Loora1N's Blog | 鹭雨

【Cloud】kubectl 报错connection reset by peer

2023-12-21

情景

配置k8s环境时，使用minikube start启动集群，尝试使用kubectl命令与其交互时出现报错如下：

┌─[loorain@ubuntu] - [~] - [8040]
└─[$] kubectl cluster-info                                                                 [14:47:50]
E1220 14:52:11.375271  103903 memcache.go:265] couldn't get current server API group list: Get "https://192.168.49.2:8443/api?timeout=32s": context deadline exceeded - error from a previous attempt: read tcp 192.168.163.131:40832->192.168.163.1:7890: read: connection reset by peer
^C
┌─[loorain@ubuntu] - [~] - [8041]
└─[$] kubectl get pods                                                                     [14:52:14]
E1220 14:54:40.674768  106637 memcache.go:265] couldn't get current server API group list: Get "https://192.168.49.2:8443/api?timeout=32s": context deadline exceeded - error from a previous attempt: read tcp 192.168.163.131:44286->192.168.163.1:7890: read: connection reset by peer

但是kubectl config get-contexts和minikube status都显示正常

┌─[loorain@ubuntu] - [~] - [8039]
└─[$] kubectl config get-contexts                                                       
CURRENT   NAME       CLUSTER    AUTHINFO   NAMESPACE
*         minikube   minikube   minikube   default

┌─[loorain@ubuntu] - [~] - [8071]
└─[$] minikube status                                                     
minikube
type: Control Plane
host: Running
kubelet: Running
apiserver: Running
kubeconfig: Configured

报错的reset地址192.168.163.1:7890，是我为虚拟机设置的代理，所以大致确定应该是代理的问题.

修复

要确定是否真的是代理的问题，可以使用unset取消代理的设置，测试下看看效果：

┌─[loorain@ubuntu] - [~] - [8053]
└─[$] unset https_proxy http_proxy all_proxy                              [15:01:12]
┌─[loorain@ubuntu] - [~] - [8054]
└─[$] kubectl get nodes                                                   [15:01:47]
NAME       STATUS   ROLES           AGE   VERSION
minikube   Ready    control-plane   55m   v1.28.3

确定是因为我这里没有设置no_proxy，导致kubectl访问192.168.49.2这种本地的地址出错，这里继续在~/.zshrc内增加一下no_proxy环境变量内容:

export no_proxy="localhost \
        127.0.0.0/8, \
        10.0.0.0/8, \
        172.1[6-9].0.0/16, \
        172.2[0-9].0.0/16, \
        192.168.0.0/16"
export NO_PROXY="localhost, \
        127.0.0.0/8, \
        10.0.0.0/8, \
        172.1[6-9].0.0/16, \
        172.2[0-9].0.0/16, \
        192.168.0.0/16"

环境变量中192.168.0.0/24指k8s集群的ip列表，我这里也把一些常见的本地IP加入了no_proxy，可以使用minikube profile list查看下内容:

┌─[loorain@ubuntu] - [~/eBPF] - [8074]
└─[$] minikube profile list                                               [15:54:02]
|----------|-----------|---------|--------------|------|---------|---------|-------|--------|
| Profile  | VM Driver | Runtime |      IP      | Port | Version | Status  | Nodes | Active |
|----------|-----------|---------|--------------|------|---------|---------|-------|--------|
| minikube | docker    | docker  | 192.168.49.2 | 8443 | v1.28.3 | Running |     1 | *      |
|----------|-----------|---------|--------------|------|---------|---------|-------|--------|

重新source ~/.zshrc就可以正常使用kubectl命令了