我在Suse 12.01 Enterprise上并尝试使Minikube工作。 VM已经可以正常工作,并且minikube shell工具可以进行通信。
但是,kubectl仍然无法与kubernetes管理员交谈。我正在尝试调试它,并且获取附加信息的最好方法似乎是使用-v 9运行随机命令。这样做,我得到以下输出:
$ kubectl get pots -v 9
I0310 14:02:27.727767 29330 loader.go:354] Config loaded from file /home/D069407/.kube/config
I0310 14:02:27.728479 29330 round_trippers.go:299] curl -k -v -XGET -H "Accept: application/json, */*" -H "User-Agent: kubectl/v1.5.3 (linux/amd64) kubernetes/029c3a4" https://192.168.99.104:8443/api
I0310 14:03:42.704009 29330 round_trippers.go:318] GET https://192.168.99.104:8443/api in 74975 milliseconds
I0310 14:03:42.704037 29330 round_trippers.go:324] Response Headers:
I0310 14:03:42.704103 29330 helpers.go:221] Connection error: Get https://192.168.99.104:8443/api: Service Unavailable
F0310 14:03:42.704111 29330 helpers.go:116] Unable to connect to the server: Service Unavailable
信息不多,但我猜想
curl -k -vvvv ....将为我提供更多信息。但是,由于api服务器会执行客户端身份验证(对吗?),因此仅执行与日志中相同的 curl 会导致身份验证错误。所以那行不通。我现在如何继续调试?有没有一种 secret 的忍者方式来赋予curl auth参数而不将其添加到Shell调用中? kubectl实际上是在执行另一个请求,只是将curl打印到日志中以提供有关其调用内容的提示吗?
*编辑:与同事讨论时,我们都同意这一定是minikube vm内部问题。
minikube logs开始是这样的:-- Logs begin at Fri 2017-03-10 12:43:34 UTC, end at Fri 2017-03-10 14:44:11 UTC. --
Mar 10 12:45:45 minikube systemd[1]: Starting Localkube...
Mar 10 12:45:45 minikube localkube[3496]: I0310 12:45:45.977140 3496 start.go:77] Feature gates:%!(EXTRA string=)
Mar 10 12:45:45 minikube localkube[3496]: localkube host ip address: 10.0.2.15
Mar 10 12:45:45 minikube localkube[3496]: I0310 12:45:45.981395 3496 server.go:215] Using iptables Proxier.
Mar 10 12:45:45 minikube localkube[3496]: W0310 12:45:45.981764 3496 server.go:468] Failed to retrieve node info: Get http://127.0.0.1:8080/api/v1/nodes/minikube: dial tcp 127.0.0.1:8080:
getsockopt: connection refused
Mar 10 12:45:45 minikube localkube[3496]: W0310 12:45:45.981879 3496 proxier.go:249] invalid nodeIP, initialize kube-proxy with 127.0.0.1 as nodeIP
Mar 10 12:45:45 minikube localkube[3496]: W0310 12:45:45.981947 3496 proxier.go:254] clusterCIDR not specified, unable to distinguish between internal and external traffic
Mar 10 12:45:45 minikube localkube[3496]: I0310 12:45:45.982082 3496 server.go:227] Tearing down userspace rules.
Mar 10 12:45:45 minikube localkube[3496]: Starting etcd...
Mar 10 12:45:45 minikube localkube[3496]: E0310 12:45:45.991070 3496 reflector.go:188] pkg/proxy/config/api.go:30: Failed to list *api.Service: Get http://127.0.0.1:8080/api/v1/services?r
esourceVersion=0: dial tcp 127.0.0.1:8080: getsockopt: connection refused
Mar 10 12:45:45 minikube localkube[3496]: E0310 12:45:45.991108 3496 reflector.go:188] pkg/proxy/config/api.go:33: Failed to list *api.Endpoints: Get http://127.0.0.1:8080/api/v1/endpoint
s?resourceVersion=0: dial tcp 127.0.0.1:8080: getsockopt: connection refused
Mar 10 12:45:45 minikube localkube[3496]: name = kubeetcd
Mar 10 12:45:45 minikube localkube[3496]: data dir = /var/lib/localkube/etcd
Mar 10 12:45:45 minikube localkube[3496]: member dir = /var/lib/localkube/etcd/member
Mar 10 12:45:45 minikube localkube[3496]: heartbeat = 100ms
Mar 10 12:45:45 minikube localkube[3496]: election = 1000ms
Mar 10 12:45:45 minikube localkube[3496]: snapshot count = 10000
Mar 10 12:45:45 minikube localkube[3496]: advertise client URLs = http://0.0.0.0:2379
Mar 10 12:45:45 minikube localkube[3496]: initial advertise peer URLs = http://0.0.0.0:2380
Mar 10 12:45:45 minikube localkube[3496]: initial cluster = kubeetcd=http://0.0.0.0:2380
Mar 10 12:45:45 minikube localkube[3496]: starting member fcf2ad36debdd5bb in cluster 7f055ae3b0912328
Mar 10 12:45:45 minikube localkube[3496]: fcf2ad36debdd5bb became follower at term 0
Mar 10 12:45:45 minikube localkube[3496]: newRaft fcf2ad36debdd5bb [peers: [], term: 0, commit: 0, applied: 0, lastindex: 0, lastterm: 0]
Mar 10 12:45:45 minikube localkube[3496]: fcf2ad36debdd5bb became follower at term 1
Mar 10 12:45:46 minikube localkube[3496]: starting server... [version: 3.0.14, cluster version: to_be_decided]
Mar 10 12:45:46 minikube localkube[3496]: Starting apiserver...
