hongming
两个集群的ClusterConfiguration配置,看起来喝教程没出入。

===H集群 ClusterConfiguration================
jwtSecret: 5fH5eL39BHks4K2tJfAhbrNjJ3vYWqe2
clusterRole: host
proxyPublishAddress: ‘http://120.27.244.220:30527
===M集群 ClusterConfiguration================
jwtSecret: 5fH5eL39BHks4K2tJfAhbrNjJ3vYWqe2
clusterRole: member

      hongming
      这两个集群是都开了ldap的,另外上面链接中的一些链接地址都是404.
      以下是重试的错误信息

      E1230 17:49:04.730271 1 jwt.go:51] signature is invalid
      E1230 17:49:04.746582 1 token.go:57] signature is invalid
      E1230 17:49:04.746597 1 jwt_token.go:45] signature is invalid
      E1230 17:49:04.777921 1 authentication.go:60] Unable to authenticate the request due to error: signature is invalid
      E1230 17:49:04.801152 1 jwt.go:51] signature is invalid
      E1230 17:49:04.801178 1 token.go:57] signature is invalid
      E1230 17:49:04.801183 1 jwt_token.go:45] signature is invalid
      E1230 17:49:04.801191 1 authentication.go:60] Unable to authenticate the request due to error: signature is invalid

        xiaosage 从报错上看是 jwtSecret 不一致, 在两个集群上检查一下配置看看

         kubectl -n kubesphere-system get cm kubesphere-config -o yaml

            hongming
            我调整成一样之后,提示
            E1230 18:02:11.712140 1 token.go:65] token not found in cache
            E1230 18:02:11.712164 1 jwt_token.go:45] token not found in cache
            E1230 18:02:11.712174 1 authentication.go:60] Unable to authenticate the request due to error: token not found in cache
            E1230 18:02:11.785716 1 token.go:65] token not found in cache
            E1230 18:02:11.785741 1 jwt_token.go:45] token not found in cache
            E1230 18:02:11.785750 1 authentication.go:60] Unable to authenticate the request due to error: token not found in cache
            E1230 18:02:15.174355 1 v2.go:105] websocket: close 1001 (going away)
            W1230 18:02:23.177164 1 terminal.go:136] 1Process exited

            • Jeff 回复了此帖

                Jeff
                ks-apiserver 有两个起不来。提示moinitoring service address in configuration MUST not be empty。但是这个值是有的。
                ks-apiserver-5c4d8f8dcc-nxfgs 1/1 Running 0 19h
                ks-apiserver-69fd98677-5cjts 0/1 CrashLoopBackOff 5 5m25s
                ks-apiserver-69fd98677-5q558 0/1 CrashLoopBackOff 6 5m40s
                ===================================================
                [root@ykj-prod-ks-master1 ~]# kubectl logs -n kubesphere-system ks-apiserver-69fd98677-5cjts
                W1231 11:35:42.423484 1 client_config.go:543] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
                Error: moinitoring service address in configuration MUST not be empty, please check configmap/kubesphere-config in kubesphere-system namespace
                2020/12/31 11:35:42 moinitoring service address in configuration MUST not be empty, please check configmap/kubesphere-config in kubesphere-system namespace
                =========================================================
                `[root@ykj-prod-ks-master1 ~]# kubectl -n kubesphere-system get cm kubesphere-config -o yaml

                monitoring:
  endpoint: http://prometheus-operated.kubesphere-monitoring-system.svc:9090`

                    yuswift
                    信息已经发过去了。您看是否可以加下WeChat,商量一个远程的时间。

                      已解决 登陆不上是member集群手动配置了非0的token过期时间 crash是编辑了yaml缩近不对