Kubernetes 网络插件
Kubernetes network plugin
我已经使用 calico 网络插件安装了 3 个节点的 Kubernetes 集群。
出于某种原因,我决定完全删除 kubernetes 并使用不同的网络插件重新安装它:Flannel。
在我尝试部署我的第一个容器之前,一切似乎都很好。
kubectl describe pod/cassandra return 出现如下错误:
Unknown desc = [failed to set up sandbox container "957f68c3cbe9b230b0e2bd6729a12c340f903de568622e28e335f7b48563a445" network for pod "cassandra-d7db46b86-dz7ck": networkPlugin cni failed to set up pod "cassandra-d7db46b86-dz7ck_default" network: error getting ClusterInformation: Get https://[10.96.0.1]:443/apis/crd.projectcalico.org/v1/clusterinformations/default: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes"), failed to clean up sandbox container "957f68c3cbe9b230b0e2bd6729a12c340f903de568622e28e335f7b48563a445" network for pod "cassandra-d7db46b86-dz7ck": networkPlugin cni failed to teardown pod "cassandra-d7db46b86-dz7ck_default" network: error getting ClusterInformation: Get https://[10.96.0.1]:443/apis/crd.projectcalico.org/v1/clusterinformations/default: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes")]
Normal SandboxChanged 3s (x3 over 18s) kubelet, <node name> Pod sandbox changed, it will be killed and re-created.
通过阅读错误,似乎 calico 插件仍在被 Kubernetes 使用,尽管我删除了它并安装了 Flannel 插件。
我怎样才能清理这个烂摊子?
你能尝试重新加入(从集群中移除并再次加入)compute/slave 节点吗?它以前对我的一个案例有效。
- 清除ip路由:ip route flush proto bird
- 删除所有节点中的所有 calico 链接
ip link list | grep cali | awk '{print }' | cut -c 1-15 | xargs -I {} ip link delete {}
- 删除 ipip 模块 modprobe -r ipip
- 移除 calico 配置
rm /etc/cni/net.d/10-calico.conflist && rm /etc/cni/net.d/calico-kubeconfig
- 重启 kubelet 服务
安装 flannel 之后。
我已经使用 calico 网络插件安装了 3 个节点的 Kubernetes 集群。 出于某种原因,我决定完全删除 kubernetes 并使用不同的网络插件重新安装它:Flannel。
在我尝试部署我的第一个容器之前,一切似乎都很好。
kubectl describe pod/cassandra return 出现如下错误:
Unknown desc = [failed to set up sandbox container "957f68c3cbe9b230b0e2bd6729a12c340f903de568622e28e335f7b48563a445" network for pod "cassandra-d7db46b86-dz7ck": networkPlugin cni failed to set up pod "cassandra-d7db46b86-dz7ck_default" network: error getting ClusterInformation: Get https://[10.96.0.1]:443/apis/crd.projectcalico.org/v1/clusterinformations/default: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes"), failed to clean up sandbox container "957f68c3cbe9b230b0e2bd6729a12c340f903de568622e28e335f7b48563a445" network for pod "cassandra-d7db46b86-dz7ck": networkPlugin cni failed to teardown pod "cassandra-d7db46b86-dz7ck_default" network: error getting ClusterInformation: Get https://[10.96.0.1]:443/apis/crd.projectcalico.org/v1/clusterinformations/default: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes")]
Normal SandboxChanged 3s (x3 over 18s) kubelet, <node name> Pod sandbox changed, it will be killed and re-created.
通过阅读错误,似乎 calico 插件仍在被 Kubernetes 使用,尽管我删除了它并安装了 Flannel 插件。
我怎样才能清理这个烂摊子?
你能尝试重新加入(从集群中移除并再次加入)compute/slave 节点吗?它以前对我的一个案例有效。
- 清除ip路由:ip route flush proto bird
- 删除所有节点中的所有 calico 链接
ip link list | grep cali | awk '{print }' | cut -c 1-15 | xargs -I {} ip link delete {}
- 删除 ipip 模块 modprobe -r ipip
- 移除 calico 配置
rm /etc/cni/net.d/10-calico.conflist && rm /etc/cni/net.d/calico-kubeconfig
- 重启 kubelet 服务
安装 flannel 之后。