Help me !!!!!
1995chen opened this issue · comments
I am Chinese with poor english.
I want to run my wireguard server on cloud provider, Because I often change cloud service providers, so i want to deploy my cluster on local machines. i by a NUC11 for master and other pc (from my friends) as nodes, Except VPN server, all nodes are local. Can you update you guide? I encountered a problem while installing the CNI plugin,here is the problem:
[root@local add-ons]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-558bd4d5db-h66pk 0/1 ContainerCreating 0 10m
kube-system coredns-558bd4d5db-lljm9 0/1 ContainerCreating 0 10m
kube-system etcd-local 1/1 Running 0 10m
kube-system kube-apiserver-local 1/1 Running 0 10m
kube-system kube-controller-manager-local 1/1 Running 0 10m
kube-system kube-proxy-t6g9x 1/1 Running 0 10m
kube-system kube-scheduler-local 1/1 Running 0 10m
kube-system weave-net-jfqm9 1/2 Error 0 71s
[root@local add-ons]# kubectl logs -f pod/weave-net-jfqm9 -n kube-system
error: a container name must be specified for pod weave-net-jfqm9, choose one of: [weave weave-npc] or one of the init containers: [weave-init]
[root@local add-ons]# kubectl logs -f pod/weave-net-jfqm9 -n kube-system -c weave
FATA: 2021/08/07 00:20:09.774373 [kube-peers] Could not get peers: Get "https://10.96.0.1:443/api/v1/nodes": dial tcp 10.96.0.1:443: i/o timeout
wireguard-server's conf
[Interface]
Address = 10.88.0.1/24
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
FwMark = 0x40000
DNS = 10.88.0.1
PrivateKey = QC97PaNUe+l8BtS6CmjlRSqOlEveYcc722S+FkSK/0A=
[Peer]
PublicKey = qk8unK13qvIBJn3QzuX1MQxFrB5EfM4J1UclAsIJHh4=
AllowedIPs = 10.88.0.2/32
[Peer]
PublicKey = LUBpHGtxiLnX4KRHdkbGXk/0dzwuNqNsS3WLX83pvF4=
AllowedIPs = 10.88.0.3/32client conf is
[Interface]
Address = 10.88.0.2/32
FwMark = 0x40000
PrivateKey = WKvexEre4628ZTACEWvBeDjuerpfDgdXnBxAoRjYvU0=
DNS = 10.88.0.1
[Peer]
PublicKey = GmkncDc3aVnUDD9zlRDq1X7rloyzYyYI+RuWuwu1NiU=
AllowedIPs = 0.0.0.0/0
Endpoint = <MY_CLOUD_PROVIDER_IP:51820>
PersistentKeepalive = 25vpn server (on cloud ) ip is 10.88.0.1, kubernetes master node ip is 10.88.0.2.
I init cluster with command below
kubeadm init --kubernetes-version=v1.21.0 --ignore-preflight-errors=Swap --apiserver-advertise-address 10.88.0.2 --control-plane-endpoint=10.88.0.2:6443 --pod-network-cidr=10.244.0.0/16sysctl -p is
[root@local wireguard]# sysctl -p
vm.swappiness = 70
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.all.rp_filter = 1the config of kubelet is
[root@local wireguard]# cat /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf
# Note: This dropin only works with kubeadm and kubelet v1.11+
[Service]
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"
Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=systemd"
Environment="KUBELET_USER_DEFINE_ARGS=--feature-gates=RotateKubeletServerCertificate=true --fail-swap-on=false --node-ip=10.88.0.2"
# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically
EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env
# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use
# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file.
EnvironmentFile=-/etc/sysconfig/kubelet
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS $KUBELET_CGROUP_ARGS $KUBELET_USER_DEFINE_ARGSI'm tired of setting up clusters often,please help me!!!
thank you ,God bless you
In my case I used to setup flannel then untaint nodes, restart cri(if needed) and then nodes are ready and coredns pod are running.