问题一:etcd: request cluster ID mismatch错误解决【只适用于新建etcd集群或无数据集群】
1、报错信息
Apr 19 21:36:34 k8s-master1 etcd: {“level”:”warn”,”ts”:”2021-04-19T21:36:34.359+0800”,”caller”:”rafthttp/stream.go:682”,”msg”:”request sent was ignored by remote peer due to cluster ID mismatch”,”remote-peer-id”:”e2ebb8985bd9440c”,”remote-peer-cluster-id”:”30f34ce623a71bd”,”local-member-id”:”61e51195a9d25330”,”local-member-cluster-id”:”5d7fdfddb69080b5”,”error”:”cluster ID mismatch”}
此时etcd节点都已经启动,但是无法连接,发现有request cluster ID mismatch报错。
2、问题解决
找到etcd数据存储目录
[root@xxx ~]# cat /etc/etcd/etcd.conf
#[Member]
#ETCD_CORS=””
ETCD_DATA_DIR=”/var/lib/etcd/default.etcd”
删除各节点/var/lib/etcd/default.etcd,重启etcd即可解决。
由于删除的是数据存储目录,不是新建etcd集群,或者有重要数据的不可直接删除。
问题二:修改kubelet、kube-proxy的apiserver接口地址为LB VIP,启动报错
1、报错信息
E0420 15:59:15.190104 128618 reflector.go:138] k8s.io/client-go/informers/factory.go:134: Failed to watch v1beta1.EndpointSlice: failed to list v1beta1.EndpointSlice: Get “https://192.168.211.88:16443/apis/discovery.k8s.io/v1beta1/endpointslices?labelSelector=%21service.kubernetes.io%2Fheadless%2C%21service.kubernetes.io%2Fservice-proxy-name&limit=500&resourceVersion=0”: x509: certificate is valid for 10.0.0.1, 127.0.0.1, 192.168.211.111, 192.168.211.112, 192.168.211.113, 192.168.211.114, 192.168.211.115, 192.168.211.116, 192.168.211.117, 192.168.211.118, 192.168.211.119, 192.168.211.120, not 192.168.211.88
2、问题解决
使用自签CA签发kube-apiserver HTTPS证书
server-csr.json缺省192.168.211.88地址,注:上述文件hosts字段中IP为所有Master/LB/VIP IP,一个都不能少!为了方便后期扩容可以多写几个预留的IP。