kubernetes pod内的Docker构建失败,“找不到bridge docker0”

时间:2016-08-23 18:04:11

标签: docker kubernetes

我将构建代理移动到Kubernetes / Container Engine中。他们曾经在容器vm(版本container-vm-v20160321)上运行并将docker.sock挂载到docker容器中,因此我们可以从容器内部运行 docker build

这使用了以下清单:

apiVersion: v1
kind: Pod
metadata:
  name: gocd-agent
spec:
  containers:
  - name: gocd-agent
    image: travix/gocd-agent:16.8.0
    imagePullPolicy: Always
    volumeMounts:
    - name: ssh-keys
      mountPath: /var/go/.ssh
      readOnly: true
    - name: gcloud-keys
      mountPath: /var/go/.gcloud
      readOnly: true
    - name: docker-sock
      mountPath: /var/run/docker.sock
    - name: docker-bin
      mountPath: /usr/bin/docker
    env:
    - name: "GO_SERVER_URL"
      value: "https://server:8154/go"
    - name: "AGENT_KEY"
      value: "***"
    - name: "AGENT_RESOURCES"
      value: "docker"
    - name: "DOCKER_GID_ON_HOST"
      value: "107"
  restartPolicy: Always
  dnsPolicy: Default
  volumes:
  - name: ssh-keys
    gcePersistentDisk:
      pdName: sh-keys
      fsType: ext4
      readOnly: true
  - name: gcloud-keys
    gcePersistentDisk:
      pdName: gcloud-keys
      fsType: ext4
      readOnly: true
  - name: docker-sock
    hostPath:
      path: /var/run/docker.sock
  - name: docker-bin
    hostPath:
      path: /usr/bin/docker
  - name: varlog
    hostPath:
      path: /var/log
  - name: varlibdockercontainers
    hostPath:
      path: /var/lib/docker/containers

现在将它移动到一个完整的Container Engine集群 - 版本1.3.5之后 - 使用以下清单它失败了。

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: gocd-agent
spec:
  replicas: 2
  strategy:
    type: Recreate
  revisionHistoryLimit: 1
  selector:
    matchLabels:
      app: gocd-agent
  template:
    metadata:
      labels:
        app: gocd-agent
    spec:
      containers:
      - name: gocd-agent
        image: travix/gocd-agent:16.8.0
        imagePullPolicy: Always
        securityContext:
          privileged: true
        volumeMounts:
        - name: ssh-keys
          mountPath: /k8s-ssh-secret
        - name: gcloud-keys
          mountPath: /var/go/.gcloud
        - name: docker-sock
          mountPath: /var/run/docker.sock
        - name: docker-bin
          mountPath: /usr/bin/docker
        env:
        - name: "GO_SERVER_URL"
          value: "https://server:8154/go"
        - name: "AGENT_KEY"
          value: "***"
        - name: "AGENT_RESOURCES"
          value: "docker"
        - name: "DOCKER_GID_ON_HOST"
          value: "107"
      volumes:
      - name: ssh-keys
        secret:
          secretName: ssh-keys
      - name: gcloud-keys
        secret:
          secretName: gcloud-keys
      - name: docker-sock
        hostPath:
          path: /var/run/docker.sock
      - name: docker-bin
        hostPath:
          path: /usr/bin/docker
      - name: varlog
        hostPath:
          path: /var/log
      - name: varlibdockercontainers
        hostPath:
          path: /var/lib/docker/containers

它似乎开始构建得很好,但最终它失败了,没有这样的界面错误:

Executing "docker build --force-rm=true --no-cache=true --file=target/docker/Dockerfile --tag=****:1.0.258 ."

Sending build context to Docker daemon 557.1 kB
...
Sending build context to Docker daemon 78.04 MB

Step 1 : FROM travix/base-debian-jre8
 ---> a130b5e1b4d4
Step 2 : ADD ***-1.0.258.jar ***.jar
 ---> 8d53e68e93a0
Removing intermediate container d1a758c9baeb
Step 3 : ADD target/newrelic newrelic
 ---> 9dbbb1c1db58
Removing intermediate container 461e66978c53
Step 4 : RUN bash -c "touch /***.jar"
 ---> Running in 6a28f48c9fd1
Removing intermediate container 6a28f48c9fd1
failed to create endpoint stupefied_shockley on network bridge: adding interface veth095b905 to bridge docker0 failed: could not find bridge docker0: route ip+net: no such network interface

由于Kubernetes网络,是否无法在pod中运行docker build,或者我是否需要以不同方式配置pod?或者它是主机上特定docker版本中的错误?

Client:
 Version:      1.11.2
 API version:  1.23
 Go version:   go1.5.4
 Git commit:   b9f10c9
 Built:        Wed Jun  1 21:20:08 2016
 OS/Arch:      linux/amd64
Server:
 Version:      1.11.2
 API version:  1.23
 Go version:   go1.5.4
 Git commit:   b9f10c9
 Built:        Wed Jun  1 21:20:08 2016
 OS/Arch:      linux/amd64

这座桥实际上似乎存在于主机上:

$ sudo brctl show

bridge name     bridge id               STP enabled     interfaces
cbr0            8000.063c847a631e       no              veth0a58740b
                                                        veth1f558898
                                                        veth8797ea93
                                                        vethb11a7490
                                                        vethc576cc01
docker0         8000.02428db6a46e       no          

码头工人信息的完整性

$ sudo docker info
Containers: 15
 Running: 14
 Paused: 0
 Stopped: 1
Images: 67
Server Version: 1.11.2
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 148
 Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins: 
 Volume: local
 Network: bridge null host
Kernel Version: 3.16.0-4-amd64
Operating System: Debian GNU/Linux 7 (wheezy)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 25.57 GiB
Name: gke-tooling-default-pool-1fa283a6-8ufa
ID: JBQ2:Q3AR:TFJG:ILTX:KMHV:M67A:NYEM:NK4G:R43J:K5PS:26HY:Q57S
Docker Root Dir: /var/lib/docker
Debug mode (client): false
Debug mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
WARNING: No kernel memory limit support
WARNING: No cpu cfs quota support
WARNING: No cpu cfs period support

$ uname -a
Linux gke-tooling-default-pool-1fa283a6-8ufa 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2 (2016-04-08) x86_64 GNU/Linux

0 个答案:

没有答案