Troubleshooting kubectl Error: The connection to the server x.x.x.x:6443 was refused – did you specify the right host or port?

This document describes steps to troubleshoot kubectl error:

The connection to the server x.x.x.x:6443 was refused - did you specify the right host or port?

1. The kubectl should be executed on the Master Node.

2. Current user must have Kubernetes cluster configuration environment variable (Details of how to are listed under section Preparing to Use Kubernetes as a Regular User), e.g.:

$ env | grep -i kube
KUBECONFIG=/root/.kube/config

3. The docker service must be running:

$ systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/docker.service.d
└─docker-sysconfig.conf, http-proxy.conf, nfs.conf
Active: active (running) since Wed 2019-01-30 13:14:36 NZDT; 21h ago
Docs: https://docs.docker.com
Main PID: 5834 (dockerd)
Tasks: 89
Memory: 189.2M
...

4. The kubelet service must be running:

$ systemctl status kubelet
● kubelet.service - kubelet: The Kubernetes Node Agent
Loaded: loaded (/etc/systemd/system/kubelet.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/kubelet.service.d
└─10-kubeadm.conf
Active: active (running) since Thu 2019-01-31 10:36:55 NZDT; 8min ago
Docs: http://kubernetes.io/docs/
Main PID: 16249 (kubelet)
Tasks: 18
Memory: 48.4M
...

5. TCP port 6443 should be listed as listening port:

# netstat -pnlt | grep 6443
tcp6 0 0 :::6443 :::* LISTEN 4546/kube-apiserver

If TCP port 6443 is not available, check firewall/iptables Rules matching requirements:

$ firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eno1
sources:
services: ssh dhcpv6-client
ports: 10250/tcp 8472/udp 6443/tcp
protocols:
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:

Also check kubelet logs:

# journalctl -xeu kubelet

6. Try restarting Kubernetes cluster which will also do some basic checks:

$ kubeadm-setup.sh restart
Restarting containers now ...
Detected node is master ...
Checking if env is ready ...
Checking whether docker can pull busybox image ...
Checking access to ca-docker-registry.us.oracle.com/kubernetes_developer ...
Trying to pull repository ca-docker-registry.us.oracle.com/kubernetes_developer/pause-amd64 ...
3.0: Pulling from ca-docker-registry.us.oracle.com/kubernetes_developer/pause-amd64
Digest: sha256:f037e4f1990d76b0711e00035d0aeb0869ff9c4ece517e0a90af4ea3f601760e
Status: Image is up to date for ca-docker-registry.us.oracle.com/kubernetes_developer/pause-amd64:3.0
Checking firewalld settings ...
Checking iptables default rule ...
Checking br_netfilter module ...
Checking sysctl variables ...
Restarting kubelet ...
Waiting for node to restart ...
....
Restarting pod kube-flannel-ds-6htqw
pod "kube-flannel-ds-6htqw" deleted
Restarting pod kube-flannel-ds-fmjjw
pod "kube-flannel-ds-fmjjw" deleted
Restarting pod kube-flannel-ds-j982j
pod "kube-flannel-ds-j982j" deleted
Master node restarted. Complete synchronization between nodes may take a few minutes.
Related Post