【发布时间】:2021-06-20 00:16:56
【问题描述】:
我是 kubernetes 的新手,在研究了很长时间之后,似乎我的资源已经用完了,所以如果有人可以帮助我,我会非常高兴。
我目前拥有的
- 我通过 SSH 连接到的一个节点,裸机 kubernetes 设置(请注意,我不是在云中运行 k8s)
-
kubectl version在客户端和服务器端产生1.20 - NGINX 入口控制器
- 使用 kubeadm 设置集群
- 以下 Pod、服务和一个入口资源(仪表板):
豆荚:
| NAMESPACE | NAME | READY | STATUS | RESTARTS | AGE |
|---|---|---|---|---|---|
| ingress-nginx | ingress-nginx-admission-create-4ml4p | 0/1 | Completed | 0 | 23m |
| ingress-nginx | ingress-nginx-admission-patch-jj9c6 | 0/1 | Completed | 1 | 23m |
| ingress-nginx | ingress-nginx-controller-67897c9494-kxwgv | 1/1 | Running | 0 | 23m |
| kube-system | coredns-74ff55c5b-2xbvq | 1/1 | Running | 0 | 23m |
| kube-system | coredns-74ff55c5b-sc667 | 1/1 | Running | 0 | 23m |
| kube-system | etcd-k8s.mydomain.de | 1/1 | Running | 0 | 23m |
| kube-system | kube-apiserver-k8s.mydomain.de | 1/1 | Running | 0 | 23m |
| kube-system | kube-controller-manager-k8s.mydomain.de | 1/1 | Running | 0 | 23m |
| kube-system | kube-flannel-ds-fhzzp | 1/1 | Running | 0 | 23m |
| kube-system | kube-proxy-lq7tt | 1/1 | Running | 0 | 23m |
| kube-system | kube-scheduler-k8s.mydomain.de | 1/1 | Running | 0 | 23m |
| kubernetes-dashboard | dashboard-metrics-scraper-7b59f7d4df-v6qsn | 1/1 | Running | 0 | 23m |
| kubernetes-dashboard | kubernetes-dashboard-74d688b6bc-5x4nd | 1/1 | Running | 0 | 23m |
服务:
| NAMESPACE | NAME | TYPE | CLUSTER-IP | EXTERNAL-IP | PORT(S) | AGE |
|---|---|---|---|---|---|---|
| default | kubernetes | ClusterIP | 10.96.0.1 | none | 443/TCP | 33d |
| ingress-nginx | ingress-nginx-controller | NodePort | 10.98.67.34 | none | 80:32346/TCP, 443:30710/TCP | 33d |
| ingress-nginx | ingress-nginx-controller-admission | ClusterIP | 10.110.196.58 | none | 443/TCP | 33d |
| kube-system | kube-dns | ClusterIP | 10.96.0.10 | none | 53/UDP,53/TCP, 9153/TCP | 33d |
| kubernetes-dashboard | dashboard-metrics-scraper | ClusterIP | 10.109.128.22 | none | 8000/TCP | 33d |
| kubernetes-dashboard | kubernetes-dashboard | ClusterIP | 10.98.158.159 | none | 443/TCP | 33d |
入口资源(仪表板):
| NAMESPACE | NAME | CLASS | HOSTS | ADDRESS | PORTS | AGE |
|---|---|---|---|---|---|---|
| kubernetes-dashboard | dashboard-ingress | dashboard.k8s.mydomain.de | 10.10.1.164 | 80 | 52m |
当我尝试使用 https://dashboard.k8s.mydomain.de 访问 kubernetes 仪表板时,没有任何反应。当我尝试使用https://dashboard.k8s.mydomain.de:30710(这是 nginx 入口控制器的 HTTPS TCP 端口)访问它时,它就可以工作了。它是一个不安全的连接,浏览器会警告我,但它可以工作。但显然这不是我们想要的行为。
我想要什么
我想以某种方式部署 kubernetes 仪表板,以便https://dashboard.k8s.mydomain.de 可以通过 HTTPS 访问 kubernetes 仪表板。我不知道为什么现在不是这样。
这些是我用于部署和东西的配置.yaml 文件:
-
NGINX 入口控制器:https://github.com/kubernetes/ingress-nginx/blob/master/deploy/static/provider/baremetal/deploy.yaml
-
Kubernetes 仪表板:https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
-
仪表板入口资源:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: dashboard-ingress
namespace: kubernetes-dashboard
annotations:
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
spec:
rules:
- host: dashboard.k8s.mydomain.de
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 443
nginx入口控制器的日志告诉我它注册了入口资源,所以我很困惑:
NGINX Ingress controller
Release: v0.44.0
Build: f802554ccfadf828f7eb6d3f9a9333686706d613
Repository: https://github.com/kubernetes/ingress-nginx
nginx version: nginx/1.19.6
I0323 09:42:57.665847 6 flags.go:208] "Watching for Ingress" class="nginx"
W0323 09:42:57.665953 6 flags.go:213] Ingresses with an empty class will also be processed by this Ingress controller
-------------------------------------------------------------------------------
W0323 09:42:57.667132 6 client_config.go:614] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
I0323 09:42:57.667958 6 main.go:241] "Creating API client" host="https://10.96.0.1:443"
I0323 09:42:57.682847 6 main.go:285] "Running in Kubernetes cluster" major="1" minor="20" git="v1.20.3" state="clean" commit="01849e73f3c86211f05533c2e807736e776fcf29" platform="linux/amd64"
I0323 09:42:57.997597 6 main.go:105] "SSL fake certificate created" file="/etc/ingress-controller/ssl/default-fake-certificate.pem"
I0323 09:42:58.003204 6 main.go:115] "Enabling new Ingress features available since Kubernetes v1.18"
W0323 09:42:58.008105 6 main.go:127] No IngressClass resource with name nginx found. Only annotation will be used.
