[k8s]通過svc來訪問集群podhttp://api:8080/api/v1/namespaces/default/services/mynginx/proxy/
阿新 • • 發佈:2018-01-02
lar ann use dockerd reac crt esp plugin log
通過http://api:8080/api/v1/namespaces/default/services/mynginx/proxy/
通過svc訪問集群報錯
我想通過類似這種模式來訪問我的集群
http://192.168.14.11:8080/api/v1/namespaces/default/services/mynginx/proxy/
http://192.168.14.11:8080/api/v1/namespaces/kube-system/services/kubernetes-dashboard/proxy/
本來應該是這樣子
結果報錯了
Error: 'dial tcp 10.2.60.3:80: getsockopt: connection refused' Trying to reach: 'http://10.2.60.3:80/'
master節點為何要跑flannel?
最終查明,本質原因在於master沒跑flannel,master跑了flannel後就可以了.
master和pod通信是通過svc網絡的.
集群環境(1.9)on the fly搭建
參考: https://raw.githubusercontent.com/lannyMa/scripts/master/k8s/
http://www.cnblogs.com/iiiiher/p/8159693.html
mkdir -p /kubernetes/network/config/ cat > /kubernetes/network/config/flannel-config.json << EOF { "Network": "10.2.0.0/16", "SubnetLen": 24, "Backend": { "Type": "host-gw" } } EOF ################################## etcd --advertise-client-urls=http://0.0.0.0:2379 --listen-client-urls=http://0.0.0.0:2379 --debug cd /kubernetes/network/config etcdctl set /kubernetes/network/config < flannel-config.json flanneld -etcd-endpoints=http://192.168.14.11:2379 -iface=eth0 -etcd-prefix=/kubernetes/network systemctl stop docker dockerd --bip=10.2.60.1/24 --mtu=1500 ################################## kube-apiserver --service-cluster-ip-range=10.254.0.0/16 --etcd-servers=http://127.0.0.1:2379 --insecure-bind-address=0.0.0.0 --admission-control=ServiceAccount --service-account-key-file=/root/ssl/ca.key --client-ca-file=/root/ssl/ca.crt --tls-cert-file=/root/ssl/server.crt --tls-private-key-file=/root/ssl/server.key --allow-privileged=true --storage-backend=etcd2 --v=2 --enable-bootstrap-token-auth --token-auth-file=/root/token.csv kube-controller-manager --master=http://127.0.0.1:8080 --service-account-private-key-file=/root/ssl/ca.key --cluster-signing-cert-file=/root/ssl/ca.crt --cluster-signing-key-file=/root/ssl/ca.key --root-ca-file=/root/ssl/ca.crt --v=2 --allocate-node-cidrs=true --cluster-cidr=10.244.0.0/16 kube-scheduler --master=http://127.0.0.1:8080 --v=2 kubelet --allow-privileged=true --cluster-dns=10.254.0.2 --cluster-domain=cluster.local --v=2 --experimental-bootstrap-kubeconfig=/root/bootstrap.kubeconfig --kubeconfig=/root/kubelet.kubeconfig --fail-swap-on=false --network-plugin=cni kube-proxy --master=http://192.168.14.11:8080 --v=2
測試
kubectl run --image=nginx mynginx --replicas=2
kubectl expose deployment mynginx --port=80
http://192.168.14.11:8080/api/v1/namespaces/default/services/mynginx/proxy/
最終結果
[k8s]通過svc來訪問集群podhttp://api:8080/api/v1/namespaces/default/services/mynginx/proxy/