0
  • I have created a new Azure container machine with kubernetes as orchestration.
  • After ssh to my master machine , I tried to check kubernets version by kubectl version. But it was unable to connect the server machine. 
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.3", GitCommit:"029c3a408176b55c30846f0faedf56aae5992e9b", GitTreeState:"clean", BuildDate:"2017-02-15T06:40:50Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
Unable to connect to the server: dial tcp <master-ip>:443: i/o timeout
Thomas
  • 4,155
  • 5
  • 21
  • 28
user5594493
  • 103
  • 1

1 Answers1

0

According to your description, it seems you have not configured the Service Principal correctly. You may need to check to ensure the credentials were provided accurately, and that the configured Service Principal has read and write permissions to the target Subscription. If your Service Principal is misconfigured, none of the kubernetes components will come up in a healthy manner. We can check to see if this the problem:

jason@k8s-master-955348FB-0:~$ sudo journalctl -u kubelet | grep --text autorest

If you see output that looks like the following, it means you have not configured the service Principal correctly.

jason@k8s-master-955348FB-0:~$ sudo journalctl -u kubelet | grep --text autorest
Jun 05 15:43:59 k8s-master-955348FB-0 docker[5524]: E0605 15:43:59.736607    6020 kubelet.go:1186] Cannot get Node info: failed to get external ID from cloud provider: autores#WithErrorUnlessStatusCode: POST https://login.microsoftonline.com/1fcf418e-66ed-4c99-9449-d8e18bf8737a/oauth2/token?api-version=1.0 failed with 400 Bad Request: StatusCode=400
Jun 05 15:43:59 k8s-master-955348FB-0 docker[5524]: E0605 15:43:59.924924    6020 kubelet_node_status.go:70] Unable to construct api.Node object for kubelet: failed to get external ID from cloud provider: autorest#WithErrorUnlessStatusCode: POST https://login.microsoftonline.com/1fcf418e-66ed-4c99-9449-d8e18bf8737a/oauth2/token?api-version=1.0 failed with 400 Bad Request: StatusCode=400
Jun 05 15:44:00 k8s-master-955348FB-0 docker[5524]: E0605 15:44:00.199542    6020 kubelet_node_status.go:70] Unable to construct api.Node object for kubelet: failed to get external ID from cloud provider: autorest#WithErrorUnlessStatusCode: POST https://login.microsoftonline.com/1fcf418e-66ed-4c99-9449-d8e18bf8737a/oauth2/token?api-version=1.0 failed with 400 Bad Request: StatusCode=400

More information about how to create /configure a service principal for ACS-Engin Kubernetes cluster by Azure CLI 2.0, please refer to this link.

By the way, I had test it with the wrong Service Principal, and try to run kubectl version, same error as you:

jason@k8s-master-955348FB-0:~$ kubectl version
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.3", GitCommit:"029c3a408176b55c30846f0faedf56aae5992e9b", GitTreeState:"clean", BuildDate:"2017-02-15T06:40:50Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
Unable to connect to the server: dial tcp 40.114.10.73:443: i/o timeout

Here a similar case about Azure K8S, please refer to it.

Jason Ye
  • 2,399
  • 1
  • 8
  • 10
  • Just checking in to see if the information provided was helpful. Please let me know if you would like further assistance. – Jason Ye Jun 07 '17 at 00:49
  • I followed same docs to create `SP` that you have mentioned above, from above docs we need to create a `group` with the help of that group `SP` is created, And from portal while creating `container machine` we also mention group. So these two groups must be same or not ? (However I have tried both ways but None work for me but still need some clarification). Other strange thing on first go I successfully created machine and was everything working fine (group name was not same). But on third attempt (3rd machine) I followed the same steps but this time got the above error) – user5594493 Jun 07 '17 at 07:22
  • you are right, follow this docs will create a group, but then we can create another group to deploy k8s, no problem with group name was not same. can you deploy K8s again? follow the docs try to find the right SP account and password. – Jason Ye Jun 07 '17 at 07:30
  • @user5594493 Does it work now? – Jason Ye Jun 07 '17 at 07:54
  • I am creating the machine from `azure cli` ---- > `az acs create -n -d -g --orchestrator-type kubernetes --agent-vm-size Standard_F1s --agent-count=1` . So I don't have to worry about `SP` , it handles everything itself. – user5594493 Jun 07 '17 at 08:40
  • @user5594493 Yes, use this script to create ACS k8s will handle everything itself. can you run `kubectl get pods` on your new k8s master? Please let me know if you would like further assistance. also if it helpful, please don't forget to accept it as an answer, thanks:) – Jason Ye Jun 07 '17 at 09:12
  • yes, I was able to do everything that I wanted to do and I may not need any further assistance regarding this but yes I have few doubts about kubernetes & Azure container Machine (because I was just playing with kuberentes and some things didn't I may have valid reason why they didn't work but don't know If I am right or wrong) , I can't ask them here (I am sure they will be rejected). – user5594493 Jun 08 '17 at 05:29