多mater集群部署kubesphere2.1.1 openldap报错

leo

k8s版本为1.15.10，3个master1个node。
openldap.yaml内容如下:

apiVersion: apps/v1
kind: StatefulSet
metadata:
  creationTimestamp: "2020-02-27T09:09:48Z"
  generation: 5
  labels:
    app.kubernetes.io/instance: ks-openldap
    app.kubernetes.io/managed-by: Tiller
    app.kubernetes.io/name: openldap-ha
    app.kubernetes.io/version: "1.0"
    helm.sh/chart: openldap-ha-0.1.0
  name: openldap
  namespace: kubesphere-system
spec:
  podManagementPolicy: OrderedReady
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/instance: ks-openldap
      app.kubernetes.io/name: openldap-ha
  serviceName: openldap
  template:
    metadata:
      creationTimestamp: null
      labels:
        app.kubernetes.io/instance: ks-openldap
        app.kubernetes.io/name: openldap-ha
    spec:
      affinity:
        nodeAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - preference:
              matchExpressions:
              - key: node-role.kubernetes.io/master
                operator: In
                values:
                - ""
            weight: 100
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchLabels:
                app.kubernetes.io/instance: ks-openldap
                app.kubernetes.io/name: openldap-ha
            topologyKey: kubernetes.io/hostname
      containers:
      - args:
        - --copy-service
        - --loglevel=debug
        env:
        - name: LDAP_ORGANISATION
          value: kubesphere
        - name: LDAP_DOMAIN
          value: kubesphere.io
        - name: LDAP_CONFIG_PASSWORD
          value: admin
        - name: LDAP_ADMIN_PASSWORD
          value: admin
        - name: LDAP_REPLICATION
          value: "true"
        - name: LDAP_TLS
          value: "false"
        - name: LDAP_REMOVE_CONFIG_AFTER_SETUP
          value: "true"
        - name: MY_POD_NAME
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.name
        - name: HOSTNAME
          value: $(MY_POD_NAME).openldap
        - name: LDAP_REPLICATION_CONFIG_SYNCPROV
          value: binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD
            searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1
        - name: LDAP_REPLICATION_DB_SYNCPROV
          value: binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD
            searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=01:00:00:10
            retry="60 +" timeout=1
        - name: LDAP_REPLICATION_HOSTS
          value: '#PYTHON2BASH:[''ldap://openldap-0.openldap'', ''ldap://openldap-1.openldap'']'
        image: osixia/openldap:1.3.0
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          initialDelaySeconds: 30
          periodSeconds: 15
          successThreshold: 1
          tcpSocket:
            port: 389
          timeoutSeconds: 1
        name: openldap-ha
        ports:
        - containerPort: 389
          name: ldap
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          initialDelaySeconds: 30
          periodSeconds: 15
          successThreshold: 1
          tcpSocket:
            port: 389
          timeoutSeconds: 1
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /var/lib/ldap
          name: openldap-pvc
          subPath: ldap-data
        - mountPath: /etc/ldap/slapd.d
          name: openldap-pvc
          subPath: ldap-config
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      tolerations:
      - effect: NoSchedule
        key: node-role.kubernetes.io/master
      - key: CriticalAddonsOnly
        operator: Exists
      volumes:
      - name: openldap-pvc
        persistentVolumeClaim:
          claimName: openldap-pvc
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  volumeClaimTemplates:
  - metadata:
      creationTimestamp: null
      name: openldap-pvc
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 2Gi
      storageClassName: nfs
      volumeMode: Filesystem

pod openldap-0日志如下:

*** CONTAINER_LOG_LEVEL = 4 (debug)
*** Copy /container/service to /container/run/service
*** Search service in CONTAINER_SERVICE_DIR = /container/run/service :
*** link /container/run/service/:ssl-tools/startup.sh to /container/run/startup/:ssl-tools
*** link /container/run/service/slapd/startup.sh to /container/run/startup/slapd
*** link /container/run/service/slapd/process.sh to /container/run/process/slapd/run
*** Set environment for startup files
*** ignore : LANG = en_US.UTF-8 (keep LANG = en_US.UTF-8 )
*** ignore : LANGUAGE = en_US.UTF-8 (keep LANGUAGE = en_US:en )
*** Environment files will be proccessed in this order :
Caution: previously defined variables will not be overriden.
/container/environment/99-default/default.startup.yaml
/container/environment/99-default/default.yaml

