创建部署问题时,请参考下面模板,你提供的信息越多,越容易及时获得解答。如果未按模板创建问题,管理员有权关闭问题。
确保帖子格式清晰易读,用 markdown code block 语法格式化代码块。
你只花一分钟创建的问题,不能指望别人花上半个小时给你解答。
操作系统信息
例如:虚拟机/物理机,Centos7.5/Ubuntu18.04,4C/8G
| 操作系统 | cpuC | 内存G |
|---|
| centos7.9 | 8 | 8 |
| centos7.9 | 8 | 8 |
| centos7.9 | 8 | 8 |
Kubernetes版本信息
将 kubectl version 命令执行结果贴在下方
[root@master01 custom]# kubectl version
WARNING: This version information is deprecated and will be replaced with the output from kubectl version --short. Use --output=yaml|json to get the full version.
Client Version: version.Info{Major:"1", Minor:"26", GitVersion:"v1.26.14", GitCommit:"6db79806d788bfb9cfc996deb7e2e178402e8b50", GitTreeState:"clean", BuildDate:"2024-02-14T10:42:41Z", GoVersion:"go1.21.7", Compiler:"gc", Platform:"linux/amd64"}
Kustomize Version: v4.5.7
Server Version: version.Info{Major:"1", Minor:"26", GitVersion:"v1.26.14", GitCommit:"6db79806d788bfb9cfc996deb7e2e178402e8b50", GitTreeState:"clean", BuildDate:"2024-02-14T10:31:33Z", GoVersion:"go1.21.7", Compiler:"gc", Platform:"linux/amd64"}
容器运行时
将 docker version / crictl version / nerdctl version 结果贴在下方
[root@master01 custom]# docker version
Client:
Version: 20.10.8
API version: 1.41
Go version: go1.16.6
Git commit: 3967b7d
Built: Fri Jul 30 19:50:40 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.8
API version: 1.41 (minimum version 1.12)
Go version: go1.16.6
Git commit: 75249d8
Built: Fri Jul 30 19:55:09 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: v1.6.21
GitCommit: 3dce8eb055cbb6872793272b4f20ed16117344f8
runc:
Version: 1.0.1
GitCommit: v1.0.1-0-g4144b638
docker-init:
Version: 0.19.0
GitCommit: de40ad0
[root@master01 custom]# containerd -v
containerd github.com/containerd/containerd v1.6.21 3dce8eb055cbb6872793272b4f20ed16117344f8
KubeSphere版本信息
例如:v2.1.1/v3.0.0。离线安装还是在线安装。在已有K8s上安装还是使用kk安装。
KubeSphere版本为4.1.3,离线安装,在已有K8s上安装
问题是什么
数据流水线服务,vector-agent容器一直报错,应该是连接apiserver获取pod信息,校验ssl的时候失败
2025-07-20T04:17:35.597248709+08:00 2025-07-19T20:17:35.596903Z INFO vector::app: Log level is enabled. level="info"
2025-07-20T04:17:35.598185799+08:00 2025-07-19T20:17:35.598040Z INFO vector::config::watcher: Creating configuration file watcher.
2025-07-20T04:17:35.598614465+08:00 2025-07-19T20:17:35.598428Z INFO vector::config::watcher: Watching configuration files.
2025-07-20T04:17:35.598627535+08:00 2025-07-19T20:17:35.598497Z INFO vector::app: Loading configs. paths=["/etc/vector/custom", "/etc/vector/global"]
2025-07-20T04:17:35.600534506+08:00 2025-07-19T20:17:35.600109Z INFO vector::topology::running: Running healthchecks.
2025-07-20T04:17:35.600548951+08:00 2025-07-19T20:17:35.600182Z INFO vector: Vector has started. debug="false" version="0.39.0" arch="x86_64" revision="73da9bb 2024-06-17 16:00:23.791735272"
2025-07-20T04:17:35.601738603+08:00 2025-07-19T20:17:35.601674Z INFO vector::internal_events::api: API server running. address=0.0.0.0:8686 playground=http://0.0.0.0:8686/playground graphql=http://0.0.0.0:8686/graphql
2025-07-20T04:17:38.134545354+08:00 2025-07-19T20:17:38.134404Z INFO vector::config::watcher: Configuration file changed.
2025-07-20T04:17:38.134595910+08:00 2025-07-19T20:17:38.134493Z INFO vector::signal: Signal received. signal="SIGHUP"
2025-07-20T04:17:38.141532055+08:00 2025-07-19T20:17:38.141438Z INFO vector::topology::running: Reloading running topology with new configuration.
