我只是应用 yaml 文件在我的私有 VM 中安装 ingress-nginx 控制器。
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.1/deploy/static/provider/baremetal/deploy.yaml
得到以下结果,但看起来入口 pod 正在工作,我可以访问它(通过节点 ip:port)。
[root@master01 ~]# kubectl get pod -n ingress-nginx
NAME READY STATUS RESTARTS AGE ingress-nginx-admission-create-t7lfp 0/1 Completed 0 18s ingress-nginx-admission-patch-pghtm 0/1 CrashLoopBackOff 1 (15s ago) 18s ingress-nginx-controller-54cf4b5cfb-cj2vv 0/ 1 运行 0 18s [root@master01 ~]# kubectl get pod -n ingress-nginx -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES ingress-nginx-admission-create-t7lfp 0/1 Completed 0 32s 10.244.0.13 master01 ingress-nginx-admission-patch-pghtm 0/1 Error 2 (29s ago) 32s 10.244 .0.12 master01 ingress-nginx-controller-54cf4b5cfb-cj2vv 1/1 运行 0 32s 10.244.0.14 master01
我只想知道为什么“ingress-nginx-admission-patch-pghtm”(补丁作业)总是失败并且有什么影响?
以下是 pod 日志和 pod 描述的日志
- 修补作业 pod 日志
[root@master01 ~]# kubectl 记录 ingress-nginx-admission-patch-pghtm -n ingress-nginx
**{"level":"info","msg":"patching webhook configurations 'ingress-nginx-admission' mutating=false, validating=true, failurePolicy=Fail","source":"k8s/k8s.go:38","time":"2022-02-14T11:19:40Z"}**
**{"err":"the server could not find the requested resource","level":"fatal","msg":"failed getting validating webhook","source":"k8s/k8s.go:47","time":"2022-02-14T11:19:40Z"}**
修补作业 pod 描述
名称:ingress-nginx-admission-patch-pghtm 命名空间:ingress-nginx 优先级:0 节点:node02.localdomain/192.168.31.205 开始时间:2022 年 2 月 13 日星期日 08:16:34 -0500 标签:app.kubernetes.io /component=admission-webhook app.kubernetes.io/instance=ingress-nginx app.kubernetes.io/managed-by=Helm app.kubernetes.io/name=ingress-nginx app.kubernetes.io/version=1.1.0 controller-uid=08c316a1-6185-4ba7-9785-42564726d765 helm.sh/chart=ingress-nginx-4.0.15 job-name=ingress-nginx-admission-patch 注解:状态:运行 IP:10.244.2.11 IP:IP :10.244.2.11 控制者:Job/ingress-nginx-admission-patch 容器:补丁:容器 ID:docker://1e01e1f0f6a10bf9c913d0f74dfcff590b8742af3009cbfb84a132cd7407fb54 图像:jettech/kube-webhook-certgen:v1.1.0 图像:docker-pul//jettech/kube-webhook-certgen@sha256:e2942b9a2ced069028e772bd500aa101a6117659f062c7b42c3b12ce54732fc7 端口:主机端口:参数:patch --webhook-name=ingress-nginx-admission --namespace=$(POD_NAMESPACE) --patch-mutating=false --secret -name=ingress-nginx-admission --patch-failure-policy=失败状态:等待原因:CrashLoopBackOff 最后状态:终止原因:错误退出代码:1 开始时间:2022 年 2 月 13 日星期日 08:18:02 -0500 完成: 2022 年 2 月 13 日星期日 08:18:02 -0500 就绪:错误重启次数:4 环境:POD_NAMESPACE:ingress-nginx (v1:metadata.namespace) 挂载:/var/run/secrets/kubernetes.io/serviceaccount 来自 kube- api-access-22cq7 (ro) 条件: 类型 状态 已初始化 True Ready False ContainersReady False PodScheduled True Volumes:kube-api-access-22cq7:类型:Projected(包含来自多个源的注入数据的卷) TokenExpirationSeconds:3607 ConfigMapName:kube-root-ca.crt ConfigMapOptional:DownwardAPI:true QoS 类:BestEffort Node-Selectors:kubernetes.io /os=linux Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events: Type Reason Age From Messagekubernetes.io/os=linux Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events: Type Reason Age From Messagekubernetes.io/os=linux Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events: Type Reason Age From Message
正常计划 2 分 22 秒 default-scheduler 已成功分配 ingress-nginx/ingress-nginx-admission-patch-pghtm 到 node02.localdomain 正常拉取 54 秒(x5 超过 2 分 21 秒)kubelet 容器镜像“jettech/kube-webhook-certgen:v1.1.0”已经出现在机器上 Normal Created 54s (x5 over 2m21s) kubelet Created container patch Normal Started 54s (x5 over 2m21s) kubelet Started container patch Warning BackOff 30s (x10 over 2m19s) kubelet Back-off restarting failed container
任何人都可以提供帮助,不胜感激!