我对 Kubernetes 还很陌生,甚至在花了几十个小时尝试设置一个可以运行的 Kubernetes 之后感觉并不像以前那样。
边缘参数:
- 1 个主服务器和 3 个节点
- 使用 kubeadm 设置
- kubernetes 版本 1.12.1,Calico 3.2
- 主机的主 IP 地址是 192.168.1.0/21x(相关,因为这与默认 pod 子网冲突,因此我设置了
--pod-network-cidr=10.10.0.0/16)
到目前为止,安装使用kubeadm init和加入都已完成。所有 Pod 都在运行,只有 coredns 不断崩溃,但这与此无关。
Calico 的安装
然后我开始使用 etcd 数据存储区进行安装和使用 kubernetes api 数据存储安装 50 个或更少的节点
kubectl apply -f https://docs.projectcalico.org/v3.2/getting-started/kubernetes/installation/rbac.yaml
curl https://docs.projectcalico.org/v3.2/getting-started/kubernetes/installation/hosted/calico.yaml -O
# modify calico.yaml # Here, I feel a lack of documentation: Which etcd is needed? The one of kubernetes or a new one? See below
kubectl apply -f calico.yaml
kubectl apply -f https://docs.projectcalico.org/v3.2/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml
curl https://docs.projectcalico.org/v3.2/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml -O
# modify calico.yaml (here, I have to change the range of CALICO_IPV4POOL_CIDR)
sed -i 's/192.168.0.0/10.10.0.0/' calico.yaml
kubectl apply -f calico.yaml
测试
现在,我使用以下定义进行测试:
apiVersion: v1
kind: Pod
metadata:
name: www1
labels:
service: testwww
spec:
containers:
- name: meinserver
image: erkules/nginxhostname
ports:
- containerPort: 80
---
apiVersion: v1
kind: Pod
metadata:
name: www2
labels:
service: testwww
spec:
containers:
- name: meinserver
image: erkules/nginxhostname
---
kind: Service
apiVersion: v1
metadata:
name: www-np
spec:
type: NodePort
selector:
service: testwww
ports:
- name: http1
protocol: TCP
nodePort: 30333
port: 8080
targetPort: 80
我如何测试:
curl http://192.168.1.211:30333 # master, no success
curl http://192.168.1.212:30333 # node, no success
curl http://192.168.1.213:30333 # node, only works 50%, with www1 (which is on this node)
curl http://192.168.1.214:30333 # node, only works 50%, with www2 (which is on this node)
仅当(随机选择的)pod 位于拥有指定 IP 地址的节点上时,上述命令才有效。我预计所有节点的成功率都是 100%。
使用 kubernetes 的 etcd 服务器 (pod/etcd-master1) 时,我看到了更多成功案例。在这种情况下,所有上述命令都有效。但在这种情况下,pod/calico-kube-controllers 没有启动,因为它在工作节点上运行,因此无法访问 etcd。
在里面入门指南,我找到了安装额外 etcd 的说明:
kubectl apply -f https://docs.projectcalico.org/v3.2/getting-started/kubernetes/installation/hosted/etcd.yaml
很奇怪:这一行只出现在“入门“,但不是在”安装“。但是默认的 calico.yaml 已经包含了此 etcd 服务器的正确 clusterIp(顺便问一下,这个 IP 怎么会是静态的?它是由哈希生成的吗?)。无论如何:有了这个,所有 Calico 节点都正常启动,没有错误,但我遇到了所描述的行为,即并非所有 NodePort 都在工作。而且我也关心以这种方式向所有人开放的 etcd,这不是我想要的。
因此,主要问题是:
- 哪个 etcd 服务器才是正确的?单独的还是 Kubernetes 的?
- 如果它应该是 Kubernetes 之一,为什么 pod/calico-kube-controllers 没有默认配置为在可以访问 etcd 的主服务器上运行?
- 如果我应该为 calico 提供自己的 etcd,为什么它没有在“安装”下记录,为什么我会遇到这些 NodePort 问题?
