K
Q

Getting TLS handshake error from EOF metric-server kubernetes

4/8/2019

Configured metrics-server with the below command option and installed using helm

spec:
      containers:
      - command:
        - /metrics-server
        - --kubelet-preferred-address-types=InternalIP
        - --kubelet-insecure-tls
        - --logtostderr

The metrics-server logs reported with error and not able to use it for pods. Any Idea how to resolve this error

root@kube-master-1:/home/ansible# kubectl logs metrics-server-97d989c6b-gqw9p  -n kube-system  -f
I0408 10:13:32.341698       1 serving.go:273] Generated self-signed cert (apiserver.local.config/certificates/apiserver.crt, apiserver.local.config/certificates/apiserver.key)
[restful] 2019/04/08 10:13:33 log.go:33: [restful/swagger] listing is available at https://:443/swaggerapi
[restful] 2019/04/08 10:13:33 log.go:33: [restful/swagger] https://:443/swaggerui/ is mapped to folder /swagger-ui/
I0408 10:13:33.096265       1 serve.go:96] Serving securely on [::]:443
I0408 10:13:46.751082       1 logs.go:49] http: TLS handshake error from 10.233.122.128:9669: EOF
I0408 10:13:47.354218       1 logs.go:49] http: TLS handshake error from 10.233.103.64:57191: EOF
I0408 10:13:56.740224       1 logs.go:49] http: TLS handshake error from 10.233.103.64:28403: EOF
I0408 10:14:01.743030       1 logs.go:49] http: TLS handshake error from 10.233.103.64:2780: EOF
I0408 10:14:06.745106       1 logs.go:49] http: TLS handshake error from 10.233.103.64:39846: EOF
I0408 10:14:11.707334       1 logs.go:49] http: TLS handshake error from 10.233.122.128:27602: EOF
I0408 10:14:16.710157       1 logs.go:49] http: TLS handshake error from 10.233.122.128:44199: EOF
I0408 10:14:26.740208       1 logs.go:49] http: TLS handshake error from 10.233.103.64:53141: EOF
I0408 10:14:31.743200       1 logs.go:49] http: TLS handshake error from 10.233.103.64:35679: EOF
I0408 10:14:41.709067       1 logs.go:49] http: TLS handshake error from 10.233.122.128:20070: EOF

And finally metric server is not available to used with the below status condition

root@kube-master-1:/home/ansible# kubectl get apiservice v1beta1.metrics.k8s.io -o yaml
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
  creationTimestamp: "2019-04-08T09:42:29Z"
  labels:
    app: metrics-server
    chart: metrics-server-2.0.4
    heritage: Tiller
    release: metrics-server
  name: v1beta1.metrics.k8s.io
  resourceVersion: "5139757"
  selfLink: /apis/apiregistration.k8s.io/v1/apiservices/v1beta1.metrics.k8s.io
  uid: 9fd9c0b5-59e2-11e9-ae18-fa163ea0b6ed
spec:
  group: metrics.k8s.io
  groupPriorityMinimum: 100
  insecureSkipTLSVerify: true
  service:
    name: metrics-server
    namespace: kube-system
  version: v1beta1
  versionPriority: 100
status:
  conditions:
  - lastTransitionTime: "2019-04-08T09:42:29Z"
    message: 'no response from https://10.233.32.150:443: Get https://10.233.32.150:443:
      net/http: request canceled while waiting for connection (Client.Timeout exceeded
      while awaiting headers)'
    reason: FailedDiscoveryCheck
    status: "False"
    type: Available
-- anish
cloud
google-cloud-firestore
kubernetes

Similar Questions

Custom Health check with GCP
Reasons of Pod Status Failed
Hostname and IP address modification of 'k8s-master' in kubernetes
Unable to expose a TFTP service from within a Kubernetes cluster

0 Answers