思享工具箱

解决k8s Get http://127.0.0.1:10252/healthz: dial tcp 127.0.0.1:10252: connect: connection refused

摘要:
安装完k8s集群之后很可能会出现一下情况:[root@master1~]#kubectlgetcsNAMESTATUSMESSAGEERRORschedulerUnhealthyGethttp://127.0.0.1:10251/healthz:dialtcp127.0.0.1:10251:connect:connectionrefusedcontroller-managerUnhealthyGe

安装完k8s集群之后很可能会出现一下情况:

[root@master1 ~]# kubectl get cs
NAME                 STATUS      MESSAGE                                                                                     ERROR
scheduler            Unhealthy   Get http://127.0.0.1:10251/healthz: dial tcp 127.0.0.1:10251: connect: connection refused
controller-manager   Unhealthy   Get http://127.0.0.1:10252/healthz: dial tcp 127.0.0.1:10252: connect: connection refused
etcd-0               Healthy     {"health":"true"}

出现这种情况是kube-controller-manager.yaml和kube-scheduler.yaml设置的默认端口是0,在文件中注释掉就可以了。(每台master节点都要执行操作)

1.修改kube-scheduler.yaml文件

vim /etc/kubernetes/manifests/kube-scheduler.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    component: kube-scheduler
    tier: control-plane
  name: kube-scheduler
  namespace: kube-system
spec:
  containers:
  - command:
    - kube-scheduler
    - --authentication-kubeconfig=/etc/kubernetes/scheduler.conf
    - --authorization-kubeconfig=/etc/kubernetes/scheduler.conf
    - --bind-address=127.0.0.1
    - --kubeconfig=/etc/kubernetes/scheduler.conf
    - --leader-elect=true
#    - --port=0                  ## 注释掉这行
    image: k8s.gcr.io/kube-scheduler:v1.18.6
    imagePullPolicy: IfNotPresent
    livenessProbe:
      failureThreshold: 8
      httpGet:
        host: 127.0.0.1
        path: /healthz
        port: 10259
        scheme: HTTPS
      initialDelaySeconds: 15
      timeoutSeconds: 15
    name: kube-scheduler
    resources:
      requests:
        cpu: 100m
    volumeMounts:
    - mountPath: /etc/kubernetes/scheduler.conf
      name: kubeconfig
      readOnly: true
  hostNetwork: true
  priorityClassName: system-cluster-critical
  volumes:
  - hostPath:
      path: /etc/kubernetes/scheduler.conf
      type: FileOrCreate
    name: kubeconfig
status: {}

2.修改kube-controller-manager.yaml文件

vim /etc/kubernetes/manifests/kube-controller-manager.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    component: kube-controller-manager
    tier: control-plane
  name: kube-controller-manager
  namespace: kube-system
spec:
  containers:
  - command:
    - kube-controller-manager
    - --allocate-node-cidrs=true
    - --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf
    - --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf
    - --bind-address=127.0.0.1
    - --client-ca-file=/etc/kubernetes/pki/ca.crt
    - --cluster-cidr=10.244.0.0/16
    - --cluster-name=kubernetes
    - --cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt
    - --cluster-signing-key-file=/etc/kubernetes/pki/ca.key
    - --controllers=*,bootstrapsigner,tokencleaner
    - --kubeconfig=/etc/kubernetes/controller-manager.conf
    - --leader-elect=true
    - --node-cidr-mask-size=24
#    - --port=0                    ## 注释掉这行
    - --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt
    - --root-ca-file=/etc/kubernetes/pki/ca.crt
    - --service-account-private-key-file=/etc/kubernetes/pki/sa.key
    - --service-cluster-ip-range=10.96.0.0/12
    - --use-service-account-credentials=true
    image: k8s.gcr.io/kube-controller-manager:v1.18.6
    imagePullPolicy: IfNotPresent
    livenessProbe:
      failureThreshold: 8
      httpGet:
        host: 127.0.0.1
        path: /healthz
        port: 10257
        scheme: HTTPS
      initialDelaySeconds: 15
      timeoutSeconds: 15
    name: kube-controller-manager
    resources:
      requests:
        cpu: 200m
    volumeMounts:
    - mountPath: /etc/ssl/certs
      name: ca-certs
      readOnly: true
    - mountPath: /etc/pki
      name: etc-pki
      readOnly: true
    - mountPath: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
      name: flexvolume-dir
    - mountPath: /etc/kubernetes/pki
      name: k8s-certs
      readOnly: true
    - mountPath: /etc/kubernetes/controller-manager.conf
      name: kubeconfig
      readOnly: true
  hostNetwork: true
  priorityClassName: system-cluster-critical
  volumes:
  - hostPath:
      path: /etc/ssl/certs
      type: DirectoryOrCreate
    name: ca-certs
  - hostPath:
      path: /etc/pki
      type: DirectoryOrCreate
    name: etc-pki
  - hostPath:
      path: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
      type: DirectoryOrCreate
    name: flexvolume-dir
  - hostPath:
      path: /etc/kubernetes/pki
      type: DirectoryOrCreate
    name: k8s-certs
  - hostPath:
      path: /etc/kubernetes/controller-manager.conf
      type: FileOrCreate
    name: kubeconfig
status: {}