顺便说一句:我是建议将 iptables 默认规则从 DROP 更改为 ACCEPT 的答案。但这是一个丑陋的黑客行为,可能会绕过 Calico 的所有安全功能
请求的详细信息(带有额外 etcd 的变体)
$ kubectl get all --all-namespaces=true -o wide; kubectl get nodes -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
default pod/www1 1/1 Running 0 8s 192.168.104.9 node2 <none>
default pod/www2 1/1 Running 0 8s 192.168.166.136 node1 <none>
kube-system pod/calico-etcd-46g2q 1/1 Running 0 22m 192.168.1.211 master1 <none>
kube-system pod/calico-kube-controllers-f4dcbf48b-88795 1/1 Running 10 23h 192.168.1.212 node0 <none>
kube-system pod/calico-node-956lj 2/2 Running 6 21h 192.168.1.213 node1 <none>
kube-system pod/calico-node-mhtvg 2/2 Running 5 21h 192.168.1.211 master1 <none>
kube-system pod/calico-node-s9njn 2/2 Running 6 21h 192.168.1.214 node2 <none>
kube-system pod/calico-node-wjqlk 2/2 Running 6 21h 192.168.1.212 node0 <none>
kube-system pod/coredns-576cbf47c7-4tcx6 0/1 CrashLoopBackOff 15 24h 192.168.137.86 master1 <none>
kube-system pod/coredns-576cbf47c7-hjpgv 0/1 CrashLoopBackOff 15 24h 192.168.137.85 master1 <none>
kube-system pod/etcd-master1 1/1 Running 17 24h 192.168.1.211 master1 <none>
kube-system pod/kube-apiserver-master1 1/1 Running 2 24h 192.168.1.211 master1 <none>
kube-system pod/kube-controller-manager-master1 1/1 Running 3 24h 192.168.1.211 master1 <none>
kube-system pod/kube-proxy-22mb9 1/1 Running 2 23h 192.168.1.212 node0 <none>
kube-system pod/kube-proxy-96tn7 1/1 Running 2 23h 192.168.1.213 node1 <none>
kube-system pod/kube-proxy-vb4pq 1/1 Running 2 24h 192.168.1.211 master1 <none>
kube-system pod/kube-proxy-vq7qj 1/1 Running 2 23h 192.168.1.214 node2 <none>
kube-system pod/kube-scheduler-master1 1/1 Running 2 24h 192.168.1.211 master1 <none>
kube-system pod/kubernetes-dashboard-77fd78f978-h8czs 1/1 Running 2 23h 192.168.180.9 node0 <none>
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
default service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 24h <none>
default service/www-np NodePort 10.99.149.53 <none> 8080:30333/TCP 8s service=testwww
kube-system service/calico-etcd ClusterIP 10.96.232.136 <none> 6666/TCP 21h k8s-app=calico-etcd
kube-system service/calico-typha ClusterIP 10.105.199.162 <none> 5473/TCP 23h k8s-app=calico-typha
kube-system service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 24h k8s-app=kube-dns
kube-system service/kubernetes-dashboard ClusterIP 10.96.235.235 <none> 443/TCP 23h k8s-app=kubernetes-dashboard
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE CONTAINERS IMAGES SELECTOR
kube-system daemonset.apps/calico-etcd 1 1 1 1 1 node-role.kubernetes.io/master= 21h calico-etcd quay.io/coreos/etcd:v3.3.9 k8s-app=calico-etcd
kube-system daemonset.apps/calico-node 4 4 4 4 4 beta.kubernetes.io/os=linux 23h calico-node,install-cni quay.io/calico/node:v3.2.3,quay.io/calico/cni:v3.2.3 k8s-app=calico-node
kube-system daemonset.apps/kube-proxy 4 4 4 4 4 <none> 24h kube-proxy k8s.gcr.io/kube-proxy:v1.12.1 k8s-app=kube-proxy
NAMESPACE NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
kube-system deployment.apps/calico-kube-controllers 1 1 1 1 23h calico-kube-controllers quay.io/calico/kube-controllers:v3.2.3 k8s-app=calico-kube-controllers
kube-system deployment.apps/calico-typha 0 0 0 0 23h calico-typha quay.io/calico/typha:v3.2.3 k8s-app=calico-typha
kube-system deployment.apps/coredns 2 2 2 0 24h coredns k8s.gcr.io/coredns:1.2.2 k8s-app=kube-dns
