K8s二进制部署-flanneld报(Couldn‘t fetch network config)

2024-06-13 23:38

本文主要是介绍K8s二进制部署-flanneld报(Couldn‘t fetch network config),希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!

1、报错提示

将网络配置信息写入了ETCD中,启动flanneld测试时一直报错,具体报错如下:

[root@master1 ~]# tail -100f /var/log/messages
Dec 15 23:39:22 localhost flanneld: E1215 23:39:22.688405   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:23 localhost flanneld: timed out
Dec 15 23:39:23 localhost flanneld: E1215 23:39:23.701707   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:24 localhost flanneld: timed out
Dec 15 23:39:24 localhost flanneld: E1215 23:39:24.717330   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:25 localhost flanneld: timed out
Dec 15 23:39:25 localhost flanneld: E1215 23:39:25.725860   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:26 localhost flanneld: timed out
Dec 15 23:39:26 localhost flanneld: E1215 23:39:26.733186   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:27 localhost flanneld: timed out
Dec 15 23:39:27 localhost flanneld: E1215 23:39:27.744882   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:28 localhost flanneld: timed out
Dec 15 23:39:28 localhost flanneld: E1215 23:39:28.755176   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:29 localhost systemd: flanneld.service start operation timed out. Terminating.
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.528718   31176 main.go:370] shutdownHandler sent cancel signal...
Dec 15 23:39:29 localhost systemd: Failed to start Flanneld overlay address etcd agent.
Dec 15 23:39:29 localhost systemd: Unit flanneld.service entered failed state.
Dec 15 23:39:29 localhost systemd: flanneld.service failed.
Dec 15 23:39:29 localhost systemd: flanneld.service holdoff time over, scheduling restart.
Dec 15 23:39:29 localhost systemd: Stopped Flanneld overlay address etcd agent.
Dec 15 23:39:29 localhost systemd: Starting Flanneld overlay address etcd agent...
Dec 15 23:39:29 localhost flanneld: warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.975581   31202 main.go:514] Determining IP address of default interface
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.976573   31202 main.go:527] Using interface with name ens33 and address 192.168.31.101
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.976606   31202 main.go:544] Defaulting external address to interface address (192.168.31.101)
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.983495   31202 main.go:244] Created subnet manager: Etcd Local Manager with Previous Subnet: None
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.983525   31202 main.go:247] Installing signal handlers

2、配置过程

(1)配置Falnnel使用的子网信息并存储到etcd

[root@master1 ~]# /opt/etcd/bin/etcdctl --cacert=/opt/etcd/ssl/ca.pem --cert=/opt/etcd/ssl/server.pem --key=/opt/etcd/ssl/server-key.pem --endpoints="https://192.
168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" put /coreos.com/network/config  '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}'OK

(2)获取配置的子网信息

[root@master1 ~]# /opt/etcd/bin/etcdctl --cacert=/opt/etcd/ssl/ca.pem --cert=/opt/etcd/ssl/server.pem --key=/opt/etcd/ssl/server-key.pem --endpoints="https://192.
168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" get /coreos.com/network/config/coreos.com/network/config
{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}

(3)配置flanneld信息

[root@master1 ~]# vim /opt/kubernetes/cfg/flanneld
FLANNEL_OPTIONS="--etcd-endpoints=https://192.168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379 -etcd-cafile=/opt/etcd/ssl/ca.pem -etcd-certfile=/opt/etcd/ssl/server.pem -etcd-keyfile=/opt/etcd/ssl/server-key.pem"

(4)systemd管理Flannel:

[root@master1 ~]# vim /usr/lib/systemd/system/flanneld.service
[Unit]
Description=Flanneld overlay address etcd agent
After=network-online.target network.target
Before=docker.service[Service]
Type=notify
EnvironmentFile=/opt/kubernetes/cfg/flanneld
ExecStart=/opt/kubernetes/bin/flanneld --ip-masq $FLANNEL_OPTIONS
ExecStartPost=/opt/kubernetes/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/subnet.env
Restart=on-failure[Install]
WantedBy=multi-user.target

(5)启动flanneld服务

[root@master1 ~]# iptables -I INPUT -s 192.168.0.0/24 -j ACCEPT
[root@master1 ~]# iptables -I INPUT -s 172.17.0.0/24 -j ACCEPT
[root@master1 ~]# systemctl daemon-reload
[root@master1 ~]# systemctl start flanneld
[root@master1 ~]# systemctl enable flanneld

提示开篇所示的错误!!

