GKE 实例元数据 pod 记录“无法同步沙箱”数百万次
[英]GKE Instance Metadata pod logging "Unable to sync sandbox" millions of times
问题描述
I have enabled Workload Identity on my GKE cluster(s) and noticed that the gke-instance-metadata pods started logging an insane amount, with two log lines coming up in particular:
我在我的 GKE 集群上启用了 Workload Identity,并注意到gke-instance-metadata pod 开始记录大量异常,特别是出现了两条日志行:
-
"Unable to sync sandbox "05341100f9a2739c19a9c2772a17d4384005c934882b118f183a83c4cc1d558c": setup not complete: podUID="cbef7961-c864-4f21-8861-45f99b2eee90", ip=""" -
""/computeMetadata/v1/instance/attributes/cluster-name" HTTP/200"
I now have a total of over 348 million log entries over 7 days which is affecting my billing.现在,我在 7 天内总共有超过 3.48 亿条日志条目,这影响了我的计费。
Anyone have an idea why this is happening, and how to stop it?任何人都知道为什么会发生这种情况,以及如何阻止它?
1 个解决方案
解决方案1
0 2022-09-22 19:16:14
I spun up a fresh cluster with workload identity enabled.我启动了一个启用了工作负载身份的新集群。
I used the following log explorer query:我使用了以下日志资源管理器查询:
resource.type="k8s_container"
jsonPayload.message:"Unable to sync sandbox"
resource.labels.container_name="gke-metadata-server"
and immediately saw the same log message.并立即看到相同的日志消息。
It's my understanding that that's a benign message / normal log message that you can / should ignore.据我了解,这是您可以/应该忽略的良性消息/正常日志消息。
It's triggered by creating pods I ran kubectl run nginx --image=nginx , and immediately saw the message.它是由创建 Pod 触发的,我运行kubectl run nginx --image=nginx ,并立即看到消息。 (I think it's also triggered by pods being deleted as I saw it again when cluster autoscaler scaled down some nodes.) (我认为它也是由 pod 被删除触发的,因为当集群自动缩放器缩小一些节点时我再次看到它。)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.