kube-system deployment.apps/kubernetes-dashboard 1 1 1 1 23h kubernetes-dashboard k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.0 k8s-app=kubernetes-dashboard
NAMESPACE NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
kube-system replicaset.apps/calico-kube-controllers-f4dcbf48b 1 1 1 23h calico-kube-controllers quay.io/calico/kube-controllers:v3.2.3 k8s-app=calico-kube-controllers,pod-template-hash=f4dcbf48b
kube-system replicaset.apps/calico-typha-5f646c475c 0 0 0 23h calico-typha quay.io/calico/typha:v3.2.3 k8s-app=calico-typha,pod-template-hash=5f646c475c
kube-system replicaset.apps/coredns-576cbf47c7 2 2 0 24h coredns k8s.gcr.io/coredns:1.2.2 k8s-app=kube-dns,pod-template-hash=576cbf47c7
kube-system replicaset.apps/kubernetes-dashboard-77fd78f978 1 1 1 23h kubernetes-dashboard k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.0 k8s-app=kubernetes-dashboard,pod-template-hash=77fd78f978
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master1 Ready master 24h v1.12.0 192.168.1.211 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
node0 Ready <none> 23h v1.12.0 192.168.1.212 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
node1 Ready <none> 23h v1.12.0 192.168.1.213 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
node2 Ready <none> 23h v1.12.0 192.168.1.214 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
$ for i in $(seq 20); do timeout 1 curl -so/dev/null http://192.168.1.214:30333 && echo -n x || echo -n - ;done
x---x-x-x--x-xx-x---
请求的详细信息(与现有 etcd 的变体)
$ kubectl get all --all-namespaces=true -o wide; kubectl get nodes -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
default pod/www1 1/1 Running 0 9m27s 10.10.2.3 node1 <none>
default pod/www2 1/1 Running 0 9m27s 10.10.3.3 node2 <none>
kube-system pod/calico-kube-controllers-f4dcbf48b-qrqnc 0/1 CreateContainerConfigError 1 18m 192.168.1.212 node0 <none>
kube-system pod/calico-node-j8cwr 2/2 Running 2 17m 192.168.1.212 node0 <none>
kube-system pod/calico-node-qtq9m 2/2 Running 2 17m 192.168.1.214 node2 <none>
kube-system pod/calico-node-qvf6w 2/2 Running 2 17m 192.168.1.211 master1 <none>
kube-system pod/calico-node-rdt7k 2/2 Running 2 17m 192.168.1.213 node1 <none>
kube-system pod/coredns-576cbf47c7-6l9wz 1/1 Running 2 21m 10.10.0.11 master1 <none>
kube-system pod/coredns-576cbf47c7-86pxp 1/1 Running 2 21m 10.10.0.10 master1 <none>
kube-system pod/etcd-master1 1/1 Running 19 20m 192.168.1.211 master1 <none>
kube-system pod/kube-apiserver-master1 1/1 Running 2 20m 192.168.1.211 master1 <none>
kube-system pod/kube-controller-manager-master1 1/1 Running 1 20m 192.168.1.211 master1 <none>
kube-system pod/kube-proxy-28qct 1/1 Running 1 20m 192.168.1.212 node0 <none>
kube-system pod/kube-proxy-8ltpd 1/1 Running 1 21m 192.168.1.211 master1 <none>
kube-system pod/kube-proxy-g9wmn 1/1 Running 1 20m 192.168.1.213 node1 <none>
kube-system pod/kube-proxy-qlsxc 1/1 Running 1 20m 192.168.1.214 node2 <none>
kube-system pod/kube-scheduler-master1 1/1 Running 5 19m 192.168.1.211 master1 <none>
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
default service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 21m <none>
default service/www-np NodePort 10.106.27.58 <none> 8080:30333/TCP 9m27s service=testwww
kube-system service/calico-typha ClusterIP 10.99.14.62 <none> 5473/TCP 17m k8s-app=calico-typha
kube-system service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 21m k8s-app=kube-dns