3、问题原因

github上与此问题相关的一些issues,也即flanneld目前不能与etcdV3直接交互
https://github.com/coreos/flannel/issues/554
https://github.com/coreos/flannel/issues/755

4、解决办法

按如下方法调整后,flanneld服务正常启动。
(1) 开启etcd 支持V2api功能,在etcd启动参数中加入 --enable-v2参数,并重启etcd2

[root@master1 ~]# vim /usr/lib/systemd/system/etcd.service
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target[Service]
Type=notify
EnvironmentFile=/opt/etcd/cfg/etcd.conf
ExecStart=/opt/etcd/bin/etcd --cert-file=/opt/etcd/ssl/server.pem \
--key-file=/opt/etcd/ssl/server-key.pem \
--peer-cert-file=/opt/etcd/ssl/server.pem \
--peer-key-file=/opt/etcd/ssl/server-key.pem \
--trusted-ca-file=/opt/etcd/ssl/ca.pem \
--peer-trusted-ca-file=/opt/etcd/ssl/ca.pem \
--logger=zap \
--enable-v2
Restart=on-failure
LimitNOFILE=65536[Install]
WantedBy=multi-user.target
[root@master1 ~]# systemctl daemon-reload
[root@master1 ~]# systemctl restart etcd
[root@master1 ~]# ETCDCTL_API=2 /opt/etcd/bin/etcdctl --ca-file=/opt/etcd/ssl/ca.pem --cert-file=/opt/etcd/ssl/server.pem --key-file=/opt/etcd/ssl/server-key.pem 
--endpoints="https://192.168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" cluster-healthmember 969af216adf1108 is healthy: got healthy result from https://192.168.31.102:2379
member 4d384076f6bc6dde is healthy: got healthy result from https://192.168.31.101:2379
member ea776d7c1c3c494c is healthy: got healthy result from https://192.168.31.103:2379
cluster is healthy

(2)删除原来写入的子网信息

/opt/etcd/bin/etcdctl --cacert=/opt/etcd/ssl/ca.pem --cert=/opt/etcd/ssl/server.pem --key=/opt/etcd/ssl/server-key.pem --endpoints="https://192.
168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" del /coreos.com/network/config

(3)重新使用V2写入子网信息

[root@master1 ~]# ETCDCTL_API=2 /opt/etcd/bin/etcdctl --ca-file=/opt/etcd/ssl/ca.pem --cert-file=/opt/etcd/ssl/server.pem --key-file=/opt/etcd/ssl/server-key.pem 
--endpoints="https://192.168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" set /coreos.com/network/config '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}'{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}
[root@master1 ~]# ETCDCTL_API=2 /opt/etcd/bin/etcdctl --ca-file=/opt/etcd/ssl/ca.pem --cert-file=/opt/etcd/ssl/server.pem --key-file=/opt/etcd/ssl/server-key.pem 
--endpoints="https://192.168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" get /coreos.com/network/config{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}

