kubeadmin kube-apiserver Exited 始终起不来查因记录

已于 2023-02-16 17:46:30 修改
阅读量1.9k 收藏 1
点赞数 1
分类专栏: 技术类 文章标签: docker kubernetes linux
于 2023-02-16 17:19:15 首次发布
开 源
本文链接:https://blog.csdn.net/long474080434/article/details/129058434
版权

kubeadmin kube-apiserver Exited 始终起不来查因记录

[root@k8s-master01 log]# crictl ps -a
CONTAINER           IMAGE               CREATED              STATE               NAME                      ATTEMPT             POD ID              POD
b7af23a98302e       fce326961ae2d       16 seconds ago       Running             etcd                      29                  16fc6f83a01d2       etcd-k8s-master01
1d0efa5c0c12d       a31e1d84401e6       About a minute ago   Exited              kube-apiserver            1693                dfc4c0a0c3e03       kube-apiserver-k8s-master01
275f08ddab851       fce326961ae2d       6 minutes ago        Exited              etcd                      28                  16fc6f83a01d2       etcd-k8s-master01
b11025cbc4661       5d7c5dfd3ba18       6 hours ago          Running             kube-controller-manager   27                  0ff05b544ff48       kube-controller-manager-k8s-master01
4db4688c2687f       dafd8ad70b156       30 hours ago         Running             kube-scheduler            25                  5f4d13cedf450       kube-scheduler-k8s-master01
b311bf0e66852       54637cb36d4a1       7 days ago           Running             calico-node               0                   ff2f4ac3783bb       calico-node-2zqhn
108695e1af006       a1a5060fe43dc       9 days ago           Running             kuboard                   2                   7bee3baf06a62       kuboard-cc79974cd-t9jth
536a8cdfb0a9b       115053965e86b       9 days ago           Running             metrics-scraper           2                   046881f3feea3       metrics-scraper-7f4896c5d7-6w6ld
c91c3382c9c9d       556768f31eb1d       9 days ago           Running             kube-proxy                6                   ce658d774a03b       kube-proxy-gsv75
[root@k8s-master01 log]#

查日志

 cat /var/log/messages|grep kube-apiserver|grep -i error
 
Feb 16 12:08:16 k8s-master01 kubelet: E0216 12:08:16.192310    8996 pod_workers.go:965] "Error syncing pod, skipping" err="failed to \"StartContainer\" for \"kube-apiserver\" with CrashLoopBackOff: \"back-off 40s restarting failed container=kube-apiserver pod=kube-apiserver-k8s-master01_kube-system(d6b90b54ef1ec678fb3557edd6baf627)\"" pod="kube-system/kube-apiserver-k8s-master01" podUID=d6b90b54ef1ec678fb3557edd6baf627