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE CONTAINERS IMAGES SELECTOR
kube-system daemonset.apps/calico-node 4 4 4 4 4 beta.kubernetes.io/os=linux 18m calico-node,install-cni quay.io/calico/node:v3.2.3,quay.io/calico/cni:v3.2.3 k8s-app=calico-node
kube-system daemonset.apps/kube-proxy 4 4 4 4 4 <none> 21m kube-proxy k8s.gcr.io/kube-proxy:v1.12.1 k8s-app=kube-proxy
NAMESPACE NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
kube-system deployment.apps/calico-kube-controllers 1 1 1 0 18m calico-kube-controllers quay.io/calico/kube-controllers:v3.2.3 k8s-app=calico-kube-controllers
kube-system deployment.apps/calico-typha 0 0 0 0 17m calico-typha quay.io/calico/typha:v3.2.3 k8s-app=calico-typha
kube-system deployment.apps/coredns 2 2 2 2 21m coredns k8s.gcr.io/coredns:1.2.2 k8s-app=kube-dns
NAMESPACE NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
kube-system replicaset.apps/calico-kube-controllers-f4dcbf48b 1 1 0 18m calico-kube-controllers quay.io/calico/kube-controllers:v3.2.3 k8s-app=calico-kube-controllers,pod-template-hash=f4dcbf48b
kube-system replicaset.apps/calico-typha-5f646c475c 0 0 0 17m calico-typha quay.io/calico/typha:v3.2.3 k8s-app=calico-typha,pod-template-hash=5f646c475c
kube-system replicaset.apps/coredns-576cbf47c7 2 2 2 21m coredns k8s.gcr.io/coredns:1.2.2 k8s-app=kube-dns,pod-template-hash=576cbf47c7
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master1 Ready master 21m v1.12.0 192.168.1.211 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
node0 Ready <none> 20m v1.12.0 192.168.1.212 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
node1 Ready <none> 20m v1.12.0 192.168.1.213 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
node2 Ready <none> 20m v1.12.0 192.168.1.214 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
$ for i in $(seq 20); do timeout 1 curl -so/dev/null http://192.168.1.214:30333 && echo -n x || echo -n - ;done
xxxxxxxxxxxxxxxxxxxx
更新:法兰绒款式
我刚刚尝试使用 flannel:结果与 extra etcd 出奇地相同(pod 仅在同一个节点上响应)。这让我想到一个问题:我的操作系统有什么问题吗?Ubuntu 18.04 带有最新更新,使用 debootstrap 安装。没有防火墙...
我如何安装它:
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
结果:
$ kubectl get all --all-namespaces=true -o wide; kubectl get nodes -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
default pod/www1 1/1 Running 0 3m40s 10.10.2.2 node1 <none>
default pod/www2 1/1 Running 0 3m40s 10.10.3.2 node2 <none>
kube-system pod/coredns-576cbf47c7-64wxp 1/1 Running 3 21m 10.10.1.3 node0 <none>
kube-system pod/coredns-576cbf47c7-7zvqs 1/1 Running 3 21m 10.10.1.2 node0 <none>
kube-system pod/etcd-master1 1/1 Running 0 21m 192.168.1.211 master1 <none>
kube-system pod/kube-apiserver-master1 1/1 Running 0 20m 192.168.1.211 master1 <none>
kube-system pod/kube-controller-manager-master1 1/1 Running 0 21m 192.168.1.211 master1 <none>
kube-system pod/kube-flannel-ds-amd64-brnmq 1/1 Running 0 8m22s 192.168.1.214 node2 <none>
kube-system pod/kube-flannel-ds-amd64-c6v67 1/1 Running 0 8m22s 192.168.1.213 node1 <none>
kube-system pod/kube-flannel-ds-amd64-gchmv 1/1 Running 0 8m22s 192.168.1.211 master1 <none>
kube-system pod/kube-flannel-ds-amd64-l9mpl 1/1 Running 0 8m22s 192.168.1.212 node0 <none>
kube-system pod/kube-proxy-5pmtc 1/1 Running 0 21m 192.168.1.213 node1 <none>
kube-system pod/kube-proxy-7ctp5 1/1 Running 0 21m 192.168.1.212 node0 <none>
