K8s二进制部署-flanneld报(Couldn‘t fetch network config)

2024-06-13 23:38
文章标签 k8s flanneld couldn fetch network config 二进制 部署 云原生

本文主要是介绍K8s二进制部署-flanneld报(Couldn‘t fetch network config),希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!

1、报错提示

将网络配置信息写入了ETCD中,启动flanneld测试时一直报错,具体报错如下:

[root@master1 ~]# tail -100f /var/log/messages
Dec 15 23:39:22 localhost flanneld: E1215 23:39:22.688405   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:23 localhost flanneld: timed out
Dec 15 23:39:23 localhost flanneld: E1215 23:39:23.701707   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:24 localhost flanneld: timed out
Dec 15 23:39:24 localhost flanneld: E1215 23:39:24.717330   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:25 localhost flanneld: timed out
Dec 15 23:39:25 localhost flanneld: E1215 23:39:25.725860   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:26 localhost flanneld: timed out
Dec 15 23:39:26 localhost flanneld: E1215 23:39:26.733186   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:27 localhost flanneld: timed out
Dec 15 23:39:27 localhost flanneld: E1215 23:39:27.744882   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:28 localhost flanneld: timed out
Dec 15 23:39:28 localhost flanneld: E1215 23:39:28.755176   31176 main.go:382] Couldn't fetch network config: 100: Key not found (/coreos.com) [10]
Dec 15 23:39:29 localhost systemd: flanneld.service start operation timed out. Terminating.
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.528718   31176 main.go:370] shutdownHandler sent cancel signal...
Dec 15 23:39:29 localhost systemd: Failed to start Flanneld overlay address etcd agent.
Dec 15 23:39:29 localhost systemd: Unit flanneld.service entered failed state.
Dec 15 23:39:29 localhost systemd: flanneld.service failed.
Dec 15 23:39:29 localhost systemd: flanneld.service holdoff time over, scheduling restart.
Dec 15 23:39:29 localhost systemd: Stopped Flanneld overlay address etcd agent.
Dec 15 23:39:29 localhost systemd: Starting Flanneld overlay address etcd agent...
Dec 15 23:39:29 localhost flanneld: warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.975581   31202 main.go:514] Determining IP address of default interface
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.976573   31202 main.go:527] Using interface with name ens33 and address 192.168.31.101
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.976606   31202 main.go:544] Defaulting external address to interface address (192.168.31.101)
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.983495   31202 main.go:244] Created subnet manager: Etcd Local Manager with Previous Subnet: None
Dec 15 23:39:29 localhost flanneld: I1215 23:39:29.983525   31202 main.go:247] Installing signal handlers

2、配置过程

(1)配置Falnnel使用的子网信息并存储到etcd

[root@master1 ~]# /opt/etcd/bin/etcdctl --cacert=/opt/etcd/ssl/ca.pem --cert=/opt/etcd/ssl/server.pem --key=/opt/etcd/ssl/server-key.pem --endpoints="https://192.
168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" put /coreos.com/network/config  '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}'OK

(2)获取配置的子网信息

[root@master1 ~]# /opt/etcd/bin/etcdctl --cacert=/opt/etcd/ssl/ca.pem --cert=/opt/etcd/ssl/server.pem --key=/opt/etcd/ssl/server-key.pem --endpoints="https://192.
168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" get /coreos.com/network/config/coreos.com/network/config
{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}

(3)配置flanneld信息

[root@master1 ~]# vim /opt/kubernetes/cfg/flanneld
FLANNEL_OPTIONS="--etcd-endpoints=https://192.168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379 -etcd-cafile=/opt/etcd/ssl/ca.pem -etcd-certfile=/opt/etcd/ssl/server.pem -etcd-keyfile=/opt/etcd/ssl/server-key.pem"

(4)systemd管理Flannel:

[root@master1 ~]# vim /usr/lib/systemd/system/flanneld.service
[Unit]
Description=Flanneld overlay address etcd agent
After=network-online.target network.target
Before=docker.service[Service]
Type=notify
EnvironmentFile=/opt/kubernetes/cfg/flanneld
ExecStart=/opt/kubernetes/bin/flanneld --ip-masq $FLANNEL_OPTIONS
ExecStartPost=/opt/kubernetes/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/subnet.env
Restart=on-failure[Install]
WantedBy=multi-user.target

(5)启动flanneld服务

[root@master1 ~]# iptables -I INPUT -s 192.168.0.0/24 -j ACCEPT
[root@master1 ~]# iptables -I INPUT -s 172.17.0.0/24 -j ACCEPT
[root@master1 ~]# systemctl daemon-reload
[root@master1 ~]# systemctl start flanneld
[root@master1 ~]# systemctl enable flanneld

提示开篇所示的错误!!

