我正在尝试创建一个 pod,但出现以下错误:(pod describe)
Warning FailedCreatePodSandBox 118s (x1607 over 6h) kubelet (combined from similar events):
Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox
"885133771bfde866b301d5ecc41ae578c24480cf7e9c7806e12c5f576d32a5b7": error getting ClusterInformation:
Get https://[10.152.183.1]:443/apis/crd.projectcalico.org/v1/clusterinformations/default: Forbidden
这是角色绑定问题吗?我可以通过代理获取信息:
curl --noproxy "*" http://localhost:8001/apis/crd.projectcalico.org/v1/clusterinformations/default
{"apiVersion":"crd.projectcalico.org/v1","kind":"ClusterInformation","metadata":{"annotations":{"projectcalico.org/metadata":"{\"uid\":\"68f0d789-38e2-4dec-9838-841711f476f3\",\"creationTimestamp\":\"2021-02-15T13:38:53Z\"}"},"creationTimestamp":"2021-02-15T13:38:53Z","generation":1,"managedFields":[{"apiVersion":"crd.projectcalico.org/v1","fieldsType":"FieldsV1","fieldsV1":{"f:metadata":{"f:annotations":{".":{},"f:projectcalico.org/metadata":{}}},"f:spec":{".":{},"f:calicoVersion":{},"f:clusterGUID":{},"f:clusterType":{},"f:datastoreReady":{}}},"manager":"Go-http-client","operation":"Update","time":"2021-02-15T13:38:53Z"}],"name":"default","resourceVersion":"2633357","selfLink":"/apis/crd.projectcalico.org/v1/clusterinformations/default","uid":"9cf8750c-0a66-4250-9b80-61022c47673c"},"spec":{"calicoVersion":"v3.13.2","clusterGUID":"9bcc29dc31264db899cbea927e6ddfcf","clusterType":"k8s,bgp,kubeadm,kdd","datastoreReady":true}}
答案1
问题在于系统中定义了一个自定义代理。一旦代理被禁用,kubernetes restapi 查询就会开始工作。
我为 kubernetes 子网设置了 NO_PROXY 环境变量。有关禁用代理的更多信息,请参见此处:https://superuser.com/a/1402962/191955