Kubernetes API服务器连接被拒绝

时间:2016-01-26 08:23:28

标签: kubernetes

我正在尝试使用https://coreos.com/kubernetes/docs/latest/getting-started.html处的说明设置Kubernetes群集。

我在第2步(部署主服务器)中,当我启动主服务时,主服务处于活动状态,但无法与API服务器通信。此外,还有6个容器已启动但日志为空。请在下面找到kubelet日志:

#include <unistd.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>


uid_t ruid=-1, euid=-1, suid=-1;



int main() {
FILE *fh = fopen("file.txt", "r");
char c;
while ((c = fgetc(fh)) != EOF) {
    printf("%c", c);
}
return 0;

此外,以下是发布的容器。

    Jan 26 07:54:18 kubernetes-1.novalocal systemd[1]: Started kubelet.service.
    Jan 26 07:54:20 kubernetes-1.novalocal kubelet[1115]: W0126 07:54:20.214551    1115 server.go:585] Could not load kubeconfig file /var/lib/kubelet/kubeconfig: stat /var/lib/kubelet/kubeconfig: no such file or directory. Trying auth path instead.
    Jan 26 07:54:20 kubernetes-1.novalocal kubelet[1115]: W0126 07:54:20.214631    1115 server.go:547] Could not load kubernetes auth path /var/lib/kubelet/kubernetes_auth: stat /var/lib/kubelet/kubernetes_auth: no such file or directory. Continuing with defaults.
    Jan 26 07:54:20 kubernetes-1.novalocal kubelet[1115]: I0126 07:54:20.217269    1115 plugins.go:71] No cloud provider specified.
    Jan 26 07:54:20 kubernetes-1.novalocal kubelet[1115]: I0126 07:54:20.219217    1115 manager.go:128] cAdvisor running in container: "/system.slice/kubelet.service"
    Jan 26 07:54:20 kubernetes-1.novalocal kubelet[1115]: I0126 07:54:20.672952    1115 fs.go:108] Filesystem partitions: map[/dev/vda9:{mountpoint:/ major:254 minor:9 fsType: blockSize:0} /dev/vda3:{mountpoint:/usr major:254 minor:3 fsType: blockSize:0} /dev/vda6:{mountpoi
    Jan 26 07:54:20 kubernetes-1.novalocal kubelet[1115]: I0126 07:54:20.856238    1115 manager.go:163] Machine: {NumCores:2 CpuFrequency:1999999 MemoryCapacity:4149022720 MachineID:5a493caa9327449cabd050ac6cd2e065 SystemUUID:5A493CAA-9327-449C-ABD0-50AC6CD2E065 BootID:541d
    Jan 26 07:54:20 kubernetes-1.novalocal kubelet[1115]: I0126 07:54:20.858067    1115 manager.go:169] Version: {KernelVersion:4.3.3-coreos-r2 ContainerOsVersion:CoreOS 899.5.0 DockerVersion:1.9.1 CadvisorVersion: CadvisorRevision:}
    Jan 26 07:54:20 kubernetes-1.novalocal kubelet[1115]: I0126 07:54:20.862564    1115 server.go:798] Adding manifest file: /etc/kubernetes/manifests
    Jan 26 07:54:20 kubernetes-1.novalocal kubelet[1115]: I0126 07:54:20.862655    1115 server.go:808] Watching apiserver
    Jan 26 07:54:21 kubernetes-1.novalocal kubelet[1115]: I0126 07:54:21.165506    1115 plugins.go:56] Registering credential provider: .dockercfg
    Jan 26 07:54:21 kubernetes-1.novalocal kubelet[1115]: E0126 07:54:21.171563    1115 kubelet.go:2284] Error updating node status, will retry: error getting node "192.168.111.32": Get http://127.0.0.1:8080/api/v1/nodes/192.168.111.32: dial tcp 127.0.0.1:8080: connection r
    Jan 26 07:54:21 kubernetes-1.novalocal kubelet[1115]: E0126 07:54:21.172329    1115 kubelet.go:2284] Error updating node status, will retry: error getting node "192.168.111.32": Get http://127.0.0.1:8080/api/v1/nodes/192.168.111.32: dial tcp 127.0.0.1:8080: connection r
    Jan 26 07:54:21 kubernetes-1.novalocal kubelet[1115]: E0126 07:54:21.173114    1115 kubelet.go:2284] Error updating node status, will retry: error getting node "192.168.111.32": Get http://127.0.0.1:8080/api/v1/nodes/192.168.111.32: dial tcp 127.0.0.1:8080: connection refused

1 个答案:

答案 0 :(得分:1)

这些试图与API的不安全版本进行对话,这不应该在机器之间起作用。这只适用于主人。此外,主设备未设置为接受工作(register_node = false),因此不应报告其状态。

我们丢失的关键信息,该日志来自哪台机器? 您是否正确设置了MASTER_HOST=参数?

  

主节点的地址。在大多数情况下,这将是节点的可公共路由的IP。工作节点必须能够通过端口443上的该地址到达主节点。

另请注意此section of the docs

  

请注意,在主节点上运行的kubelet可能会记录重复尝试将其状态发布到API服务器。这些警告是预期的行为,可以忽略。未来的Kubernetes计划更优雅地处理这种常见的部署问题。