The HTTP call equal to ‘curl -sSL http://localhost:10248/healthz‘ failed with error: Get “http://loc
2024-04-30 05:26:43
一、报错
The HTTP call equal to ‘curl -sSL http://localhost:10248/healthz’ failed with error: Get “http://localhost:10248/healthz”: dial tcp [::1]:10248: connect: connection refused.
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests" [wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s [kubelet-check] Initial timeout of 40s passed. [kubelet-check] It seems like the kubelet isn't running or healthy. [kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp [::1]:10248: connect: connection refused. [kubelet-check] It seems like the kubelet isn't running or healthy. [kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp [::1]:10248: connect: connection refused.
解决:
思路一: 以为是 kubelet 没有起来 所以才报的错
这个要查一下kubelet 的状态 看看他起来了没有。后面查了一下 说是k8s 初始化之后这个就会自己启动,所以发现不是这个错
root@master1:~# systemctl status kubelet -l
● kubelet.service - kubelet: The Kubernetes Node AgentLoaded: loaded (/lib/systemd/system/kubelet.service; enabled; vendor preset: enabled)Drop-In: /etc/systemd/system/kubelet.service.d└─10-kubeadm.confActive: activating (auto-restart) (Result: exit-code) since Sat 2022-02-12 22:39:31 CST; 1s agoDocs: https://kubernetes.io/docs/home/Process: 70908 ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS (code=exited, status=255)Main PID: 70908 (code=exited, status=255)root@master1:~# systemctl start kubelet.service
root@master1:~# systemctl status kubelet
● kubelet.service - kubelet: The Kubernetes Node AgentLoaded: loaded (/lib/systemd/system/kubelet.service; enabled; vendor preset: enabled)Drop-In: /etc/systemd/system/kubelet.service.d└─10-kubeadm.confActive: activating (auto-restart) (Result: exit-code) since Sat 2022-02-12 22:40:02 CST; 2s agoDocs: https://kubernetes.io/docs/home/Process: 71017 ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS (code=exited, status=255)Main PID: 71017 (code=exited, status=255)
思路二:怀疑是内核参数的问题
1.修改内核参数
root@master1:~# echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.confroot@master1:~# echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf
root@master1:~# echo 'net.bridge.bridge-nf-call-ip6tables = 0 ' >> /etc/sysctl.conf
root@master1:~# echo 'net.bridge.bridge-nf-call-iptables = 1 ' >> /etc/sysctl.conf
root@master1:~# echo 'net.bridge.bridge-nf-call-arptables = 0' >> /etc/sysctl.confroot@master1:~# sysctl -p
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 0
2.然后再次执行k8s 的初始化语句
## 重置后执行
root@master1:~# kubeadm resetroot@master1:~# kubeadm init --apiserver-advertise-address=10.0.0.161 --control-plane-endpoint=10.0.0.10 --apiserver-bind-port=6443 --kubernetes-version=v1.20.5 --pod-network-cidr=10.100.0.0/16 --service-cidr=10.200.0.0/16 --service-dns-domain=xlj.local --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --ignore-preflight-errors=swap3.发现还是报错
The HTTP call equal to ‘curl -sSL http://localhost:10248/healthz’ failed with error: Get “http://localhost:10248/healthz”: dial tcp [::1]:10248: connect: connection refused.
思路三:怀疑是交换分区开着导致 k8s 不能进行初始化
1.关闭交换分区
#查看现有的交换分区
root@master1:~# swapon -s
Filename Type Size Used Priority
/dev/sda2 partition 3906556 1036 -2#关闭所有的交换分区
root@master1:~# swapoff -a#再次查看 已经没有打开的交换分区了
root@master1:~# swapon -s2. reset k8s 然后再次初始化
root@master1:~# kubeadm resetroot@master1:~# kubeadm init --apiserver-advertise-address=10.0.0.161 --control-plane-endpoint=10.0.0.10 --apiserver-bind-port=6443 --kubernetes-version=v1.20.5 --pod-network-cidr=10.100.0.0/16 --service-cidr=10.200.0.0/16 --service-dns-domain=xlj.local --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --ignore-preflight-errors=swap3.发现竟然成功,所以说错在这了
root@master1:~# kubeadm init --apiserver-advertise-address=10.0.0.161 --control-plane-endpoint=10.0.0.10 --apiserver-bind-port=6443 --kubernetes-version=v1.20.5 --pod-network-cidr=10.100.0.0/16 --service-cidr=10.200.0.0/16 --service-dns-domain=xlj.local --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --ignore-preflight-errors=swap
[init] Using Kubernetes version: v1.20.5
[preflight] Running pre-flight checks[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.xlj.local master1] and IPs [10.200.0.1 10.0.0.162 10.0.0.10]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [localhost master1] and IPs [10.0.0.162 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [localhost master1] and IPs [10.0.0.162 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Starting the kubelet
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[kubelet-check] Initial timeout of 40s passed.
