-------------------------------------------------------------------------------
NGINX Ingress controller
Release: 0.26.1
Build: git-2de5a893a
Repository: https://github.com/kubernetes/ingress-nginx
nginx version: openresty/1.15.8.2
-------------------------------------------------------------------------------
W0719 06:58:01.543840 6 flags.go:243] SSL certificate chain completion is disabled (--enable-ssl-chain-completion=false)
W0719 06:58:01.544045 6 client_config.go:541] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
I0719 06:58:01.544341 6 main.go:182] Creating API client for https://10.233.0.1:443
I0719 06:58:01.558257 6 main.go:226] Running in Kubernetes cluster version v1.16 (v1.16.3) - git (clean) commit b3cbbae08ec52a7fc73d334838e18d17e8512749 - platform linux/amd64
F0719 06:58:01.857260 6 ssl.go:389] unexpected error storing fake SSL Cert: could not create PEM certificate file /etc/ingress-controller/ssl/default-fake-certificate.pem: open /etc/ingress-controller/ssl/default-fake-certificate.pem: permission denied
I am a Chinese,I can speak English just little。Welcome to help answer
MountVolume.SetUp failed for volume "ingress-nginx-token-w8mq2" : failed to sync secret cache: timed out waiting for the condition
NAME READY STATUS RESTARTS AGE
ingress-nginx-controller-7p77g 1/1 Running 0 3h19m
ingress-nginx-controller-9cwzt 0/1 CrashLoopBackOff 2 12m
ingress-nginx-controller-qbww8 1/1 Running 0 3h19m
If I understand your problem correctly, you can solve it by adding runAsUser
directive in the SecurityContext
in your yaml file. Look at the example yaml:
securityContext:
runAsUser: 1000
runAsGroup: 3000
fsGroup: 2000
fsGroupChangePolicy: "OnRootMismatch"
Here you can find completely guide about security context in Kuberenetes. You need to put in a user ID that has permission to create the certificate.
See also:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.