Kubernetes calico-node 问题 - 运行 0/1答案

【问题标题】：Kubernetes calico-node issue - running 0/1Kubernetes calico-node 问题 - 运行 0/1
【发布时间】：2021-09-04 13:25:21
【问题描述】：

您好，我在 ubuntu 20.04 的本地服务器中有两台虚拟机，我想为我的微服务构建一个小型集群。我运行了以下步骤来设置我的集群，但我遇到了 calico-nodes 的问题。他们以 0/1/ 运行

master.domain.com

ubuntu 20.04
docker --version = Docker 版本 20.10.7，构建 f0df350
kubectl version = Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.4", GitCommit:"e87da0bd6e03ec3fea7933c4b5263d151aafd07c", GitTreeState:"clean", BuildDate:"2021- 02-18T16:12:00Z"，GoVersion："go1.15.8"，编译器："gc"，平台："linux/amd64"}

worker.domain.com

ubuntu 20.04
docker --version = Docker 版本 20.10.2，构建 20.10.2-0ubuntu1~20.04.2
kubectl version = Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.4", GitCommit:"e87da0bd6e03ec3fea7933c4b5263d151aafd07c", GitTreeState:"clean", BuildDate:"2021- 02-18T16:12:00Z"，GoVersion："go1.15.8"，编译器："gc"，平台："linux/amd64"}

第 1 步

在 master.domain.com 虚拟机中，我运行以下命令

sudo kubeadm init --pod-network-cidr=192.168.0.0/16

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

curl https://docs.projectcalico.org/manifests/calico.yaml -O
kubectl apply -f calico.yaml

kubectl get pods --all-namespaces -o wide
NAMESPACE     NAME                                       READY   STATUS    RESTARTS   AGE     IP               NODE    NOMINATED NODE   READINESS GATES
kube-system   calico-kube-controllers-7f4f5bf95d-gnll8   1/1     Running   0          38s     192.168.29.195   master   <none>           <none>
kube-system   calico-node-7zmtm                          1/1     Running   0          38s     195.251.3.255    master   <none>           <none>
kube-system   coredns-74ff55c5b-ltn9g                    1/1     Running   0          3m49s   192.168.29.193   master   <none>           <none>
kube-system   coredns-74ff55c5b-nkhzf                    1/1     Running   0          3m49s   192.168.29.194   master   <none>           <none>
kube-system   etcd-kubem                                 1/1     Running   0          4m6s    195.251.3.255    master   <none>           <none>
kube-system   kube-apiserver-kubem                       1/1     Running   0          4m6s    195.251.3.255    master   <none>           <none>
kube-system   kube-controller-manager-kubem              1/1     Running   0          4m6s    195.251.3.255    master   <none>           <none>
kube-system   kube-proxy-2cr2x                           1/1     Running   0          3m49s   195.251.3.255    master   <none>           <none>
kube-system   kube-scheduler-kubem                       1/1     Running   0          4m6s    195.251.3.255    master   <none>           <none>

第 2 步 在 worker.domain.com 虚拟机中，我运行以下命令

sudo kubeadm join 195.251.3.255:6443 --token azuist.xxxxxxxxxxx  --discovery-token-ca-cert-hash sha256:xxxxxxxxxxxxxxxxxxxxxxxxxxxx

第三步 在 master.domain.com 虚拟机中，我运行以下命令

kubectl get pods --all-namespaces -o wide
NAMESPACE     NAME                                       READY   STATUS    RESTARTS   AGE     IP               NODE    NOMINATED NODE   READINESS GATES
kube-system   calico-kube-controllers-7f4f5bf95d-gnll8   1/1     Running   0          6m37s   192.168.29.195   master   <none>           <none>
kube-system   calico-node-7zmtm                          0/1     Running   0          6m37s   195.251.3.255    master   <none>           <none>
kube-system   calico-node-wccnb                          0/1     Running   0          2m19s   195.251.3.230    worker   <none>           <none>
kube-system   coredns-74ff55c5b-ltn9g                    1/1     Running   0          9m48s   192.168.29.193   master   <none>           <none>
kube-system   coredns-74ff55c5b-nkhzf                    1/1     Running   0          9m48s   192.168.29.194   master   <none>           <none>
kube-system   etcd-kubem                                 1/1     Running   0          10m     195.251.3.255    master   <none>           <none>
kube-system   kube-apiserver-kubem                       1/1     Running   0          10m     195.251.3.255    master   <none>           <none>
kube-system   kube-controller-manager-kubem              1/1     Running   0          10m     195.251.3.255    master   <none>           <none>
kube-system   kube-proxy-2cr2x                           1/1     Running   0          9m48s   195.251.3.255    master   <none>           <none>
kube-system   kube-proxy-kxw4m                           1/1     Running   0          2m19s   195.251.3.230    worker   <none>           <none>
kube-system   kube-scheduler-kubem                       1/1     Running   0          10m     195.251.3.255    master   <none>           <none>

