无法确保IP集:&{{KUBE-NODE-PORT-TCP ...}存在,错误:创建ipset KUBE-NODE-PORT-TCP时出错,错误:退出状态2

时间:2018-07-04 07:17:49

标签: kubernetes kube-proxy

kubernetes版本:v1.11.0

我在ipvs模式下运行kube-proxy,出现此错误:

7月 03 21:55:08 docker02 kube-proxy[13003]: E0703 21:55:08.316098   13003 ipset.go:156] Failed to make sure ip set: &{{KUBE-NODE-PORT-TCP bitmap:port inet 1024 65536 0-65535 Kubernetes nodeport TCP port for masquerade purpose} map[] 0xc4205e5e40} exist, error: error creating ipset KUBE-NODE-PORT-TCP, error: exit status 2
7月 03 21:55:13 docker02 kube-proxy[13003]: E0703 21:55:13.205413   13003 ipset.go:156] Failed to make sure ip set: &{{KUBE-NODE-PORT-UDP bitmap:port inet 1024 65536 0-65535 Kubernetes nodeport UDP port for masquerade purpose} map[] 0xc4205e5e40} exist, error: error creating ipset KUBE-NODE-PORT-UDP, error: exit status 2
7月 03 21:55:18 docker02 kube-proxy[13003]: E0703 21:55:18.233756   13003 ipset.go:156] Failed to make sure ip set: &{{KUBE-LOAD-BALANCER-LOCAL hash:ip,port inet 1024 65536 0-65535 Kubernetes service load balancer ip + port with externalTrafficPolicy=local} map[] 0xc4205e5e40} exist, error: error creating ipset KUBE-LOAD-BALANCER-LOCAL, error: exit status 2
7月 03 21:55:23 docker02 kube-proxy[13003]: E0703 21:55:23.256248   13003 ipset.go:156] Failed to make sure ip set: &{{KUBE-CLUSTER-IP hash:ip,port inet 1024 65536 0-65535 Kubernetes service cluster ip + port for masquerade purpose} map[] 0xc4205e5e40} exist, error: error creating ipset KUBE-CLUSTER-IP, error: exit status 2
7月 03 21:55:28 docker02 kube-proxy[13003]: E0703 21:55:28.271973   13003 ipset.go:156] Failed to make sure ip set: &{{KUBE-LOAD-BALANCER-SOURCE-CIDR hash:ip,port,net inet 1024 65536 0-65535 Kubernetes service load balancer ip + port + source cidr for packet filter purpose} map[] 0xc4205e5e40} exist, error: error creating ipset KUBE-LOAD-BALANCER-SOURCE-CIDR, error: exit status 2
7月 03 21:55:33 docker02 kube-proxy[13003]: E0703 21:55:33.285863   13003 ipset.go:156] Failed to make sure ip set: &{{KUBE-LOAD-BALANCER-SOURCE-CIDR hash:ip,port,net inet 1024 65536 0-65535 Kubernetes service load balancer ip + port + source cidr for packet filter purpose} map[] 0xc4205e5e40} exist, error: error creating ipset KUBE-LOAD-BALANCER-SOURCE-CIDR, error: exit status 2
7月 03 21:55:36 docker02 kube-proxy[13003]: I0703 21:55:36.485507   13003 proxier.go:701] Stale udp service kube-system/kube-dns:dns -> 10.254.0.2
7月 03 21:55:36 docker02 kube-proxy[13003]: E0703 21:55:36.535070   13003 ipset.go:156] Failed to make sure ip set: &{{KUBE-NODE-PORT-LOCAL-UDP bitmap:port inet 1024 65536 0-65535 Kubernetes nodeport UDP port with externalTrafficPolicy=local} map[] 0xc4205e5e40} exist, error: error creating ipset KUBE-NODE-PORT-LOCAL-UDP, error: exit status 2

根据源代码,我手动构造了命令,例如:

sudo ipset create KUBE-LOAD-BALANCE-LOCAL hash:ip,port family inet hashsize 1024 maxelem 65535 -exist

没关系,我可以获得ipset信息,例如:

[k8s@docker02 ds]$ sudo ipset list
Name: KUBE-LOAD-BALANCE-LOCAL
Type: hash:ip,port
Revision: 2
Header: family inet hashsize 1024 maxelem 65535
Size in memory: 16528
References: 0
Members:

我不知道这个问题。

1 个答案:

答案 0 :(得分:-1)

在ipvs模式下启动kube-proxy后,将自动创建适当的ipset条目。

当您尝试以ipvs模式运行kube-proxy时,系统中已经存在带有KUBE-LOAD-BALANCE-LOCAL名称的ipset。

尝试删除KUBE-LOAD-BALANCE-LOCAL ipset条目,然后在ipvs模式下运行kube-proxy。

要删除ipset条目,可以使用以下命令:

ipset destroy KUBE-LOAD-BALANCE-LOCAL

更新:

@DaveMcNeill是正确的。这是RedHat / CentOS系统中的一个已知错误。

已通过以下提交在Kubernetes中进行了修复:

fix ipset creation fails on centos. issue 65461

在这种情况下,您应该等待包含此提交的发布,或者使用其他操作系统(例如Debian)。

相关问题
最新问题