*** --- process file : /container/environment/99-default/default.startup.yaml ---
*** ignore : LDAP_ORGANISATION = Example Inc. (keep LDAP_ORGANISATION = kubesphere )
*** ignore : LDAP_DOMAIN = example.org (keep LDAP_DOMAIN = kubesphere.io )
*** ignore : LDAP_ADMIN_PASSWORD = admin (keep LDAP_ADMIN_PASSWORD = admin )
*** ignore : LDAP_CONFIG_PASSWORD = config (keep LDAP_CONFIG_PASSWORD = admin )
*** ignore : LDAP_TLS = True (keep LDAP_TLS = false )
*** ignore : LDAP_REPLICATION = False (keep LDAP_REPLICATION = true )
*** ignore : LDAP_REPLICATION_CONFIG_SYNCPROV = binddn="cn=admin,cn=config" bindmethod=simple credentials="$LDAP_CONFIG_PASSWORD" searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical (keep LDAP_REPLICATION_CONFIG_SYNCPROV = binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 )
*** ignore : LDAP_REPLICATION_DB_SYNCPROV = binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials="$LDAP_ADMIN_PASSWORD" searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical (keep LDAP_REPLICATION_DB_SYNCPROV = binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=01:00:00:10 retry="60 +" timeout=1 )
*** ignore : LDAP_REPLICATION_HOSTS = ['ldap://ldap.example.org', 'ldap://ldap2.example.org'] (keep LDAP_REPLICATION_HOSTS = #PYTHON2BASH:['ldap://openldap-0.openldap', 'ldap://openldap-1.openldap'] )
*** ignore : LDAP_REMOVE_CONFIG_AFTER_SETUP = True (keep LDAP_REMOVE_CONFIG_AFTER_SETUP = true )
*** --- process file : /container/environment/99-default/default.yaml ---
*** Run commands before startup...
*** Running /container/run/startup/:ssl-tools...
*** ------------ Environment dump ------------
*** PATH = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
*** HOSTNAME = openldap-0.openldap
*** LDAP_REPLICATION = true
*** LDAP_REMOVE_CONFIG_AFTER_SETUP = true
*** MY_POD_NAME = openldap-0
*** LDAP_ORGANISATION = kubesphere
*** LDAP_CONFIG_PASSWORD = admin
*** LDAP_ADMIN_PASSWORD = admin
*** LDAP_REPLICATION_CONFIG_SYNCPROV = binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1
*** LDAP_REPLICATION_DB_SYNCPROV = binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=01:00:00:10 retry="60 +" timeout=1
*** LDAP_REPLICATION_HOSTS = #COMPLEX_BASH_ENV:TABLE: LDAP_REPLICATION_HOSTS_ROW_1 LDAP_REPLICATION_HOSTS_ROW_2
*** LDAP_DOMAIN = kubesphere.io
*** LDAP_TLS = false
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_SERVICE_PORT_SENTINEL = 26379
*** KUBERNETES_SERVICE_HOST = 10.96.0.1
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_20048_TCP_ADDR = 10.111.140.10
*** KS_ACCOUNT_PORT = tcp://10.103.42.239:80
*** KS_APISERVER_PORT = tcp://10.102.163.245:80
*** REDIS_PORT_6379_TCP_PROTO = tcp
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_PORT_RPCBIND = 111
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_20048_TCP = tcp://10.111.140.10:20048
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_SERVICE_PORT_SENTINEL = 26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_SERVICE_PORT = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_SERVICE_PORT_SERVER = 6379
*** KS_ACCOUNT_PORT_80_TCP = tcp://10.103.42.239:80
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_SERVICE_PORT = 6379
*** KUBERNETES_PORT_443_TCP_PROTO = tcp
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_HOST = 10.111.140.10
*** KS_APIGATEWAY_SERVICE_HOST = 10.97.30.137
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_26379_TCP_ADDR = 10.100.144.172
*** KS_ACCOUNT_PORT_80_TCP_PROTO = tcp
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_PORT_NFS = 2049
*** KS_CONSOLE_SERVICE_PORT = 80
*** KS_APIGATEWAY_PORT = tcp://10.97.30.137:80
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_26379_TCP_PORT = 26379
*** KUBERNETES_PORT_443_TCP_PORT = 443
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT = tcp://10.111.140.10:2049
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_26379_TCP = tcp://10.100.144.172:26379
*** KS_ACCOUNT_SERVICE_HOST = 10.103.42.239
*** KS_APISERVER_PORT_80_TCP = tcp://10.102.163.245:80
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_PORT_MOUNTD = 20048
*** KS_CONSOLE_SERVICE_HOST = 10.97.253.55
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_SERVICE_PORT_SERVER = 6379
