我从堡垒服务器运行kubectl 。 get , apply等工作正常。 logs和exec只是挂了很多年,然后吐出一个错误。
kubectl --v=7 logs [podname]
... I0809 10:42:37.893788 17434 round_trippers.go:393] Accept: application/json, */* I0809 10:44:37.545555 17434 round_trippers.go:408] Response Status: in 119651 milliseconds I0809 10:44:37.545617 17434 helpers.go:225] Connection error: Get https://rancher.domain.io/r/projects/1a598/kubernetes:6443/api/v1/namespaces/default/pods/pod/log: EOF F0809 10:44:37.545627 17434 helpers.go:120] Unable to connect to the server: EOF
所以现在在AWS中,我决定让所有主机相互通信。 为了简洁起见,在地形格式中:
# This doesn't work ingress { from_port = "0" to_port = "0" protocol = "-1" self = true } # This does work ingress { from_port = "0" to_port = "0" protocol = "-1" cidr_blocks = ["0.0.0.0/0"] }
所以我的问题是…对于kubectl logs和kubectl exec ,什么端口需要打开之间hosts / cidr_blocks? 因为我唯一可以做到这一点的方法就是向世界开放。