51工具盒子在查看K8s系统组件时,发现scheduler及controller-manager组件状态存在异常,链接必要端口失败。
[root@cloud-master ~]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME STATUS MESSAGE ERROR
scheduler Unhealthy Get "http://127.0.0.1:10251/healthz": dial tcp 127.0.0.1:10251: connect: connection refused
controller-manager Unhealthy Get "http://127.0.0.1:10252/healthz": dial tcp 127.0.0.1:10252: connect: connection refused
etcd-0 Healthy {"health":"true"}
[root@cloud-master ~]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.15", GitCommit:"8f1e5bf0b9729a899b8df86249b56e2c74aebc55", GitTreeState:"clean", BuildDate:"2022-01-19T17:26:37Z", GoVersion:"go1.15.15", Compiler:"gc", Platform:"linux/amd64"}
[root@cloud-master ~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.15", GitCommit:"8f1e5bf0b9729a899b8df86249b56e2c74aebc55", GitTreeState:"clean", BuildDate:"2022-01-19T17:27:39Z", GoVersion:"go1.15.15", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.0", GitCommit:"af46c47ce925f4c4ad5cc8d1fca46c7b77d13b38", GitTreeState:"clean", BuildDate:"2020-12-08T17:51:19Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"}
解决办法
在kubeadm中,集群健康检查监听scheduler默认10251及controller-manager默认10252的不安全端口。为了安全起见,该报错可以忽略。
开启监听
如需开启10251及10252端口的监听,则需进入/etc/kubernetes/manifests/目录编辑kube-scheduler.yaml及kube-controller-manager.yaml文件。
在
- --port=0前添加注释即可。
[root@cloud-master manifests]# vi kube-scheduler.yaml
1 apiVersion: v1
2 kind: Pod
3 metadata:
4 creationTimestamp: null
5 labels:
6 component: kube-scheduler
7 tier: control-plane
8 name: kube-scheduler
9 namespace: kube-system
10 spec:
11 containers:
12 - command:
13 - kube-scheduler
14 - --authentication-kubeconfig=/etc/kubernetes/scheduler.conf
15 - --authorization-kubeconfig=/etc/kubernetes/scheduler.conf
16 - --bind-address=127.0.0.1
17 - --kubeconfig=/etc/kubernetes/scheduler.conf
18 - --leader-elect=true
19 # - --port=0
`[root@cloud-master manifests]# vi kube-controller-manager.yaml
1 apiVersion: v1
2 kind: Pod
3 metadata:
4 creationTimestamp: null
5 labels:
6 component: kube-controller-manager
7 tier: control-plane
8 name: kube-controller-manager
9 namespace: kube-system
10 spec:
11 containers:
12 - command:
13 - kube-controller-manager
14 - --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf
15 - --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf
16 - --bind-address=127.0.0.1
17 - --client-ca-file=/etc/kubernetes/pki/ca.crt
18 - --cluster-name=kubernetes
19 - --cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt
20 - --cluster-signing-key-file=/etc/kubernetes/pki/ca.key
21 - --controllers=*,bootstrapsigner,tokencleaner
22 - --kubeconfig=/etc/kubernetes/controller-manager.conf
23 - --leader-elect=true
24 # - --port=0`
编辑完成后等待一段时间即可。
[root@cloud-master manifests]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true"}