*** KS_APIGATEWAY_PORT_80_TCP_PORT = 80
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_UDP_PORT = 111
*** KS_CONSOLE_PORT_80_TCP_PORT = 80
*** KS_APISERVER_PORT_80_TCP_PROTO = tcp
*** KUBERNETES_PORT_443_TCP = tcp://10.96.0.1:443
*** REDIS_PORT = tcp://10.102.25.180:6379
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_20048_TCP_PORT = 20048
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_SERVICE_PORT_SENTINEL = 26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_SERVICE_PORT_SERVER = 6379
*** KS_CONSOLE_PORT_80_TCP_ADDR = 10.97.253.55
*** KS_APIGATEWAY_PORT_80_TCP = tcp://10.97.30.137:80
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_6379_TCP = tcp://10.96.9.181:6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_6379_TCP_PORT = 6379
*** KS_APIGATEWAY_PORT_80_TCP_PROTO = tcp
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_SERVICE_HOST = 10.100.144.172
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_26379_TCP_PORT = 26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_26379_TCP_ADDR = 10.96.9.181
*** KS_APISERVER_PORT_80_TCP_PORT = 80
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_PORT = 2049
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_TCP_PORT = 111
*** KS_ACCOUNT_PORT_80_TCP_PORT = 80
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_6379_TCP_ADDR = 10.96.9.181
*** KS_ACCOUNT_PORT_80_TCP_ADDR = 10.103.42.239
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_TCP_ADDR = 10.111.140.10
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_26379_TCP_PORT = 26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_26379_TCP_ADDR = 10.110.75.58
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_6379_TCP = tcp://10.100.144.172:6379
*** KS_APISERVER_PORT_80_TCP_ADDR = 10.102.163.245
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_PORT_RPCBIND_UDP = 111
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_20048_TCP_PROTO = tcp
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_SERVICE_HOST = 10.110.75.58
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_6379_TCP_PORT = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_26379_TCP_PROTO = tcp
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_26379_TCP_PROTO = tcp
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_6379_TCP_PROTO = tcp
*** KS_ACCOUNT_SERVICE_PORT_KS_ACCOUNT = 80
*** KS_APISERVER_SERVICE_PORT = 80
*** REDIS_PORT_6379_TCP_ADDR = 10.102.25.180
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_2049_TCP_ADDR = 10.111.140.10
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_TCP = tcp://10.111.140.10:111
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_6379_TCP_PORT = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_6379_TCP_ADDR = 10.100.144.172
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT = tcp://10.96.9.181:6379
*** KUBERNETES_SERVICE_PORT_HTTPS = 443
*** KUBERNETES_PORT = tcp://10.96.0.1:443
*** KS_CONSOLE_PORT = tcp://10.97.253.55:80
*** REDIS_PORT_6379_TCP = tcp://10.102.25.180:6379
*** REDIS_PORT_6379_TCP_PORT = 6379
*** KS_APIGATEWAY_SERVICE_PORT = 80
*** REDIS_SERVICE_PORT_HAPROXY = 6379
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_UDP_PROTO = udp
*** KS_CONSOLE_PORT_80_TCP = tcp://10.97.253.55:80
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_6379_TCP_ADDR = 10.110.75.58
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_SERVICE_HOST = 10.96.9.181
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_TCP_PROTO = tcp
*** KS_CONSOLE_SERVICE_PORT_NGINX = 80
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_2049_TCP_PROTO = tcp
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_2049_TCP_PORT = 2049
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_UDP_ADDR = 10.111.140.10
*** KS_ACCOUNT_SERVICE_PORT = 80
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT = tcp://10.100.144.172:6379
*** KS_APISERVER_SERVICE_HOST = 10.102.163.245
*** REDIS_SERVICE_HOST = 10.102.25.180
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_SERVICE_PORT = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT = tcp://10.110.75.58:6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_6379_TCP = tcp://10.110.75.58:6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_26379_TCP_PROTO = tcp
