在 Kubernetes 集群中获取节点时出错。连接被拒绝错误

Question

我在从 master 获取我的 kubernetes 集群的节点时收到连接被拒绝的错误。我已经尝试了互联网上所有可用的调试方法，但似乎没有一个有效。我的集群中有 1 个主节点和 2 个工作节点。

1. kubectl 获取节点

   master@master-vm:~$ kubectl get nodes
   The connection to the server X.X.X.X:6443 was refused - did you specify the right host or port?
   master@master-vm:~$
   

2. Kubelet 状态

   master@master-vm:~/.kube$ systemctl status kubelet
   Active: active (running) since Tue 2021-03-16 19:53:33 IST; 20s ago
   kubelet.go:2263] node "master-vm" not found
   

3. Docker 状态

   master@master-vm:~$ systemctl status docker
    ● docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2021-03-16 19:37:59 IST;
   

4. netstat 中的 6443 端口详细信息

   master@master-vm:~$ sudo netstat -pnlt | grep 6443
   [sudo] password for master:
   tcp6      76      0 :::6443                 :::*                    LISTEN      1107/kube-apiserver
   master@master-vm:~$
   

5. 交换已关闭

   master@master-vm:~$ sudo swapoff -a
   master@master-vm:~$ free -m
                 total        used        free      shared  buff/cache   available
   Mem:           3936        1159        1468          11        1307        2545
   Swap:             0           0           0
   master@master-vm:~$
   

6. Kubectl 版本

   master@master-vm:~$ kubectl version
   Client Version: version.Info{Major:"1", Minor:"17", 
   GitVersion:"v1.17.4",
   GitCommit:"8d8aa39598534325ad77120c120a22b3a990b5ea", 
   GitTreeState:"clean", 
   BuildDate:"2020-03-12T21:03:42Z", 
   GoVersion:"go1.13.8", 
   Compiler:"gc", 
   Platform:"linux/amd64"}
   
   The connection to the server X.X.X.X:6443 was refused - did you specify the right host or port?
   master@master-vm:~$
   

7. 防火墙状态

   master@master-vm:~$ sudo ufw status verbose #ubuntu
   Status: inactive
   master@master-vm:~$ sudo ufw disable #ubuntu
   Firewall stopped and disabled on system startup
   master@master-vm:~$
   

8. /etc/hosts

   127.0.0.1       localhost
   127.0.1.1       master-vm
   

9. Kubeadm 版本

    master@master-vm:~$ kubeadm version
    kubeadm version: &version.Info{Major:"1", Minor:"17", 
    GitVersion:"v1.17.4", 
    GitCommit:"8d8aa39598534325ad77120c120a22b3a990b5ea", 
    GitTreeState:"clean", 
    BuildDate:"2020-03-12T21:01:11Z", 
    GoVersion:"go1.13.8", 
    Compiler:"gc", 
    Platform:"linux/amd64"}
    master@master-vm:~$ 
   

10. Kubectl 配置视图

     master@master-vm:~/.kube$ kubectl config view
     apiVersion: v1
     clusters:
       cluster:
         certificate-authority-data: DATA+OMITTED
         server: https://X.X.X.X:6443
       name: kubernetes
     contexts:
       context:
         cluster: kubernetes
         user: kubernetes-admin
       name: kubernetes-admin@kubernetes
     current-context: kubernetes-admin@kubernetes
     kind: Config
     preferences: {}
     users:
       name: kubernetes-admin
       user:
         client-certificate-data: REDACTED
         client-key-data: REDACTED
     master@master-vm:~/
    

关于如何纠正上述错误的任何建议？

Answer 1

在我看来，api 服务器运行在 ipv6 上（注意 netstat 输出中的 tcp6）。

尝试使用

启动您的 k8s

kubeadm init --apiserver-advertise-address=<private-ipv4 of master host>

<块引用>

--apiserver-advertise-address - API 服务器将通告它正在侦听的 IP 地址。如果未设置，将使用默认网络接口。

如果这没有帮助，您可能需要查看 api-server 日志。使用 docker logs 获取日志或：

cat /var/log/pods/kube-system_kube-apiserver-master-vm_xxxxxxx/kube-apiserver/0.log

Answer 2

尝试在主节点上执行以下代码行。

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

接下来尝试在同一个主节点上执行 kubectl get nodes，它应该可以正常工作。