由于 kube-apiserver 起不来
kubectl describe
kubectl logs
之类查问题的命令都用不了

用的containerd.service 容器时
crictl logs 命令可用

[root@k8s-master01 log]# crictl  ps -a
CONTAINER           IMAGE               CREATED             STATE               NAME                      ATTEMPT             POD ID              POD
b3c010e0082be       a31e1d84401e6       39 seconds ago      Exited              kube-apiserver            1701                dfc4c0a0c3e03       kube-apiserver-k8s-master01
401eba6ca6507       fce326961ae2d       2 minutes ago       Running             etcd                      36                  16fc6f83a01d2       etcd-k8s-master01
b11025cbc4661       5d7c5dfd3ba18       7 hours ago         Running             kube-controller-manager   27                  0ff05b544ff48       kube-controller-manager-k8s-master01
4db4688c2687f       dafd8ad70b156       31 hours ago        Running             kube-scheduler            25                  5f4d13cedf450       kube-scheduler-k8s-master01
b311bf0e66852       54637cb36d4a1       7 days ago          Running             calico-node               0                   ff2f4ac3783bb       calico-node-2zqhn
108695e1af006       a1a5060fe43dc       9 days ago          Running             kuboard                   2                   7bee3baf06a62       kuboard-cc79974cd-t9jth
536a8cdfb0a9b       115053965e86b       9 days ago          Running             metrics-scraper           2                   046881f3feea3       metrics-scraper-7f4896c5d7-6w6ld
c91c3382c9c9d       556768f31eb1d       9 days ago          Running             kube-proxy                6                   ce658d774a03b       kube-proxy-gsv75
[root@k8s-master01 log]# crictl  logs b3c010e0082be
I0216 04:41:58.479545       1 server.go:555] external host was not specified, using 192.168.40.240
I0216 04:41:58.480162       1 server.go:163] Version: v1.26.0
I0216 04:41:58.480188       1 server.go:165] "Golang settings" GOGC="" GOMAXPROCS="" GOTRACEBACK=""
I0216 04:41:58.662208       1 shared_informer.go:273] Waiting for caches to sync for node_authorizer
I0216 04:41:58.662957       1 plugins.go:158] Loaded 12 mutating admission controller(s) successfully in the following order: NamespaceLifecycle,LimitRanger,ServiceAccount,NodeRestriction,TaintNodesByCondition,Priority,DefaultTolerationSeconds,DefaultStorageClass,StorageObjectInUseProtection,RuntimeClass,DefaultIngressClass,MutatingAdmissionWebhook.
I0216 04:41:58.662977       1 plugins.go:161] Loaded 12 validating admission controller(s) successfully in the following order: LimitRanger,ServiceAccount,PodSecurity,Priority,PersistentVolumeClaimResize,RuntimeClass,CertificateApproval,CertificateSigning,CertificateSubjectRestriction,ValidatingAdmissionPolicy,ValidatingAdmissionWebhook,ResourceQuota.