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_6379_TCP_PROTO = tcp
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_UDP = udp://10.111.140.10:111
*** KS_CONSOLE_PORT_80_TCP_PROTO = tcp
*** KUBERNETES_SERVICE_PORT = 443
*** REDIS_SERVICE_PORT = 6379
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_2049_TCP = tcp://10.111.140.10:2049
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_6379_TCP_PROTO = tcp
*** KS_APIGATEWAY_PORT_80_TCP_ADDR = 10.97.30.137
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_26379_TCP = tcp://10.96.9.181:26379
*** KUBERNETES_PORT_443_TCP_ADDR = 10.96.0.1
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_26379_TCP = tcp://10.110.75.58:26379
*** KS_APIGATEWAY_SERVICE_PORT_80_2018 = 80
*** LANG = en_US.UTF-8
*** LANGUAGE = en_US:en
*** LC_ALL = en_US.UTF-8
*** HOME = /root
*** CONTAINER_SERVICE_DIR = /container/run/service
*** CONTAINER_STATE_DIR = /container/run/state
*** CONTAINER_LOG_LEVEL = 4
*** INITRD = no
*** LC_CTYPE = en_US.UTF-8
*** LDAP_BASE_DN =
*** LDAP_READONLY_USER = False
*** LDAP_READONLY_USER_USERNAME = readonly
*** LDAP_READONLY_USER_PASSWORD = readonly
*** LDAP_RFC2307BIS_SCHEMA = False
*** LDAP_BACKEND = mdb
*** LDAP_TLS_CRT_FILENAME = ldap.crt
*** LDAP_TLS_KEY_FILENAME = ldap.key
*** LDAP_TLS_DH_PARAM_FILENAME = dhparam.pem
*** LDAP_TLS_CA_CRT_FILENAME = ca.crt
*** LDAP_TLS_ENFORCE = False
*** LDAP_TLS_CIPHER_SUITE = SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC
*** LDAP_TLS_VERIFY_CLIENT = demand
*** KEEP_EXISTING_CONFIG = False
*** LDAP_SSL_HELPER_PREFIX = ldap
*** SSL_HELPER_AUTO_RENEW_SERVICES_IMPACTED = slapd
*** LDAP_LOG_LEVEL = 256
*** LDAP_NOFILE = 1024
*** DISABLE_CHOWN = False
*** LDAP_REPLICATION_HOSTS_ROW_1 = ldap://openldap-0.openldap
*** LDAP_REPLICATION_HOSTS_ROW_2 = ldap://openldap-1.openldap
*** ------------------------------------------
*** Running /container/run/startup/slapd...
*** ------------ Environment dump ------------
*** CONTAINER_LOG_LEVEL = 4
*** CONTAINER_SERVICE_DIR = /container/run/service
*** CONTAINER_STATE_DIR = /container/run/state
*** DISABLE_CHOWN = False
*** HOME = /root
*** HOSTNAME = openldap-0.openldap
*** INITRD = no
*** KEEP_EXISTING_CONFIG = False
*** KS_ACCOUNT_PORT = tcp://10.103.42.239:80
*** KS_ACCOUNT_PORT_80_TCP = tcp://10.103.42.239:80
*** KS_ACCOUNT_PORT_80_TCP_ADDR = 10.103.42.239
*** KS_ACCOUNT_PORT_80_TCP_PORT = 80
*** KS_ACCOUNT_PORT_80_TCP_PROTO = tcp
*** KS_ACCOUNT_SERVICE_HOST = 10.103.42.239
*** KS_ACCOUNT_SERVICE_PORT = 80
*** KS_ACCOUNT_SERVICE_PORT_KS_ACCOUNT = 80
*** KS_APIGATEWAY_PORT = tcp://10.97.30.137:80
*** KS_APIGATEWAY_PORT_80_TCP = tcp://10.97.30.137:80
*** KS_APIGATEWAY_PORT_80_TCP_ADDR = 10.97.30.137
*** KS_APIGATEWAY_PORT_80_TCP_PORT = 80
*** KS_APIGATEWAY_PORT_80_TCP_PROTO = tcp
*** KS_APIGATEWAY_SERVICE_HOST = 10.97.30.137
*** KS_APIGATEWAY_SERVICE_PORT = 80
*** KS_APIGATEWAY_SERVICE_PORT_80_2018 = 80
*** KS_APISERVER_PORT = tcp://10.102.163.245:80
*** KS_APISERVER_PORT_80_TCP = tcp://10.102.163.245:80
*** KS_APISERVER_PORT_80_TCP_ADDR = 10.102.163.245
*** KS_APISERVER_PORT_80_TCP_PORT = 80
*** KS_APISERVER_PORT_80_TCP_PROTO = tcp
*** KS_APISERVER_SERVICE_HOST = 10.102.163.245
*** KS_APISERVER_SERVICE_PORT = 80
*** KS_CONSOLE_PORT = tcp://10.97.253.55:80
*** KS_CONSOLE_PORT_80_TCP = tcp://10.97.253.55:80
*** KS_CONSOLE_PORT_80_TCP_ADDR = 10.97.253.55
*** KS_CONSOLE_PORT_80_TCP_PORT = 80
*** KS_CONSOLE_PORT_80_TCP_PROTO = tcp
*** KS_CONSOLE_SERVICE_HOST = 10.97.253.55
*** KS_CONSOLE_SERVICE_PORT = 80
*** KS_CONSOLE_SERVICE_PORT_NGINX = 80
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT = tcp://10.100.144.172:6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_26379_TCP = tcp://10.100.144.172:26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_26379_TCP_ADDR = 10.100.144.172
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_26379_TCP_PORT = 26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_26379_TCP_PROTO = tcp
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_6379_TCP = tcp://10.100.144.172:6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_6379_TCP_ADDR = 10.100.144.172
