search

kubesphere / kubekey

Install Kubernetes/K3s only, both Kubernetes/K3s and KubeSphere, and related cloud-native add-ons, it supports all-in-one, multi-node, and HA 🔥 ⎈ 🐳
https://kubesphere.io
Apache License 2.0
2.18k stars 518 forks source link

通过harbor非80、443端口离线部署,/etc/hosts域名含端口与镜像拉取需要的端口冲突导致部署失败 #2251

Open cai182081 opened 1 month ago

cai182081 commented 1 month ago

What is version of KubeKey has the issue?

kk version: &version.Info{Major:"3", Minor:"1", GitVersion:"v3.1.1", GitCommit:"7a184f786b02bec20d5534af137896f50e510396", GitTreeState:"clean", BuildDate:"2024-04-16T04:28:43Z", GoVersion:"go1.19.2", Compiler:"gc", Platform:"linux/amd64"}

What is your os environment?

cemtos 7

KubeKey config file

apiVersion: kubekey.kubesphere.io/v1alpha2
kind: Cluster
metadata:
  name: sample
spec:
  hosts:

  roleGroups:
    etcd:
    - k8s-master01
    - k8s-worker01
    - k8s-worker02
    control-plane:
    - k8s-master01
    worker:
    - k8s-worker01
    registry:
    - k8s-worker02
  controlPlaneEndpoint:
    internalLoadbalancer: haproxy

    domain: lb.k8svip.top
    address: "" # The VIP address
    port: 6443
  kubernetes:
    version: v1.29.3
    clusterName: k8svip.top
    autoRenewCerts: true
    cgroupDriver: systemd
    containerManager: containerd
    maxPods: 110
    nodeCidrMaskSize: 24
    proxyMode: ipvs
  etcd:
    type: kubekey
    dataDir: /var/lib/etcd
  network:
    plugin: calico
    kubePodsCIDR: 10.233.64.0/18
    kubeServiceCIDR: 10.233.0.0/18
    multusCNI:
      enabled: false
  registry:
    type: "harbor"
    auths:
      "dockerhub.kubekey.local:8080":
        username: admin
        password: Harbor12345
        skipTLSVerify: true
        plainHTTP: true
    privateRegistry: "dockerhub.kubekey.local:8080"
    namespaceOverride: "kubesphereio"
    registryMirrors: []
    insecureRegistries: [""]
  addons: []

A clear and concise description of what happend.

执行 kk create cluster -f kubesphere-v341-v1293.yaml -a ksp-v3.4.1-artifact.tar.gz --with-packages 部署报错

Relevant log output

10:11:12 CST success: [k8s-master01]
10:11:12 CST [CopyImagesToRegistryModule] Copy images to a private registry from an artifact OCI Path
10:11:12 CST Source: oci:/dba/kubekey/images:kubesphereio:kube-apiserver:v1.29.3-amd64
10:11:12 CST Destination: docker://dockerhub.kubekey.local:8080/kubesphereio/kube-apiserver:v1.29.3-amd64
Getting image source signatures
trying to reuse blob sha256:f7e25e1a5a48b7ae00300fd053b9f3be780149466100c87e4b853d2c3285f0ad at destination: pinging container registry dockerhub.kubekey.local:8080: Get "http://dockerhub.kubekey.local:8080/v2/": dial tcp: lookup dockerhub.kubekey.local on 114.114.114.114:53: no such host
Getting image source signatures
trying to reuse blob sha256:f7e25e1a5a48b7ae00300fd053b9f3be780149466100c87e4b853d2c3285f0ad at destination: pinging container registry dockerhub.kubekey.local:8080: Get "http://dockerhub.kubekey.local:8080/v2/": dial tcp: lookup dockerhub.kubekey.local on 114.114.114.114:53: no such host
Getting image source signatures
trying to reuse blob sha256:f7e25e1a5a48b7ae00300fd053b9f3be780149466100c87e4b853d2c3285f0ad at destination: pinging container registry dockerhub.kubekey.local:8080: Get "http://dockerhub.kubekey.local:8080/v2/": dial tcp: lookup dockerhub.kubekey.local on 114.114.114.114:53: no such host
Getting image source signatures
trying to reuse blob sha256:f7e25e1a5a48b7ae00300fd053b9f3be780149466100c87e4b853d2c3285f0ad at destination: pinging container registry dockerhub.kubekey.local:8080: Get "http://dockerhub.kubekey.local:8080/v2/": dial tcp: lookup dockerhub.kubekey.local on 114.114.114.114:53: no such host
Getting image source signatures
trying to reuse blob sha256:f7e25e1a5a48b7ae00300fd053b9f3be780149466100c87e4b853d2c3285f0ad at destination: pinging container registry dockerhub.kubekey.local:8080: Get "http://dockerhub.kubekey.local:8080/v2/": dial tcp: lookup dockerhub.kubekey.local on 114.114.114.114:53: no such host
10:11:13 CST success: [LocalHost]
10:11:13 CST [CopyImagesToRegistryModule] Push multi-arch manifest to private registry
10:11:13 CST message: [LocalHost]
get manifest list failed by module cache
10:11:13 CST failed: [LocalHost]
error: Pipeline[CreateClusterPipeline] execute failed: Module[CopyImagesToRegistryModule] exec failed: 
failed: [LocalHost] [PushManifest] exec failed after 1 retries: get manifest list failed by module cache

Additional information

这是/etc/hosts文件

kubekey hosts BEGIN

192.168.4.4 k8s-master01.k8svip.top k8s-master01 192.168.4.5 k8s-worker01.k8svip.top k8s-worker01 192.168.4.6 k8s-worker02.k8svip.top k8s-worker02 192.168.4.6 dockerhub.kubekey.local:8080 192.168.4.4 lb.k8svip.top

kubekey hosts END

如果 /etc/hosts 为 192.168.4.6 dockerhub.kubekey.local 通过crictl pull dockerhub.kubekey.local:8080/kubesphereio/kube-apiserver:v1.29.3-amd64 是可以正常拉取镜像的

cai182081 commented 1 month ago

已经验证是因为配置 privateRegistry: "dockerhub.kubekey.local:8080" 参数,kk 程序会检查此配置,自动修改 /etc/hosts 的192.168.4.6 dockerhub.kubekey.local:8080 部分,导致域名改变拉取镜像失败,进而导致部署失败