环境 ks2.1-all-in-one
#gateway日志
10.233.64.71 27/Oct/2020:09:22:07 +0000 POST /kapis/iam.kubesphere.io/v1alpha2/login HTTP/1.1 502 16 3009ms
10.233.64.71 27/Oct/2020:09:29:51 +0000 POST /kapis/iam.kubesphere.io/v1alpha2/login HTTP/1.1 502 16 3006ms
2020/10/27 09:34:30 Unauthorized,illegal token
2020/10/27 09:34:30 Unauthorized,illegal token
10.233.64.71 27/Oct/2020:09:34:30 +0000 GET /kapis/tenant.kubesphere.io/v1alpha2/workspaces HTTP/1.1 401 17 3ms
10.233.64.71 27/Oct/2020:09:34:30 +0000 GET /kapis/iam.kubesphere.io/v1alpha2/users/admin HTTP/1.1 401 17 3ms
10.233.64.71 27/Oct/2020:09:34:30 +0000 GET /kapis/v1alpha1/configz HTTP/1.1 200 254 5ms
10.233.64.71 27/Oct/2020:09:34:40 +0000 POST /kapis/iam.kubesphere.io/v1alpha2/login HTTP/1.1 502 16 3007ms
10.233.64.71 27/Oct/2020:09:35:29 +0000 POST /kapis/iam.kubesphere.io/v1alpha2/login HTTP/1.1 502 16 3008ms
10.233.64.71 27/Oct/2020:09:36:04 +0000 POST /kapis/iam.kubesphere.io/v1alpha2/login HTTP/1.1 502 16 3009ms
10.233.64.71 27/Oct/2020:09:36:46 +0000 POST /kapis/iam.kubesphere.io/v1alpha2/login HTTP/1.1 502 16 3008ms
10.233.64.71 27/Oct/2020:09:42:13 +0000 POST /kapis/iam.kubesphere.io/v1alpha2/login HTTP/1.1 502 16 3008ms
10.233.64.71 27/Oct/2020:09:58:06 +0000 POST /kapis/iam.kubesphere.io/v1alpha2/login HTTP/1.1 502 16 3008ms
#APISERVER无日志
安装后可以正常使用,然后做了证书升级操作实验,升级后重启了docker和kubelet,相关pod出现故障,删除自动拉起pod后状态正常:
#证书升级操作参考的
1、https://feisky.gitbooks.io/kubernetes/content/practice/certificate-rotation.html
2、https://github.com/kubernetes/kubernetes/issues/86864
#证书目前过期状态(日期均已更新):
CERTIFICATE EXPIRES RESIDUAL TIME EXTERNALLY MANAGED
admin.conf Oct 27, 2021 07:20 UTC 364d no
apiserver Oct 27, 2021 07:20 UTC 364d no
apiserver-kubelet-client Oct 27, 2021 07:01 UTC 364d no
controller-manager.conf Oct 27, 2021 06:09 UTC 364d no
front-proxy-client Oct 27, 2021 07:01 UTC 364d no
scheduler.conf Oct 27, 2021 07:01 UTC 364d no
#pod状态:
[root@ks-allinone ~]# kubectl get po -A
NAMESPACE NAME READY STATUS RESTARTS AGE
default busybox 1/1 Running 0 27m
kube-system coredns-7f9d8dc6c8-2pgn5 1/1 Running 0 30m
kube-system dns-autoscaler-796f4ddddf-9slfw 1/1 Running 0 21m
kube-system kube-apiserver-ks-allinone 1/1 Running 1 5d22h
kube-system kube-controller-manager-ks-allinone 1/1 Running 2 5d22h
kube-system kube-flannel-mpppd 2/2 Running 0 20m
kube-system kube-proxy-6bvpq 1/1 Running 0 17m
kube-system kube-scheduler-ks-allinone 1/1 Running 2 5d22h
kube-system nodelocaldns-9dh2z 1/1 Running 1 5d22h
kube-system openebs-localpv-provisioner-77fbd6858d-d52x2 1/1 Running 0 5d22h
kube-system openebs-ndm-274s4 1/1 Running 1 5d22h
kube-system openebs-ndm-operator-59c75c96fc-rg56t 1/1 Running 0 120m
kube-system tiller-deploy-79b566b5ff-4s86p 1/1 Running 0 131m
kubesphere-controls-system default-http-backend-5d464dd566-sgl86 1/1 Running 0 130m
kubesphere-controls-system kubectl-admin-6c664db975-mqbzp 1/1 Running 0 7h44m
kubesphere-monitoring-system kube-state-metrics-566cdbcb48-wkp2q 4/4 Running 0 4h
