Home > OS >  K8s V1.24.3 the kublete is crashdown,show The connection to the server master:6443 was refused - did
K8s V1.24.3 the kublete is crashdown,show The connection to the server master:6443 was refused - did

Time:09-05

enviroment:centos7.0 I want to build K8s cluster that have 3 nodes,one of them is the master;every pod'status is running,but there is a pod name test-claim is pending, the pvc is pending status: enter image description here

then I eidt the /etc/kubernetes/manifests/kube-apiserver.yaml ,added a row

    - --feature-gates=RemoveSelfLink=false

the problem is appear :

The connection to the server master:6443 was refused - did you specify the right host or port?

is there any problem I was missing?why the kubelet is crushdown? could somebody answer this question? thanks a lot previously.

this the content about kube-apiserver.yaml, could find some synatic error?

apiVersion: v1
kind: Pod
metadata:
  annotations:
    kubeadm.kubernetes.io/kube-apiserver.advertise-address.endpoint: 192.168.199.13:6443
  creationTimestamp: null
  labels:
    component: kube-apiserver
    tier: control-plane
  name: kube-apiserver
  namespace: kube-system
spec:
  containers:
  - command:
    - kube-apiserver
    - --advertise-address=192.168.199.13
    - --allow-privileged=true
    - --authorization-mode=Node,RBAC
    - --client-ca-file=/etc/kubernetes/pki/ca.crt
    - --enable-admission-plugins=NodeRestriction
    - --enable-bootstrap-token-auth=true
    - --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt
    - --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt
    - --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key
    - --etcd-servers=https://127.0.0.1:2379
    - --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt
    - --kubelet-client-key=/etc/kubernetes/pki/apiserver-kubelet-client.key
    - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
    - --proxy-client-cert-file=/etc/kubernetes/pki/front-proxy-client.crt
    - --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key
    - --requestheader-allowed-names=front-proxy-client
    - --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt
    - --requestheader-extra-headers-prefix=X-Remote-Extra-
    - --requestheader-group-headers=X-Remote-Group
    - --requestheader-username-headers=X-Remote-User
    - --secure-port=6443
    - --service-account-issuer=https://kubernetes.default.svc.cluster.local
    - --service-account-key-file=/etc/kubernetes/pki/sa.pub
    - --service-account-signing-key-file=/etc/kubernetes/pki/sa.key
    - --service-cluster-ip-range=10.1.0.0/16
    - --tls-cert-file=/etc/kubernetes/pki/apiserver.crt
    - --tls-private-key-file=/etc/kubernetes/pki/apiserver.key
    - --feature-gates=RemoveSelfLink=false
    image: registry.aliyuncs.com/google_containers/kube-apiserver:v1.24.3
    imagePullPolicy: IfNotPresent
    livenessProbe:
      failureThreshold: 8
      httpGet:
        host: 192.168.199.13
        path: /livez
        port: 6443
        scheme: HTTPS
      initialDelaySeconds: 10
      periodSeconds: 10
      timeoutSeconds: 15
    name: kube-apiserver
    readinessProbe:
      failureThreshold: 3
      httpGet:
        host: 192.168.199.13
        path: /readyz
        port: 6443
        scheme: HTTPS
      periodSeconds: 1
      timeoutSeconds: 15
    resources:
      requests:
        cpu: 250m
    startupProbe:
      failureThreshold: 24
      httpGet:
        host: 192.168.199.13
        path: /livez
        port: 6443
        scheme: HTTPS
      initialDelaySeconds: 10
      periodSeconds: 10
      timeoutSeconds: 15
    volumeMounts:
    - mountPath: /etc/ssl/certs
      name: ca-certs
      readOnly: true
    - mountPath: /etc/pki
      name: etc-pki
      readOnly: true
    - mountPath: /etc/kubernetes/pki
      name: k8s-certs
      readOnly: true
  hostNetwork: true
  priorityClassName: system-node-critical
  securityContext:
    seccompProfile:
      type: RuntimeDefault
  volumes:
  - hostPath:
      path: /etc/ssl/certs
      type: DirectoryOrCreate
    name: ca-certs
  - hostPath:
      path: /etc/pki
      type: DirectoryOrCreate
    name: etc-pki
  - hostPath:
      path: /etc/kubernetes/pki
      type: DirectoryOrCreate
    name: k8s-certs
status: {}

CodePudding user response:

I finally find the solution don't need to edit the /etc/kubernetes/manifests/kube-apiserver.yaml file to add this row:- --feature-gates=RemoveSelfLink=false;this is not help for me. the solution is :

1、docker pull vbouchaud/nfs-client-provisioner

Status: Downloaded newer image for vbouchaud/nfs-client-provisioner:latest docker.io/vbouchaud/nfs-client-provisioner:latest

2、editing your deployment.yaml file vi deployment.yaml

change the images from quay.io/external_storage/nfs-client-provisioner:latest to docker.io/vbouchaud/nfs-client-provisioner:latest enter image description here 3、 kubectl apply -f deployment.yaml

finally the pvc'state would change from pending to bounding like this : enter image description here

CodePudding user response:

There are 2 issues:

  1. Your Pod & PVC is in pending state because you haven't created a relevant PV. Your StorageProvisioner for some reason isn't creating the PersistentVolume automatically so you need to create it manually.

  2. Kube API server isn't working due to which the kubectl is facing connection refused error after adding the--feature-gates=RemoveSelfLink=false. Maybe, there's some syntatic error in the modified manifest. Can share the contents of your kube-apiserver.yaml file?

  • Related