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_6379_TCP_PORT = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_PORT_6379_TCP_PROTO = tcp
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_SERVICE_HOST = 10.100.144.172
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_SERVICE_PORT = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_SERVICE_PORT_SENTINEL = 26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_0_SERVICE_PORT_SERVER = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT = tcp://10.96.9.181:6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_26379_TCP = tcp://10.96.9.181:26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_26379_TCP_ADDR = 10.96.9.181
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_26379_TCP_PORT = 26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_26379_TCP_PROTO = tcp
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_6379_TCP = tcp://10.96.9.181:6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_6379_TCP_ADDR = 10.96.9.181
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_6379_TCP_PORT = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_PORT_6379_TCP_PROTO = tcp
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_SERVICE_HOST = 10.96.9.181
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_SERVICE_PORT = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_SERVICE_PORT_SENTINEL = 26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_1_SERVICE_PORT_SERVER = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT = tcp://10.110.75.58:6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_26379_TCP = tcp://10.110.75.58:26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_26379_TCP_ADDR = 10.110.75.58
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_26379_TCP_PORT = 26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_26379_TCP_PROTO = tcp
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_6379_TCP = tcp://10.110.75.58:6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_6379_TCP_ADDR = 10.110.75.58
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_6379_TCP_PORT = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_PORT_6379_TCP_PROTO = tcp
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_SERVICE_HOST = 10.110.75.58
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_SERVICE_PORT = 6379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_SERVICE_PORT_SENTINEL = 26379
*** KS_REDIS_REDIS_HA_ANNOUNCE_2_SERVICE_PORT_SERVER = 6379
*** KUBERNETES_PORT = tcp://10.96.0.1:443
*** KUBERNETES_PORT_443_TCP = tcp://10.96.0.1:443
*** KUBERNETES_PORT_443_TCP_ADDR = 10.96.0.1
*** KUBERNETES_PORT_443_TCP_PORT = 443
*** KUBERNETES_PORT_443_TCP_PROTO = tcp
*** KUBERNETES_SERVICE_HOST = 10.96.0.1
*** KUBERNETES_SERVICE_PORT = 443
*** KUBERNETES_SERVICE_PORT_HTTPS = 443
*** LANG = en_US.UTF-8
*** LANGUAGE = en_US:en
*** LC_ALL = en_US.UTF-8
*** LC_CTYPE = en_US.UTF-8
*** LDAP_ADMIN_PASSWORD = admin
*** LDAP_BACKEND = mdb
*** LDAP_BASE_DN =
*** LDAP_CONFIG_PASSWORD = admin
*** LDAP_DOMAIN = kubesphere.io
*** LDAP_LOG_LEVEL = 256
*** LDAP_NOFILE = 1024
*** LDAP_ORGANISATION = kubesphere
*** LDAP_READONLY_USER = False
*** LDAP_READONLY_USER_PASSWORD = readonly
*** LDAP_READONLY_USER_USERNAME = readonly
*** LDAP_REMOVE_CONFIG_AFTER_SETUP = true
*** LDAP_REPLICATION = true
*** LDAP_REPLICATION_CONFIG_SYNCPROV = binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1
*** LDAP_REPLICATION_DB_SYNCPROV = binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=01:00:00:10 retry="60 +" timeout=1
*** LDAP_REPLICATION_HOSTS = #COMPLEX_BASH_ENV:TABLE: LDAP_REPLICATION_HOSTS_ROW_1 LDAP_REPLICATION_HOSTS_ROW_2
*** LDAP_REPLICATION_HOSTS_ROW_1 = ldap://openldap-0.openldap
*** LDAP_REPLICATION_HOSTS_ROW_2 = ldap://openldap-1.openldap
*** LDAP_RFC2307BIS_SCHEMA = False
*** LDAP_SSL_HELPER_PREFIX = ldap
*** LDAP_TLS = false
*** LDAP_TLS_CA_CRT_FILENAME = ca.crt
*** LDAP_TLS_CIPHER_SUITE = SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC
*** LDAP_TLS_CRT_FILENAME = ldap.crt
*** LDAP_TLS_DH_PARAM_FILENAME = dhparam.pem
*** LDAP_TLS_ENFORCE = False
*** LDAP_TLS_KEY_FILENAME = ldap.key
*** LDAP_TLS_VERIFY_CLIENT = demand
*** MY_POD_NAME = openldap-0

