 'dial tcp 172.17.0.6:8443: connect: connection refused'
Trying to reach: 'https://172.17.0.6:8443/'

[root@ops001 ~]# curl -L http://127.0.0.1:8086/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy
Error: 'dial tcp 172.17.0.6:8443: connect: connection refused'
Trying to reach: 'https://172.17.0.6:8443/'
这是仪表板状态:

[root@ops001 ~]# kubectl get pods --namespace kube-system
NAME                                   READY   STATUS    RESTARTS   AGE
kubernetes-dashboard-74d7cc788-mk9c7   1/1     Running   0          92m
我应该如何访问仪表板?使用代理访问仪表板UI时:

$ kubectl proxy --address='localhost' --port=8086 --accept-hosts='^*$'
Starting to serve on 127.0.0.1:8086
结果是:

[root@ops001 ~]# curl -L http://172.19.104.231:8080/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy
Error: 'dial tcp 172.17.0.6:8443: connect: connection refused'
Trying to reach: 'https://172.17.0.6:8443/'

[root@ops001 ~]# curl -L http://127.0.0.1:8086/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy
Error: 'dial tcp 172.17.0.6:8443: connect: connection refused'
Trying to reach: 'https://172.17.0.6:8443/'
我应该怎么做才能解决这个问题?

我最终发现问题是kubernetes仪表板吊舱容器无法与代理nginx容器通信。因为代理容器部署在kubernetes flannel之前,不在同一网络中。尝试将代理nginx容器添加到flannel网络将解决此问题。请检查当前flannel网络:

[root@ops001 conf.d]# cat /run/flannel/subnet.env
FLANNEL_NETWORK=172.30.0.0/16
FLANNEL_SUBNET=172.30.224.1/21
FLANNEL_MTU=1450
FLANNEL_IPMASQ=true
生成docker的开始参数:

./mk-docker-opts.sh -d /run/docker_opts.env -c
检查参数:

[root@ops001 conf.d] cat /run/docker_opts.env
DOCKER_OPTS=" --bip=172.30.224.1/21 --ip-masq=false --mtu=1450"
将参数添加到docker服务:

# vim /lib/systemd/system/docker.service

EnvironmentFile=/run/docker_opts.env
ExecStart=/usr/bin/dockerd $DOCKER_OPTS -H fd://
重启docker,容器将加入法兰绒网络,可以相互通信:

systemctl daemon-reload
systemctl restart docker
希望这对你有帮助

我能问一下您使用哪种CNI吗?是印花布吗?我用的是法兰绒@jt97