Rancher Server 设置
- Rancher 版本:v2.5.12
- 安装选项 (Docker install/Helm Chart): Docker install
- 如果是 Helm Chart 安装,需要提供 Local 集群的类型(RKE1, RKE2, k3s, EKS, 等)和版本:
- 在线或离线部署:在线安装
下游集群信息
- Kubernetes 版本: v1.20.15-rancher2-1
- Cluster Type (Local/Downstream):
- 如果 Downstream,是什么类型的集群?(自定义/导入或为托管 等): 自定义集群,创建k8s集群,安装2个master节点,8个worker节点.
用户信息
- 登录用户的角色是什么? (管理员/集群所有者/集群成员/项目所有者/项目成员/自定义):管理员
- 如果自定义,自定义权限集:
主机操作系统: 银河麒麟高级服务器系统 V10 SP1 x86_64
问题描述: 按照官网单节点在线安装 Rancher Server,使用一键自签名脚本生成 tls.crt 和 tls.key 并安装成功。
然后添加自定义集群,在下游集群master节点上执行命令,rancher-agent 报错,容器日志显示:正在等待节点注册。要么群集未准备好注册,要么群集当前正在配置,要么必须注册控制平面和工作节点。无法添加集群。
集群界面一直显示正在等待注册etcd、控制平面和工作节点,rancher节点,有日志报错。
重现步骤:
0. 主机分配:10.169.88.101 是运行Rancher的服务器私有IP;10.249.173.115 是Rancher服务器EIP。
- 一键生成自签名脚本得到 tls.crt 和 tls.key
./ssl.sh --ssl-trusted-ip=10.169.88.101,127.0.0.1,177.177.123.2,10.249.173.115,10.145.189.165,223.4.65.31 \
--ssl-size=2048 --ssl-date=3650
- 按照文档步骤安装 Rancher Server,一切正常。自签名证书安装Rancher命令如下:
sudo docker run -d --privileged --restart=unless-stopped \
-p 8400:80 -p 8843:443 \
-v /data/rancher:/var/lib/rancher \
-v /data/rancher/logs/:/var/log/auditlog \
-e HTTP_PROXY="http://10.145.189.166:8888" \
-e HTTPS_PROXY="http://10.145.189.166:8888" \
-e NO_PROXY="localhost,127.0.0.1,0.0.0.0,10.0.0.0/8,.svc,.cluster.local,example.com" \
-e NO_PROXY="localhost,127.0.0.1,0.0.0.0,10.0.0.0/8,cattle-system.svc,.svc,.cluster.local,example.com" \
-e CATTLE_SYSTEM_CATALOG=bundled -e AUDIT_LEVEL=3 \
-v /data/ssl/tls.crt:/etc/rancher/ssl/cert.pem \
-v /data/ssl/tls.key:/etc/rancher/ssl/key.pem \
-v /data/ssl/cacerts.pem:/etc/rancher/ssl/cacerts.pem \
rancher/rancher:v2.5.16
【注】
HTTP_PROXY 用于代理访问 http 请求,HTTPS_PROXY 用于代理访问 https 请求,如果想某个 IP或域名不走代理则配置到 NO_PROXY中。
/data/ssl/tls.crt 证书链文件
/data/ssl/tls.key 证书私有密钥
/data/ssl/cacerts.pem 证书颁发机构的证
- 添加自定义集群,选择Etcd 角色、一个 Control 角色,复制命令,在 10.169.88.115 节点上执行命令。
结果:
报错 time=“2023-04-21T03:08:05Z” level=info msg=“Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered” 详见日志。
预期结果:
正确添加自定义集群节点。
截图:
master节点上rancher-agent容器日志
rancher日志:
其他上下文信息:
master节点上rancher-agent容器日志
日志
INFO: Arguments: --server https://10.169.88.101:8843 --token REDACTED --ca-checksum ae2ad2e08d6b1e44821ebe2ab377819a106603983f5c63d85c66ad132c5bcdcc --etcd --controlplane
INFO: Environment: CATTLE_ADDRESS=10.169.88.115 CATTLE_INTERNAL_ADDRESS= CATTLE_NODE_NAME=10-169-88-115 CATTLE_ROLE=,etcd,controlplane CATTLE_SERVER=https://10.169.88.101:8843 CATTLE_TOKEN=REDACTED
INFO: Using resolv.conf: ; generated by /usr/sbin/dhclient-script nameserver 172.31.171.10 nameserver 172.31.171.11
INFO: https://10.169.88.101:8843/ping is accessible
INFO: Value from https://10.169.88.101:8843/v3/settings/cacerts is an x509 certificate
time="2023-04-21T03:51:01Z" level=info msg="Listening on /tmp/log.sock"
time="2023-04-21T03:51:01Z" level=info msg="Rancher agent version v2.5.16 is starting"
time="2023-04-21T03:51:01Z" level=info msg="Option etcd=true"
time="2023-04-21T03:51:01Z" level=info msg="Option controlPlane=true"
time="2023-04-21T03:51:01Z" level=info msg="Option worker=false"
time="2023-04-21T03:51:01Z" level=info msg="Option requestedHostname=10-169-88-115"
time="2023-04-21T03:51:01Z" level=info msg="Option customConfig=map[address:10.169.88.115 internalAddress: label:map[] roles:[etcd controlplane] taints:[]]"
time="2023-04-21T03:51:01Z" level=info msg="Connecting to wss://10.169.88.101:8843/v3/connect/register with token ncrghf9v2t68ldfwn4mmh996frcpzrbs5qrxwslfphlt24jt945bql"
time="2023-04-21T03:51:01Z" level=info msg="Connecting to proxy" url="wss://10.169.88.101:8843/v3/connect/register"
time="2023-04-21T03:51:01Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:03Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:05Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:07Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:09Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:11Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:13Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:15Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:17Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:19Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:21Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:23Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:25Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:27Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:29Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:31Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:33Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:35Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:37Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:39Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:41Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:43Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:45Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:47Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:49Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:51Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:53Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:55Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:57Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"
time="2023-04-21T03:51:59Z" level=info msg="Waiting for node to register. Either cluster is not ready for registering, cluster is currently provisioning, or etcd, controlplane and worker node have to be registered"