我的原始问题可以在这里找到,但可以扩展到更广泛的社区,
https://github.com/openshift/origin/issues/16447
我选择了一个4节点集群,如下所示,
[masters]
ci-master-01.example.com
openshift_public_hostname="ci-master-01.example.com" ansible_host="10.145.78.110"
[etcd]
ci-etcd-node-01.example.com
ansible_host="10.145.78.113"
[nodes]
ci-master-01.example.com
openshift_schedulable=False ansible_host="10.145.78.110"
ci-infra-node-01.example.com
openshift_schedulable=False openshift_node_labels="{'region': 'infra',
'zone': 'default'}" ansible_host="10.145.78.112"
ci-primary-node-01.example.com
openshift_node_labels="{'region': 'primary', 'zone': 'default'}"
ansible_host="10.145.78.111"
# Service Network CIDR
openshift_portal_net=172.30.0.0/16
# Pod Network CIDR
osm_cluster_network_cidr=10.128.0.0/14
我用这个库存来安装openshift origin v3.6。安装成功但我在运行应用程序之前尝试进行非常简单的网络测试。
oc version
oc v3.6.0+c4dd4cf
kubernetes v1.6.1+5115d708d7
features: Basic-Auth GSSAPI Kerberos SPNEGO
Server https://ci-master-01.example.com:443
openshift v3.6.0+c4dd4cf
kubernetes v1.6.1+5115d708d7
实际值:
在主人身上,
oc login
oc get endpoints
NAME ENDPOINTS
docker-registry 10.128.0.3:5000
kubernetes 10.145.78.110:443,10.145.78.110:8053,10.145.78.110:8053
registry-console 10.128.0.5:9090
router <none>
ping 10.128.0.3 --> Not reachable
ping 10.128.0.5 --> Not reachable
这两个PODS正在NODE主机上运行,我正在尝试从主设备接收它们。
此外,我无法使用其名称或IP地址访问服务端点
oc get svc
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
docker-registry 172.30.115.147 <none> 5000/TCP 6h
kubernetes 172.30.0.1 <none> 443/TCP,53/UDP,53/TCP 6h
registry-console 172.30.189.195 <none> 9000/TCP 6h
router 172.30.179.178 <none> 80/TCP,443/TCP,1936/TCP 6h
curl -v 172.30.115.147:5000
* About to connect() to 172.30.115.147 port 5000 (#0)
* Trying 172.30.115.147...
* No route to host
* Failed connect to 172.30.115.147:5000; No route to host
* Closing connection 0
curl: (7) Failed connect to 172.30.115.147:5000; No route to host
curl -v docker-registry:5000
curl: (6) Could not resolve host: docker-registry; Unknown error
预期:
应该能够到达这些地址。
其他信息:
我已经遵循了所有可用的故障排除技术,但没有在哪里。
答案 0 :(得分:0)
我碰巧遇到类似的问题,最后是AWS安全组的更改。允许必要的端口后,它就像魅力一样工作。