kubekey
kubekey copied to clipboard
kubesphere
无法正确处理多网卡的情况
What is version of KubeKey has the issue?
kk version: &version.Info{Major:"3", Minor:"1", GitVersion:"v3.1.8", GitCommit:"dbb1ee4aa1ecf0586565ff3374427d8a7d9b327b", GitTreeState:"clean", BuildDate:"2025-03-26T04:49:07Z", GoVersion:"go1.19.2", Compiler:"gc", Platform:"linux/amd64"}
What is your os environment?
Ubuntu 22.04
KubeKey config file
apiVersion: kubekey.kubesphere.io/v1alpha2
kind: Cluster
metadata:
name: xxx
spec:
hosts:
- {name: kube-node1, address: 10.111.0.1, internalAddress: "10.111.0.1", privateKeyPath: "/root/pri-key"}
- {name: kube-node2, address: 10.111.0.2, internalAddress: "10.111.0.2", privateKeyPath: "/root/pri-key"}
roleGroups:
etcd:
- kube-node1
- kube-node2
control-plane:
- kube-node1
- kube-node2
worker:
- kube-node1
- kube-node2
controlPlaneEndpoint:
## Internal loadbalancer for apiservers
internalLoadbalancer: kube-vip
domain: lb.kubesphere.local
address: 10.111.0.250
port: 6443
system:
ntpServers:
- time1.cloud.tencent.com
- ntp.aliyun.com
timezone: "Asia/Shanghai"
kubernetes:
version: v1.28.15
clusterName: kube.xxx.com
autoRenewCerts: true
containerManager: containerd
etcd:
type: kubekey
network:
plugin: calico
kubePodsCIDR: 10.233.64.0/18
kubeServiceCIDR: 10.233.0.0/18
## multus support. https://github.com/k8snetworkplumbingwg/multus-cni
multusCNI:
enabled: false
registry:
privateRegistry: ""
auths:
"reg.xxx.com":
username: "xxx"
password: "xxx"
namespaceOverride: ""
registryMirrors: []
insecureRegistries: []
addons: []
A clear and concise description of what happend.
当我同时使用tailscale时,无法正常工作,并且尝试过指定多个IP,但是kubeadm不允许这样
etcd因为证书问题拒绝连接,原因貌似是IP地址100.71.93.44不在证书当中(不用担心IP地址泄漏,这是一个运营商级NAT地址)
以下是命令ip a的输出
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether bc:24:11:e8:36:9f brd ff:ff:ff:ff:ff:ff
inet 10.111.0.1/16 brd 10.111.255.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 240e:327:848:9610:be24:11ff:fee8:369f/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 2343sec preferred_lft 2343sec
inet6 fe80::be24:11ff:fee8:369f/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether bc:24:11:52:e3:44 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.16/24 metric 100 brd 192.168.1.255 scope global dynamic eth1
valid_lft 85963sec preferred_lft 85963sec
inet6 240e:327:848:9600:be24:11ff:fe52:e344/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 2343sec preferred_lft 2343sec
inet6 fe80::be24:11ff:fe52:e344/64 scope link
valid_lft forever preferred_lft forever
4: tailscale0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc fq_codel state UNKNOWN group default qlen 500
link/none
inet 100.71.93.44/32 scope global tailscale0
valid_lft forever preferred_lft forever
inet6 fd7a:115c:a1e0::ec01:5d2f/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::f412:ec6b:c351:cb8e/64 scope link stable-privacy
valid_lft forever preferred_lft forever
Relevant log output
1034 Apr 24 15:40:42 kube-node2 etcd[4969]: {"level":"warn","ts":"2025-04-24T15:40:42.553332+0800","caller":"embed/config_logging.go:160", "msg":"rejected connection","remote-addr":"100.71.93.44:34920","server-name":"","ip-addresses":["127.0.0.1","::1","10.111.0.1","10.11 1.0.2"],"dns-names":["etcd","etcd.kube-system","etcd.kube-system.svc","etcd.kube-system.svc.cluster.local","kube-node1","kube-node2", "lb.kubesphere.local","localhost"],"error":"tls: \"100.71.93.44\" does not match any of DNSNames [\"etcd\" \"etcd.kube-system\" \"etc d.kube-system.svc\" \"etcd.kube-system.svc.cluster.local\" \"kube-node1\" \"kube-node2\" \"lb.kubesphere.local\" \"localhost\"] (look up etcd.kube-system.svc.cluster.local on 127.0.0.53:53: no such host)"}
1035 Apr 24 15:40:42 kube-node2 etcd[4969]: {"level":"warn","ts":"2025-04-24T15:40:42.756261+0800","caller":"embed/config_logging.go:160", "msg":"rejected connection","remote-addr":"100.71.93.44:34934","server-name":"","ip-addresses":["127.0.0.1","::1","10.111.0.1","10.11 1.0.2"],"dns-names":["etcd","etcd.kube-system","etcd.kube-system.svc","etcd.kube-system.svc.cluster.local","kube-node1","kube-node2", "lb.kubesphere.local","localhost"],"error":"tls: \"100.71.93.44\" does not match any of DNSNames [\"etcd\" \"etcd.kube-system\" \"etc d.kube-system.svc\" \"etcd.kube-system.svc.cluster.local\" \"kube-node1\" \"kube-node2\" \"lb.kubesphere.local\" \"localhost\"] (look up etcd.kube-system.svc.cluster.local on 127.0.0.53:53: no such host)"}
1036 Apr 24 15:40:42 kube-node2 etcd[4969]: {"level":"warn","ts":"2025-04-24T15:40:42.756381+0800","caller":"embed/config_logging.go:160", "msg":"rejected connection","remote-addr":"100.71.93.44:34936","server-name":"","ip-addresses":["127.0.0.1","::1","10.111.0.1","10.11 1.0.2"],"dns-names":["etcd","etcd.kube-system","etcd.kube-system.svc","etcd.kube-system.svc.cluster.local","kube-node1","kube-node2", "lb.kubesphere.local","localhost"],"error":"tls: \"100.71.93.44\" does not match any of DNSNames [\"etcd\" \"etcd.kube-system\" \"etc d.kube-system.svc\" \"etcd.kube-system.svc.cluster.local\" \"kube-node1\" \"kube-node2\" \"lb.kubesphere.local\" \"localhost\"] (look up etcd.kube-system.svc.cluster.local on 127.0.0.53:53: no such host)"}
Additional information
No response
