kubernetes應用flannel失敗 Connection refused.
1.18.3K8S安裝raw.githubusercontent.com無法連線問題
按照官網給的命令
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
回頭檢視k8s的執行狀態,有一項卡在了這裡
[root@server01 ~]# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
--2020-11-29 03:03:11-- https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 0.0.0.0, ::
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|0.0.0.0|:443... failed: Connection refused.
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|::|:443... failed: Connection refused.
省事yaml直接粘走,想自己下看下面方法。
---
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: psp.flannel.unprivileged
annotations:
seccomp.security.alpha.kubernetes.io/allowedProfileNames: docker/default
seccomp.security.alpha.kubernetes.io/defaultProfileName: docker/default
apparmor.security.beta.kubernetes.io/allowedProfileNames: runtime/default
apparmor.security.beta.kubernetes.io/defaultProfileName: runtime/default
spec:
privileged: false
volumes:
- configMap
- secret
- emptyDir
- hostPath
allowedHostPaths:
- pathPrefix: "/etc/cni/net.d"
- pathPrefix: "/etc/kube-flannel"
- pathPrefix: "/run/flannel"
readOnlyRootFilesystem: false
# Users and groups
runAsUser:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
fsGroup:
rule: RunAsAny
# Privilege Escalation
allowPrivilegeEscalation: false
defaultAllowPrivilegeEscalation: false
# Capabilities
allowedCapabilities: ['NET_ADMIN', 'NET_RAW']
defaultAddCapabilities: []
requiredDropCapabilities: []
# Host namespaces
hostPID: false
hostIPC: false
hostNetwork: true
hostPorts:
- min: 0
max: 65535
# SELinux
seLinux:
# SELinux is unused in CaaSP
rule: 'RunAsAny'
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: flannel
rules:
- apiGroups: ['extensions']
resources: ['podsecuritypolicies']
verbs: ['use']
resourceNames: ['psp.flannel.unprivileged']
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- ""
resources:
- nodes
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes/status
verbs:
- patch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: flannel
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flannel
subjects:
- kind: ServiceAccount
name: flannel
namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: flannel
namespace: kube-system
---
kind: ConfigMap
apiVersion: v1
metadata:
name: kube-flannel-cfg
namespace: kube-system
labels:
tier: node
app: flannel
data:
cni-conf.json: |
{
"name": "cbr0",
"cniVersion": "0.3.1",
"plugins": [
{
"type": "flannel",
"delegate": {
"hairpinMode": true,
"isDefaultGateway": true
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
net-conf.json: |
{
"Network": "10.244.0.0/16",
"Backend": {
"Type": "vxlan"
}
}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kube-flannel-ds
namespace: kube-system
labels:
tier: node
app: flannel
spec:
selector:
matchLabels:
app: flannel
template:
metadata:
labels:
tier: node
app: flannel
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
hostNetwork: true
priorityClassName: system-node-critical
tolerations:
- operator: Exists
effect: NoSchedule
serviceAccountName: flannel
initContainers:
- name: install-cni
image: quay.io/coreos/flannel:v0.13.1-rc1
command:
- cp
args:
- -f
- /etc/kube-flannel/cni-conf.json
- /etc/cni/net.d/10-flannel.conflist
volumeMounts:
- name: cni
mountPath: /etc/cni/net.d
- name: flannel-cfg
mountPath: /etc/kube-flannel/
containers:
- name: kube-flannel
image: quay.io/coreos/flannel:v0.13.1-rc1
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "100m"
memory: "50Mi"
securityContext:
privileged: false
capabilities:
add: ["NET_ADMIN", "NET_RAW"]
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: run
mountPath: /run/flannel
- name: flannel-cfg
mountPath: /etc/kube-flannel/
volumes:
- name: run
hostPath:
path: /run/flannel
- name: cni
hostPath:
path: /etc/cni/net.d
- name: flannel-cfg
configMap:
name: kube-flannel-cfg
清歡渡. 2020-06-03 09:44:21 215 已收藏
分類專欄: kubernetes 文章標籤: kubernetes
版權
搭建K8S叢集安裝flannel外掛遇到無法連線
問題原因:
因為github的域名伺服器在大陸沒有,最近的是香港伺服器,所以無法連線
解決方法:
通過域名查詢網站,獲取香港伺服器的IP地址
域名查詢網站:https://site.ip138.com/raw.githubusercontent.com
輸入raw.githubusercontent.com
查詢IP地址
編輯 vim /etc/hosts 檔案輸入如下內容
52.74.223.119 github.com
192.30.253.119 gist.github.com
54.169.195.247 api.github.com
185.199.111.153 assets-cdn.github.com
151.101.76.133 raw.githubusercontent.com #一般都是用這個域名+ip進行訪問
151.101.108.133 user-images.githubusercontent.com
151.101.76.133 gist.githubusercontent.com
151.101.76.133 cloud.githubusercontent.com
151.101.76.133 camo.githubusercontent.com
151.101.76.133 avatars0.githubusercontent.com
151.101.76.133 avatars1.githubusercontent.com
151.101.76.133 avatars2.githubusercontent.com
151.101.76.133 avatars3.githubusercontent.com
151.101.76.133 avatars4.githubusercontent.com
151.101.76.133 avatars5.githubusercontent.com
151.101.76.133 avatars6.githubusercontent.com
151.101.76.133 avatars7.githubusercontent.com
151.101.76.133 avatars8.githubusercontent.com
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
驗證效果
相關文章
- Kubernetes網路分析之Flannel
- 單個應用失敗程式碼存檔
- kubernetes映象拉取失敗解決方法 ErrImagePull
- zblog應用中心連線失敗的解決方案
- iOS應用安裝失敗原因排查 – HTTPS SSL 教程iOSHTTP
- 微軟應用商店第二次提交失敗微軟
- PowerShell重置Win10系統應用失敗如何解決Win10
- win10應用商店登入失敗的解決方法Win10
- Java的快速失敗和安全失敗Java
- Kubernetes 叢集網路:Flannel 與 Calico 的區別
- git push程式碼失敗,鑑權失敗Git
- 快速失敗機制&失敗安全機制
- python用install失敗怎麼解決Python
- Kubernetes(二) 應用部署
- 如何解決應用安裝失敗錯誤碼-13的問題
- 華為應用內購買驗籤失敗,報錯Signature length not correct
- win10應用商店更新失敗無法安裝如何恢復Win10
- Composer 失敗
- kubernetes實踐之四:Flannel網路外掛安裝
- 專門網站記錄Kubernetes失敗案例:k8s.af網站K8S
- 快速失敗是讓失敗立即快速發生! - pathelland
- Win7 Nginx啟動失敗 cmd命令失敗Win7Nginx
- kubernetes叢集斷電後etcd啟動失敗之etcd備份方案
- 邦芒解析:怎樣面對應聘失敗
- 以失敗為機制:奇異人生中的真實失敗與虛構性失敗
- git merge失敗Git
- npm install失敗NPM
- npm install 失敗NPM
- 如何突破失敗
- dota2啟動失敗 初始化vulkan失敗
- uiautomator2 獲取從谷歌商店下載的應用 app_info 失敗UI谷歌APP
- 啟用系統登入失敗處理功能
- testng擴充套件 失敗的用例重跑套件
- 邦芒支招:面試失敗後的應對方法面試
- 解決CocoaPods安裝卡住反應慢或失敗
- 破解Kubernetes應用開發困局
- 在輕量應用伺服器上的學習日誌(嘗試失敗了)伺服器
- proton執行失敗