kubectl logs -n kube-system calico-node-7zmtm
...
...
2021-06-20 17:10:25.064 [INFO][56] monitor-addresses/startup.go 774: Using autodetected IPv4 address on interface eth0: 195.251.3.255/24
2021-06-20 17:10:34.862 [INFO][53] felix/summary.go 100: Summarising 11 dataplane reconciliation loops over 1m3.5s: avg=4ms longest=13ms ()

kubectl logs -n kube-system calico-node-wccnb
...
...
2021-06-20 17:10:59.818 [INFO][55] felix/summary.go 100: Summarising 8 dataplane reconciliation loops over 1m3.6s: avg=3ms longest=13ms (resync-filter-v4,resync-nat-v4,resync-raw-v4)
2021-06-20 17:11:05.994 [INFO][51] monitor-addresses/startup.go 774: Using autodetected IPv4 address on interface br-9a88318dda68: 172.21.0.1/16

正如你所见，我在两个 calico 节点上都运行 0/1，为什么？？

知道如何解决这个问题吗？

谢谢

【问题讨论】：

您好，您能否详细介绍一下您的设置（网络方面）以及导致您获得此结果的确切步骤？你有没有关注kubeadm prerequisites。我认为这个问题可能与IP地址有关。根据 CIDR 表示法，您的主节点应为该特定子网中的广播地址保留。

标签： docker kubernetes calico

【解决方案1】：

遇到了完全一样的问题。

CentOS 8
kubectl kubeadm kubelet v1.22.3
docker-ce 版本 20.10.9

唯一值得一提的区别是我必须注释行

- --port=0

在/etc/kubernetes/manifests/kube-scheduler.yaml 或scheduler 中声明为unhealthy 在

kubectl 获取组件状态

Kubernetes API 在公共 IP 地址上发布。 kubectl打印输出中控制面板节点的公网IP地址替换为42.42.42.42；工作节点的公网 IP 地址替换为 21.21.21.21 公共域名（也是控制面板节点上的主机名）替换为public-domain.work

>kubectl get pods -n kube-system -o wide

NAME                                           READY   STATUS    RESTARTS      AGE   IP                NODE                  NOMINATED NODE   READINESS GATES
calico-kube-controllers-5d995d45d6-rk9cq       1/1     Running   0             76m   192.168.231.193   public-domain.work         <none>           <none>
calico-node-qstxm                              0/1     Running   0             76m   42.42.42.42       public-domain.work         <none>           <none>
calico-node-zmz5s                              0/1     Running   0             75m   21.21.21.21       node1.public-domain.work   <none>           <none>
coredns-78fcd69978-5xsb2                       1/1     Running   0             81m   192.168.231.194   public-domain.work         <none>           <none>
coredns-78fcd69978-q29fn                       1/1     Running   0             81m   192.168.231.195   public-domain.work         <none>           <none>
etcd-public-domain.work                        1/1     Running   3             82m   42.42.42.42       public-domain.work         <none>           <none>
kube-apiserver-public-domain.work              1/1     Running   3             82m   42.42.42.42       public-domain.work         <none>           <none>
kube-controller-manager-public-domain.work     1/1     Running   2             82m   42.42.42.42       public-domain.work         <none>           <none>
kube-proxy-5kkks                               1/1     Running   0             81m   42.42.42.42       public-domain.work         <none>           <none>
kube-proxy-xsc66                               1/1     Running   0             75m   21.21.21.21       node1.public-domain.work   <none>           <none>
kube-scheduler-public-domain.work              1/1     Running   1 (78m ago)   78m   42.42.42.42       public-domain.work         <none>           <none>

>kubectl get nodes -o wide

NAME                       STATUS   ROLES                  AGE     VERSION   INTERNAL-IP      EXTERNAL-IP   OS-IMAGE          KERNEL-VERSION   CONTAINER-RUNTIME
public-domain.work         Ready    control-plane,master   4h56m   v1.22.3   42.42.42.42      <none>        CentOS Stream 8   4.18.0-348.el8.x86_64   docker://20.10.9
node1.public-domain.work   Ready    <none>                 4h50m   v1.22.3   21.21.21.21      <none>        CentOS Stream 8   4.18.0-348.el8.x86_64   docker://20.10.10