E0216 04:42:18.665556       1 run.go:74] "command failed" err="context deadline exceeded"
W0216 04:42:18.665571       1 logging.go:59] [core] [Channel #1 SubChannel #2] grpc: addrConn.createTransport failed to connect to {
  "Addr": "127.0.0.1:2379",
  "ServerName": "127.0.0.1",
  "Attributes": null,
  "BalancerAttributes": null,
  "Type": 0,
  "Metadata": null
}. Err: connection error: desc = "transport: authentication handshake failed: context deadline exceeded"
[root@k8s-master01 log]#

貌似连接2379 etcd服务端口异常

crictl  logs 860b2d24e75c3  #etcd容器的id
{"level":"info","ts":"2023-02-16T04:48:39.238Z","logger":"raft","caller":"etcdserver/zap_raft.go:77","msg":"e7a1aee40b9b8621 [logterm: 107, index: 5657524] sent MsgPreVote request to 9331fa9e272a9c3f at term 107"}
{"level":"warn","ts":"2023-02-16T04:48:40.151Z","caller":"etcdserver/server.go:2075","msg":"failed to publish local member to cluster through raft","local-member-id":"e7a1aee40b9b8621","local-member-attributes":"{Name:k8s-master01 ClientURLs:[https://192.168.40.240:2379]}","request-path":"/0/members/e7a1aee40b9b8621/attributes","publish-timeout":"7s","error":"etcdserver: request timed out"}
{"level":"info","ts":"2023-02-16T04:48:40.438Z","logger":"raft","caller":"etcdserver/zap_raft.go:77","msg":"e7a1aee40b9b8621 is starting a new election at term 107"}
{"level":"info","ts":"2023-02-16T04:48:40.438Z","logger":"raft","caller":"etcdserver/zap_raft.go:77","msg":"e7a1aee40b9b8621 became pre-candidate at term 107"}
{"level":"info","ts":"2023-02-16T04:48:40.438Z","logger":"raft","caller":"etcdserver/zap_raft.go:77","msg":"e7a1aee40b9b8621 received MsgPreVoteResp from e7a1aee40b9b8621 at term 107"}
{"level":"info","ts":"2023-02-16T04:48:40.438Z","logger":"raft","caller":"etcdserver/zap_raft.go:77","msg":"e7a1aee40b9b8621 [logterm: 107, index: 5657524] sent MsgPreVote request to 5db16f545fa302b7 at term 107"}
{"level":"info","ts":"2023-02-16T04:48:40.438Z","logger":"raft","caller":"etcdserver/zap_raft.go:77","msg":"e7a1aee40b9b8621 [logterm: 107, index: 5657524] sent MsgPreVote request to 9331fa9e272a9c3f at term 107"}
{"level":"warn","ts":"2023-02-16T04:48:40.447Z","caller":"etcdhttp/metrics.go:173","msg":"serving /health false; no leader"}
{"level":"warn","ts":"2023-02-16T04:48:40.448Z","caller":"etcdhttp/metrics.go:86","msg":"/health error","output":"{\"health\":\"false\",\"reason\":\"RAFT NO LEADER\"}","status-code":503}
.......
{"level":"warn","ts":"2023-02-16T06:55:15.139Z","caller":"etcdserver/server.go:2075","msg":"failed to publish local member to cluster through raft","local-member-id":"e7a1aee40b9b8621","local-member-attributes":"{Name:k8s-master01 ClientURLs:[https://192.168.40.240:2379]}","request-path":"/0/members/e7a1aee40b9b8621/attributes","publish-timeout":"7s","error":"etcdserver: request timed out"}
[root@k8s-master01 log]#