Mar 10 12:45:46 minikube localkube[3496]: Starting controller-manager...
Mar 10 12:45:46 minikube localkube[3496]: Starting scheduler...
Mar 10 12:45:46 minikube localkube[3496]: Starting kubelet...
Mar 10 12:45:46 minikube localkube[3496]: added member fcf2ad36debdd5bb [http://0.0.0.0:2380] to cluster 7f055ae3b0912328
Mar 10 12:45:46 minikube localkube[3496]: Starting proxy...
Mar 10 12:45:46 minikube localkube[3496]: Starting storage-provisioner...
在
minikube ssh内部,服务api有效。检查curl 127.0.0.1:8080/api并收到不错的json。*编辑:根据反馈提供更多信息。
curl 在minikube vm内:
$ curl localhost:8080
{
"paths": [
"/api",
"/api/v1",
"/apis",
"/apis/apps",
"/apis/apps/v1beta1",
"/apis/authentication.k8s.io",
"/apis/authentication.k8s.io/v1beta1",
"/apis/authorization.k8s.io",
"/apis/authorization.k8s.io/v1beta1",
"/apis/autoscaling",
"/apis/autoscaling/v1",
"/apis/batch",
"/apis/batch/v1",
"/apis/batch/v2alpha1",
"/apis/certificates.k8s.io",
"/apis/certificates.k8s.io/v1alpha1",
"/apis/extensions",
"/apis/extensions/v1beta1",
"/apis/policy",
"/apis/policy/v1beta1",
"/apis/rbac.authorization.k8s.io",
"/apis/rbac.authorization.k8s.io/v1alpha1",
"/apis/storage.k8s.io",
"/apis/storage.k8s.io/v1beta1",
"/healthz",
"/healthz/poststarthook/bootstrap-controller",
"/healthz/poststarthook/extensions/third-party-resources",
"/healthz/poststarthook/rbac/bootstrap-roles",
"/logs",
"/metrics",
"/swaggerapi/",
"/ui/",
"/version"
]
}$ curl localhost:8080/api
{
"kind": "APIVersions",
"versions": [
"v1"
],
"serverAddressByClientCIDRs": [
{
"clientCIDR": "0.0.0.0/0",
"serverAddress": "10.0.2.15:8443"
}
]
}
kube config(虚拟机外部):
apiVersion: v1
clusters:
- cluster:
certificate-authority: /home/<user>/.minikube/ca.crt
server: https://192.168.99.104:8443
name: minikube
contexts:
- context:
cluster: minikube
user: minikube
name: minikube
current-context: minikube
kind: Config
preferences: {}
users:
- name: minikube
user:
client-certificate: /home/<user>/.minikube/apiserver.crt
client-key: /home/<user>/.minikube/apiserver.key
最佳答案
您说您尝试了curl 127.0.0.1:8080/api,但是关于它尝试通过https连接的日志。因此,您应该尝试curl https://127.0.0.1:8080/api。
我在源代码中搜索了Service Unavailable一词,并在for example中搜索了HTTP 503返回码的错误描述。
出于我的胆量,我假设您尝试curl https://127.0.0.1:8080/api时将获得HTTP 503。
编辑:由于您使用minikube,因此我们可以假定它运行正确。在这种情况下,很可能存在配置问题。您的日志显示kubectl尝试连接到localhost。 AFAIK,这是默认主机。当您启动minikube时,它不在主机上运行,而不是在虚拟机上运行。因此localhost看起来不对,您应该看一下kube配置。
关于curl - 如何调试失败的kubectl调用?,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/42719618/