Rancher Server 设置
- Rancher 版本:latest
- 安装选项 (Docker install/Helm Chart): k3s helm
- 如果是 Helm Chart 安装,需要提供 Local 集群的类型(RKE1, RKE2, k3s, EKS, 等)和版本:
- 在线或离线部署:在线安装
下游集群信息
- Kubernetes 版本: v1.24.6+k3s1
- Cluster Type (Local/Downstream): Local
- 如果 Downstream,是什么类型的集群?(自定义/导入或为托管 等):
用户信息
- 登录用户的角色是什么? (管理员/集群所有者/集群成员/项目所有者/项目成员/自定义):管理员
- 如果自定义,自定义权限集:
主机操作系统:
centos 7(3台)/ubuntu 18.04(1台)
问题描述:
1. 使用四台独立的云服务器(均有公网IP)建立k3s+mysql HA集群
[root@VM-0-8-centos rancher]# kubectl get pods -n kube-system -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system helm-install-traefik-crd-9f9nx 0/1 Completed 19 7h17m 10.42.2.8 vm-0-17-ubuntu <none> <none>
kube-system helm-install-traefik-95jwf 0/1 Completed 21 7h17m 10.42.2.9 vm-0-17-ubuntu <none> <none>
kube-system coredns-75fc8f8fff-rvrth 1/1 Running 0 7h17m 10.42.1.2 vm-0-3-centos <none> <none>
kube-system metrics-server-668d979685-wrn9c 1/1 Running 0 7h17m 10.42.1.3 vm-0-3-centos <none> <none>
kube-system local-path-provisioner-5b5579c644-2vsgg 1/1 Running 7 (7h11m ago) 7h17m 10.42.2.7 vm-0-17-ubuntu <none> <none>
kube-system traefik-7cd4fcff68-sn5v4 1/1 Running 0 6h22m 10.42.3.8 vm-0-14-centos <none> <none>
2. helm install 安装rancher
创建secret
kubectl -n cattle-system create secret tls tls-rancher-ingress \
--cert=tls.crt \
--key=tls.key
安装脚本
helm install rancher rancher-stable/rancher \
--namespace cattle-system \
--set hostname=rancher.example.com \
--set bootstrapPassword=xxx \
--set ingress.tls.source=secret
[root@VM-0-8-centos rancher]# kubectl get pods -n cattle-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
rancher-webhook-577b778f8f-j9btz 1/1 Running 0 6h9m 10.42.2.17 vm-0-17-ubuntu <none> <none>
rancher-5f74dfc459-m26lk 1/1 Running 0 96m 10.42.3.13 vm-0-14-centos <none> <none>
rancher-5f74dfc459-j4dgr 1/1 Running 0 97m 10.42.1.4 vm-0-3-centos <none> <none>
rancher-5f74dfc459-sschv 1/1 Running 0 97m 10.42.0.25 vm-0-8-centos <none> <none>
- 负载均衡启动正常(ADDRESS隐藏)
[root@VM-0-8-centos rancher]# kubectl get ingress -A -o wide
NAMESPACE NAME CLASS HOSTS ADDRESS PORTS AGE
cattle-system rancher traefik rancher.example.com xx.xx.xx.xx 80, 443 6h23m
但是通过rancher.example.com
却不能访问rancher ui
rancher.example.com
DNS解析配置确认OK(之前在该云服务器上单节点k3s配置成功可以正常使用)
重现步骤:
如上
结果:
rancher ui无法访问
预期结果:
rancher ui访问正常
截图:
其他上下文信息:
日志
请问该问题应该如何排查???麻烦各位大神指教一下,非常感谢!