0

我正在尝试在 aks 中添加 customresourcedeployment。早些时候我们使用了我认为已弃用的 V1beta1 版本。现在我正在尝试使用抛出架构验证错误的 v1 版本。V1beta1版本如下。

{
  'apiVersion': 'apiextensions.k8s.io/v1beta1',
  'kind': 'CustomResourceDefinition',
  'metadata': {
    'name': 'azureassignedidentities.aadpodidentity.k8s.io'
  },
  'spec': {
    'group': 'aadpodidentity.k8s.io',
    'version': 'v1',
    'names': {
      'kind': 'AzureAssignedIdentity',
      'plural': 'azureassignedidentities'
    },
    'scope': 'Namespaced'
  }
}

现在我正在尝试使用以下模板。

let collection = {
  'apiVersion': 'apiextensions.k8s.io/v1',
  'kind': 'CustomResourceDefinition',
  'metadata': {
    "annotations": {
      "api-approved.kubernetes.io": "unapproved",
      "controller-gen.kubebuilder.io/version": "v0.5.0"
    },
    'name': 'azureassignedidentities.aadpodidentity.k8s.io'
  },
  'spec': {
    'group': 'aadpodidentity.k8s.io',
    'names': {
      'kind': 'AzureAssignedIdentity',
      'listKind': 'AzureAssignedIdentityList',
      'plural': 'azureassignedidentities',
      'singular': 'azureassignedidentity'
    },
    'scope': 'Namespaced',
    'versions': {
      'name': 'v1',
      'schema': {
        'openAPIV3Schema': {
          'description': 'AzureAssignedIdentity contains the identity <-> pod mapping which is matched.',
          'properties': {
            'apiVersion': {
              'description': 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources',
              'type': 'string'
            },
            'kind': {
              'description': 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds',
              'type': 'string'
            },
            'metadata': {
              'type': 'object'
            },
            'spec': {
              'description': 'AzureAssignedIdentitySpec contains the relationship between an AzureIdentity and an AzureIdentityBinding.',
              'properties': {
                'azureBindingRef': {
                  'description': 'AzureBindingRef is an embedded resource referencing the AzureIdentityBinding used by the AzureAssignedIdentity, which requires x-kubernetes-embedded-resource fields to be true',
                  'properties': {
                    'apiVersion': {
                      'description': 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources',
                      'type': 'string'
                    },
                    'kind': {
                      'description': 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds',
                      'type': 'string'
                    },
                    'metadata': {
                      'type': 'object'
                    },
                    'spec': {
                      'description': 'AzureIdentityBindingSpec matches the pod with the Identity. Used to indicate the potential matches to look for between the pod/deployment and the identities present.',
                      'properties': {
                        'azureIdentity': {
                          'type': 'string'
                        },
                        'metadata': {
                          'type': 'object'
                        },
                        'selector': {
                          'type': 'string'
                        },
                        'weight': {
                          'description': 'Weight is used to figure out which of the matching identities would be selected.',
                          'type': 'integer'
                        }
                      },
                      'type': 'object'
                    },
                    'status': {
                      'description': 'AzureIdentityBindingStatus contains the status of an AzureIdentityBinding.',
                      'properties': {
                        'availableReplicas': {
                          'format': 'int32',
                          'type': 'integer'
                        },
                        'metadata': {
                          'type': 'object'
                        }
                      },
                      'type': 'object'
                    }
                  },
                  'type': 'object',
                  'x-kubernetes-embedded-resource': 'true'
                },
                'azureIdentityRef': {
                  'description': 'AzureIdentityRef is an embedded resource referencing the AzureIdentity used by the AzureAssignedIdentity, which requires x-kubernetes-embedded-resource fields to be true',
                  'properties': {
                    'apiVersion': {
                      'description': 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources',
                      'type': 'string'
                    },
                    'kind': {
                      'description': 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds',
                      'type': 'string'
                    },
                    'metadata': {
                      'type': 'object'
                    },
                    'spec': {
                      'description': 'AzureIdentitySpec describes the credential specifications of an identity on Azure.',
                      'properties': {
                        'adEndpoint': {
                          'type': 'string'
                        },
                        'adResourceID': {
                          'description': 'For service principal. Option param for specifying the  AD details.',
                          'type': 'string'
                        },
                        'auxiliaryTenantIDs': {
                          'description': 'Service principal auxiliary tenant ids',
                          'items': {
                            'type': 'string'
                          },
                          'nullable': 'true',
                          'type': 'array'
                        },
                        'clientID': {
                          'description': 'Both User Assigned MSI and SP can use this field.',
                          'type': 'string'
                        },
                        'clientPassword': {
                          'description': 'Used for service principal',
                          'properties': {
                            'name': {
                              'description': 'Name is unique within a namespace to reference a secret resource.',
                              "type": "string"
                            },
                            'namespace': {
                              'description': 'Namespace defines the space within which the secret name must be unique.',
                              'type': 'string'
                            }
                          },
                          'type': 'object'
                        },
                        'metadata': {
                          'type': 'object'
                        },
                        'replicas': {
                          'format': 'int32',
                          'nullable': 'true',
                          'type': 'integer'
                        },
                        'resourceID': {
                          'description': 'User assigned MSI resource id.',
                          'type': 'string'
                        },
                        'tenantID': {
                          'description': 'Service principal primary tenant id.',
                          'type': 'string'
                        },
                        'type': {
                          'description': 'UserAssignedMSI or Service Principal',
                          'type': 'integer'
                        }
                      },
                      'type': 'object'
                    },
                    'status': {
                      'description': 'AzureIdentityStatus contains the replica status of the resource.',
                      'properties': {
                        'availableReplicas': {
                          'format': 'int32',
                          'type': 'integer'
                        },
                        'metadata': {
                          'type': 'object'
                        }
                      },
                      'type': 'object'
                    }
                  },
                  'type': 'object',
                  'x-kubernetes-embedded-resource': 'true'
                },
                'metadata': {
                  'type': 'object'
                },
                'nodename': {
                  'type': 'string'
                },
                'pod': {
                  'type': 'string'
                },
                'podNamespace': {
                  'type': 'string'
                },
                'replicas': {
                  'format': 'int32',
                  'nullable': 'true',
                  'type': 'integer'
                }
              },
              'type': 'object'
            },
            'status': {
              'description': 'AzureAssignedIdentityStatus contains the replica status of the resource.',
              'properties': {
                'availableReplicas': {
                  'format': 'int32',
                  'type': 'integer'
                },
                'metadata': {
                  'type': 'object'
                },
                'status': {
                  'type': 'string'
                }
              },
              'type': 'object'
            }
          },
          'type': 'object'
        }
      },
      'served': 'true',
      'storage': 'true',
      
