我正在尝试通过 openshift ansible playbooks 将节点添加到我的 openshift master。我尝试使用以下命令添加节点(它从 systemd 启动)
/usr/bin/docker run --name origin-node --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/origin-node -v /:/rootfs:ro -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v /var/lib/origin:/var/lib/origin:rslave -v /etc/origin/node:/etc/origin/node -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:rw -v /sys/fs/cgroup:/sys/fs/cgroup:rw -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log -v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS openshift/node
问题是节点无法从主节点获取配置。我尝试使用 CURL_CA_BUNDLE 导出添加证书,curl 可以工作,但 openshift 仍然不行。无论如何,我得到的错误是这样的:
I0130 19:19:44.029170 76719 start_node.go:250] Reading node configuration from /etc/origin/node/node-config.yaml
F0130 19:19:44.041799 76719 start_node.go:139] cannot fetch "default" cluster network: Get https://10.4.254.28:8443/oapi/v1/clusternetworks/default: x509: certificate signed by unknown authority
请记住,我也信任来自本地操作系统的证书,但仍然没有运气。