Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

certSANS配置没有生效 #2253

Open
drinktee opened this issue Jun 26, 2023 · 2 comments
Open

certSANS配置没有生效 #2253

drinktee opened this issue Jun 26, 2023 · 2 comments
Labels
kind/bug Something isn't working

Comments

@drinktee
Copy link

What happen?

使用 sealer run -f cluster.yaml 安装集群,创建的集群中,certSANs中没有配置中的IP,但是podCIDR可以生效。只包含默认的配置,不知道是bug还是使用方法不对?

      certSANs:
      - 127.0.0.1
      - apiserver.cluster.local
      - 10.103.97.2
      - 192.168.0.65
      - 192.168.0.238
      - 192.168.0.112
      - ::1

sealer version

cluster.yaml

apiVersion: sealer.cloud/v2
kind: Cluster
metadata:
  name: my-cluster
spec:
  certSANS:
    - 192.168.0.65
    - 192.168.0.238
    - 192.168.0.112
    - 10.56.253.168
    - 192.168.0.253
    - 10.56.253.160    
  image: kubernetes:v1-20-4-sealerio-2
  ssh:
    passwd: sss
    user: root
    port: "22"
  hosts:
    - ips: [ 192.168.0.65,192.168.0.238,192.168.0.112 ]
      roles: [ master ]
      env:
        - etcd-dir=/data/etcd
      ssh:
        user: root
        passwd: sss
        port: "22"
    - ips: [ 192.168.0.175 ]
      roles: [ node ]  

---
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
kubernetesVersion: v1.20.4
networking:
  podSubnet: 172.27.0.0/16
  serviceSubnet: 172.18.128.0/19
apiServer:
  certSANs:
  - 192.168.0.65
  - 192.168.0.238
  - 192.168.0.112
  - 10.56.253.168
  - 192.168.0.253
  - 10.56.253.160
  - 127.0.0.1
  - apiserver.cluster.local
---
apiVersion: sealer.aliyun.com/v1alpha1
kind: Config
metadata:
  name: calico
spec:
  path: applications/custom-resources.yaml
  data: |
    apiVersion: operator.tigera.io/v1
    kind: Installation
    metadata:
      name: default
    spec:
      calicoNetwork:        
        ipPools:
        - blockSize: 26
          cidr: 172.27.0.0/16

Relevant log output?

No response

What you expected to happen?

No response

How to reproduce it (as minimally and precisely as possible)?

No response

Anything else we need to know?

No response

What is the version of Sealer you using?

{"gitVersion":"v0.9.3","gitCommit":"a51d0ec","buildDate":"2023-03-31 05:58:58","goVersion":"go1.17.13","compiler":"gc","platform":"linux/amd64"}

What is your OS environment?

CentOS 7.9

What is the Kernel version?

3.10.0-1160.49.1.el7.x86_64

Other environment you want to tell us?

  • Cloud provider or hardware configuration:
  • Install tools:
  • Others:
@drinktee drinktee added the kind/bug Something isn't working label Jun 26, 2023
@kakaZhou719
Copy link
Member

@drinktee ,clusterfile中,可以使用env key 的方式 CertSANs增加额外的ip。
(http://sealer.cool/docs/concept/clusterfile.html#using-cluster-env-in-clusterfile)

@drinktee
Copy link
Author

image
增加形如这种 格式的env,最终安装后 node 节点会无法join。时间太久保存日志了。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@drinktee @kakaZhou719