    }
  },
  'status': {
    'acceptedNames': {
      'kind': "",
      'plural': ""
    },
    'conditions': [],
    'storedVersions': []
  }
}

我正在尝试使用以下代码进行部署。

const client = this.kubeConfig.makeApiClient(k8s.ApiextensionsV1Api);
return new Promise<string>((resolve, reject) => {
  client.createCustomResourceDefinition(collection).then(
    (response) => {
        resolve(response);
    },
    (err) => {
      reject(err.response && err.response.body ? err.response.body : err);
    },
  );
});

错误如下。

*{ "message": "CustomResourceDefinition.apiextensions.k8s.io "azureassignedidentities.aadpodidentity.k8s.io" 无效:[spec.versions[0].schema.openAPIV3Schema:必需值:需要架构,spec.versions[1 ].schema.openAPIV3Schema:必需值:需要模式,spec.versions[2].schema.openAPIV3Schema:必需值:需要模式,spec.versions[3].schema.openAPIV3Schema:必需值:需要模式,规范.versions[0].name:无效值:“”:DNS-1035 标签必须由小写字母数字字符或“-”组成,以字母字符开头,并以字母数字字符结尾(例如“my-name” , 或 'abc-123', 用于验证的正则表达式是 'az?'), spec.versions[1].name: 无效值: "":DNS-1035 标签必须由小写字母数字字符或“-”组成,以字母字符开头,并以字母数字字符结尾(例如“my-name”或“abc-123”,用于验证的正则表达式为“ az?'), spec.versions[2].name: 无效值: "": DNS-1035 标签必须由小写字母数字字符或“-”组成,以字母字符开头,以字母数字字符 (例如 'my-name' 或 'abc-123',用于验证的正则表达式是 'az?'),spec.versions[3].name:无效值:“”:DNS-1035 标签必须由小写字母组成字母数字字符或“-”,以字母字符开头,以字母数字字符结尾(例如“my-name”或“abc-123”,用于验证的正则表达式为“az?'), spec.versions: 无效值: []apiextensions.CustomResourceDefinitionVersion{apiextensions.CustomResourceDefinitionVersion{Name:"", Served:false, Storage:false, Deprecated:false, DeprecationWarning:(*string)(nil), Schema :(*apiextensions.CustomResourceValidation)(nil), Subresources:(*apiextensions.CustomResourceSubresources)(nil), AdditionalPrinterColumns:[]apiextensions.CustomResourceColumnDefinition(nil)}, apiextensions.CustomResourceDefinitionVersion{Name:"", Served:false, Storage:假,弃用:假,弃用警告:(*string)(nil),架构:(*apiextensions.CustomResourceValidation)(nil),子资源:(*apiextensions.CustomResourceSubresources)(nil),AdditionalPrinterColumns:[]apiextensions.CustomResourceColumnDefinition(nil) },apiextensions.CustomResourceDefinitionVersion{名称:“”,服务:假,Storage:false, Deprecated:false, DeprecationWarning:(*string)(nil), Schema:(*apiextensions.CustomResourceValidation)(nil), Subresources:(*apiextensions.CustomResourceSubresources)(nil), AdditionalPrinterColumns:[]apiextensions.CustomResourceColumnDefinition( nil)}, apiextensions.CustomResourceDefinitionVersion{Name:"", Served:false, Storage:false, Deprecated:false, DeprecationWarning:(*string)(nil), Schema:(*apiextensions.CustomResourceValidation)(nil), Subresources:( *apiextensions.CustomResourceSubresources)(nil), AdditionalPrinterColumns:[]apiextensions.CustomResourceColumnDefinition(nil)}}:必须包含唯一的版本名称,spec.versions:无效值:[]apiextensions.CustomResourceDefinitionVersion{apiextensions.CustomResourceDefinitionVersion{Name:"",服务:假,存储:假,弃用:假,弃用警告:(*string)(nil), Schema:(*apiextensions.CustomResourceValidation)(nil), Subresources:(*apiextensions.CustomResourceSubresources)(nil), AdditionalPrinterColumns:[]apiextensions.CustomResourceColumnDefinition(nil)}, apiextensions.CustomResourceDefinitionVersion{Name: "", Served:false, Storage:false, Deprecated:false, DeprecationWarning:(*string)(nil), Schema:(*apiextensions.CustomResourceValidation)(nil), Subresources:(*apiextensions.CustomResourceSubresources)(nil), AdditionalPrinterColumns :[]apiextensions.CustomResourceColumnDefinition(nil)}, apiextensions.CustomResourceDefinitionVersion{Name:"", Served:false, Storage:false, Deprecated:false, DeprecationWarning:(*string)(nil), Schema:(*apiextensions.CustomResourceValidation) (nil),子资源:(*apiextensions.CustomResourceSubresources)(nil),AdditionalPrinterColumns:[]apiextensions.CustomResourceColumnDefinition(nil)}, apiextensions.CustomResourceDefinitionVersion{Name:"", Served:false, Storage:false, Deprecated:false, DeprecationWarning:(*string)(nil), Schema:(*apiextensions.CustomResourceValidation)(无),子资源:(apiextensions.CustomResourceSubresources)(nil), AdditionalPrinterColumns:[]apiextensions.CustomResourceColumnDefinition(nil)}}: 必须有一个版本被标记为存储版本,status.storedVersions: 无效值: []string(nil): 必须至少有一个存储版本]" }