3.每台master重启kubelet

systemctl restart kubelet.service

4.再次查看状态

[root@master1 ~]# kubectl get cs
NAME                 STATUS    MESSAGE             ERROR
scheduler            Healthy   ok
controller-manager   Healthy   ok
etcd-0               Healthy   {"health":"true"}

标签:#kubernetes#k8s#true#pki | 浏览:465 | 发布日期:

免责声明:文章转载自《解决k8s Get http://127.0.0.1:10252/healthz: dial tcp 127.0.0.1:10252: connect: connection refused》仅用于学习参考。如对内容有疑问,请及时联系本站处理。

上篇BROCADE交换机配置SpringBoot之springfox(Swagger) (ApiDoc接口文档)下篇

宿迁高防,2C2G15M,22元/月;香港BGP,2C5G5M,25元/月 雨云优惠码:MjYwNzM=

相关文章

tinyMCE使用详解

初始化在初始化TinyMCE的时候,需要把以下代码加入到页面的HEAD标签中。按以下例子中的设置,所有的TEXTAREA文本域在页面加载时将被转换成编辑器。另外还有其他模块,我们将在后面详细讲述。 <!-- tinyMCE --><script language="javascript" type="text/javascript" sr...

Kubernetes网络的iptables模式和ipvs模式支持ping分析

1.iptables模式无法ping通原因分析   iptables模式下,无法ping通任何svc,包括clusterip.所有ns下,下面来分析原因:   查看kubernetes的网络模式 curl 127.0.0.1:10249/proxyMode [root@k8s-master01 ~]# curl 127.0.0.1:10249/proxyM...

kubernetes部署的Pod长时处于ContainerCreating状态

版权声明:本文为博主原创文章,支持原创,转载请附上原文出处链接和本声明。 本文地址:https://www.cnblogs.com/wannengachao/p/13821469.html 1、执行 kubectl get pod --all-namespaces|grep -Ev '1/1|2/2|3/3|Com 查看到Pod长时处于ContainerC...

k8s .netcore的春天

一直有在关注k8s容器管理平台,不是因为对运维感兴趣,而是它是云原生,云架构的一块基石,我们可以看看bat在云原生架构方面的推动和投入,相信以后软件从已诞生就生长在云上。 K8S,可能有些朋友认为k8s跟微服务没有啥关系,这个的看你站在什么维度和视角去看待这个问题。尤其是.NETCORE平台,没有像JAVASPRINGCLOUD这样的全家桶,更没有SPRI...

Kubernetes 边缘节点抓不到监控指标?试试这个方法!

KubeSphere v3.1.0 通过集成 KubeEdge,将节点和资源的管理延伸到了边缘,也是 KubeSphere 正式支持边缘计算的第一个版本。 笔者也第一时间搭建和试用了边缘节点相关的功能,但是在边缘节点纳管之后遇到了一些监控的小问题,在排查过程中也顺带了解了一下 KubeSphere 对于边缘节点的监控原理,发出来和大家分享,方便其他的开发者...

k8s命令

编辑pod版本号等信息kubectl edit deployment ams-metric -n manage导出容器内容到文件docker export 1ceefea8d9ff > calc.tar加载tar到本地仓库docker load -i ams-access-1.0.PC5.tar 快速从容器push到镜像仓库docker commit...

最新文章

随机推荐

思享工具箱导航