3、问题原因

github上与此问题相关的一些issues,也即flanneld目前不能与etcdV3直接交互
https://github.com/coreos/flannel/issues/554
https://github.com/coreos/flannel/issues/755

4、解决办法

按如下方法调整后,flanneld服务正常启动。
(1) 开启etcd 支持V2api功能,在etcd启动参数中加入 --enable-v2参数,并重启etcd2

[root@master1 ~]# vim /usr/lib/systemd/system/etcd.service
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target[Service]
Type=notify
EnvironmentFile=/opt/etcd/cfg/etcd.conf
ExecStart=/opt/etcd/bin/etcd --cert-file=/opt/etcd/ssl/server.pem \
--key-file=/opt/etcd/ssl/server-key.pem \
--peer-cert-file=/opt/etcd/ssl/server.pem \
--peer-key-file=/opt/etcd/ssl/server-key.pem \
--trusted-ca-file=/opt/etcd/ssl/ca.pem \
--peer-trusted-ca-file=/opt/etcd/ssl/ca.pem \
--logger=zap \
--enable-v2
Restart=on-failure
LimitNOFILE=65536[Install]
WantedBy=multi-user.target
[root@master1 ~]# systemctl daemon-reload
[root@master1 ~]# systemctl restart etcd
[root@master1 ~]# ETCDCTL_API=2 /opt/etcd/bin/etcdctl --ca-file=/opt/etcd/ssl/ca.pem --cert-file=/opt/etcd/ssl/server.pem --key-file=/opt/etcd/ssl/server-key.pem 
--endpoints="https://192.168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" cluster-healthmember 969af216adf1108 is healthy: got healthy result from https://192.168.31.102:2379
member 4d384076f6bc6dde is healthy: got healthy result from https://192.168.31.101:2379
member ea776d7c1c3c494c is healthy: got healthy result from https://192.168.31.103:2379
cluster is healthy

(2)删除原来写入的子网信息

/opt/etcd/bin/etcdctl --cacert=/opt/etcd/ssl/ca.pem --cert=/opt/etcd/ssl/server.pem --key=/opt/etcd/ssl/server-key.pem --endpoints="https://192.
168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" del /coreos.com/network/config

(3)重新使用V2写入子网信息

[root@master1 ~]# ETCDCTL_API=2 /opt/etcd/bin/etcdctl --ca-file=/opt/etcd/ssl/ca.pem --cert-file=/opt/etcd/ssl/server.pem --key-file=/opt/etcd/ssl/server-key.pem 
--endpoints="https://192.168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" set /coreos.com/network/config '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}'{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}
[root@master1 ~]# ETCDCTL_API=2 /opt/etcd/bin/etcdctl --ca-file=/opt/etcd/ssl/ca.pem --cert-file=/opt/etcd/ssl/server.pem --key-file=/opt/etcd/ssl/server-key.pem 
--endpoints="https://192.168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379" get /coreos.com/network/config{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}