从日志看,像是etcd内部异常
参考
http://www.caotama.com/1864029.html
受启发,etcd备节点需要先启动,主节点接入备节点才能完整工作。

查备节点,发现因为多网卡IP是动态

[root@k8s-master03 manifests]# crictl ps -a
CONTAINER           IMAGE               CREATED             STATE               NAME                      ATTEMPT             POD ID              POD
a62d091cb77d6       a31e1d84401e6       24 seconds ago      Exited              kube-apiserver            92                  f32dfab0c6d61       kube-apiserver-k8s-master03
580675496bfae       fce326961ae2d       21 minutes ago      Exited              etcd                      88                  40fa395fc5f61       etcd-k8s-master03
d68f4e7158815       5d7c5dfd3ba18       7 hours ago         Running             kube-controller-manager   29                  e46f277014232       kube-controller-manager-k8s-master03
7e42849ff064e       dafd8ad70b156       7 hours ago         Running             kube-scheduler            28                  95d3e74185619       kube-scheduler-k8s-master03
69a554f8f249e       5d7c5dfd3ba18       3 days ago          Exited              kube-controller-manager   28                  d435a4f2a2550       kube-controller-manager-k8s-master03
927c7330986d4       dafd8ad70b156       3 days ago          Exited              kube-scheduler            27                  6bd230494824d       kube-scheduler-k8s-master03
2b61030c4f724       5185b96f0becf       13 days ago         Exited              coredns                   1                   417cff0be932c       coredns-567c556887-gqxc2
e62bfc4d92bf2       54637cb36d4a1       13 days ago         Exited              calico-node               2                   65cb679894ec0       calico-node-4qgnf
e419b9d4ed335       54637cb36d4a1       13 days ago         Exited              mount-bpffs               0                   65cb679894ec0       calico-node-4qgnf
bce9d5d9b2faa       628dd70880410       13 days ago         Exited              install-cni               0                   65cb679894ec0       calico-node-4qgnf
1508b3b2344e8       556768f31eb1d       13 days ago         Exited              kube-proxy                2                   4d7e52b0ee4b5       kube-proxy-qn6lx
ee1622dfb7d36       628dd70880410       13 days ago         Exited              upgrade-ipam              2                   65cb679894ec0       calico-node-4qgnf
[root@k8s-master03 manifests]# 
[root@k8s-master03 manifests]# 
[root@k8s-master03 manifests]# crictl logs 580675496bfae
{"level":"info","ts":"2023-02-16T08:48:38.698Z","caller":"etcdmain/etcd.go:73","msg":"Running: ","args":["etcd","--advertise-client-urls=https://172.19.217.2:2379","--cert-file=/etc/kubernetes/pki/etcd/server.crt","--client-cert-auth=true","--data-dir=/var/lib/eted","--experimental-initial-corrupt-check=true","--experimental-watch-progress-notify-interval=5s","--initial-advertise-peer-urls=https://172.19.217.2:2380","--initial-cluster=k8s-master03=https://172.19.217.2:2380,k8s-master02=https://172.19.217.32:2380,k8s-master01=https://192.168.40.240:2380","--initial-cluster-state=existing","--key-file=/etc/kubernetes/pki/etcd/server.key","--listen-client-urls=https://127.0.0.1:2379,https://172.19.217.2:2379","--listen-metrics-urls=http://127.0.0.1:2381","--listen-peer-urls=https://172.19.217.2:2380","--name=k8s-master03","--peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt","--peer-client-cert-auth=true","--peer-key-file=/etc/kubernetes/pki/etcd/peer.key","--peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt","--snapshot-count=10000","--trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt"]}
{"level":"info","ts":"2023-02-16T08:48:38.698Z","caller":"etcdmain/etcd.go:116","msg":"server has been already initialized","data-dir":"/var/lib/eted","dir-type":"member"}
{"level":"info","ts":"2023-02-16T08:48:38.698Z","caller":"embed/etcd.go:124","msg":"configuring peer listeners","listen-peer-urls":["https://172.19.217.2:2380"]}
{"level":"info","ts":"2023-02-16T08:48:38.698Z","caller":"embed/etcd.go:484","msg":"starting with peer TLS","tls-info":"cert = /etc/kubernetes/pki/etcd/peer.crt, key = /etc/kubernetes/pki/etcd/peer.key, client-cert=, client-key=, trusted-ca = /etc/kubernetes/pki/etcd/ca.crt, client-cert-auth = true, crl-file = ","cipher-suites":[]}
{"level":"info","ts":"2023-02-16T08:48:38.698Z","caller":"embed/etcd.go:373","msg":"closing etcd server","name":"k8s-master03","data-dir":"/var/lib/eted","advertise-peer-urls":["https://172.19.217.2:2380"],"advertise-client-urls":["https://172.19.217.2:2379"]}
{"level":"info","ts":"2023-02-16T08:48:38.698Z","caller":"embed/etcd.go:375","msg":"closed etcd server","name":"k8s-master03","data-dir":"/var/lib/eted","advertise-peer-urls":["https://172.19.217.2:2380"],"advertise-client-urls":["https://172.19.217.2:2379"]}
{"level":"fatal","ts":"2023-02-16T08:48:38.698Z","caller":"etcdmain/etcd.go:204","msg":"discovery failed","error":"listen tcp 172.19.217.2:2380: bind: cannot assign requested address","stacktrace":"go.etcd.io/etcd/server/v3/etcdmain.startEtcdOrProxyV2\n\tgo.etcd.io/etcd/server/v3/etcdmain/etcd.go:204\ngo.etcd.io/etcd/server/v3/etcdmain.Main\n\tgo.etcd.io/etcd/server/v3/etcdmain/main.go:40\nmain.main\n\tgo.etcd.io/etcd/server/v3/main.go:32\nruntime.main\n\truntime/proc.go:225"}
[root@k8s-master03 manifests]#

https://172.19.217.2:2380
应该是因为多网卡动态获取的ip,eth1网卡为 ssh连接专用网卡,但eth0-IP已经变化
将eth0网卡静态成该地址172.19.217.2。