*** PATH = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
*** REDIS_PORT = tcp://10.102.25.180:6379
*** REDIS_PORT_6379_TCP = tcp://10.102.25.180:6379
*** REDIS_PORT_6379_TCP_ADDR = 10.102.25.180
*** REDIS_PORT_6379_TCP_PORT = 6379
*** REDIS_PORT_6379_TCP_PROTO = tcp
*** REDIS_SERVICE_HOST = 10.102.25.180
*** REDIS_SERVICE_PORT = 6379
*** REDIS_SERVICE_PORT_HAPROXY = 6379
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT = tcp://10.111.140.10:2049
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_TCP = tcp://10.111.140.10:111
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_TCP_ADDR = 10.111.140.10
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_TCP_PORT = 111
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_TCP_PROTO = tcp
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_UDP = udp://10.111.140.10:111
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_UDP_ADDR = 10.111.140.10
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_UDP_PORT = 111
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_111_UDP_PROTO = udp
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_20048_TCP = tcp://10.111.140.10:20048
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_20048_TCP_ADDR = 10.111.140.10
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_20048_TCP_PORT = 20048
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_20048_TCP_PROTO = tcp
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_2049_TCP = tcp://10.111.140.10:2049
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_2049_TCP_ADDR = 10.111.140.10
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_2049_TCP_PORT = 2049
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_PORT_2049_TCP_PROTO = tcp
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_HOST = 10.111.140.10
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_PORT = 2049
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_PORT_MOUNTD = 20048
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_PORT_NFS = 2049
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_PORT_RPCBIND = 111
*** RELEASE_NAME_NFS_SERVER_PROVISIONER_SERVICE_PORT_RPCBIND_UDP = 111
*** SSL_HELPER_AUTO_RENEW_SERVICES_IMPACTED = slapd
*** ------------------------------------------
Start OpenLDAP...
Waiting for OpenLDAP to start...
5e57a0f5 @(#) $OpenLDAP: slapd  (Jul 30 2019 16:24:19) $
    Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
5e57a0f5 daemon: bind(8) failed errno=99 (Cannot assign requested address)
Add replication config...
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
Processing file /container/run/service/slapd/assets/config/admin-pw/ldif/06-root-pw-change.ldif
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
*** /container/run/startup/slapd failed with status 255

*** Run commands before finish...
*** Killing all processes...
*** Not all processes have exited in time. Forcing them to exit.

请问这个错误如何处理？谢谢

wanjunlei

errno99，是可用端口被占完了，你用netstat看下是不是有大量处于time_wait的连接

hongming

可以看看这个issue，看看能不能解决你的问题
https://github.com/osixia/docker-openldap/issues/360

gfppower

请问这个问题最终怎么解决的呢？