(4)重启flanneld服务

[root@master1 ~]# iptables -I INPUT -s 192.168.0.0/24 -j ACCEPT
[root@master1 ~]# iptables -I INPUT -s 172.17.0.0/24 -j ACCEPT
[root@master1 ~]# systemctl daemon-reload
[root@master1 ~]# systemctl start flanneld
[root@master1 ~]# systemctl enable flanneld
[root@master1 ~]# systemctl status flanneld
● flanneld.service - Flanneld overlay address etcd agentLoaded: loaded (/usr/lib/systemd/system/flanneld.service; enabled; vendor preset: disabled)Active: active (running) since Tue 2020-12-15 23:40:07 CST; 4min 15s agoMain PID: 31202 (flanneld)CGroup: /system.slice/flanneld.service└─31202 /opt/kubernetes/bin/flanneld --ip-masq --etcd-endpoints=https://192.168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379 ...Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.171127   31202 iptables.go:155] Adding iptables rule: -s 172.17.0.0/16 -j ACCEPT
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.180271   31202 iptables.go:167] Deleting iptables rule: -s 172.17.0.0/16 ! -d 224.0.0.0/4 -j MASQUERADE
Dec 15 23:40:07 master1 systemd[1]: Started Flanneld overlay address etcd agent.
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.182977   31202 iptables.go:167] Deleting iptables rule: ! -s 172.17.0.0/16 -d 172.17.51.0/24 -j RETURN
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.189015   31202 iptables.go:155] Adding iptables rule: -d 172.17.0.0/16 -j ACCEPT
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.195921   31202 iptables.go:167] Deleting iptables rule: ! -s 172.17.0.0/16 -d 172.17.0.0/16 -j MASQUERADE
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.203488   31202 iptables.go:155] Adding iptables rule: -s 172.17.0.0/16 -d 172.17.0.0/16 -j RETURN
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.212158   31202 iptables.go:155] Adding iptables rule: -s 172.17.0.0/16 ! -d 224.0.0.0/4 -j MASQUERADE
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.219014   31202 iptables.go:155] Adding iptables rule: ! -s 172.17.0.0/16 -d 172.17.51.0/24 -j RETURN
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.228946   31202 iptables.go:155] Adding iptables rule: ! -s 172.17.0.0/16 -d 172.17.0.0/16 -j MASQUERADE

(5)查看各节点IP,并ping另一节点的docker0网络,以及确认docker0与flannel.1在同一网段

[root@master1 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 00:0c:29:14:36:9d brd ff:ff:ff:ff:ff:ffinet 192.168.31.101/24 brd 192.168.31.255 scope global noprefixroute ens33valid_lft forever preferred_lft foreverinet6 fe80::eddd:ed6f:516a:ac4/64 scope link noprefixroute valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:05:2c:ef:6c brd ff:ff:ff:ff:ff:ffinet 172.17.51.1/24 brd 172.17.51.255 scope global docker0valid_lft forever preferred_lft forever
4: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default link/ether 02:fb:8d:80:3f:b2 brd ff:ff:ff:ff:ff:ffinet 172.17.51.0/32 scope global flannel.1valid_lft forever preferred_lft foreverinet6 fe80::fb:8dff:fe80:3fb2/64 scope link valid_lft forever preferred_lft forever
[root@master1 ~]# ping 172.17.29.1
PING 172.17.29.1 (172.17.29.1) 56(84) bytes of data.
64 bytes from 172.17.29.1: icmp_seq=1 ttl=64 time=10.1 ms
64 bytes from 172.17.29.1: icmp_seq=2 ttl=64 time=0.635 ms

这篇关于K8s二进制部署-flanneld报(Couldn‘t fetch network config)的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!



http://www.chinasem.cn/article/1058753

相关文章

闲置电脑也能活出第二春?鲁大师AiNAS让你动动手指就能轻松部署

对于大多数人而言,在这个“数据爆炸”的时代或多或少都遇到过存储告急的情况,这使得“存储焦虑”不再是个别现象,而将会是随着软件的不断臃肿而越来越普遍的情况。从不少手机厂商都开始将存储上限提升至1TB可以见得,我们似乎正处在互联网信息飞速增长的阶段,对于存储的需求也将会不断扩大。对于苹果用户而言,这一问题愈发严峻,毕竟512GB和1TB版本的iPhone可不是人人都消费得起的,因此成熟的外置存储方案开