请帮我解决这个问题

4

1 回答 1

0

请检查是否可能的原因是版本(至少 1 个)未存储在已存储版本状态中。

看到错误说

status.storedVersions: 无效值: []string(nil): 必须至少有一个存储版本]" }

弃用版本时,请选择存储升级过程。从 CustomResourceDefinition status.storedVersions 字段中删除旧版本,并确保存在新版本(至少一个)。

手动将现有对象升级到新的存储版本:编写一个升级过程以列出所有现有对象并使用相同的内容编写它们。这会强制后端在当前存储版本(即 v1)中写入对象

脚步

1.首先用旧版本创建资源crd1.yaml。

 versions:
     - name: v1beta1
        served: true
        storage: true

使用 kubectl 应用它。

kubectl apply -f crd1.yaml

2.使用更高版本的定义更新资源,例如v1。将 v1 设置为 CustomResourceDefinition 文件 crd12.yaml 中的存储。

versions:
    - name: v1
      served: true
      storage: true

并使用 kubectl 应用它。

kubectl apply -f crd12.yaml
  1. 确认存在两个版本

kubectl 获取 CustomResourceDefinition $resouce_name -o yaml

storedVersions: [v1beta1 ,v1]
  1. 对于 spec.versions 列表中的旧版本,检查并设置为 false

注意:我们完全可以选择将 v1beta1 版本保留在 CRD 中。如果使用 serve: false 指定,则阻止对 v1alpha1 资源的任何获取/创建/更新操作。

验证storage is set to trueCustomResourceDefinition 中 spec.versions 列表中的新版本。

您可以将 CustomResourceDefinition 保存在 YAML 文件中,然后使用 kubectl apply 来创建它。

例子:

spec:
  group: example.com
  # list of versions supported by this CustomResourceDefinition
  versions:
  - name: v1
    served: true
    storage: true     # One and only one version must be marked as the storage version.
    schema:
      openAPIV3Schema:
        type: object
        properties:
          host:
            type: string
          port:
            type: string
          ........
   - name: v1beta1
    served: false     # Each version can be enabled/disabled by Served flag.
    storage: false
    # A schema is required
    schema:
      openAPIV3Schema:
        type: object
        properties:
          host:
            type: string
          port:
            type: string
             ......
  conversion:
    strategy: None

 # None conversion assumes the same schema for all versions and only sets the apiVersion
     field of custom resources to the proper value

然后删除旧版本。状态下的字段通过状态子资源进行修改,

例如:

   curl -d '[{ "op": "replace", "path":"/status/storedVersions", "value": ["v1"] }]' \
      -H "Content-Type: application/json-patch+json" \
      -X PATCH \ http://localhost:8080  /apis/apiextensions.k8s.io/v1beta1/customresourcedefinitions/$resource_name/status

验证旧版本不再列在 CustomResourceDefinition status.storedVersions

参考这些:

  1. 从 status.storedVersions (kubernetesquestions.com)中删除版本或如何从 status.storedVersions (github.com) 中删除版本
  2. 自定义资源定义版本控制示例。
  3. CustomResourceDefinitions 中的版本 - Kubernetes
于 2022-02-22T10:12:10.073 回答