kube-system pod/kube-proxy-9zfhl 1/1 Running 0 21m 192.168.1.214 node2 <none>
kube-system pod/kube-proxy-hcs4g 1/1 Running 0 21m 192.168.1.211 master1 <none>
kube-system pod/kube-scheduler-master1 1/1 Running 0 20m 192.168.1.211 master1 <none>
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
default service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 22m <none>
default service/www-np NodePort 10.101.213.118 <none> 8080:30333/TCP 3m40s service=testwww
kube-system service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 22m k8s-app=kube-dns
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE CONTAINERS IMAGES SELECTOR
kube-system daemonset.apps/kube-flannel-ds-amd64 4 4 4 4 4 beta.kubernetes.io/arch=amd64 8m22s kube-flannel quay.io/coreos/flannel:v0.10.0-amd64 app=flannel,tier=node
kube-system daemonset.apps/kube-flannel-ds-arm 0 0 0 0 0 beta.kubernetes.io/arch=arm 8m22s kube-flannel quay.io/coreos/flannel:v0.10.0-arm app=flannel,tier=node
kube-system daemonset.apps/kube-flannel-ds-arm64 0 0 0 0 0 beta.kubernetes.io/arch=arm64 8m22s kube-flannel quay.io/coreos/flannel:v0.10.0-arm64 app=flannel,tier=node
kube-system daemonset.apps/kube-flannel-ds-ppc64le 0 0 0 0 0 beta.kubernetes.io/arch=ppc64le 8m21s kube-flannel quay.io/coreos/flannel:v0.10.0-ppc64le app=flannel,tier=node
kube-system daemonset.apps/kube-flannel-ds-s390x 0 0 0 0 0 beta.kubernetes.io/arch=s390x 8m21s kube-flannel quay.io/coreos/flannel:v0.10.0-s390x app=flannel,tier=node
kube-system daemonset.apps/kube-proxy 4 4 4 4 4 <none> 22m kube-proxy k8s.gcr.io/kube-proxy:v1.12.1 k8s-app=kube-proxy
NAMESPACE NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
kube-system deployment.apps/coredns 2 2 2 2 22m coredns k8s.gcr.io/coredns:1.2.2 k8s-app=kube-dns
NAMESPACE NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
kube-system replicaset.apps/coredns-576cbf47c7 2 2 2 21m coredns k8s.gcr.io/coredns:1.2.2 k8s-app=kube-dns,pod-template-hash=576cbf47c7
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master1 Ready master 22m v1.12.1 192.168.1.211 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
node0 Ready <none> 21m v1.12.1 192.168.1.212 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
node1 Ready <none> 21m v1.12.1 192.168.1.213 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
node2 Ready <none> 21m v1.12.1 192.168.1.214 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://17.12.1-ce
$ for i in $(seq 20); do timeout 1 curl -so/dev/null http://192.168.1.214:30333 && echo -n x || echo -n - ;done
-x--xxxxx-x-x---xxxx
答案1
到目前为止,我发现了3个问题:
docker 版本
在我的第一次尝试中,我使用了默认 Ubuntu 存储库(17.12.1-ce)中的 docker.io。在本教程中https://computingforgeeks.com/how-to-setup-3-node-kubernetes-cluster-on-ubuntu-18-04-with-weave-net-cni/,我发现他们推荐了一些不同的东西:
apt-get --purge remove docker docker-engine docker.io
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get update
apt-get install docker-ce
现在是版本 18.6.1,并且在 kubeadm 预检中不再引起警告。
清理
在将虚拟机重置为未配置状态时,我使用kubeadm reset并删除了一些目录。在阅读了一些错误报告后,我决定扩展要删除的目录列表。这是我现在所做的:
kubeadm reset
rm -rf /var/lib/cni/ /var/lib/calico/ /var/lib/kubelet/ /var/lib/etcd/ /etc/kubernetes/ /etc/cni/
reboot
Calico 设置
通过上述更改,我立即能够初始化一个完全正常工作的设置(所有 pod 处于“运行”状态,并且 curl 正常工作)。我执行了“带有额外 etcd 的变体”。
所有这些都有效,直到第一次重启,然后我又
calico-kube-controllers-f4dcbf48b-qrqnc CreateContainerConfigError
深入研究这个问题让我明白了。
$ kubectl -n kube-system describe pod/calico-kube-controllers-f4dcbf48b-dp6n9