修复 。

long474080434
关注
  • 1
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
k8s.gcr.io/kube-apiserver:v1.17.3镜像包
03-06
kubernetes的k8s.gcr.io/kube-apiserver:v1.17.3镜像包,版本为v1.17.3。文件是kube-controller-manager_v_1_17.3.tar
部署Kubernetes kube-apiserver启动失败
热门推荐
山东梅长苏
05-11 3万+
systemctl restart kube-apiserver启动失败 [root@centos-master yum.repos.d]# systemctl status kube-apiserver.service ● kube-apiserver.service - Kubernetes API Server Loaded: loaded (/usr/lib/systemd/syst...
cluster-kube-apiserver-operator:kube-apiserver操作员在集群上安装和维护kube-apiserver
02-13
Kubernetes API服务器操作员 Kubernetes API Server操作员管理和更新部署在之上的。 该操作员基于OpenShift 框架,并且通过“ (CVO)安装。 它包含以下组件: 操作员 Bootstrap清单渲染器 基于静态Pod的安装程序 配置观察者 默认情况下,操作员通过metrics服务公开指标。 指标是从以下组件中收集的: Kubernetes API服务器操作员 配置 配置观察器组件负责对外部配置更改做出React。 例如,这允许外部组件(,etcd等)与Kubernetes API服务器配置( 自定义资源)进行交互。 当前正在观察以下外部组件的变化: kube系统名称空间中的host-etcd端点所观察到的端点地址被用于配置storageConfig.urls在Kubernetes API服务器配置。 cluster image.config
k8s.gcr.io/kube-apiserver:v1.12.2
11-01
使用方法请关注blog: https://blog.csdn.net/wenwst docker load < kube-apiserver.v1.12.2.tar docker tag 51a9c329b7c5 k8s.gcr.io/kube-apiserver:v1.12.2
kubeadm依赖:kube-apiserver:v1.23.0、kube-controller-manager:v1.23等
最新发布
11-09
kubeadm依赖镜像: registry.aliyuncs.com/google_containers/kube-apiserver:v1.23.0 registry.aliyuncs.com/google_containers/kube-controller-manager:v1.23.0 registry.aliyuncs.com/google_containers/kube-scheduler:v1.23.0 registry.aliyuncs.com/google_containers/kube-proxy:v1.23.0 registry.aliyuncs.com/google_containers/pause:3.6 registry.aliyuncs.com/google_containers/etcd:3.5.1-0 registry.aliyuncs.com/google_containers/coredns:v1.8.6 操作: 镜像包上传到集群的各个节点后执行导入镜像脚本 chmod +x load_images.sh ./load_images.sh
kubeadm 部署k8s kube-apiserver无法正常启动的问题
Jerry00713的博客
08-20 1万+
9.kubeadm init --kubernetes-version=v1.17.17 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/16 --ignore-preflight-errors=Swap 初始化节点 (根据情况修改),或者按照。12.下载并安装flannel配置,需要配置kube-flannel.yml, 或者按照。15.查看节点,已经出现,查看6443端口号,已经出现。3.ll -a 查看是否存在.kube文件。
62-【kubernetes】重启linux后,k8s的kube-apiserver无法正常启动的问题【需重装k8s集群】
qq_42303254的博客
02-21 1539
重启linux后,k8s的kube-apiserver无法正常启动的问题_shuxinghe的博客-CSDN博客_k8s重启apiserver
K8S-解决报错--总结日记
mingqing的博客
06-02 3138
排错思路
kubernetes 问题汇总--kube-apiserver无法正常启动
dengchendeng的专栏
08-05 2万+
kubernetes 问题汇总 1、新安装kubernetes到服务器,在创建rc之后,无法启动pod。yaml文件如下: apiVersion: v1 kind: ReplicationController metadata: name: redis-master labels: name: redis-master spec: replicas: 1 selecto...
kube-apiserver-amd64-v1.11.1
09-26
kube-apiserver-amd64-v1.11.1镜像,镜像使用方法: docker load -i kube-apiserver-amd64-v1.11.1.tar.gz
一个kubernetes无法启动apiserver:'FailedCreate' No API token found for service account "default"
世间再无晏小山
07-19 4265
