search

flannel-io / flannel

flannel is a network fabric for containers, designed for Kubernetes
Apache License 2.0
8.6k stars 2.87k forks source link

I can't access the POD of other nodes at Master, why is this? #1983

Closed wanhua666 closed 4 weeks ago

wanhua666 commented 1 month ago

Node state

[root@master home]# kubectl get nodes
NAME     STATUS   ROLES                  AGE   VERSION
master   Ready    control-plane,master   74m   v1.23.6
node1    Ready    <none>                 73m   v1.23.6
node2    Ready    <none>                 72m   v1.23.6

My initial script

kubeadm init \
  --apiserver-advertise-address=192.168.163.137 \
  --image-repository registry.aliyuncs.com/google_containers \
  --kubernetes-version v1.23.6 \
  --service-cidr=10.96.0.0/12 \
  --pod-network-cidr=10.224.0.0/16

/run/flannel/subnet.env

[root@node1 home]# cat /run/flannel/subnet.env
FLANNEL_NETWORK=10.244.0.0/16
FLANNEL_SUBNET=10.224.0.1/24
FLANNEL_MTU=1450
FLANNEL_IPMASQ=true

But the Flannel network plug -in is not running status

[root@master home]# kubectl get po -A
NAMESPACE      NAME                             READY   STATUS             RESTARTS        AGE
dev            nginx-test                       1/1     Running            0               92s
kube-flannel   kube-flannel-ds-7pxql            0/1     CrashLoopBackOff   9 (80s ago)     44m
kube-flannel   kube-flannel-ds-bktcs            0/1     CrashLoopBackOff   12 (4m8s ago)   44m
kube-flannel   kube-flannel-ds-hdshj            0/1     CrashLoopBackOff   12 (5m7s ago)   44m

See the reason

[root@master home]# kubectl logs kube-flannel-ds-7pxql -n kube-flannel
I0529 06:47:42.416807       1 main.go:211] CLI flags config: {etcdEndpoints:http://127.0.0.1:4001,http://127.0.0.1:2379 etcdPrefix:/coreos.com/network etcdKeyfile: etcdCertfile: etcdCAFile: etcdUsername: etcdPassword: version:false kubeSubnetMgr:true kubeApiUrl: kubeAnnotationPrefix:flannel.alpha.coreos.com kubeConfigFile: iface:[] ifaceRegex:[] ipMasq:true ifaceCanReach: subnetFile:/run/flannel/subnet.env publicIP: publicIPv6: subnetLeaseRenewMargin:60 healthzIP:0.0.0.0 healthzPort:0 iptablesResyncSeconds:5 iptablesForwardRules:true netConfPath:/etc/kube-flannel/net-conf.json setNodeNetworkUnavailable:true}
W0529 06:47:42.416874       1 client_config.go:618] Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
I0529 06:47:42.424603       1 kube.go:139] Waiting 10m0s for node controller to sync
I0529 06:47:42.424744       1 kube.go:455] Starting kube subnet manager
I0529 06:47:42.426852       1 kube.go:476] Creating the node lease for IPv4. This is the n.Spec.PodCIDRs: [10.224.0.0/24]
I0529 06:47:42.426873       1 kube.go:476] Creating the node lease for IPv4. This is the n.Spec.PodCIDRs: [10.224.1.0/24]
I0529 06:47:42.426878       1 kube.go:476] Creating the node lease for IPv4. This is the n.Spec.PodCIDRs: [10.224.2.0/24]
I0529 06:47:43.424743       1 kube.go:146] Node controller sync successful
I0529 06:47:43.424763       1 main.go:231] Created subnet manager: Kubernetes Subnet Manager - master
I0529 06:47:43.424766       1 main.go:234] Installing signal handlers
I0529 06:47:43.424903       1 main.go:452] Found network config - Backend type: vxlan
I0529 06:47:43.427368       1 kube.go:655] List of node(master) annotations: map[string]string{"flannel.alpha.coreos.com/backend-data":"{\"VNI\":1,\"VtepMAC\":\"be:44:6a:7f:69:fc\"}", "flannel.alpha.coreos.com/backend-type":"vxlan", "flannel.alpha.coreos.com/kube-subnet-manager":"true", "flannel.alpha.coreos.com/public-ip":"192.168.163.137", "kubeadm.alpha.kubernetes.io/cri-socket":"/var/run/dockershim.sock", "node.alpha.kubernetes.io/ttl":"0", "volumes.kubernetes.io/controller-managed-attach-detach":"true"}
I0529 06:47:43.427407       1 match.go:74] Searching for interface using 192.168.163.137
I0529 06:47:43.427726       1 match.go:263] Using interface with name ens160 and address 192.168.163.137
I0529 06:47:43.427743       1 match.go:281] Using 192.168.163.137 as external address
I0529 06:47:43.427774       1 vxlan.go:141] VXLAN config: VNI=1 Port=0 GBP=false Learning=false DirectRouting=false
I0529 06:47:43.429229       1 kube.go:622] List of node(master) annotations: map[string]string{"flannel.alpha.coreos.com/backend-data":"{\"VNI\":1,\"VtepMAC\":\"be:44:6a:7f:69:fc\"}", "flannel.alpha.coreos.com/backend-type":"vxlan", "flannel.alpha.coreos.com/kube-subnet-manager":"true", "flannel.alpha.coreos.com/public-ip":"192.168.163.137", "kubeadm.alpha.kubernetes.io/cri-socket":"/var/run/dockershim.sock", "node.alpha.kubernetes.io/ttl":"0", "volumes.kubernetes.io/controller-managed-attach-detach":"true"}
I0529 06:47:43.429256       1 vxlan.go:155] Interface flannel.1 mac address set to: be:44:6a:7f:69:fc
E0529 06:47:43.429416       1 main.go:343] Error registering network: failed to acquire lease: subnet "10.244.0.0/16" specified in the flannel net config doesn't contain "10.224.0.0/24" PodCIDR of the "master" node
I0529 06:47:43.429463       1 main.go:432] Stopping shutdownHandler...

Can anyone tell me why this error occurs? I can't access the POD of other nodes at Master, why is this?

thomasferrandiz commented 1 month ago

The error message shows:

Error registering network: failed to acquire lease: subnet "10.244.0.0/16" specified in the flannel net config doesn't contain "10.224.0.0/24" PodCIDR of the "master" node

so it looks there is a typo somewhere in your configuration.

wanhua666 commented 1 month ago

错误消息显示:

注册网络时出错:无法获取租约:子网“10。法兰绒网络配置中指定的 244.0.0/16“ 不包含”10.“master”节点的 224.0.0/24“ PodCIDR

所以看起来你的配置中某处有一个错别字。

I didn't find

wanhua666 commented 4 weeks ago

Solved