文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >Kubernetes上的MetalLB安装和配置

Kubernetes上的MetalLB安装和配置
EN

Stack Overflow用户
提问于 2021-03-21 18:32:32
回答 2查看 258关注 0票数 0

我在Kubernetes集群上安装并配置了MetalLB。然后尝试创建LoadBalancer类型服务。( NodePort类型的服务运行良好。)

但是,EXTERNAL-IP处于挂起状态。

我在MetalLB控制器pod上得到了下面的错误。有人可以帮助解决这个问题。

我也有类似的问题,当我尝试安装nginx入口控制器。

代码语言:javascript
复制
# kubectl logs controller-65db86ddc6-4hkdn -n metallb-system
{"branch":"HEAD","caller":"main.go:142","commit":"v0.9.5","msg":"MetalLB controller starting version 0.9.5 (commit v0.9.5, branch HEAD)","ts":"2021-03-21T09:30:28.244151786Z","version":"0.9.5"}
I0321 09:30:58.442987       1 trace.go:81] Trace[1298498081]: "Reflector pkg/mod/k8s.io/client-go@v0.0.0-20190620085101-78d2af792bab/tools/cache/reflector.go:98 ListAndWatch" (started: 2021-03-21 09:30:28.44033291 +0000 UTC m=+1.093749549) (total time: 30.001755286s):
Trace[1298498081]: [30.001755286s] [30.001755286s] END
E0321 09:30:58.443118       1 reflector.go:125] pkg/mod/k8s.io/client-go@v0.0.0-20190620085101-78d2af792bab/tools/cache/reflector.go:98: Failed to list *v1.Service: Get https://10.96.0.1:443/api/v1/services?limit=500&resourceVersion=0: dial tcp 10.96.0.1:443: i/o timeout
I0321 09:30:58.443263       1 trace.go:81] Trace[2019727887]: "Reflector pkg/mod/k8s.io/client-go@v0.0.0-20190620085101-78d2af792bab/tools/cache/reflector.go:98 ListAndWatch" (started: 2021-03-21 09:30:28.342686736 +0000 UTC m=+0.996103363) (total time: 30.100527846s):
Trace[2019727887]: [30.100527846s] [30.100527846s] END
E0321 09:30:58.443298       1 reflector.go:125] pkg/mod/k8s.io/client-go@v0.0.0-20190620085101-78d2af792bab/tools/cache/reflector.go:98: Failed to list *v1.ConfigMap: Get https://10.96.0.1:443/api/v1/namespaces/metallb-system/configmaps?fieldSelector=metadata.name%3Dconfig&limit=500&resourceVersion=0: dial tcp 10.96.0.1:443: i/o timeout
I0321 09:31:29.444994       1 trace.go:81] Trace[1427131847]: "Reflector pkg/mod/k8s.io/client-go@v0.0.0-20190620085101-78d2af792bab/tools/cache/reflector.go:98 ListAndWatch" (started: 2021-03-21 09:30:59.443509127 +0000 UTC m=+32.096925747) (total time: 30.001450692s):
Trace[1427131847]: [30.001450692s] [30.001450692s] END

下面是我的env。

代码语言:javascript
复制
# kubectl version --short
Client Version: v1.20.4
Server Version: v1.20.4

Calico CNI is installed.

# Installing Flannel network-plug-in for cluster network (calico)
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

Metal LB 0.9.5 is install & configured.

从Node访问就像blow一样工作。# curl -k https://10.96.0.1:443/api/v1/namespaces/metallb-system/configmaps?fieldSelector=metadata.name%3Dconfig&limit=500&resourceVersion=0

代码语言:javascript
复制
{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {

  },
  "status": "Failure",
  "message": "configmaps \"config\" is forbidden: User \"system:anonymous\" cannot list resource \"configmaps\" in API group \"\" in the namespace \"metallb-system\"",
  "reason": "Forbidden",
  "details": {
    "name": "config",
    "kind": "configmaps"
  },
  "code": 403
}

但是,从POD不能访问,如下所示。我想,应该是工作。

代码语言:javascript
复制
# kubectl -n metallb-system exec -it controller-65db86ddc6-4hkdn /bin/sh
$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN qlen 1000
    link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1480 qdisc noqueue state UP
    link/ether 76:54:44:f1:8f:50 brd ff:ff:ff:ff:ff:ff
    inet 192.168.41.146/32 brd 192.168.41.146 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::7454:44ff:fef1:8f50/64 scope link
       valid_lft forever preferred_lft forever
/bin $ **wget --no-check-certificate  https://10.96.0.1:443/
Connecting to 10.96.0.1:443 (10.96.0.1:443)
^C**
/bin $
kubernetes
timeout
metallb
EN

回答 2

Stack Overflow用户

发布于 2021-03-22 09:34:47

我更改了我的k8s集群配置,如下所示。现在它起作用了。

代码语言:javascript
复制
kubeadm init --apiserver-advertise-address=192.168.64.150 --apiserver-cert-extra-sans=192.168.64.150 --node-name kmaster --pod-network-cidr=10.10.0.0/16


cat /etc/hosts
192.168.64.150 kmaster
192.168.64.151 kworker1

并且我更改了calico配置,如下所示。

代码语言:javascript
复制
- name: CALICO_IPV4POOL_CIDR
  value: "10.10.0.0/16"    ### Same pod-cidr in calico
票数 1
EN

Stack Overflow用户

发布于 2021-03-21 21:44:48

  • 从您的金属控制器pod发出以下

10.96.0.1命令的输出是什么?

代码语言:javascript
复制
kubectl -n metallb-system exec controller-65db86ddc6-4hkdn -- ping 10.96.0.1

  • 请同时提供以下

命令的输出

代码语言:javascript
复制
kubectl -n metallb-system exec controller-65db86ddc6-4hkdn -- ip r
kubectl -n metallb-system exec controller-65db86ddc6-4hkdn -- ip n

  • 如果您可以ping通,但不能执行wget,那么这是防火墙问题

Kubernetes文档中的

票数 0
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/66731252

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档