>kubectl logs -n kube-system calico-node-qstxm

2021-11-09 15:27:38.996 [INFO][86] felix/int_dataplane.go 1539: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"eth1", Addrs:set.mapSet{}}
2021-11-09 15:27:38.996 [INFO][86] felix/hostip_mgr.go 85: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"eth1", Addrs:set.mapSet{}}
2021-11-09 15:27:38.997 [INFO][86] felix/ipsets.go 130: Queueing IP set for creation family="inet" setID="this-host" setType="hash:ip"
2021-11-09 15:27:38.998 [INFO][86] felix/ipsets.go 785: Doing full IP set rewrite family="inet" numMembersInPendingReplace=7 setID="this-host"

2021-11-09 15:27:40.198 [INFO][86] felix/iface_monitor.go 201: Netlink address update. addr="here:is:some:ipv6:address:that:has:nothing:to:do:with:my:control:panel:server:public:ipv6" exists=true ifIndex=3 2021-11-09 15:27:40.198 [INFO][86] felix/int_dataplane.go 1071: Linux interface addrs changed. addrs=set.mapSet{"fe80::9132:a0df:82d8:e26c":set.empty{}} ifaceName="eth1"
2021-11-09 15:27:40.198 [INFO][86] felix/int_dataplane.go 1539: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"eth1", Addrs:set.mapSet{"here:is:some:ipv6:address:that:has:nothing:to:do:with:my:control:panel:server:public:ipv6":set.empty{}}}
2021-11-09 15:27:40.199 [INFO][86] felix/hostip_mgr.go 85: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"eth1", Addrs:set.mapSet{"here:is:some:ipv6:address:that:has:nothing:to:do:with:my:control:panel:server:public:ipv6":set.empty{}}}
2021-11-09 15:27:40.199 [INFO][86] felix/ipsets.go 130: Queueing IP set for creation family="inet" setID="this-host" setType="hash:ip"
2021-11-09 15:27:40.200 [INFO][86] felix/ipsets.go 785: Doing full IP set rewrite family="inet" numMembersInPendingReplace=7 setID="this-host"

2021-11-09 15:27:48.010 [INFO][81] monitor-addresses/startup.go 713: Using autodetected IPv4 address on interface eth0: 42.42.42.42/24

> kube-system calico-node-zmz5s

2021-11-09 15:25:56.669 [INFO][64] felix/int_dataplane.go 1071: Linux interface addrs changed. addrs=set.mapSet{} ifaceName="eth1"
2021-11-09 15:25:56.669 [INFO][64] felix/int_dataplane.go 1539: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"eth1", Addrs:set.mapSet{}}
2021-11-09 15:25:56.669 [INFO][64] felix/hostip_mgr.go 85: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"eth1", Addrs:set.mapSet{}}
2021-11-09 15:25:56.669 [INFO][64] felix/ipsets.go 130: Queueing IP set for creation family="inet" setID="this-host" setType="hash:ip"
2021-11-09 15:25:56.670 [INFO][64] felix/ipsets.go 785: Doing full IP set rewrite family="inet" numMembersInPendingReplace=7 setID="this-host"

2021-11-09 15:25:56.769 [INFO][64] felix/iface_monitor.go 201: Netlink address update. addr="here:is:some:ipv6:address:that:has:nothing:to:do:with:my:worknode:server:public:ipv6" exists=false ifIndex=3

2021-11-09 15:26:07.050 [INFO][64] felix/summary.go 100: Summarising 14 dataplane reconciliation loops over 1m1.7s: avg=5ms longest=11ms ()
2021-11-09 15:26:33.880 [INFO][59] monitor-addresses/startup.go 713: Using autodetected IPv4 address on interface eth0: 21.21.21.21/24

【讨论】：

这并不能真正回答问题。如果您有其他问题，可以点击进行提问。要在此问题有新答案时收到通知，您可以follow this question。一旦你有足够的reputation，你也可以add a bounty 来引起对这个问题的更多关注。 - From Review

【解决方案2】：

由于防火墙，问题似乎在关闭的 BGP 端口中。

主节点上的这个命令为我解决了这个问题：

>firewall-cmd --add-port 179/tcp --zone=public --permanent

>firewall-cmd --reload

【讨论】：