問題如圖
[root@k8s-master01 ~]# kubectl get po -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-5f6d4b864b-5wxb9 1/1 Running 18 6d23h
calico-node-2zllx 0/1 Error 9 6d23h
calico-node-766vt 0/1 Running 10 6d23h
calico-node-cqhzv 1/1 Running 13 6d23h
calico-node-k88xw 0/1 Init:0/2 0 6d23h
calico-node-xz5m2 0/1 Error 7 6d23h
2.查看日志
[root@k8s-master01 ~]# kubectl describe pod calico-node-2zllx --namespace kube-system
···
···
umber of node(s) with BGP peering established = 1
calico/node is not ready: BIRD is not ready: BGP not established with 192.168.0.109,192.168.0.110,192.168.0.111
3.Calico 問題排障
估計是沒用發現實際真正的網卡
4.解決方法
調整calicao 網絡插件的網卡發現機制,修改IP_AUTODETECTION_METHOD對應的value值。官方提供的yaml文件中,ip識別策略(IPDETECTMETHOD)沒有配置,即默認為first-found,這會導致一個網絡異常的ip作為nodeIP被注冊,從而影響node-to-node mesh。我們可以修改成can-reach或者interface的策略,嘗試連接某一個Ready的node的IP,以此選擇出正確的IP。
*/
// calico.yaml 文件添加以下二行
- name: IP_AUTODETECTION_METHOD
value: "interface=eth.*" # ens 根據實際網卡開頭配置
// 配置如下
- name: CLUSTER_TYPE
value: "k8s,bgp"
- name: IP_AUTODETECTION_METHOD
value: "interface=eth.*"
#或者 value: "interface=eth0" # 我選用的這個
# Auto-detect the BGP IP address.
- name: IP
value: "autodetect"
# Enable IPIP
- name: CALICO_IPV4POOL_IPIP
value: "Always"
6.重新在master上部署
[root@k8s-master01 calico]# kubectl apply -f calico-etcd.yaml # 根據自己的實際文件名
[root@k8s-master01 calico]# kubectl get po -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-5f6d4b864b-5wxb9 1/1 Running 18 7d
calico-node-ctkd7 1/1 Running 0 15m
calico-node-q9gzv 1/1 Running 0 15m
calico-node-rgqnj 1/1 Running 0 15m
calico-node-sfwlh 1/1 Running 0 15m
calico-node-tmq7l 1/1 Running 0 15m