阿里开源语音识别SenseVoiceWindows环境部署

SenseVoice介绍 SenseVoice 专注于高精度多语言语音识别、情感辨识和音频事件检测多语言识别: 采用超过 40 万小时数据训练,支持超过 50 种语言,识别效果上优于 Whisper 模型。富文本识别:具备优秀的情感识别,能够在测试数据上达到和超过目前最佳情感识别模型的效果。支持声音事件检测能力,支持音乐、掌声、笑声、哭声、咳嗽、喷嚏等多种常见人机交互事件进行检测。高效推

poj 2349 Arctic Network uva 10369(prim or kruscal最小生成树)

题目很麻烦,因为不熟悉最小生成树的算法调试了好久。 感觉网上的题目解释都没说得很清楚,不适合新手。自己写一个。 题意:给你点的坐标,然后两点间可以有两种方式来通信:第一种是卫星通信,第二种是无线电通信。 卫星通信:任何两个有卫星频道的点间都可以直接建立连接,与点间的距离无关; 无线电通信:两个点之间的距离不能超过D,无线电收发器的功率越大,D越大,越昂贵。 计算无线电收发器D

90、k8s之secret+configMap

一、secret配置管理 配置管理: 加密配置:保存密码,token,其他敏感信息的k8s资源 应用配置:我们需要定制化的给应用进行配置,我们需要把定制好的配置文件同步到pod当中容器 1.1、加密配置: secret: [root@master01 ~]# kubectl get secrets ##查看加密配置[root@master01 ~]# kubectl get se

K8S(Kubernetes)开源的容器编排平台安装步骤详解

K8S(Kubernetes)是一个开源的容器编排平台,用于自动化部署、扩展和管理容器化应用程序。以下是K8S容器编排平台的安装步骤、使用方式及特点的概述: 安装步骤: 安装Docker:K8S需要基于Docker来运行容器化应用程序。首先要在所有节点上安装Docker引擎。 安装Kubernetes Master:在集群中选择一台主机作为Master节点,安装K8S的控制平面组件,如AP

在 Windows 上部署 gitblit

在 Windows 上部署 gitblit 在 Windows 上部署 gitblit 缘起gitblit 是什么安装JDK部署 gitblit 下载 gitblit 并解压配置登录注册为 windows 服务 修改 installService.cmd 文件运行 installService.cmd运行 gitblitw.exe查看 services.msc 缘起

【Kubernetes】K8s 的安全框架和用户认证

K8s 的安全框架和用户认证 1.Kubernetes 的安全框架1.1 认证:Authentication1.2 鉴权:Authorization1.3 准入控制:Admission Control 2.Kubernetes 的用户认证2.1 Kubernetes 的用户认证方式2.2 配置 Kubernetes 集群使用密码认证 Kubernetes 作为一个分布式的虚拟

Solr部署如何启动

Solr部署如何启动 Posted on 一月 10, 2013 in:  Solr入门 | 评论关闭 我刚接触solr,我要怎么启动,这是群里的朋友问得比较多的问题, solr最新版本下载地址: http://www.apache.org/dyn/closer.cgi/lucene/solr/ 1、准备环境 建立一个solr目录,把solr压缩包example目录下的内容复制

Spring Roo 实站( 一 )部署安装 第一个示例程序

转自:http://blog.csdn.net/jun55xiu/article/details/9380213 一:安装 注:可以参与官网spring-roo: static.springsource.org/spring-roo/reference/html/intro.html#intro-exploring-sampleROO_OPTS http://stati

828华为云征文|华为云Flexus X实例docker部署rancher并构建k8s集群

828华为云征文|华为云Flexus X实例docker部署rancher并构建k8s集群 华为云最近正在举办828 B2B企业节,Flexus X实例的促销力度非常大,特别适合那些对算力性能有高要求的小伙伴。如果你有自建MySQL、Redis、Nginx等服务的需求,一定不要错过这个机会。赶紧去看看吧! 什么是华为云Flexus X实例 华为云Flexus X实例云服务是新一代开箱即用、体