kubeadm: Should Kubeadm must be able to connect to dl.k8s.io

What does kubeadm do when upgrading plan?

[root@a02-r12-i187-2 bin]# ./kubeadm upgrade plan 
[preflight] Running pre-flight checks.
[upgrade] Making sure the cluster is healthy:
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[upgrade] Fetching available versions to upgrade to
[upgrade/versions] Cluster version: v1.8.4
[upgrade/versions] kubeadm version: v1.9.3
[upgrade/versions] Latest stable version: v1.9.3
[upgrade/versions] FATAL: grpc: timed out when dialing

My host couldn’t connect to dl.k8s.io, so I setup a nginx server as dl.k8s.io, but create only a file /release/stable.txt whose content is “v1.9.3”, then kubeadm will connect to the nginx server and get latest stable version v1.9.3. However,  another error appears: grpc: timed out when dialing. What should I do? Should kubeadm must be able to connect to dl.k8s.io? Is there any workaround to solve this?

About this issue

  • Original URL
  • State: closed
  • Created 6 years ago
  • Reactions: 1
  • Comments: 17 (6 by maintainers)

Most upvoted comments

@FloMedja kubeadm 1.10.x initializes clusters that secure etcd with TLS using a separate CA

+2
stealthybox on May 16, 2018

@detiber I updated my kubeadm to v1.10.3 which contain your PR ( kubernetes/kubernetes/pull/63925 ) i think. I am getting this when trying to run ‘kubeadm upgrade plan’ on a secure external etcd cluster :

[preflight] Running pre-flight checks.
[upgrade] Making sure the cluster is healthy:
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[upgrade/plan] computing upgrade possibilities
[upgrade] Fetching available versions to upgrade to
[upgrade/versions] Cluster version: v1.10.2
[upgrade/versions] kubeadm version: v1.10.3
[upgrade/versions] Latest stable version: v1.10.3
[upgrade/versions] FATAL: context deadline exceeded

Do i miss something ?

+1
FloMedja on May 22, 2018

@FloMedja kubeadm will start a single node master with Etcd in a static pod and generate CA’s and certs for everything to communicate with just a normal kubeadm init

Multi-master is more involved, but you can still use kubeadm to generate all of the certs.

+1
stealthybox on May 17, 2018

@FloMedja if you are seeing the grpc error, then I suspect it is an issue with contacting etcd… what version of kubeadm are you running? If you are running v1.10.x and are using an external etcd cluster, then you will most likely need the fix here: https://github.com/kubernetes/kubernetes/pull/63925

I’m hoping to be able to get that PR merged in time for the v1.10.3 release.

+1
detiber on May 16, 2018
Read more comments on GitHub
← kubeadm: Setup control node on HA cluster hangs - upload CRI socket information
kubeadm: Slow running unit tests →