(4)重启flanneld服务

[root@master1 ~]# iptables -I INPUT -s 192.168.0.0/24 -j ACCEPT
[root@master1 ~]# iptables -I INPUT -s 172.17.0.0/24 -j ACCEPT
[root@master1 ~]# systemctl daemon-reload
[root@master1 ~]# systemctl start flanneld
[root@master1 ~]# systemctl enable flanneld
[root@master1 ~]# systemctl status flanneld
● flanneld.service - Flanneld overlay address etcd agentLoaded: loaded (/usr/lib/systemd/system/flanneld.service; enabled; vendor preset: disabled)Active: active (running) since Tue 2020-12-15 23:40:07 CST; 4min 15s agoMain PID: 31202 (flanneld)CGroup: /system.slice/flanneld.service└─31202 /opt/kubernetes/bin/flanneld --ip-masq --etcd-endpoints=https://192.168.31.101:2379,https://192.168.31.102:2379,https://192.168.31.103:2379 ...Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.171127   31202 iptables.go:155] Adding iptables rule: -s 172.17.0.0/16 -j ACCEPT
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.180271   31202 iptables.go:167] Deleting iptables rule: -s 172.17.0.0/16 ! -d 224.0.0.0/4 -j MASQUERADE
Dec 15 23:40:07 master1 systemd[1]: Started Flanneld overlay address etcd agent.
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.182977   31202 iptables.go:167] Deleting iptables rule: ! -s 172.17.0.0/16 -d 172.17.51.0/24 -j RETURN
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.189015   31202 iptables.go:155] Adding iptables rule: -d 172.17.0.0/16 -j ACCEPT
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.195921   31202 iptables.go:167] Deleting iptables rule: ! -s 172.17.0.0/16 -d 172.17.0.0/16 -j MASQUERADE
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.203488   31202 iptables.go:155] Adding iptables rule: -s 172.17.0.0/16 -d 172.17.0.0/16 -j RETURN
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.212158   31202 iptables.go:155] Adding iptables rule: -s 172.17.0.0/16 ! -d 224.0.0.0/4 -j MASQUERADE
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.219014   31202 iptables.go:155] Adding iptables rule: ! -s 172.17.0.0/16 -d 172.17.51.0/24 -j RETURN
Dec 15 23:40:07 master1 flanneld[31202]: I1215 23:40:07.228946   31202 iptables.go:155] Adding iptables rule: ! -s 172.17.0.0/16 -d 172.17.0.0/16 -j MASQUERADE

(5)查看各节点IP,并ping另一节点的docker0网络,以及确认docker0与flannel.1在同一网段

[root@master1 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 00:0c:29:14:36:9d brd ff:ff:ff:ff:ff:ffinet 192.168.31.101/24 brd 192.168.31.255 scope global noprefixroute ens33valid_lft forever preferred_lft foreverinet6 fe80::eddd:ed6f:516a:ac4/64 scope link noprefixroute valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:05:2c:ef:6c brd ff:ff:ff:ff:ff:ffinet 172.17.51.1/24 brd 172.17.51.255 scope global docker0valid_lft forever preferred_lft forever
4: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default link/ether 02:fb:8d:80:3f:b2 brd ff:ff:ff:ff:ff:ffinet 172.17.51.0/32 scope global flannel.1valid_lft forever preferred_lft foreverinet6 fe80::fb:8dff:fe80:3fb2/64 scope link valid_lft forever preferred_lft forever
[root@master1 ~]# ping 172.17.29.1
PING 172.17.29.1 (172.17.29.1) 56(84) bytes of data.
64 bytes from 172.17.29.1: icmp_seq=1 ttl=64 time=10.1 ms
64 bytes from 172.17.29.1: icmp_seq=2 ttl=64 time=0.635 ms

这篇关于K8s二进制部署-flanneld报(Couldn‘t fetch network config)的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!


http://www.chinasem.cn/article/1058753

相关文章

UnrealScriptIDE调试环境部署

UnrealScriptIDE调试环境部署

先安装vs2010   再安装VSIsoShell.exe, 下载地址 https://pan.baidu.com/s/10kPNUuDGTbWXbz7Nos-1WA       fd3t   最后安装unside,下载地址 https://archive.codeplex.com/?p=uside  安装中间有一步选择Binary文件夹要选对路径。   安装好以后,启动 UDKDe
阅读更多...
UE3 的Config文件夹

UE3 的Config文件夹

工作中需要用到UE3,看官方文档中文版翻译有些偷懒和翻译不妥当,故看着英文自己翻译理解了一下,以供后续参考。 目录 基础内容 0.概述  1.uc脚本中的类定义关联配置文件和保存 2.保存配置文件API SaveConfig() StaticSaveConfig() 3.ucc 编译的时候使用 4.配置文件类型 Default 配置文件 和 XXX 配置文件  Base 配置
阅读更多...
二进制文件转化成文本文件

