Search code examples
kuberneteskubernetes-dashboard

Kubernetes-dashboard pod is crashing again and again


I have installed and configured Kubernetes on my ubuntu machine, followed this Document

After deploying the Kubernetes-dashboard, container keep crashing

kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml

Started the Proxy using:

kubectl proxy --address='0.0.0.0' --accept-hosts='.*' --port=8001

Pod status:

kubectl get pods -o wide --all-namespaces
....
....
kube-system   kubernetes-dashboard-64576d84bd-z6pff     0/1       CrashLoopBackOff   26         2h        192.168.162.87   kb-node     <none>

Kubernetes system log:

root@KB-master:~# kubectl -n kube-system logs kubernetes-dashboard-64576d84bd-z6pff --follow
2018/09/11 09:27:03 Starting overwatch
2018/09/11 09:27:03 Using apiserver-host location: http://192.168.33.30:8001
2018/09/11 09:27:03 Skipping in-cluster config
2018/09/11 09:27:03 Using random key for csrf signing
2018/09/11 09:27:03 No request provided. Skipping authorization
2018/09/11 09:27:33 Error while initializing connection to Kubernetes apiserver. This most likely means that the cluster is misconfigured (e.g., it has invalid apiserver certificates or service account's configuration) or the --apiserver-host param points to a server that does not exist. Reason: Get http://192.168.33.30:8001/version: dial tcp 192.168.33.30:8001: i/o timeout
Refer to our FAQ and wiki pages for more information: https://github.com/kubernetes/dashboard/wiki/FAQ

Getting the msg when I'm trying to hit below link on the browser

URL:http://192.168.33.30:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login

Error: 'dial tcp 192.168.162.87:8443: connect: connection refused'
Trying to reach: 'https://192.168.162.87:8443/'

Anyone can help me with this.


Solution

  • http://192.168.33.30:8001 is not a legitimate API server URL. All communications with the API server use TLS internally (https:// URL scheme). These communications are verified using the API server CA certificate and are authenticated by mean of tokens signed by the same CA.

    What you see is the result of a misconfiguration. At first sight it seems like you mixed pod, service and host networks.

    Make sure you understand the difference between Host network, Pod network and Service network. These 3 networks can not overlap. For example --pod-network-cidr=192.168.0.0/16 must not include the IP address of your host, change it to 10.0.0.0/16 or something smaller if necessary.

    After you have a clear overview of the network topology, run the setup again and everything will be configured correctly, including the Kubernetes CA.