堆棧內存溢出
  簡體   English   中英

Rancher:kube-system pod 卡在 ContainerCreating 上

[英]Rancher: kube-system pods stuck on ContainerCreating

 原文  2020-08-28 18:44:32       kubernetes/ rancher/ rke/ rancher-rke

問題描述

我正在嘗試使用一個節點(VM 機器)啟動一個集群,但是我得到了一些用於kube-system Pod 作為ContainerCreating

> kubectl get pods,svc -owide --all-namespaces
NAMESPACE       NAME                                          READY   STATUS              RESTARTS   AGE     IP            NODE            NOMINATED NODE   READINESS GATES
cattle-system   pod/cattle-cluster-agent-7db88c6b68-bz5dp     0/1     ContainerCreating   0          7m13s   <none>        hdn-dev-app66   <none>           <none>
cattle-system   pod/cattle-node-agent-ccntw                   1/1     Running             0          7m13s   10.105.1.76   hdn-dev-app66   <none>           <none>
cattle-system   pod/kube-api-auth-9kdpw                       1/1     Running             0          7m13s   10.105.1.76   hdn-dev-app66   <none>           <none>
ingress-nginx   pod/default-http-backend-598b7d7dbd-rwvhm     0/1     ContainerCreating   0          7m29s   <none>        hdn-dev-app66   <none>           <none>
ingress-nginx   pod/nginx-ingress-controller-62vhq            1/1     Running             0          7m29s   10.105.1.76   hdn-dev-app66   <none>           <none>
kube-system     pod/coredns-849545576b-w87zr                  0/1     ContainerCreating   0          7m39s   <none>        hdn-dev-app66   <none>           <none>
kube-system     pod/coredns-autoscaler-5dcd676cbd-pj54d       0/1     ContainerCreating   0          7m38s   <none>        hdn-dev-app66   <none>           <none>
kube-system     pod/kube-flannel-d9m6q                        2/2     Running             0          7m43s   10.105.1.76   hdn-dev-app66   <none>           <none>
kube-system     pod/metrics-server-697746ff48-q7cpx           0/1     ContainerCreating   0          7m33s   <none>        hdn-dev-app66   <none>           <none>
kube-system     pod/rke-coredns-addon-deploy-job-npjll        0/1     Completed           0          7m40s   10.105.1.76   hdn-dev-app66   <none>           <none>
kube-system     pod/rke-ingress-controller-deploy-job-b9rs4   0/1     Completed           0          7m30s   10.105.1.76   hdn-dev-app66   <none>           <none>
kube-system     pod/rke-metrics-addon-deploy-job-5rpbj        0/1     Completed           0          7m35s   10.105.1.76   hdn-dev-app66   <none>           <none>
kube-system     pod/rke-network-plugin-deploy-job-lvk2q       0/1     Completed           0          7m50s   10.105.1.76   hdn-dev-app66   <none>           <none>

NAMESPACE       NAME                           TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                  AGE     SELECTOR
default         service/kubernetes             ClusterIP   10.43.0.1      <none>        443/TCP                  8m19s   <none>
ingress-nginx   service/default-http-backend   ClusterIP   10.43.144.25   <none>        80/TCP                   7m29s   app=default-http-backend
kube-system     service/kube-dns               ClusterIP   10.43.0.10     <none>        53/UDP,53/TCP,9153/TCP   7m39s   k8s-app=kube-dns
kube-system     service/metrics-server         ClusterIP   10.43.251.47   <none>        443/TCP                  7m34s   k8s-app=metrics-server

當我要描述失敗的豆莢時,我得到了:

Failed to create pod sandbox: rpc error: code = Unknown desc = [failed to set up sandbox container "345460c8f6399a0cf20956d8ea24d52f5a684ae47c3e8ec247f83d66d56b2baa" network for pod "cattle-cluster-agent-7db88c6b68-bz5dp": networkPlugin cni failed to set up pod "cattle-cluster-agent-7db88c6b68-bz5dp_cattle-system" network: error getting ClusterInformation: connection is unauthorized: clusterinformations.crd.projectcalico.org "default" is forbidden: User "system:node" cannot get resource "clusterinformations" in API group "crd.projectcalico.org" at the cluster scope, failed to clean up sandbox container "345460c8f6399a0cf20956d8ea24d52f5a684ae47c3e8ec247f83d66d56b2baa" network for pod "cattle-cluster-agent-7db88c6b68-bz5dp": networkPlugin cni failed to teardown pod "cattle-cluster-agent-7db88c6b68-bz5dp_cattle-system" network: error getting ClusterInformation: connection is unauthorized: clusterinformations.crd.projectcalico.org "default" is forbidden: User "system:node" cannot get resource "clusterinformations" in API group "crd.projectcalico.org" at the cluster scope]

曾嘗試再次重新注冊該節點,但沒有成功。 有什么想法嗎?

2 個解決方案

解決方案1
 2  2020-08-28 19:03:37

正如它所說的未經授權,因此您必須授予 rbac 權限才能使其工作。

嘗試添加

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: system:calico-node
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: calico-node
subjects:
- apiGroup: rbac.authorization.k8s.io
  kind: Group
  name: system:nodes

解決方案2
 1 已采納  2020-08-28 20:38:12

修復了以下來自https://rancher.com/docs/rancher/v2.x/en/cluster-admin/cleaning-cluster-nodes/關於如何回收損壞節點的文章的問題。

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 kube-system 命名空間中的 pod 是如何管理的? 獲取除 kube-system 中的 pod 之外的所有 pod kube系統/入口控制器盒的多個副本? Kubernetes-什么是kube系統吊艙,刪除它們是否安全? Kubernetes Logs - 如何獲取kube-system pod的日志 防止 kube-system pods 在特定節點上運行 docker-for-mac&kubernetes在命名空間kube-system中沒有pods kube-system(kube-controller 和 kube-flannels)pod 使用了太多資源 Pods 卡住了 containercreating kubernetes pods卡在容器創建
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM