kubernetes - ansible k8s 模块无法使用 503 连接到集群 - 将 /version/openshift 附加到非 openshift 集群
问题描述
我正在尝试使用 ansible 新的 k8s 模块(基于 2.6 的 ok k8_raw)来维护 aks k8 集群。虽然我可以使用 kubectl 使用集群,但任何使用 k8s 集群的命令都会失败并出现 503 错误。
例如这个任务:
- name: deploy kured daemonset
k8s:
state: present
context: "{{ cluster_name}}"
host: "redacted"# tried specifying this, but does not help
kubeconfig: "~/.kube/config"
src: "aks/utils/kured-ds.yaml"
和失败:
Traceback (most recent call last):
File "/home/alonisser/.ansible/tmp/ansible-tmp-1549320815.98-157731551192134/AnsiballZ_k8s.py", line 113, in <module>
_ansiballz_main()
File "/home/alonisser/.ansible/tmp/ansible-tmp-1549320815.98-157731551192134/AnsiballZ_k8s.py", line 105, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/home/alonisser/.ansible/tmp/ansible-tmp-1549320815.98-157731551192134/AnsiballZ_k8s.py", line 48, in invoke_module
imp.load_module('__main__', mod, module, MOD_DESC)
File "/tmp/ansible_k8s_payload_IYmGFG/__main__.py", line 233, in <module>
File "/tmp/ansible_k8s_payload_IYmGFG/__main__.py", line 229, in main
File "/tmp/ansible_k8s_payload_IYmGFG/ansible_k8s_payload.zip/ansible/module_utils/k8s/raw.py", line 131, in execute_module
File "/tmp/ansible_k8s_payload_IYmGFG/ansible_k8s_payload.zip/ansible/module_utils/k8s/common.py", line 172, in get_api_client
File "/home/alonisser/.local/lib/python2.7/site-packages/openshift/dynamic/client.py", line 103, in __init__
self.__init_cache()
File "/home/alonisser/.local/lib/python2.7/site-packages/openshift/dynamic/client.py", line 113, in __init_cache
self.__resources.update(self.parse_api_groups())
File "/home/alonisser/.local/lib/python2.7/site-packages/openshift/dynamic/client.py", line 169, in parse_api_groups
new_group[version] = self.get_resources_for_api_version(prefix, group['name'], version, preferred)
File "/home/alonisser/.local/lib/python2.7/site-packages/openshift/dynamic/client.py", line 181, in get_resources_for_api_version
resources_response = load_json(self.request('GET', path))['resources']
File "/home/alonisser/.local/lib/python2.7/site-packages/openshift/dynamic/client.py", line 363, in request
_return_http_data_only=params.get('_return_http_data_only', True)
File "/home/alonisser/.local/lib/python2.7/site-packages/kubernetes/client/api_client.py", line 321, in call_api
_return_http_data_only, collection_formats, _preload_content, _request_timeout)
File "/home/alonisser/.local/lib/python2.7/site-packages/kubernetes/client/api_client.py", line 155, in __call_api
_request_timeout=_request_timeout)
File "/home/alonisser/.local/lib/python2.7/site-packages/kubernetes/client/api_client.py", line 342, in request
headers=headers)
File "/home/alonisser/.local/lib/python2.7/site-packages/kubernetes/client/rest.py", line 231, in GET
query_params=query_params)
File "/home/alonisser/.local/lib/python2.7/site-packages/kubernetes/client/rest.py", line 222, in request
raise ApiException(http_resp=r)
kubernetes.client.rest.ApiException: (503)
Reason: Service Unavailable
Ansible 版本:2.7/8(dev)
我错过了什么?
更新:当我将 print 语句添加到下面模块使用的库中时,我发现管道中的某处 /version/openshift 附加到主机名,这当然会失败,因为它是一个非 openshift 集群任何解决方法这个错误?
解决方案
答:原来有两个失败的请求。第一个是版本/openshift 被客户端捕获并且不会导致崩溃。崩溃实际上是因为我的集群指标服务器出现错误而发生的,虽然 ansible 使用的 k8 客户端并不真正需要它,但仍然无法向它发出请求。因此,如果有人碰到它,可能会有所帮助
推荐阅读
- mysql - 为什么 Mysql JOIN Query - Full SCAN 不使用索引
- typescript - 是否可以覆盖本地模块的类型声明?
- authentication - 了解 Azure AD 访问令牌流
- oauth - 使用“授权代码授予”的 Netlify API 服务器到服务器 OAuth
- java - 如何从此多选微调器中获取价值并将其保存到字符串?
- rdf - 嵌套的 SKOS 概念方案?
- java - 使用单例设计模式时,其他方法是否需要使用synchronized关键字来保证线程安全?
- unity3d - 如何在运行时将 three.js(来自 blender 的 JSON)模型导入 Unity?
- vba - 根据类别将电子邮件移动到子文件夹
- android-studio - 如何仅使用 Android Studio git 插件 GUI 对齐 git 工作副本