Does the kube-apiserver expect the presence of kube-proxy?

0
votes

I've been running my kubernetes masters separate from my kubernetes nodes. So I have kube-apiserver, kube-scheduler and kube-controllermanager running on a server without kubelet, kube-proxy or flannel.

So far this has worked perfectly. However, today I attempted to set up the Web UI and access it through an API server. I got the the following error when accessing http://kube-master-0:8080/ui:

Error: 'dial tcp 172.16.72.12:9090: getsockopt: connection timed out' Trying to reach: 'http://172.16.72.12:9090/'

This suggests to me that the API server is trying to connect to the pod IP, as we don't have flannel or kube-proxy running on this host, the 172.16.72.12 IP will not be routed.

Am I expected to run kube-proxy and flannel on my API servers? Is there another way to let the API server proxy the UI?

2
kubernetesflannelkubeletkube-proxy

2 Answers

0
votes

It's not required, but it will certainly make your life easier.

The reason this isn't working is because kube-proxy isn't directing traffic to the service. Try kube-node:8080/ui (assuming you have exposed it as with NodePort configuration

0
votes

In theory, Kube apiserver does not expect the presence of kube-proxy. This means kube apiserver will run correctly, receives requests and handles them(mostly reads from and writes to etcd).

But if you want the whole cluster working, you will need other components running, for example:

  • if you want pods or deployments to be scheduled, kube-scheduler should be running
  • if you want pods and containers be running in nodes, kubelet has to be running
  • if you want replications can be guarded, controller-manager should be runing

As for kube-proxy and flannel, they are critical parts to make sure networking is working. Load Balance, service, across-hosts pod communication etc all depends on them.