kube-apiserver start failed问题

bhfm511 commented 5 years ago
配置完成之后启动，死活都是failed，无解？
[root@k8s-master01 bin]# systemctl status kube-apiserver
â— kube-apiserver.service - Kubernetes API Server
   Loaded: loaded (/usr/lib/systemd/system/kube-apiserver.service; enabled; vendor preset: disabled)
   Active: failed (Result: start-limit) since Sat 2019-08-24 17:52:29 PDT; 4s ago
     Docs: https://github.com/kubernetes/kubernetes
  Process: 87778 ExecStart=/etc/kubernetes/bin/kube-apiserver $KUBE_APISERVER_OPTS (code=exited, status=2)
 Main PID: 87778 (code=exited, status=2)

Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --version version[=true]                                  Print version information and quit
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --vmodule moduleSpec                                      comma-separated list of pattern=N settings for file-filtered logging
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --watch-cache                                             Enable watch caching in the apiserver (default true)
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --watch-cache-sizes stringSlice                           List of watch cache sizes for every resource (pods, nodes, etc.), comma... is enabled.
Aug 24 17:52:29 k8s-master01 systemd[1]: kube-apiserver.service holdoff time over, scheduling restart.
Aug 24 17:52:29 k8s-master01 systemd[1]: Stopped Kubernetes API Server.
Aug 24 17:52:29 k8s-master01 systemd[1]: start request repeated too quickly for kube-apiserver.service
Aug 24 17:52:29 k8s-master01 systemd[1]: Failed to start Kubernetes API Server.
Aug 24 17:52:29 k8s-master01 systemd[1]: Unit kube-apiserver.service entered failed state.
Aug 24 17:52:29 k8s-master01 systemd[1]: kube-apiserver.service failed.
Hint: Some lines were ellipsized, use -l to show in full.

++++++++++

[root@k8s-master01 bin]# journalctl -xe -u kube-apiserver
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --max-requests-inflight int                               The maximum number of non-mutating requests in flight at a given time. When the server
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --min-request-timeout int                                 An optional field indicating the minimum number of seconds a handler must keep a reque
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --oidc-ca-file string                                     If set, the OpenID server's certificate will be verified by one of the authorities in 
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --oidc-client-id string                                   The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set.
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --oidc-groups-claim string                                If provided, the name of a custom OpenID Connect claim for specifying user groups. The
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --oidc-issuer-url string                                  The URL of the OpenID issuer, only HTTPS scheme will be accepted. If set, it will be u
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --oidc-username-claim string                              The OpenID claim to use as the user name. Note that claims other than the default ('su
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --profiling                                               Enable profiling via web interface host:port/debug/pprof/ (default true)
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --repair-malformed-updates                                If true, server will do its best to fix the update request to pass the validation, e.g
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --requestheader-allowed-names stringSlice                 List of client certificate common names to allow to provide usernames in headers speci
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --requestheader-client-ca-file string                     Root certificate bundle to use to verify client certificates on incoming requests befo
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --requestheader-extra-headers-prefix stringSlice          List of request header prefixes to inspect. X-Remote-Extra- is suggested.
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --requestheader-group-headers stringSlice                 List of request headers to inspect for groups. X-Remote-Group is suggested.
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --requestheader-username-headers stringSlice              List of request headers to inspect for usernames. X-Remote-User is common.
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --runtime-config mapStringString                          A set of key=value pairs that describe runtime configuration that may be passed to api
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --secure-port int                                         The port on which to serve HTTPS with authentication and authorization. If 0, don't se
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --service-account-key-file stringArray                    File containing PEM-encoded x509 RSA or ECDSA private or public keys, used to verify S
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --service-account-lookup                                  If true, validate ServiceAccount tokens exist in etcd as part of authentication.
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --service-cluster-ip-range ipNet                          A CIDR notation IP range from which to assign service cluster IPs. This must not overl
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --service-node-port-range portRange                       A port range to reserve for services with NodePort visibility. Example: '30000-32767'.
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --ssh-keyfile string                                      If non-empty, use secure SSH proxy to the nodes, using this user keyfile
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --ssh-user string                                         If non-empty, use secure SSH proxy to the nodes, using this user name
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --stderrthreshold severity                                logs at or above this threshold go to stderr (default 2)
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --storage-backend string                                  The storage backend for persistence. Options: 'etcd3' (default), 'etcd2'.
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --storage-media-type string                               The media type to use to store objects in storage. Some resources or storage backends 
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --storage-versions string                                 The per-group version to store resources in. Specified in the format "group1/version1,
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --target-ram-mb int                                       Memory limit for apiserver in MB (used to configure sizes of caches, etc.)
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --tls-ca-file string                                      If set, this certificate authority will used for secure access from Admission Controll
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --tls-cert-file string                                    File containing the default x509 Certificate for HTTPS. (CA cert, if any, concatenated
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --tls-private-key-file string                             File containing the default x509 private key matching --tls-cert-file.
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --tls-sni-cert-key namedCertKey                           A pair of x509 certificate and private key file paths, optionally suffixed with a list
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --token-auth-file string                                  If set, the file that will be used to secure the secure port of the API server via tok
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: -v, --v Level                                                 log level for V logs (default 0)
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --version version[=true]                                  Print version information and quit
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --vmodule moduleSpec                                      comma-separated list of pattern=N settings for file-filtered logging
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --watch-cache                                             Enable watch caching in the apiserver (default true)
Aug 24 17:52:29 k8s-master01 kube-apiserver[87778]: --watch-cache-sizes stringSlice                           List of watch cache sizes for every resource (pods, nodes, etc.), comma separated. The
Aug 24 17:52:29 k8s-master01 systemd[1]: kube-apiserver.service holdoff time over, scheduling restart.
Aug 24 17:52:29 k8s-master01 systemd[1]: Stopped Kubernetes API Server.
-- Subject: Unit kube-apiserver.service has finished shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit kube-apiserver.service has finished shutting down.
Aug 24 17:52:29 k8s-master01 systemd[1]: start request repeated too quickly for kube-apiserver.service
Aug 24 17:52:29 k8s-master01 systemd[1]: Failed to start Kubernetes API Server.
-- Subject: Unit kube-apiserver.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit kube-apiserver.service has failed.
-- 
-- The result is failed.
Aug 24 17:52:29 k8s-master01 systemd[1]: Unit kube-apiserver.service entered failed state.
Aug 24 17:52:29 k8s-master01 systemd[1]: kube-apiserver.service failed.
lines 1050-1104/1104 (END)
rootsongjc commented 5 years ago
可能是配置错误，传递的参数有问题。
bhfm511 commented 5 years ago
谢谢，我还有另外一个问题是 k8s 1.6 kubernetes master 节点通过以下配置：
kube-apiserver kube-scheduler kube-controller-manager
而k8s 1.8 kubernetes master 节点配置则是： kubelet kubeadm kubectl
所以二个版本的配置不一样，不能交叉使用，对么？
rootsongjc commented 3 years ago
这个问题时间太过久远，长时间没有追问，关闭问题。如有后续进展请在 issue 中回复。
rootsongjc / kubernetes-handbook

kube-apiserver start failed问题 #375