kubesphere-monitoring-system node-exporter-hjdhw 2/2 Running 2 3h59m
kubesphere-monitoring-system prometheus-k8s-0 3/3 Running 0 7m11s
kubesphere-monitoring-system prometheus-k8s-system-0 3/3 Running 0 7m18s
kubesphere-monitoring-system prometheus-operator-6b97679cfd-72rkd 1/1 Running 0 8m31s
kubesphere-system ks-account-596657f8c6-7sl9r 1/1 Running 0 7h44m
kubesphere-system ks-apigateway-78bcdc8ffc-j8qjx 1/1 Running 0 38m
kubesphere-system ks-apiserver-5b548d7c5c-9mpcs 1/1 Running 0 38m
kubesphere-system ks-console-78bcf96dbf-pnfkg 1/1 Running 0 40m
kubesphere-system ks-controller-manager-696986f8d9-gbzbl 1/1 Running 0 22m
kubesphere-system ks-installer-7d9fb945c7-vmtrk 1/1 Running 0 5d22h
kubesphere-system openldap-0 1/1 Running 0 118m
kubesphere-system redis-6fd6c6d6f9-8xhg2 1/1 Running 0 111m
#系统异常日志:
Failed to update status for pod "ks-account-596657f8c6-7sl9r_kubesphere-system(f600f93b-1558-40ec-af50-27ecb17146c2)": failed to patch status "{\"status\":{\"containerStatuses\":[{\"containerID\":\"docker://85e5aa3d089c851c6c2f0f644200b8478117435fc7aabc2035a28d83b3e77dec\",\"image\":\"kubesphere/ks-account:v2.1.1\",\"imageID\":\"docker-pullable://kubesphere/ks-account@sha256:6fccef53ab7a269160ce7816dfe3583730ac7fe2064ea5c9e3ce5e366f3470eb\",\"lastState\":{\"terminated\":{\"containerID\":\"docker://e4f0cd5c8366d5bfb54c547c33d6f313f4676ad79db68357825ce73e63863355\",\"exitCode\":1,\"finishedAt\":\"2020-10-27T07:25:14Z\",\"reason\":\"Error\",\"startedAt\":\"2020-10-27T02:13:44Z\"}},\"name\":\"ks-account\",\"ready\":true,\"restartCount\":1,\"state\":{\"running\":{\"startedAt\":\"2020-10-27T08:06:16Z\"}}}],\"initContainerStatuses\":[{\"containerID\":\"docker://bc5175d79fc89140bd7e0a2da10ae76c3d2a6a929f67da37e2a542250d76fb02\",\"image\":\"alpine:3.10.4\",\"imageID\":\"docker-pullable://alpine@sha256:7c3773f7bcc969f03f8f653910001d99a9d324b4b9caa008846ad2c3089f5a5f\",\"lastState\":{},\"name\":\"wait-redis\",\"ready\":true,\"restartCount\":2,\"state\":{\"terminated\":{\"containerID\":\"docker://bc5175d79fc89140bd7e0a2da10ae76c3d2a6a929f67da37e2a542250d76fb02\",\"exitCode\":0,\"finishedAt\":\"2020-10-27T08:06:14Z\",\"reason\":\"Completed\",\"startedAt\":\"2020-10-27T07:25:56Z\"}}},{\"containerID\":\"docker://43c18cc359b47d5546db37a5f0993ad29f401c60b3610e6d8905a508727e5d5a\",\"image\":\"alpine:3.10.4\",\"imageID\":\"docker-pullable://alpine@sha256:7c3773f7bcc969f03f8f653910001d99a9d324b4b9caa008846ad2c3089f5a5f\",\"lastState\":{},\"name\":\"wait-ldap\",\"ready\":true,\"restartCount\":0,\"state\":{\"terminated\":{\"containerID\":\"docker://43c18cc359b47d5546db37a5f0993ad29f401c60b3610e6d8905a508727e5d5a\",\"exitCode\":0,\"finishedAt\":\"2020-10-27T08:06:15Z\",\"reason\":\"Completed\",\"startedAt\":\"2020-10-27T08:06:15Z\"}}}],\"podIP\":\"10.233.64.57\"}}" for pod "kubesphere-system"/"ks-account-596657f8c6-7sl9r": conversion Error: v1.PodIP(10.233.64.57) != v1.PodIPs[0](10.233.64.26)