二进制文件转化成文本文件

文章中如果有写错、表述不明、有疑问或者需要扩展的知识,欢迎留言或者私信~   1.区别 如果一个文件说是文本文件,使用任何一种文本编辑器打开可以展现出人类可读信息字符,因为编码都符合某种编码方式,如ASCII、UTF8、GB2312等等(在文件头可以读出来是什么编码方式,然后文本编辑器再按照规则去读取翻译成对应的字符,展示给我们的就是可读的了)。(关于编码方式不了解可以看这一篇) 如果一
阅读更多...
JAVA读取MongoDB中的二进制图片并显示在页面上

JAVA读取MongoDB中的二进制图片并显示在页面上

1:Jsp页面: <td><img src="${ctx}/mongoImg/show"></td> 2:xml配置: <?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"xmlns:xsi="http://www.w3.org/2001
阅读更多...
青龙面板部署通用教程,含服务器、路由器、X86等部署方法

青龙面板部署通用教程,含服务器、路由器、X86等部署方法

1. 拉取镜像/更新镜像 docker pull whyour/qinglong:latest 2. 删除镜像 docker rmi whyour/qinglong:latest 3. 启动容器 普通服务器 docker run -dit \-v $PWD/ql/config:/ql/config \-v $PWD/ql/log:/ql/log \-v $PWD/ql/db:
阅读更多...
宝塔面板部署青龙面板教程【简单易上手】

宝塔面板部署青龙面板教程【简单易上手】

首先,你得有一台部署了宝塔面板的服务器(自己用本地电脑也可以)。 宝塔面板部署自行百度一下,很简单,这里就不走流程了,官网版本就可以,无需开心版。 首先,打开宝塔面板的软件商店,找到下图这个软件(Docker管理器)安装,青龙面板还是安装在docker里,这里依赖宝塔面板安装和管理docker。 安装完成后,进入SSH终端管理,输入代码安装青龙面板。ssh可以直接宝塔里操作,也可以安装ssh连接
阅读更多...
手把手教你入门vue+springboot开发(五)--docker部署

手把手教你入门vue+springboot开发(五)--docker部署

文章目录 前言一、前端打包二、后端打包三、docker运行总结 前言 前面我们重点介绍了vue+springboot前后端分离开发的过程,本篇我们结合docker容器来研究一下打包部署过程。 一、前端打包 在VSCode的命令行中输入npm run build可以打包前端代码,出现下图提示表示打包完成。 打包成功后会在前端工程目录生成dist目录,如下图所示: 把
阅读更多...
[Centos7] 部署Zabbix5.0

[Centos7] 部署Zabbix5.0

目录 0 卸载 Zabbix1 准备工作1.1 关闭防火墙1.2 关闭SELinux1.3 重启服务器1.4 安装MySQL 2 配置 Zabbix yum 源2.1 安装zabbix的软件仓库配置包2.2 安装 Software Collections 仓库2.3 修改 Zabbix 仓库配置文件 3 安装 Zabbix3.1 遇到报错Requires: libmysqlclient.so
阅读更多...
[分布式网络通讯框架]----ZooKeeper下载以及Linux环境下安装与单机模式部署(附带每一步截图)

[分布式网络通讯框架]----ZooKeeper下载以及Linux环境下安装与单机模式部署(附带每一步截图)

首先进入apache官网 点击中间的see all Projects->Project List菜单项进入页面 找到zookeeper,进入 在Zookeeper主页的顶部点击菜单Project->Releases,进入Zookeeper发布版本信息页面,如下图: 找到需要下载的版本 进行下载既可,这里我已经下载过3.4.10,所以以下使用3.4.10进行演示其他的步骤。
阅读更多...
云原生容器技术入门:Docker、K8s技术的基本原理和用途

云原生容器技术入门:Docker、K8s技术的基本原理和用途

🐇明明跟你说过:个人主页 🏅个人专栏:《未来已来:云原生之旅》🏅 🔖行路有良友,便是天堂🔖 目录 一、容器技术概述 1、什么是容器技术 2、容器技术的历史与发展 3、容器技术与虚拟机的比较 4、容器技术在云原生中的作用 二、Docker基础 1、Docker简介 2、Docker架构 3、Docker与工作原理 三、Kubernetes(k8s)基础 1、
阅读更多...

Copyright China编程 23002807@qq.com

沪ICP备2023033072号-2