1

v1.9.3我在 Ubuntu 16.04 上设置了一个 3 节点 kubernetes ( ) 集群。

之前的设置我清除了 iptables 规则,并按照 k8s 文档的 flannel 使用以下命令初始化集群:

# kubeadm init --apiserver-advertise-address 192.168.56.20 --pod-network-cidr=10.244.0.0/16 --kubernetes-version 1.9.3
# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml

前面的命令似乎成功了:

# kubectl -n kube-system -n kube-system get pods
NAME                             READY     STATUS    RESTARTS   AGE
etcd-master                      1/1       Running   0          3m
kube-apiserver-master            1/1       Running   0          2m
kube-controller-manager-master   1/1       Running   0          2m
kube-dns-6f4fd4bdf-4c76v         3/3       Running   0          3m
kube-flannel-ds-wbx97            1/1       Running   0          1m
kube-proxy-x65lv                 1/1       Running   0          3m
kube-scheduler-master            1/1       Running   0          2m

但问题kube-dns似乎是分配了错误的服务端点地址,这可以通过以下命令看到:

# kubectl get ep kube-dns --namespace=kube-system            
NAME       ENDPOINTS                     AGE
kube-dns   172.17.0.2:53,172.17.0.2:53   3m
root@master:~# kubectl describe service kube-dns -n kube-system           
Name:              kube-dns
Namespace:         kube-system
Labels:            k8s-app=kube-dns
                   kubernetes.io/cluster-service=true
                   kubernetes.io/name=KubeDNS
Annotations:       <none>
Selector:          k8s-app=kube-dns
Type:              ClusterIP
IP:                10.96.0.10
Port:              dns  53/UDP
TargetPort:        53/UDP
Endpoints:         172.17.0.2:53
Port:              dns-tcp  53/TCP
TargetPort:        53/TCP
Endpoints:         172.17.0.2:53
Session Affinity:  None
Events:            <none>

172.17.0.2是 docker bridge ( docker0) 为kube-dns容器分配的IP 地址。在工作的 k8s 网络设置中,kube-dns应该有地址来自podSubnet( 10.244.0.0/16) 的端点。

当前设置的效果是在 IP 通信正常的情况下,所有 pod 都不会运行 DNS。

我试图删除kube-dnspod 以查看新kube-dns容器可以从中获取端点,podSubnet但它们不能。

从 3 个kube-dns容器的启动日志看,没有任何错误信息。

4

1 回答 1

1

I think I have found out the root cause for this. It is the previous kubeadm reset did not remove both cni and flannel.1 interfaces. So the next kubeadm init makes kube-dns believes the Kubernetes network plugin is already in place before I apply the flannel yaml.

After I check and remove any virtual NICs created by flannel plugin when tearing down kubernetes cluster, the next kubeadm init can succeed without this issue any more.

The same thing applies to Weave Net that requires to run weave reset to remove remained virtual weave NICs.

于 2018-06-12T15:20:23.477 回答