Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

通过harbor非80、443端口离线部署,/etc/hosts域名含端口与镜像拉取需要的端口冲突导致部署失败 #2251

Open
cai182081 opened this issue May 23, 2024 · 3 comments
Open

通过harbor非80、443端口离线部署,/etc/hosts域名含端口与镜像拉取需要的端口冲突导致部署失败 #2251

cai182081 opened this issue May 23, 2024 · 3 comments
Labels
bug Something isn't working

Comments

@cai182081
Copy link

What is version of KubeKey has the issue?

kk version: &version.Info{Major:"3", Minor:"1", GitVersion:"v3.1.1", GitCommit:"7a184f786b02bec20d5534af137896f50e510396", GitTreeState:"clean", BuildDate:"2024-04-16T04:28:43Z", GoVersion:"go1.19.2", Compiler:"gc", Platform:"linux/amd64"}

What is your os environment?

cemtos 7

KubeKey config file

apiVersion: kubekey.kubesphere.io/v1alpha2
kind: Cluster
metadata:
  name: sample
spec:
  hosts:

  roleGroups:
    etcd:
    - k8s-master01
    - k8s-worker01
    - k8s-worker02
    control-plane:
    - k8s-master01
    worker:
    - k8s-worker01
    registry:
    - k8s-worker02
  controlPlaneEndpoint:
    internalLoadbalancer: haproxy

    domain: lb.k8svip.top
    address: "" # The VIP address
    port: 6443
  kubernetes:
    version: v1.29.3
    clusterName: k8svip.top
    autoRenewCerts: true
    cgroupDriver: systemd
    containerManager: containerd
    maxPods: 110
    nodeCidrMaskSize: 24
    proxyMode: ipvs
  etcd:
    type: kubekey
    dataDir: /var/lib/etcd
  network:
    plugin: calico
    kubePodsCIDR: 10.233.64.0/18
    kubeServiceCIDR: 10.233.0.0/18
    multusCNI:
      enabled: false
  registry:
    type: "harbor"
    auths:
      "dockerhub.kubekey.local:8080":
        username: admin
        password: Harbor12345
        skipTLSVerify: true
        plainHTTP: true
    privateRegistry: "dockerhub.kubekey.local:8080"
    namespaceOverride: "kubesphereio"
    registryMirrors: []
    insecureRegistries: [""]
  addons: []

A clear and concise description of what happend.

执行 kk create cluster -f kubesphere-v341-v1293.yaml -a ksp-v3.4.1-artifact.tar.gz --with-packages 部署报错

Relevant log output

10:11:12 CST success: [k8s-master01]
10:11:12 CST [CopyImagesToRegistryModule] Copy images to a private registry from an artifact OCI Path
10:11:12 CST Source: oci:/dba/kubekey/images:kubesphereio:kube-apiserver:v1.29.3-amd64
10:11:12 CST Destination: docker://dockerhub.kubekey.local:8080/kubesphereio/kube-apiserver:v1.29.3-amd64
Getting image source signatures
trying to reuse blob sha256:f7e25e1a5a48b7ae00300fd053b9f3be780149466100c87e4b853d2c3285f0ad at destination: pinging container registry dockerhub.kubekey.local:8080: Get "http://dockerhub.kubekey.local:8080/v2/": dial tcp: lookup dockerhub.kubekey.local on 114.114.114.114:53: no such host
Getting image source signatures
trying to reuse blob sha256:f7e25e1a5a48b7ae00300fd053b9f3be780149466100c87e4b853d2c3285f0ad at destination: pinging container registry dockerhub.kubekey.local:8080: Get "http://dockerhub.kubekey.local:8080/v2/": dial tcp: lookup dockerhub.kubekey.local on 114.114.114.114:53: no such host
Getting image source signatures
trying to reuse blob sha256:f7e25e1a5a48b7ae00300fd053b9f3be780149466100c87e4b853d2c3285f0ad at destination: pinging container registry dockerhub.kubekey.local:8080: Get "http://dockerhub.kubekey.local:8080/v2/": dial tcp: lookup dockerhub.kubekey.local on 114.114.114.114:53: no such host
Getting image source signatures
trying to reuse blob sha256:f7e25e1a5a48b7ae00300fd053b9f3be780149466100c87e4b853d2c3285f0ad at destination: pinging container registry dockerhub.kubekey.local:8080: Get "http://dockerhub.kubekey.local:8080/v2/": dial tcp: lookup dockerhub.kubekey.local on 114.114.114.114:53: no such host
Getting image source signatures
trying to reuse blob sha256:f7e25e1a5a48b7ae00300fd053b9f3be780149466100c87e4b853d2c3285f0ad at destination: pinging container registry dockerhub.kubekey.local:8080: Get "http://dockerhub.kubekey.local:8080/v2/": dial tcp: lookup dockerhub.kubekey.local on 114.114.114.114:53: no such host
10:11:13 CST success: [LocalHost]
10:11:13 CST [CopyImagesToRegistryModule] Push multi-arch manifest to private registry
10:11:13 CST message: [LocalHost]
get manifest list failed by module cache
10:11:13 CST failed: [LocalHost]
error: Pipeline[CreateClusterPipeline] execute failed: Module[CopyImagesToRegistryModule] exec failed: 
failed: [LocalHost] [PushManifest] exec failed after 1 retries: get manifest list failed by module cache

Additional information

这是/etc/hosts文件

kubekey hosts BEGIN

192.168.4.4 k8s-master01.k8svip.top k8s-master01
192.168.4.5 k8s-worker01.k8svip.top k8s-worker01
192.168.4.6 k8s-worker02.k8svip.top k8s-worker02
192.168.4.6 dockerhub.kubekey.local:8080
192.168.4.4 lb.k8svip.top

kubekey hosts END

如果 /etc/hosts 为 192.168.4.6 dockerhub.kubekey.local 通过crictl pull dockerhub.kubekey.local:8080/kubesphereio/kube-apiserver:v1.29.3-amd64 是可以正常拉取镜像的
@cai182081 cai182081 added the bug Something isn't working label May 23, 2024
@cai182081
Copy link
Author

已经验证是因为配置 privateRegistry: "dockerhub.kubekey.local:8080" 参数,kk 程序会检查此配置,自动修改 /etc/hosts 的192.168.4.6 dockerhub.kubekey.local:8080 部分,导致域名改变拉取镜像失败,进而导致部署失败

@flyrun9527
Copy link

别设置registry 就相当于用外置的harbor 就不会有问题

@flyrun9527
Copy link

我也遇到过

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cai182081 @flyrun9527