sudo systemctl status calico-node.service
可以看下日志 /var/log/syslog
Nov 22 15:56:08 master calicoctl[3045]: ERROR: Could not connect to etcd at 192.168.112.123:6666: Connection to etcd failed due to MaxRetryError("HTTPConnectionPool(host='192.168.112.123', port=6666): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',))",)
Nov 22 15:56:08 master systemd[1]: calico-node.service: Main process exited, code=exited, status=1/FAILURE
Nov 22 15:56:08 master systemd[1]: calico-node.service: Unit entered failed state.
Nov 22 15:56:08 master systemd[1]: calico-node.service: Failed with result 'exit-code'.
Nov 22 15:56:18 master systemd[1]: calico-node.service: Service hold-off time over, scheduling restart.
Nov 22 15:56:18 master systemd[1]: Stopped Calico per-node agent.
Nov 22 15:56:18 master systemd[1]: Started Calico per-node agent.
Nov 22 15:56:18 master calicoctl[3066]: ERROR: Could not connect to etcd at 192.168.112.123:6666: Connection to etcd failed due to MaxRetryError("HTTPConnectionPool(host='192.168.112.123', port=6666): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',))",)
Nov 22 15:56:18 master systemd[1]: calico-node.service: Main process exited, code=exited, status=1/FAILURE
Nov 22 15:56:18 master systemd[1]: calico-node.service: Unit entered failed state.
Nov 22 15:56:18 master systemd[1]: calico-node.service: Failed with result 'exit-code'.
cp master/kubeletserver /etc/systemd/
systemctl enable kubelet.service
systemctl start kubelet.service
完毕
在集群中任意节点上可以访问cluster ip 及 pod ip
calico status 可以看到各节点之间为bgp全互联关系,我们可以关闭全互联,作为三层交换机的RR client . 这样我们的容器可以访问到集群外的应用或者你访问使用snat
calico pool add 2.26.0.0/16 --nat-outgoing
这时候你的容器就可以访问外部应用了。
如果外部需要访问你的服务可以使用node port 或者loadblance的方式,详细内容见V2将更性使用BGP 反射器的结构及master的高可用。