无法从Windows容器访问kubernetes API服务器
我已经运行了kubernetes 1.17.4,并加入了Windows节点。覆盖网络在访问Kubernetes内的所有服务时运行良好,唯一的问题是windows容器无法访问无法从Windows容器访问kubernetes API服务器,kubernetes,flannel,windows-container,windows-server-container,Kubernetes,Flannel,Windows Container,Windows Server Container,我已经运行了kubernetes 1.17.4,并加入了Windows节点。覆盖网络在访问Kubernetes内的所有服务时运行良好,唯一的问题是windows容器无法访问https://kubernetes,TCP级别的连接失败 gregory@master1:~$ k get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE
https://kubernetesgregory@master1:~$ k get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master1 Ready master 23d v1.17.4 10.0.0.4 <none> Ubuntu 18.04.4 LTS 5.0.0-1035-azure docker://19.3.6
winworker1 Ready <none> 39h v1.17.4 10.0.0.5 <none> Windows Server Datacenter 10.0.18363.720 docker://19.3.5
gregory@master1:~$ k get svc --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 23d
kube-logging elasticsearch-service ExternalName <none> utilityvm.kubernetes.my <none> 12h
kube-logging kibana NodePort 10.104.70.48 <none> 5601:8080/TCP 3d13h
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 23d
gregory@master1:~$k获取节点-o宽
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master1 Ready master 23d v1.17.4 10.0.0.4 Ubuntu 18.04.4 LTS 5.0.0-1035-azuredocker://19.3.6
winworker1 Ready 39h v1.17.4 10.0.0.5 Windows Server数据中心10.0.18363.720docker://19.3.5
gregory@master1:~$k get svc--所有名称空间
命名空间名称类型CLUSTER-IP EXTERNAL-IP端口年龄
默认kubernetes ClusterIP 10.96.0.1 443/TCP 23d
kube logging elasticsearch服务外部名称实用程序vm.kubernetes.my 12h
kube logging kibana节点端口10.104.70.48 5601:8080/TCP 3d13h
kube系统kube dns ClusterIP 10.96.0.10 53/UDP、53/TCP、9153/TCP 23d
gregory@master1:~$ k get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
win-webserver-fffd4486f-4thjw 1/1 Running 4 22h 10.244.1.95 winworker1 <none> <none>
win-webserver-fffd4486f-m58l6 1/1 Running 4 41h 10.244.1.97 winworker1 <none> <none>
gregory@master1:~$ k get pod kibana-7b8b6965d-gqq6q -n kube-logging -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kibana-7b8b6965d-gqq6q 1/1 Running 0 34m 10.244.0.61 master1 <none> <none>
gregory@master1:~$ k exec win-webserver-fffd4486f-4thjw -- powershell \(test-netconnection 10.244.0.61 -port 5601\) \| select TcpTestSucceeded
TcpTestSucceeded
----------------
True
gregory@master1:~$ k exec win-webserver-fffd4486f-4thjw -- powershell \(test-netconnection 10.96.0.1 -port 443\) \| select TcpTestSucceeded
WARNING: TCP connect to (10.96.0.1 : 443) failed
WARNING: Ping to 10.96.0.1 failed with status: TimedOut
TcpTestSucceeded
----------------
False
gregory@master1:~$ k exec win-webserver-fffd4486f-4thjw -- powershell \(test-netconnection 10.96.0.10 -port 53\) \| select TcpTestSucceeded
TcpTestSucceeded
----------------
True
gregory@master1:~$k获得吊舱-o宽
名称就绪状态重新启动老化IP节点指定节点就绪门
win-webserver-fffd4486f-4thjw 1/1运行4 22h 10.244.1.95 winworker1
win-webserver-fffd4486f-m58l6 1/1运行4 41h 10.244.1.97 winworker1
gregory@master1:~$k获取吊舱kibana-7b8b6965d-gqq6q-n kube记录-o宽
名称就绪状态重新启动老化IP节点指定节点就绪门
kibana-7b8b6965d-gqq6q 1/1运行0 34m 10.244.0.61 master1
gregory@master1:~$k exec win-webserver-fffd4486f-4thjw--powershell\(测试网络连接10.244.0.61-端口5601\)\;选择TcpTestSuccessed
成功
----------------
真的
gregory@master1:~$k exec win-webserver-fffd4486f-4thjw--powershell\(测试网络连接10.96.0.1-端口443\)\;选择TcpTestSuccessed
警告:TCP连接到(10.96.0.1:443)失败
警告:Ping到10.96.0.1失败,状态为:TimedOut
成功
----------------
假的
gregory@master1:~$k exec win-webserver-fffd4486f-4thjw--powershell\(测试网络连接10.96.0.10-端口53\)\;选择TcpTestSuccessed
成功
----------------
真的