I0323 09:42:58.033445 6 ssl.go:532] "loading tls certificate" path="/usr/local/certificates/cert" key="/usr/local/certificates/key"
I0323 09:42:58.070414 6 nginx.go:254] "Starting NGINX Ingress controller"
I0323 09:42:58.077773 6 event.go:282] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"ingress-nginx", Name:"ingress-nginx-controller", UID:"a76c1e40-f5aa-4353-aeea-35bccbbb57a7", APIVersion:"v1", ResourceVersion:"3497961", FieldPath:""}): type: 'Normal' reason: 'CREATE' ConfigMap ingress-nginx/ingress-nginx-controller
I0323 09:42:59.183747 6 event.go:282] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"kubernetes-dashboard", Name:"dashboard-ingress", UID:"6f02c931-bfad-44a1-a219-4e2b2970365e", APIVersion:"networking.k8s.io/v1beta1", ResourceVersion:"3497191", FieldPath:""}): type: 'Normal' reason: 'Sync' Scheduled for sync
I0323 09:42:59.271684 6 nginx.go:296] "Starting NGINX process"
I0323 09:42:59.271826 6 leaderelection.go:243] attempting to acquire leader lease ingress-nginx/ingress-controller-leader-nginx...
I0323 09:42:59.272447 6 nginx.go:316] "Starting validation webhook" address=":8443" certPath="/usr/local/certificates/cert" keyPath="/usr/local/certificates/key"
I0323 09:42:59.272851 6 controller.go:146] "Configuration changes detected, backend reload required"
I0323 09:42:59.288414 6 leaderelection.go:253] successfully acquired lease ingress-nginx/ingress-controller-leader-nginx
I0323 09:42:59.288501 6 status.go:84] "New leader elected" identity="ingress-nginx-controller-67897c9494-kxwgv"
I0323 09:42:59.302119 6 status.go:201] "POD is not ready" pod="ingress-nginx/ingress-nginx-controller-67897c9494-kxwgv" node="k8s.mydomain.de"
I0323 09:42:59.307191 6 status.go:281] "updating Ingress status" namespace="kubernetes-dashboard" ingress="dashboard-ingress" currentValue=[{IP:10.10.1.164 Hostname: Ports:[]}] newValue=[]
I0323 09:42:59.315053 6 event.go:282] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"kubernetes-dashboard", Name:"dashboard-ingress", UID:"6f02c931-bfad-44a1-a219-4e2b2970365e", APIVersion:"networking.k8s.io/v1beta1", ResourceVersion:"3498054", FieldPath:""}): type: 'Normal' reason: 'Sync' Scheduled for sync
I0323 09:42:59.381846 6 controller.go:163] "Backend successfully reloaded"
I0323 09:42:59.382014 6 controller.go:174] "Initial sync, sleeping for 1 second"
I0323 09:42:59.382266 6 event.go:282] Event(v1.ObjectReference{Kind:"Pod", Namespace:"ingress-nginx", Name:"ingress-nginx-controller-67897c9494-kxwgv", UID:"2ba6f14e-36a8-401b-a1d8-00921cbe9604", APIVersion:"v1", ResourceVersion:"3497997", FieldPath:""}): type: 'Normal' reason: 'RELOAD' NGINX reload triggered due to a change in configuration
I0323 09:43:59.323910 6 status.go:281] "updating Ingress status" namespace="kubernetes-dashboard" ingress="dashboard-ingress" currentValue=[] newValue=[{IP:10.10.1.164 Hostname: Ports:[]}]
I0323 09:43:59.333091 6 event.go:282] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"kubernetes-dashboard", Name:"dashboard-ingress", UID:"6f02c931-bfad-44a1-a219-4e2b2970365e", APIVersion:"networking.k8s.io/v1beta1", ResourceVersion:"3498144", FieldPath:""}): type: 'Normal' reason: 'Sync' Scheduled for sync
当我使用 microk8s 而不是 kubeadm 设置集群时,它可以工作。 请说明我必须做什么才能完成这项工作。
提前致谢
【问题讨论】:
标签: kubernetes kubectl nginx-ingress kubernetes-dashboard