Zenn
🚨

cloud-initでkubectl apply → 127.0.0.1:8080: connect: connection refused

2024/01/23に公開
Kubernetes
#
kubectl
#
cloudinit
tech

Issue

手動でログインして kubectl コマンドを直接実行する際は問題ないが、 cloud-init の runcmd 内で kubeadm initkubectl apply を続けて実行すると

couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused

となってしまう。

Log

cloud-init[1046]: error: error validating "https://raw.githubusercontent.com/projectcalico/calico/v3.27.0/manifests/calico.yaml": error validating data: failed to download openapi: Get "http://localhost:8080/openapi/v2?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused; if you choose to ignore these errors, turn validation off with --validate=false
cloud-init[1046]: E0123 00:02:39.510184    3201 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused
cloud-init[1046]: E0123 00:02:39.514031    3201 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused
cloud-init[1046]: E0123 00:02:39.514853    3201 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused
cloud-init[1046]: E0123 00:02:39.515931    3201 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused
cloud-init[1046]: E0123 00:02:39.517347    3201 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused
cloud-init[1046]: The connection to the server localhost:8080 was refused - did you specify the right host or port?
cloud-init[1046]: E0123 00:02:39.628055    3205 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused
cloud-init[1046]: E0123 00:02:39.631811    3205 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused
cloud-init[1046]: The connection to the server localhost:8080 was refused - did you specify the right host or port?

Fix

     runcmd:
       - |
         mkdir /root/kubernetes
         echo "Creating a Kubernetes cluster."
         kubeadm init --kubernetes-version=1.29.1 \
           --control-plane-endpoint=haproxy.example.com:6443 \
           --pod-network-cidr=10.0.0.0/16 \
           --cri-socket=unix:/run/containerd/containerd.sock \
           --upload-certs | tail -n 12 | head -n3 > /root/kubernetes/join.sh
         mkdir -p /root/.kube
         cp /etc/kubernetes/admin.conf /root/.kube/config
+        export KUBECONFIG=/root/.kube/config
         echo "Installing calico cni."
         kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.27.0/manifests/calico.yaml
         kubectl wait --namespace kube-system \
           --for=condition=ready pod \
           --selector=k8s-app=calico-kube-controllers \
           --timeout=120s

export KUBECONFIG=/root/.kube/config を追加すると解消された。

動作環境

  • Ubuntu 22.04.3 on libvirt
root@k8s-control-plane01:~# cat /etc/os-release
PRETTY_NAME="Ubuntu 22.04.3 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.3 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy

Discussion