自有证书的rancher集群使用rke部署k8s集群异常

rancher使用自签域名,或者商业证书容易踩到的坑。

最开始的报错:

docker logs kubelet's id

复制代码
E0214 13:04:14.590268    9614 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"StartContainer\" for \"cluster-register\" with CrashLoopBackOff: \"back-off 1m20s restarting failed container=cluster-register pod=cattle-cluster-agent-54dccc4c96-spvm2_cattle-system(bb1553fe-b831-4b4e-92a7-ab8fc58dfbf5)\"" pod="cattle-system/cattle-cluster-agent-54dccc4c96-spvm2" podUID="bb1553fe-b831-4b4e-92a7-ab8fc58dfbf5"

一步步排查进入到rke部署的k8s集群里面

复制代码
xm-kvm-cbs-113-92:/var/lib/rancher # kubectl logs cattle-cluster-agent-54dccc4c96-f7w29 -c cluster-register -n cattle-system
INFO: Environment: CATTLE_ADDRESS=10.42.25.147 CATTLE_CA_CHECKSUM= CATTLE_CLUSTER=true CATTLE_CLUSTER_AGENT_PORT=tcp://10.43.224.20:80 CATTLE_CLUSTER_AGENT_PORT_443_TCP=tcp://10.43.224.20:443 CATTLE_CLUSTER_AGENT_PORT_443_TCP_ADDR=10.43.224.20 CATTLE_CLUSTER_AGENT_PORT_443_TCP_PORT=443 CATTLE_CLUSTER_AGENT_PORT_443_TCP_PROTO=tcp CATTLE_CLUSTER_AGENT_PORT_80_TCP=tcp://10.43.224.20:80 CATTLE_CLUSTER_AGENT_PORT_80_TCP_ADDR=10.43.224.20 CATTLE_CLUSTER_AGENT_PORT_80_TCP_PORT=80 CATTLE_CLUSTER_AGENT_PORT_80_TCP_PROTO=tcp CATTLE_CLUSTER_AGENT_SERVICE_HOST=10.43.224.20 CATTLE_CLUSTER_AGENT_SERVICE_PORT=80 CATTLE_CLUSTER_AGENT_SERVICE_PORT_HTTP=80 CATTLE_CLUSTER_AGENT_SERVICE_PORT_HTTPS_INTERNAL=443 CATTLE_CLUSTER_REGISTRY= CATTLE_FEATURES=embedded-cluster-api=false,fleet=false,monitoringv1=false,multi-cluster-management=false,multi-cluster-management-agent=true,provisioningv2=false,rke2=false CATTLE_INGRESS_IP_DOMAIN=sslip.io CATTLE_INSTALL_UUID=09a8a51b-837e-4bb2-90bd-6043f6fa0789 CATTLE_INTERNAL_ADDRESS= CATTLE_IS_RKE=true CATTLE_K8S_MANAGED=true CATTLE_NODE_NAME=cattle-cluster-agent-54dccc4c96-f7w29 CATTLE_RANCHER_WEBHOOK_VERSION=103.0.6+up0.4.7 CATTLE_SERVER=https://rancher.baitest.com CATTLE_SERVER_VERSION=v2.8.5
INFO: Using resolv.conf: nameserver 10.43.0.10 search cattle-system.svc.cluster.local svc.cluster.local cluster.local options ndots:5
ERROR: https://rancher.baitest.com/ping is not accessible (Could not resolve host: rancher.baitest.com)

自定义的域名需要使用kubectl导入映射关系

复制代码
xm-kvm-cbs-113-92:/var/lib/rancher # kubectl -n cattle-system patch deployments cattle-cluster-agent --patch '{"spec": {"template": {"spec": {"hostAliases": [{"hostnames":["rancher.baitest.com"],"ip": "192.168.130.200"}]}}}}'

排查了3天,终于在情人节的晚上,成功解决。

参考链接:

Rancher Cattle Cluster Agent Could not Resolve Host · Issue #16454 · rancher/rancher · GitHub

如果对你有帮助,一块也是爱

相关推荐
kuaile090612 分钟前
新手应该选择哪个DevOps工具
运维·devops
家有睿少27 分钟前
Jenkins 配置+ssh自动部署
运维·jenkins
geek_super28 分钟前
Linux命令学习--备份压缩--ar命令
linux·学习·ar
qq_3392822336 分钟前
es的备份和恢复
运维·jenkins
灵壹Eli1 小时前
Docker部署sprintboot后端项目
运维·docker·容器
小安运维日记10 小时前
CKS认证 | Day3 K8s容器运行环境安全加固
运维·网络·安全·云原生·kubernetes·云计算
我是唐青枫10 小时前
Linux ar 命令使用详解
linux·运维·服务器
mljy.10 小时前
Linux《进程概念(上)》
linux
余华余华10 小时前
计算机等级考试数据库三级(笔记3)
服务器·数据库·oracle
IEVEl10 小时前
Centos7 开放端口号
linux·网络·centos