[Bug]: Lab_08: Bootstrapping the Kubernetes Control Plane: Server URL is incorrect in kube-scheduler.kubeconfig
lethanhson9901 opened this issue · comments
Your Workstation
Ubuntu, 16 GB RAM, 8 core i7 CPU
What happened?
I followed your instruction file. But when the last check command: ./cert_verify.sh
. I got this output:
vagrant@master-1:~$ ./cert_verify.sh 3
ca cert found, verifying the authenticity
ca cert is correct
etcd-server cert and key found, verifying the authenticity
etcd-server cert and key are correct
ca cert and key found, verifying the authenticity
ca cert and key are correct
kube-apiserver cert and key found, verifying the authenticity
kube-apiserver cert and key are correct
kube-controller-manager cert and key found, verifying the authenticity
kube-controller-manager cert and key are correct
kube-scheduler cert and key found, verifying the authenticity
kube-scheduler cert and key are correct
service-account cert and key found, verifying the authenticity
service-account cert and key are correct
apiserver-kubelet-client cert and key found, verifying the authenticity
apiserver-kubelet-client cert and key are correct
etcd-server cert and key found, verifying the authenticity
etcd-server cert and key are correct
Checking /var/lib/kubernetes/kube-controller-manager.kubeconfig
/var/lib/kubernetes/kube-controller-manager.kubeconfig found
Path to CA certificate is correct
Path to client certificate is correct
Path to client key is correct
Server URL is correct
Checking /var/lib/kubernetes/kube-scheduler.kubeconfig
/var/lib/kubernetes/kube-scheduler.kubeconfig found
Path to CA certificate is correct
Path to client certificate is correct
Path to client key is correct
Server URL is incorrect
I also check kube-scheduler.kubeconfig
file, which was generated in lab05, but I dont know how to fix that bug:
vagrant@master-1:~$ cat /var/lib/kubernetes/kube-scheduler.kubeconfig
apiVersion: v1
clusters: null
contexts:
- context:
cluster: kubernetes-the-hard-way
user: system:kube-scheduler
name: default
current-context: default
kind: Config
preferences: {}
users:
- name: system:kube-scheduler
user:
client-certificate: /var/lib/kubernetes/pki/kube-scheduler.crt
client-key: /var/lib/kubernetes/pki/kube-scheduler.key
Please help me, thanks!
Relevant log output
No response
I also debug:
-
Because api server is
https://127.0.0.1:6443/
. And ChatGPT hint that: -
The value for
<KUBERNETES_API_SERVER_ENDPOINT>
in the kube-scheduler configuration depends on where your kube-scheduler is running in relation to the Kubernetes API server. Here are the typical scenarios:- If the kube-scheduler is running on the same machine as the Kubernetes API server: You can use
127.0.0.1:6443
. This local loopback address assumes that the kube-scheduler and the API server are on the same node, and it will connect to the API server on the local machine. - If the kube-scheduler is running on a different machine than the Kubernetes API server: You should use the actual IP address or DNS name of the Kubernetes API server, like
https://192.168.56.11:6443
. This ensures that the kube-scheduler can reach the API server over the network.
In most Kubernetes setups, especially in production or multi-node environments, the kube-scheduler is not typically on the same machine as the API server. In such cases, you need to use the actual network address. However, in single-node setups or for certain testing scenarios, it might be on the same node, and using
127.0.0.1:6443
would be appropriate.Which IP should I choose: 127.0.0.1 or INTERNAL_IP (like: 192.168.56.11).
- If the kube-scheduler is running on the same machine as the Kubernetes API server: You can use
# INTERNAL_IP=$(ip addr show enp0s8 | grep "inet " | awk '{print $2}' | cut -d / -f 1)
LOCAL_IP="127.0.0.1"
cat <<EOF | sudo tee /var/lib/kubernetes/kube-scheduler.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority: /var/lib/kubernetes/pki/ca.crt
server: https://${LOCAL_IP}:6443
name: kubernetes-the-hard-way
contexts:
- context:
cluster: kubernetes-the-hard-way
user: system:kube-scheduler
name: default
current-context: default
kind: Config
preferences: {}
users:
- name: system:kube-scheduler
user:
client-certificate: /var/lib/kubernetes/pki/kube-scheduler.crt
client-key: /var/lib/kubernetes/pki/kube-scheduler.key
EOF
In this lab the scheduler is running on the same host as the API server. The kube-scheduler.kubeconfig
is created in step 5 and will use 127.0.0.1:6443
.
I also check kube-scheduler.kubeconfig file, which was generated in lab05, but I dont know how to fix that bug:
From what you pasted below that comment, it looks like you did not run the following during lab05
kubectl config set-cluster kubernetes-the-hard-way \
--certificate-authority=/var/lib/kubernetes/pki/ca.crt \
--server=https://127.0.0.1:6443 \
--kubeconfig=kube-scheduler.kubeconfig
Please
- Don't trust ChatGPT as a source of truth
- Do follow the instructions in this lab to the letter. If you miss any step, no matter how small, things will not work.
I've solved this, thank you so much !