发现calico有个节点没有正常运行
集群的某个节点没有Runing的报错内容
bash
kubectl describe po -n calico-system calico-node-bt6q2
Warning Unhealthy 61s (x2 over 62s) kubelet Readiness probe failed: calico/node is not ready: BIRD is not ready: Error querying BIRD: unable to connect to BIRDv4 socket: dial unix /var/run/calico/bird.ctl: connect: connection refused
Warning Unhealthy 36s kubelet Readiness probe failed: 2025-06-05 07:46:49.763 [INFO][406] node/health.go 202: Number of node(s) with BGP peering established = 1
calico/node is not ready: BIRD is not ready: BGP not established with xxx查看路由
bash
root@k8s-master:/home/k8s# kubectl exec -it -n calico-system calico-node-bt6q2 -- grep 'router id' /etc/calico/confd/config/bird.cfg
Defaulted container "calico-node" out of: calico-node, flexvol-driver (init), install-cni (init)
router id 10.4.0.1;正常情况是要返回本机ip的
bash
kubectl exec -it -n calico-system calico-node-bt6q2 -- grep 'router id' /etc/calico/confd/config/bird.cfg
Defaulted container "calico-node" out of: calico-node, flexvol-driver (init), install-cni (init)
router id 10.4.0.1;
root@k8s-master:/home/k8s# kubectl exec -it -n calico-system calico-node-2zvg9 -- grep 'router id' /etc/calico/confd/config/bird.cfg
Defaulted container "calico-node" out of: calico-node, flexvol-driver (init), install-cni (init)
router id 10.231.xxx;
root@k8s-master:/home/k8s# kubectl exec -it -n calico-system calico-node-rwlsx -- grep 'router id' /etc/calico/confd/config/bird.cfg
Defaulted container "calico-node" out of: calico-node, flexvol-driver (init), install-cni (init)
router id 10.231.xxx; 这是典型的 Calico 自动探测主机 IP 不一致导致的 router ID 异常。
Calico 默认使用first-found探测模式,会找"第一个符合条件"的非回环、非 docker 网卡的 IP。有时会因为以下因素导致
出现 router id = 10.4.0.1 的可能原因:
1、节点的第一个网卡是cni0、docker0或者nerdctl0这类虚拟网卡;
2、节点的主机 IP 没有被正确识别(例如没有绑定在主网卡上,或者主网卡排序靠后);
3、节点上的容器网络配置与其它节点略有不同(如顺序或网卡名);
4、没有通过IP_AUTODETECTION_METHOD 限定只选物理网卡,导致探测机制选错。
由于我是通过tigera-operator部署的,所以需要修改installation default
bash
cat custom-resources.yaml
# This section includes base Calico installation configuration.
# For more information, see: https://docs.tigera.io/calico/latest/reference/installation/api#operator.tigera.io/v1.Installation
apiVersion: operator.tigera.io/v1
kind: Installation
metadata:
name: default
spec:
# Configures Calico networking.
registry: 仓库地址
imagePath: 仓库路径
calicoNetwork:
nodeAddressAutodetectionV4:
interface: "bond0"
ipPools:
- name: default-ipv4-ippool
blockSize: 26
cidr: 10.244.0.0/16
encapsulation: VXLANCrossSubnet
natOutgoing: Enabled
nodeSelector: all()
---
# This section configures the Calico API server.
# For more information, see: https://docs.tigera.io/calico/latest/reference/installation/api#operator.tigera.io/v1.APIServer
apiVersion: operator.tigera.io/v1
kind: APIServer
metadata:
name: default
spec: {}重启
kubectl delete -f custom-resources.yaml
kubectl apply -f custom-resources.yaml
恢复正常
如果不是我的方法部署的相同的道理
那就修改calico.yaml,apply即可
bash- name: CLUSTER_TYPE value: "k8s,bgp" # Specify interface - name: IP_AUTODETECTION_METHOD value: "interface=网卡名"