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning Failed 4m32s (x10 over 9m) kubelet, node1 Error: Couldn't find key etcd_endpoints in ConfigMap kube-system/calico-config
然后,我意识到我连续做了两个安装说明,但实际上只需做一件事。
kubectl apply -f https://docs.projectcalico.org/v3.2/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml
curl https://docs.projectcalico.org/v3.2/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml -O
cp -p calico.yaml calico.yaml_orig
sed -i 's/192.168.0.0/10.10.0.0/' calico.yaml
kubectl apply -f calico.yaml
结果
$ kubectl get pod,svc,nodes --all-namespaces -owide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
default pod/www1 1/1 Running 2 71m 10.10.3.4 node1 <none>
default pod/www2 1/1 Running 2 71m 10.10.4.4 node2 <none>
kube-system pod/calico-node-45sjp 2/2 Running 4 74m 192.168.1.213 node1 <none>
kube-system pod/calico-node-bprml 2/2 Running 4 74m 192.168.1.211 master1 <none>
kube-system pod/calico-node-hqdsd 2/2 Running 4 74m 192.168.1.212 master2 <none>
kube-system pod/calico-node-p8fgq 2/2 Running 4 74m 192.168.1.214 node2 <none>
kube-system pod/coredns-576cbf47c7-f2l7l 1/1 Running 2 84m 10.10.2.7 master2 <none>
kube-system pod/coredns-576cbf47c7-frq5x 1/1 Running 2 84m 10.10.2.6 master2 <none>
kube-system pod/etcd-master1 1/1 Running 2 83m 192.168.1.211 master1 <none>
kube-system pod/kube-apiserver-master1 1/1 Running 2 83m 192.168.1.211 master1 <none>
kube-system pod/kube-controller-manager-master1 1/1 Running 2 83m 192.168.1.211 master1 <none>
kube-system pod/kube-proxy-9jmsk 1/1 Running 2 80m 192.168.1.213 node1 <none>
kube-system pod/kube-proxy-gtzvz 1/1 Running 2 80m 192.168.1.214 node2 <none>
kube-system pod/kube-proxy-str87 1/1 Running 2 84m 192.168.1.211 master1 <none>
kube-system pod/kube-proxy-tps6d 1/1 Running 2 80m 192.168.1.212 master2 <none>
kube-system pod/kube-scheduler-master1 1/1 Running 2 83m 192.168.1.211 master1 <none>
kube-system pod/kubernetes-dashboard-77fd78f978-9vdqz 1/1 Running 0 24m 10.10.3.5 node1 <none>
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
default service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 84m <none>
default service/www-np NodePort 10.107.205.119 <none> 8080:30333/TCP 71m service=testwww
kube-system service/calico-typha ClusterIP 10.99.187.161 <none> 5473/TCP 74m k8s-app=calico-typha
kube-system service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 84m k8s-app=kube-dns
kube-system service/kubernetes-dashboard ClusterIP 10.96.168.213 <none> 443/TCP 24m k8s-app=kubernetes-dashboard
NAMESPACE NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
node/master1 Ready master 84m v1.12.1 192.168.1.211 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://18.6.1
node/master2 Ready <none> 80m v1.12.1 192.168.1.212 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://18.6.1
node/node1 Ready <none> 80m v1.12.1 192.168.1.213 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://18.6.1
node/node2 Ready <none> 80m v1.12.1 192.168.1.214 <none> Ubuntu 18.04 LTS 4.15.0-20-generic docker://18.6.1
192.168.1.211 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
192.168.1.212 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
192.168.1.213 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
192.168.1.214 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
答案2
可能是你没有安装该kubernetes-cni软件包?如果没有网络提供商工作,则很有可能出现这种情况。据我所知,文档中也没有提到你需要这样做。
在服务日志中也应该可见kubelet。