cookeem / kubeadm-ha

通过kubeadm安装kubernetes高可用集群,使用docker/containerd容器运行时,适用v1.24.x以上版本
MIT License
678 stars 275 forks source link

dashboard无法连接 #39

Closed dotbalo closed 6 years ago

dotbalo commented 6 years ago

您好,我已经安装完所有组件如下: [root@k8s-master01 ~]# kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE calico-node-kwz9t 2/2 Running 0 3h calico-node-rj8p8 2/2 Running 0 3h calico-node-xfsg5 2/2 Running 0 3h coredns-777d78ff6f-4rcsb 1/1 Running 0 4h coredns-777d78ff6f-7xqzx 1/1 Running 0 4h etcd-k8s-master01 1/1 Running 0 4h etcd-k8s-master02 1/1 Running 0 4h etcd-k8s-master03 1/1 Running 9 3h heapster-5874d498f5-q2gzx 1/1 Running 0 13m kube-apiserver-k8s-master01 1/1 Running 0 3h kube-apiserver-k8s-master02 1/1 Running 0 3h kube-apiserver-k8s-master03 1/1 Running 1 3h kube-controller-manager-k8s-master01 1/1 Running 0 3h kube-controller-manager-k8s-master02 1/1 Running 1 3h kube-controller-manager-k8s-master03 1/1 Running 0 3h kube-proxy-4cjhm 1/1 Running 0 4h kube-proxy-lkvjk 1/1 Running 2 4h kube-proxy-m7htq 1/1 Running 0 4h kube-scheduler-k8s-master01 1/1 Running 2 4h kube-scheduler-k8s-master02 1/1 Running 0 4h kube-scheduler-k8s-master03 1/1 Running 2 3h kubernetes-dashboard-7954d796d8-2k4hx 1/1 Running 0 7m metrics-server-55fcc5b88-r8v5j 1/1 Running 0 13m monitoring-grafana-9b6b75b49-4zm6d 1/1 Running 0 45m monitoring-influxdb-655cd78874-lmz5l 1/1 Running 0 45m

节点信息如下: [root@k8s-master01 ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-master01 Ready master 4h v1.11.1 k8s-master02 Ready master 4h v1.11.1 k8s-master03 Ready master 4h v1.11.1 通过curl访问dashboard的接口30000如下: [root@k8s-master01 ~]# curl -k https://k8s-master-lb:30000 <!doctype html> <!--[if lt IE 10]>

You are using an outdated browser. Please upgrade your browser to improve your experience.

<![endif]--> <kd-login layout="column" layout-fill ng-if="$ctrl.isLoginState()"> </kd-login> <kd-chrome layout="column" layout-fill ng-if="!$ctrl.isLoginState()"> </kd-chrome> <script src="static/vendor.bd425c26.js"></script> <script src="api/appConfig.json"></script> <script src="static/app.b5ad51ac.js"></script> </body> </html>

但是浏览器无法连接这个页面,请问您知道什么原因吗? image

dashboard的pod日志如下: [root@k8s-master01 ~]# kubectl logs kubernetes-dashboard-7954d796d8-2k4hx -n kube-system 2018/10/31 10:19:21 Starting overwatch 2018/10/31 10:19:21 Using in-cluster config to connect to apiserver 2018/10/31 10:19:21 Using service account token for csrf signing 2018/10/31 10:19:21 No request provided. Skipping authorization 2018/10/31 10:19:21 Successful initial request to the apiserver, version: v1.11.1 2018/10/31 10:19:21 Generating JWE encryption key 2018/10/31 10:19:21 New synchronizer has been registered: kubernetes-dashboard-key-holder-kube-system. Starting 2018/10/31 10:19:21 Starting secret synchronizer for kubernetes-dashboard-key-holder in namespace kube-system 2018/10/31 10:19:22 Initializing JWE encryption key from synchronized object 2018/10/31 10:19:22 Creating in-cluster Heapster client 2018/10/31 10:19:22 Auto-generating certificates 2018/10/31 10:19:22 Successfully created certificates 2018/10/31 10:19:22 Serving securely on HTTPS port: 8443 2018/10/31 10:19:22 Successful request to heapster 2018/10/31 10:23:50 http: TLS handshake error from 172.168.0.1:55803: tls: first record does not look like a TLS handshake 2018/10/31 10:25:04 http: TLS handshake error from 172.168.0.1:55814: tls: first record does not look like a TLS handshake 2018/10/31 10:28:34 http: TLS handshake error from 172.168.0.1:55888: tls: first record does not look like a TLS handshake

dotbalo commented 6 years ago

谷歌浏览器报错如下: image

cookeem commented 6 years ago

在chrome.exe后边增加参数 --test-type --ignore-certificate-errors 试一试? 你在自己电脑上curl dashboard地址可以访问不?

dotbalo commented 6 years ago

我使用火狐浏览器,添加安全例外才能访问,请问您的其他浏览器可以访问吗? image

或者有没有什么方式可以解决这个问题?

cookeem commented 6 years ago

我的是mac,chrome没有这个问题。firefox也可以安装证书的