在查看K8s系统组件时,发现schedulercontroller-manager组件状态存在异常,链接必要端口失败。

[root@cloud-master ~]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME                 STATUS      MESSAGE                                                                                       ERROR
scheduler            Unhealthy   Get "http://127.0.0.1:10251/healthz": dial tcp 127.0.0.1:10251: connect: connection refused   
controller-manager   Unhealthy   Get "http://127.0.0.1:10252/healthz": dial tcp 127.0.0.1:10252: connect: connection refused   
etcd-0               Healthy     {"health":"true"}
[root@cloud-master ~]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.15", GitCommit:"8f1e5bf0b9729a899b8df86249b56e2c74aebc55", GitTreeState:"clean", BuildDate:"2022-01-19T17:26:37Z", GoVersion:"go1.15.15", Compiler:"gc", Platform:"linux/amd64"}
[root@cloud-master ~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.15", GitCommit:"8f1e5bf0b9729a899b8df86249b56e2c74aebc55", GitTreeState:"clean", BuildDate:"2022-01-19T17:27:39Z", GoVersion:"go1.15.15", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.0", GitCommit:"af46c47ce925f4c4ad5cc8d1fca46c7b77d13b38", GitTreeState:"clean", BuildDate:"2020-12-08T17:51:19Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"}

解决办法

在kubeadm中,集群健康检查监听scheduler默认10251及controller-manager默认10252的不安全端口。为了安全起见,该报错可以忽略。

开启监听

如需开启10251及10252端口的监听,则需进入/etc/kubernetes/manifests/目录编辑kube-scheduler.yamlkube-controller-manager.yaml文件。

- --port=0前添加注释即可。
[root@cloud-master manifests]# vi kube-scheduler.yaml 
      1 apiVersion: v1
      2 kind: Pod
      3 metadata:
      4   creationTimestamp: null
      5   labels:
      6     component: kube-scheduler
      7     tier: control-plane
      8   name: kube-scheduler
      9   namespace: kube-system
     10 spec:
     11   containers:
     12   - command:
     13     - kube-scheduler
     14     - --authentication-kubeconfig=/etc/kubernetes/scheduler.conf
     15     - --authorization-kubeconfig=/etc/kubernetes/scheduler.conf
     16     - --bind-address=127.0.0.1
     17     - --kubeconfig=/etc/kubernetes/scheduler.conf
     18     - --leader-elect=true
     19 #    - --port=0

[root@cloud-master manifests]# vi kube-controller-manager.yaml
      1 apiVersion: v1
      2 kind: Pod
      3 metadata:
      4   creationTimestamp: null
      5   labels:
      6     component: kube-controller-manager
      7     tier: control-plane
      8   name: kube-controller-manager
      9   namespace: kube-system
     10 spec:
     11   containers:
     12   - command:
     13     - kube-controller-manager
     14     - --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf
     15     - --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf
     16     - --bind-address=127.0.0.1
     17     - --client-ca-file=/etc/kubernetes/pki/ca.crt
     18     - --cluster-name=kubernetes
     19     - --cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt
     20     - --cluster-signing-key-file=/etc/kubernetes/pki/ca.key
     21     - --controllers=*,bootstrapsigner,tokencleaner
     22     - --kubeconfig=/etc/kubernetes/controller-manager.conf
     23     - --leader-elect=true
     24 #    - --port=0

编辑完成后等待一段时间即可。

[root@cloud-master manifests]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME                 STATUS    MESSAGE             ERROR
controller-manager   Healthy   ok                  
scheduler            Healthy   ok                  
etcd-0               Healthy   {"health":"true"}
END

本文标题:K8s集群健康检查出现connect: connection refused

本文作者:宇宙最帅的男人

本文链接:https://lolicp.com/kubernetes/202330541.html

版权声明:转载或者引用本文内容请注明来源及原作者,本文著作权归作者 (宇宙最帅的男人) 所有。

除非另有说明,本作品采用知识共享署名-非商业性使用-相同方式共享 4.0 国际许可协议

最后修改:2023 年 03 月 30 日
© 允许规范转载
如果觉得我的文章对你有用,请随意赞赏