我正在使用以下 kubeadmin 配置和外部 etcd 设置来实现 HA kubernetes 设置https://kubernetes.io/docs/setup/independent/high-availability/#external-etcd-nodes在装有centos7的裸机服务器中。
etcd 版本 - v3.2.26
kind: ClusterConfiguration
kubernetesVersion: v1.13.1
apiServer:
certSANs:
- "k8-master01.loc.prov.domain.tld"
controlPlaneEndpoint: "k8-master01.loc.prov.domain.tld:8080"
etcd:
external:
endpoints:
- https://k8-master01.loc.prov.domain.tld:2379
- https://k8-master02.loc.prov.domain.tld:2379
- https://k8-master03.loc.prov.domain.tld:2379
caFile: /etc/kubernetes/pki/etcd/ca.crt
certFile: /etc/kubernetes/pki/apiserver-etcd-client.crt
keyFile: /etc/kubernetes/pki/apiserver-etcd-client.key
但是 init 在以下步骤中不断失败:
I0204 15:04:24.985393 142883 uploadconfig.go:133] [upload-config] Preserving the CRISocket information for the control-plane node
[patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" to the Node API object "k8-master01.loc.prov.domain.tld" as an annotation
I0204 15:04:25.485719 142883 round_trippers.go:419] curl -k -v -XGET -H "User-Agent: kubeadm/v1.13.1 (linux/amd64) kubernetes/eec55b9" -H "Accept: application/json, */*" 'https://k8-master01.loc.prov.domain.tld:8080/api/v1/nodes/k8-master01.loc.prov.domain.tld'
I0204 15:04:25.488810 142883 round_trippers.go:438] GET https://k8-master01.loc.prov.domain.tld:8080/api/v1/nodes/k8-master01.loc.prov.domain.tld 404 Not Found in 3 milliseconds
它不断重试并最终超时。
error execution phase upload-config/kubelet: Error writing Crisocket information for the control-plane node: timed out waiting for the condition
(上述日志中的主机名已被模糊化)
对于我们如何进行,有什么建议吗?
答案1
作为安舒·普拉提克评论中提到:
我们解决了这个问题。haproxy 的 SSL 终止被搞乱了,并且只在某些情况下导致失败。