GithubHelp home page GithubHelp logo

Comments (10)

cookeem avatar cookeem commented on August 17, 2024

网络组件没有起来caliconode应该是2/2 RUNNING才是正常,建议你先测试一下单机情况下网络组件是否起来,这种情况很有可能你证书创建环节有问题

from kubeadm-ha.

salwell avatar salwell commented on August 17, 2024

我全部kubeadm reset后,重新安装单master,网络组件可以起来,部署dashboard没问题,然后再加入第2个master,也很顺利,加完后部署influxdb、grafana也都ok,如图
4
后来加入第3个节点后,在全部running情况下 修改kube-proxy的server 为keepalive的vip后出现问题
,部署pod失败,删掉原来的influxdb重现部署也会出现之前那种错误
6

from kubeadm-ha.

salwell avatar salwell commented on August 17, 2024

kube-proxy修改的VIP:
8

不知道是不是keepalived设置有问题,以前没用过,curl -k https://192.168.1.111:6443 貌似正常
7

from kubeadm-ha.

cookeem avatar cookeem commented on August 17, 2024

你的calico配置有问题,检查create-config.sh以下选项配置是否正确

calico reachable ip address

export K8SHA_CALICO_REACHABLE_IP=192.168.60.1

from kubeadm-ha.

salwell avatar salwell commented on August 17, 2024

我的3个master:192.168.1.58/131/89
VIP:192.168.1.111
export K8SHA_CALICO_REACHABLE_IP=192.168.1.1
export K8SHA_CIDR=172.168.0.0

以上配置有问题吗,calico reachable ip address没明白起什么作用

from kubeadm-ha.

salwell avatar salwell commented on August 17, 2024

kubectl logs kube-apiserver-node89
kubectl logs kube-proxy-XXXX
9
10

提示都是证书错误,但是docker-compose启动的nginx没有转发apiserver的日志信息
如果把kube-proxy configmap server改成 master1的hostIP ,集群又能够恢复正常

from kubeadm-ha.

cookeem avatar cookeem commented on August 17, 2024

对于多网卡情况下,
calico需要绑定一个特定的网卡接口,calico reachable ip address就是用于指定这个网卡接口,对应的ip地址就是这个网卡可达的ip地址。

from kubeadm-ha.

cookeem avatar cookeem commented on August 17, 2024

这个是证书设置错误喔,你的vip没有写在证书的SAN中啊。

参见create-config.sh这部分代码:

cat << EOF > config/$K8SHA_HOST1/kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1alpha2
kind: MasterConfiguration
kubernetesVersion: v1.11.1
apiServerCertSANs:
- ${K8SHA_HOST1}
- ${K8SHA_HOST2}
- ${K8SHA_HOST3}
- ${K8SHA_VHOST}
- ${K8SHA_IP1}
- ${K8SHA_IP2}
- ${K8SHA_IP3}
- ${K8SHA_VIP}

from kubeadm-ha.

salwell avatar salwell commented on August 17, 2024

@cookeem 是我create-config.sh中- ${K8SHA_VHOST}写错IP了,一直没看到这块,太大意了- -!

cat << EOF > config/$K8SHA_HOST1/kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1alpha2
kind: MasterConfiguration
kubernetesVersion: v1.11.1
apiServerCertSANs:

  • ${K8SHA_HOST1}
  • ${K8SHA_HOST2}
  • ${K8SHA_HOST3}
  • ${K8SHA_VHOST}
  • ${K8SHA_IP1}
  • ${K8SHA_IP2}
  • ${K8SHA_IP3}
  • ${K8SHA_VIP}

改对后全部集群ok!多谢

不过如果更换VIP,能不能在不重装k8s的情况下修改这个IP?

from kubeadm-ha.

cookeem avatar cookeem commented on August 17, 2024

那么执行证书更新那步就可以了,可以不重装的。
昨天github是不是有问题啊,提交完comment居然要第二天才看到

from kubeadm-ha.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.