2025-07-20T04:17:38.141948803+08:00 2025-07-19T20:17:38.141891Z INFO source{component_kind="source" component_id=kube_events component_type=kubernetes_logs}: vector::sources::kubernetes_logs: Obtained Kubernetes Node name to collect logs for (self). self_node_name="master02"
2025-07-20T04:17:38.152569194+08:00 2025-07-19T20:17:38.152455Z INFO source{component_kind="source" component_id=kube_events component_type=kubernetes_logs}: vector::sources::kubernetes_logs: Including matching files. ret=["**/*"]
2025-07-20T04:17:38.152584144+08:00 2025-07-19T20:17:38.152480Z INFO source{component_kind="source" component_id=kube_events component_type=kubernetes_logs}: vector::sources::kubernetes_logs: Excluding matching files. ret=["**/*.gz", "**/*.tmp"]
2025-07-20T04:17:38.152674958+08:00 2025-07-19T20:17:38.152628Z INFO source{component_kind="source" component_id=kube_logs component_type=kubernetes_logs}: vector::sources::kubernetes_logs: Obtained Kubernetes Node name to collect logs for (self). self_node_name="master02"
2025-07-20T04:17:38.164806700+08:00 2025-07-19T20:17:38.164731Z INFO source{component_kind="source" component_id=kube_logs component_type=kubernetes_logs}: vector::sources::kubernetes_logs: Including matching files. ret=["**/*"]
2025-07-20T04:17:38.164820788+08:00 2025-07-19T20:17:38.164748Z INFO source{component_kind="source" component_id=kube_logs component_type=kubernetes_logs}: vector::sources::kubernetes_logs: Excluding matching files. ret=["**/*.gz", "**/*.tmp"]
2025-07-20T04:17:38.218947830+08:00 2025-07-19T20:17:38.218835Z WARN sink{component_kind="sink" component_id=opensearch_events component_type=elasticsearch}: vector_core::tls::settings: The `verify_certificate` option is DISABLED, this may lead to security vulnerabilities.
2025-07-20T04:17:38.242454488+08:00 2025-07-19T20:17:38.242362Z WARN sink{component_kind="sink" component_id=opensearch_logs component_type=elasticsearch}: vector_core::tls::settings: The `verify_certificate` option is DISABLED, this may lead to security vulnerabilities.
2025-07-20T04:17:38.265474428+08:00 2025-07-19T20:17:38.265266Z INFO vector::topology::running: Running healthchecks.
2025-07-20T04:17:38.265554486+08:00 2025-07-19T20:17:38.265452Z INFO vector::topology::running: New configuration loaded successfully.
2025-07-20T04:17:38.266754145+08:00 2025-07-19T20:17:38.266609Z INFO vector: Vector has reloaded. path=[Dir("/etc/vector/custom"), Dir("/etc/vector/global")]
2025-07-20T04:17:38.267162713+08:00 2025-07-19T20:17:38.267076Z INFO source{component_kind="source" component_id=calico_logs component_type=file}: vector::sources::file: Starting file server. include=["/var/log/calico/cni/cni*.log"] exclude=[]
2025-07-20T04:17:38.268413108+08:00 2025-07-19T20:17:38.268150Z INFO source{component_kind="source" component_id=kube_logs component_type=kubernetes_logs}:file_server: file_source::checkpointer: Loaded checkpoint data.
2025-07-20T04:17:38.269899554+08:00 2025-07-19T20:17:38.269802Z INFO vector::topology::builder: Healthcheck passed.
2025-07-20T04:17:38.270604770+08:00 2025-07-19T20:17:38.270323Z INFO source{component_kind="source" component_id=kube_events component_type=kubernetes_logs}:file_server: file_source::checkpointer: Loaded checkpoint data.
2025-07-20T04:17:38.270616493+08:00 2025-07-19T20:17:38.270511Z INFO source{component_kind="source" component_id=systemd_logs component_type=journald}: vector::sources::journald: Starting journalctl.
2025-07-20T04:17:38.270619162+08:00 2025-07-19T20:17:38.270514Z INFO source{component_kind="source" component_id=calico_logs component_type=file}:file_server: file_source::checkpointer: Loaded checkpoint data.
2025-07-20T04:17:38.273792634+08:00 2025-07-19T20:17:38.271720Z INFO source{component_kind="source" component_id=calico_logs component_type=file}:file_server: vector::internal_events::file::source: Resuming to watch file. file=/var/log/calico/cni/cni.log file_position=15445711
2025-07-20T04:17:38.273808821+08:00 2025-07-19T20:17:38.272533Z ERROR kube_client::client::builder: failed with error error trying to connect: error:0A000086:SSL routines:(unknown function):certificate verify failed:ssl/statem/statem_clnt.c:2092:: self-signed certificate
2025-07-20T04:17:38.273812471+08:00 2025-07-19T20:17:38.272564Z WARN vector::kubernetes::reflector: Watcher Stream received an error. Retrying. error=InitialListFailed(HyperError(hyper::Error(Connect, ConnectError { error: Error { code: ErrorCode(1), cause: Some(Ssl(ErrorStack([Error { code: 167772294, library: "SSL routines", function: "(unknown function)", reason: "certificate verify failed", file: "ssl/statem/statem_clnt.c", line: 2092 }]))) }, verify_result: X509VerifyResult { code: 18, error: "self-signed certificate" } })))
