操作系统信息
云服务器,CentOS Linux release 7.7.1908 (Core)

Kubernetes版本信息
kubectl version 命令执行结果贴在下方

Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.3", GitCommit:"c92036820499fedefec0f847e2054d824aea6cd1", GitTreeState:"clean", BuildDate:"2021-10-27T18:41:28Z", GoVersion:"go1.16.9", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.3", GitCommit:"c92036820499fedefec0f847e2054d824aea6cd1", GitTreeState:"clean", BuildDate:"2021-10-27T18:35:25Z", GoVersion:"go1.16.9", Compiler:"gc", Platform:"linux/amd64"}

容器运行时
docker version / crictl version / nerdctl version 结果贴在下方

Client: Docker Engine - Community
 Version:           20.10.17
 API version:       1.41
 Go version:        go1.17.11
 Git commit:        100c701
 Built:             Mon Jun  6 23:05:12 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.17
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.17.11
  Git commit:       a89b842
  Built:            Mon Jun  6 23:03:33 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.6
  GitCommit:        10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
 runc:
  Version:          1.1.2
  GitCommit:        v1.1.2-0-ga916309
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

KubeSphere版本信息
KubeSphere v3.3.0 版本,部署在kubeadm安装的kubernetes集群

问题是什么

部署在边缘节点的Pod可以正常查看日志监控等信息,但无法登入到终端执行命令,报错如下:

[root@kubernetes ~]# kubectl get pod -o wide
NAME                     READY   STATUS    RESTARTS   AGE   IP             NODE          NOMINATED NODE   READINESS GATES
nginx-5545fcddc9-7n5g8   1/1     Running   0          13m   192.168.16.2   edge-node01   <none>           <none>
[root@kubernetes ~]# kubectl exec -it nginx-5545fcddc9-7n5g8 bash -v=7
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
I0721 10:39:09.816637    2871 loader.go:372] Config loaded from file:  /root/.kube/config
I0721 10:39:09.822313    2871 round_trippers.go:432] GET https://192.168.0.223:6443/api/v1/namespaces/default/pods/nginx-5545fcddc9-7n5g8
I0721 10:39:09.822336    2871 round_trippers.go:438] Request Headers:
I0721 10:39:09.822351    2871 round_trippers.go:442]     Accept: application/json, */*
I0721 10:39:09.822361    2871 round_trippers.go:442]     User-Agent: kubectl/v1.22.3 (linux/amd64) kubernetes/c920368
I0721 10:39:09.830410    2871 round_trippers.go:457] Response Status: 200 OK in 8 milliseconds
I0721 10:39:09.835799    2871 podcmd.go:88] Defaulting container name to nginx
I0721 10:39:09.836238    2871 round_trippers.go:432] POST https://192.168.0.223:6443/api/v1/namespaces/default/pods/nginx-5545fcddc9-7n5g8/exec?command=bash&container=nginx&stdin=true&stdout=true&tty=true
                                                                                                                                                                                                            I0721 10:39:09.836265    2871 round_trippers.go:438] Request Headers:
                 I0721 10:39:09.836282    2871 round_trippers.go:442]     User-Agent: kubectl/v1.22.3 (linux/amd64) kubernetes/c920368
                                                                                                                                      I0721 10:39:09.836294    2871 round_trippers.go:442]     X-Stream-Protocol-Version: v4.channel.k8s.io
                                                                                                                                                                                                                                           I0721 10:39:09.836304    2871 round_trippers.go:442]     X-Stream-Protocol-Version: v3.channel.k8s.io
                                                                                I0721 10:39:09.836315    2871 round_trippers.go:442]     X-Stream-Protocol-Version: v2.channel.k8s.io
                                                                                                                                                                                     I0721 10:39:09.836325    2871 round_trippers.go:442]     X-Stream-Protocol-Version: channel.k8s.io
                       I0721 10:39:09.850219    2871 round_trippers.go:457] Response Status: 500 Internal Server Error in 13 milliseconds
                                                                                                                                         I0721 10:39:09.850732    2871 helpers.go:217] server response object: [{
  "metadata": {}
}]
F0721 10:39:09.850755    2871 helpers.go:116] Error from server: 
goroutine 1 [running]:
k8s.io/kubernetes/vendor/k8s.io/klog/v2.stacks(0xc00000e001, 0xc0004ca400, 0x42, 0x1f1)

cloudcore的日志报错如下:

E0721 10:52:04.959786       1 streamserver.go:227] exec: can not find 10.96.0.1 session 
E0721 10:52:08.922591       1 streamserver.go:227] exec: can not find 10.96.0.1 session 
E0721 10:52:13.145498       1 streamserver.go:227] exec: can not find 10.96.0.1 session 
E0721 10:52:13.289746       1 streamserver.go:227] exec: can not find 10.96.0.1 session
......

edgecore的配置中已经开启了edgeStream
[root@edge-node01 ~]# vim /etc/kubeedge/config/edgecore.yaml

....
  edgeStream:
    enable: true
    handshakeTimeout: 30
    readDeadline: 15
    server: <CloudcoreIP>:30004
    tlsTunnelCAFile: /etc/kubeedge/ca/rootCA.crt
    tlsTunnelCertFile: /etc/kubeedge/certs/server.crt
    tlsTunnelPrivateKeyFile: /etc/kubeedge/certs/server.key

同问,也遇到了相同的问题,云端节点或者管理界面上exec无法进入到边缘节点容器

测试使用v1.21.13 k8s版本,可以解决exec无法进入边缘节点容器的问题。 之前使用的1.22.10 版本,会存在问题

k8sv1.21.4-kubeedge-v1.9.2 也存在这个exec无法进入边缘节点容器的问题,没有看到10350 iptables转发。

    1 年 后
    1 年 后