如题, 在虚拟机上部署kubernetes,启动时出现如下图的状况,一头雾水: 很尴尬的是之前在两台服务器上,按照同样的步骤安装,是没有这样的问题的。 在服务器上安装的过程同样尴尬,一切部署好之后发现无法创建pod,无论什么样的json,yaml,命令行。 后来发现两台服务器,服务器1能ping通服务器2,服务器2却不能ping通服务器1,两台服务器都是外网的IP,且其中一个是
kube-apiserver启动报错:kube-apiserver: Error: parse error on line 1, column 81: extraneous or missing “
shisi4357的博客
05-12 267
报该错误:kube-apiserver: Error: parse error on line 1, column 81: extraneous or missing " in quoted-field。可能是因为大家都是使用类似脚本生成的token,其中单用户带双引号。所以有很多人都询问同样的问题,很不容易找到正确的答案。token.csv文件中只有单个用户组 system:kubelet-bootstrap的时候不加双引号。
Kubernetes 学习总结(28)—— Kubernetes 常见问题总结
科技D人生
05-11 1393
如何删除不一致状态下的 rc、deployment、service 在某些情况下经常发现 kubectl 进程挂起现象,然后在 get 时候发现删了一半而另外的删除不了 [root@k8s-master~]#kubectlget-ffluentd-elasticsearch/ NAMEDESIREDCURRENTREADYAGE rc/elasticsearch-logging-v102215h NAMEDESIREDCURRENTUP-TO-DATEAVAILAB...
二进制安装k8s apiserver 组件启动失败
weixin_47245762的博客
05-25 921
查看启动api-server.conf配置文件对应路径文件均存在,重新生成证书以及token.csv依然启动失败,在api-server中设置的,开启了准入控制的一些插件,如下。解决:在api-server.servervice中加入此变量。$KUBE_APISERVER_OPTS导致问题,此变量是。由于启动文件api-server.service缺少。再次重新加载配置文件并启动,启动正常。
解决 k8s redis重启报k8s Back-off restarting failed container (学习笔记)
weixin_43205308的博客
03-11 604
解决 k8s redis重启报k8s Back-off restarting failed container (学习笔记)
kubelet报错,etcd重启失败
liangkaiping0525的博客
03-17 1820
报错如下: journalctl -fu kubelet 3月 17 14:54:32 75-k8s-master kubelet[21477]: W0317 14:54:32.861709 21477 conversion.go:111] Could not get instantcpu stats: cumulative stats decrease 3月 17 14:54:45 75-k8s-master kubelet[21477]: I0317 14:54:45.723260 214
k8s 报错Back-off restarting failed container
qq_51287641的博客
08-25 1075
启动容器后,容器内部没有常驻的前台进程,导致容器启动成功后即退出,从而进行了持续的重启。我在通过k8s运行ubuntu时,执行了下面这个脚本。成功解决,能够顺利执行此脚本,且成功启动容器。在启动时执行一个永远不会完成的任务。
etcd 启动失败
qdqht2009的专栏
02-26 1万+
1、etcd 读取已有的 data-dir 数据而启动失败,常常表现为cluster id not match什么的 可能原因是新启动的 etcd 属性与之前的不同,可以尝 --force-new-cluster 选项的形式启动一个新的集群 2、etcd 集群搭建完成后,通过 kubectl get pods 等一些操作发生错误的情况 目前解决办法是重启一下 apiserver 进程 3、...
Failed to start kube-apiserver.service: Unit kube-apiserver.service not found
07-28
如果您在启动 kube-apiserver.service 时遇到 "Unit kube-apiserver.service not found" 错误,可能是因为服务单元文件未正确安装或未正确配置。 您可以尝试以下步骤来解决该问题: 1. 确认 Kubernetes 的二进制文件已正确安装并可用。您可以通过运行 `which kube-apiserver` 命令来检查 kube-apiserver 的安装路径。如果命令返回路径,则说明二进制文件已正确安装。 2. 检查 Kubernetes 的服务单元文件是否存在。服务单元文件通常位于 `/etc/systemd/system/` 目录下,以 `.service` 结尾。确保存在名为 `kube-apiserver.service` 的服务单元文件。如果文件不存在,您可能需要重新安装 Kubernetes 或手动创建服务单元文件。 3. 如果服务单元文件存在,请确保文件的权限设置正确。运行以下命令来更正权限: ``` sudo chmod 644 /etc/systemd/system/kube-apiserver.service ``` 4. 如果服务单元文件存在但配置有误,您可以尝试重新配置该文件。打开 `/etc/systemd/system/kube-apiserver.service` 文件,并确保其中的配置正确无误。您可以参考 Kubernetes 官方文档或其他可靠来源获取正确的配置信息。 5. 在进行任何更改后,运行以下命令重新加载 systemd 配置并启动 kube-apiserver 服务: ``` sudo systemctl daemon-reload sudo systemctl start kube-apiserver.service ``` 如果问题仍然存在,请提供更多详细信息,以便我能够更好地帮助您解决问题。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值