sealer icon indicating copy to clipboard operation
sealer copied to clipboard

Published 20 hours ago verified publisher icon sealerio

certSANS配置没有生效

Open drinktee opened this issue 1 year ago • 2 comments

What happen?

使用 sealer run -f cluster.yaml 安装集群,创建的集群中,certSANs中没有配置中的IP,但是podCIDR可以生效。只包含默认的配置,不知道是bug还是使用方法不对?

      certSANs:
      - 127.0.0.1
      - apiserver.cluster.local
      - 10.103.97.2
      - 192.168.0.65
      - 192.168.0.238
      - 192.168.0.112
      - ::1

sealer version

cluster.yaml

apiVersion: sealer.cloud/v2
kind: Cluster
metadata:
  name: my-cluster
spec:
  certSANS:
    - 192.168.0.65
    - 192.168.0.238
    - 192.168.0.112
    - 10.56.253.168
    - 192.168.0.253
    - 10.56.253.160    
  image: kubernetes:v1-20-4-sealerio-2
  ssh:
    passwd: sss
    user: root
    port: "22"
  hosts:
    - ips: [ 192.168.0.65,192.168.0.238,192.168.0.112 ]
      roles: [ master ]
      env:
        - etcd-dir=/data/etcd
      ssh:
        user: root
        passwd: sss
        port: "22"
    - ips: [ 192.168.0.175 ]
      roles: [ node ]  

---
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
kubernetesVersion: v1.20.4
networking:
  podSubnet: 172.27.0.0/16
  serviceSubnet: 172.18.128.0/19
apiServer:
  certSANs:
  - 192.168.0.65
  - 192.168.0.238
  - 192.168.0.112
  - 10.56.253.168
  - 192.168.0.253
  - 10.56.253.160
  - 127.0.0.1
  - apiserver.cluster.local
---
apiVersion: sealer.aliyun.com/v1alpha1
kind: Config
metadata:
  name: calico
spec:
  path: applications/custom-resources.yaml
  data: |
    apiVersion: operator.tigera.io/v1
    kind: Installation
    metadata:
      name: default
    spec:
      calicoNetwork:        
        ipPools:
        - blockSize: 26
          cidr: 172.27.0.0/16

Relevant log output?

No response

What you expected to happen?

No response

How to reproduce it (as minimally and precisely as possible)?

No response

Anything else we need to know?

No response

What is the version of Sealer you using?

{"gitVersion":"v0.9.3","gitCommit":"a51d0ec","buildDate":"2023-03-31 05:58:58","goVersion":"go1.17.13","compiler":"gc","platform":"linux/amd64"}

What is your OS environment?

CentOS 7.9

What is the Kernel version?

3.10.0-1160.49.1.el7.x86_64

Other environment you want to tell us?

  • Cloud provider or hardware configuration:
  • Install tools:
  • Others:

drinktee avatar Jun 26 '23 09:06 drinktee

@drinktee ,clusterfile中,可以使用env key 的方式 CertSANs增加额外的ip。 (http://sealer.cool/docs/concept/clusterfile.html#using-cluster-env-in-clusterfile)

kakaZhou719 avatar Jul 06 '23 02:07 kakaZhou719

image 增加形如这种 格式的env,最终安装后 node 节点会无法join。时间太久保存日志了。

drinktee avatar Jul 21 '23 06:07 drinktee