[apiclient] All control plane components are healthy after 68.028900 seconds
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.20" in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Skipping phase. Please see --upload-certs
[mark-control-plane] Marking the node master1 as control-plane by adding the labels "node-role.kubernetes.io/master=''" and "node-role.kubernetes.io/control-plane='' (deprecated)"
[mark-control-plane] Marking the node master1 as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: nycc6x.8nrcjiy7ln48rw9o
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to get nodes
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxyYour Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/configAlternatively, if you are the root user, you can run:export KUBECONFIG=/etc/kubernetes/admin.confYou should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:https://kubernetes.io/docs/concepts/cluster-administration/addons/You can now join any number of control-plane nodes by copying certificate authorities
and service account keys on each node and then running the following as root:kubeadm join 10.0.0.10:6443 --token nycc6x.8nrcjiy7ln48rw9o \--discovery-token-ca-cert-hash sha256:28f1a240a438668557fe17f24890e9d7f692ed0c49a28f3b125e43c3fbf5e1f5 \--control-plane Then you can join any number of worker nodes by running the following on each as root:kubeadm join 10.0.0.10:6443 --token nycc6x.8nrcjiy7ln48rw9o \--discovery-token-ca-cert-hash sha256:28f1a240a438668557fe17f24890e9d7f692ed0c49a28f3b125e43c3fbf5e1f5
不知道还会错在哪里,目前就知道这个
The HTTP call equal to ‘curl -sSL http://localhost:10248/healthz‘ failed with error: Get “http://loc相关推荐
- 【问题解决】[kubelet-check] The HTTP call equal to ‘curl -sSL http://localhost:10248/healthz‘ failed wite
故障 报错:[kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with ...
- kubernetes:[kubelet-check] The HTTP call equal to ‘curl -sSL http://localhost:10248/healthz‘ failed
[kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: ...
- yaourt下载安装dropbox提示curl ssl证书错误
错误描述: $yaourt -S dropbox y curl: (60) SSL certificate problem: unable to get local issuer certif ...
- curl -sSL https://bit.ly/2ysbOFE | bash -s无法执行问题解决
我们在无科学上网学习Fabric的时候都会遇到执行 curl -sSL https://bit.ly/2ysbOFE | bash -s 执行不了的问题.比如如下报错: root@ubuntu:/ho ...
- 解决 QT 发送 HTTP 请求时遇到 qt.network.ssl: QSslSocket::connectToHostEncrypted: TLS initialization failed 问题
解决 QT 发送 HTTP 请求时遇到 qt.network.ssl: QSslSocket::connectToHostEncrypted: TLS initilization failed 问题 ...
- Centos curl ssl 替换 NSS 为 OpenSSL
参考:https://www.latoooo.com/xia_zhe_teng/368.htm 我的系统版本是 Centos 7 64位. 为了方便,先安装常用的开发环境. yum groupinst ...
- 【linux】报错整理curl SSL peer certificate or SSH remote key was not OK
前言 今天在使用 curl 命令下载文件时,遇到报错,这里整理并记录一下. 报错内容 SSL peer certificate or SSH remote key was not OK 报错原因 (S ...
- CURL SSL received a weak ephemeral Diffie-Hellman key
curl https://xxxx:8443/-i -k curl:(35) SSL received a weak ephemeral Diffie-Hellman key in Server Ke ...
- windows curl ssl版本编译
编译curl-ssl版本碰到很多坑,这里记录一下.亲手测试,注意版本号!!!!! 1.下载 curl-7.43.0 libssh2-1.3.0 openssl-1.0.0s ActivePe ...
最新文章
- 隐藏在管理员登录页面的危险
- WPF里ItemsControl的分组实现
- NumPy学习笔记(一)
- python中调用C++写的动态库
- 前端学习(1046):todolist删除数据1
- 算法(24)-股票买卖
- php elements,wd elements se和wd elements的区别是什么
- 【codevs1282】约瑟夫问题,卡数据ing?
- docker 启动 停止容器
- SpringBoot项目的测试类
- FlightGear编译
- 时差怎么理解_懂的人自然懂,不懂的人再多解释也有时差,故事只能说给懂的人听...
- 从找不到iTv\iTvApp.exe,到Duilib加载资源文件失败的通用解法
- 云计算的定义和特点是什么?
- 只会写代码,不如去种田
- 单片机定时器实现的数字时钟
- ORACLE——一条SQL计算同比、环比
- 按键式计算器——人机交互的变革
- java去除水印_易剪辑,分享一款免费的去除水印的工具
- 密码加密之bcrypt