首次在Kubernetes 1.7.9中安装Istio。安装自动侧车注射。在尝试示例应用程序时,虽然侧面汽车和应用程序容器已启动且处于“正在运行”状态,但proxy_init仍停留在PodInitializing,整个Pod状态为Init:0/1。
[root@node-8 helloworld]# kubectl describe pods helloworld-v1-3194034472-12rgj
Name: helloworld-v1-3194034472-12rgj
Namespace: default
Node: node-8/136.225.226.159
Start Time: Wed, 01 Nov 2017 19:13:11 +0100
Labels: app=helloworld
pod-template-hash=3194034472
version=v1
Annotations: kubernetes.io/created-by={"kind":"SerializedReference","apiVersion":"v1","reference":{"kind":"ReplicaSet","namespace":"default","name":"helloworld-v1-3194034472","uid":"5212bc02-bf30-11e7-b818-0050560...
sidecar.istio.io/status=injected-version-0.2.7
Status: Running
IP: 192.168.144.130
Created By: ReplicaSet/helloworld-v1-3194034472
Controlled By: ReplicaSet/helloworld-v1-3194034472
Init Containers:
istio-init:
Container ID:
Image: docker.io/istio/proxy_init:0.2.7
Image ID:
Port: <none>
Args:
-p
15001
-u
1337
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-76kq4 (ro)
Containers:
helloworld:
Container ID: docker://aa89ecc46d273b76d71a0f67d5169519926cc0e01d9d1f2ab960e2b88a46013b
Image: istio/examples-helloworld-v1
Image ID: docker-pullable://docker.io/istio/examples-helloworld-v1@sha256:c671702b11cbcda103720c2bd3e81a4211012bfef085b7326bb7fbfd8cea4a94
Port: 5000/TCP
State: Running
Started: Wed, 01 Nov 2017 19:13:14 +0100
Ready: True
Restart Count: 0
Requests:
cpu: 100m
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-76kq4 (ro)
istio-proxy:
Container ID: docker://9bb16159d42229512892feae13614c4c373f3436957b6263c772f62282d75e02
Image: docker.io/istio/proxy:0.2.7
Image ID: docker-pullable://docker.io/istio/proxy@sha256:910546c29a32e11f58bab92e68513a5c8f636621c0e20197833270961fda3713
Port: <none>
Args:
proxy
sidecar
-v
2
--configPath
/etc/istio/proxy
--binaryPath
/usr/local/bin/envoy
--serviceCluster
helloworld
--drainDuration
45s
--parentShutdownDuration
1m0s
--discoveryAddress
istio-pilot.istio-system:8080
--discoveryRefreshDelay
1s
--zipkinAddress
zipkin.istio-system:9411
--connectTimeout
10s
--statsdUdpAddress
istio-mixer.istio-system:9125
--proxyAdminPort
15000
State: Running
Started: Wed, 01 Nov 2017 19:13:15 +0100
Ready: True
Restart Count: 0
Environment:
POD_NAME: helloworld-v1-3194034472-12rgj (v1:metadata.name)
POD_NAMESPACE: default (v1:metadata.namespace)
INSTANCE_IP: (v1:status.podIP)
Mounts:
/etc/certs/ from istio-certs (ro)
/etc/istio/proxy from istio-envoy (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-76kq4 (ro)
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True
Volumes:
istio-envoy:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium: Memory
istio-certs:
Type: Secret (a volume populated by a Secret)
SecretName: istio.default
Optional: true
default-token-76kq4:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-76kq4
Optional: false
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.alpha.kubernetes.io/notReady:NoExecute for 300s
node.alpha.kubernetes.io/unreachable:NoExecute for 300s
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
4m 4m 1 default-scheduler Normal Scheduled Successfully assigned helloworld-v1-3194034472-12rgj to node-8
4m 4m 1 kubelet, node-8 Normal SuccessfulMountVolume MountVolume.SetUp succeeded for volume "istio-envoy"
4m 4m 1 kubelet, node-8 Normal SuccessfulMountVolume MountVolume.SetUp succeeded for volume "default-token-76kq4"
4m 4m 1 kubelet, node-8 Normal SuccessfulMountVolume MountVolume.SetUp succeeded for volume "istio-certs"
4m 4m 1 kubelet, node-8 spec.initContainers{istio-init} Normal Pulled Container image "docker.io/istio/proxy_init:0.2.7" already present on machine
4m 4m 1 kubelet, node-8 spec.initContainers{istio-init} Normal Created Created container
4m 4m 1 kubelet, node-8 spec.initContainers{istio-init} Normal Started Started container
4m 4m 1 kubelet, node-8 spec.containers{helloworld} Normal Pulled Container image "istio/examples-helloworld-v1" already present on machine
4m 4m 1 kubelet, node-8 spec.containers{helloworld} Normal Created Created container
4m 4m 1 kubelet, node-8 spec.containers{helloworld} Normal Started Started container
4m 4m 1 kubelet, node-8 spec.containers{istio-proxy} Normal Pulled Container image "docker.io/istio/proxy:0.2.7" already present on machine
4m 4m 1 kubelet, node-8 spec.containers{istio-proxy} Normal Created Created container
4m 4m 1 kubelet, node-8 spec.containers{istio-proxy} Normal Started Started container
[root@node-8 helloworld]# kubectl get pods
NAME READY STATUS RESTARTS AGE
helloworld-v1-3194034472-12rgj 0/2 Init:0/1 0 12m
helloworld-v2-717720256-rc06f 0/2 Init:0/1 0 12m
sleep-140275861-vjqf7 0/2 Init:0/1 0 1h
[root@node-8 helloworld]#
启用了初始化程序:
[root@node-8 istio-0.2.7]# kubectl api-versions | grep admi
admissionregistration.k8s.io/v1alpha1
[root@node-8 istio-0.2.7]#
来自istio-Proxy日志,
[2017-11-02 19:40:19.323][14][warning][main] external/envoy/source/server/server.cc:164] initializing epoch 0 (hot restart version=8.2490552)
[2017-11-02 19:40:19.330][14][warning][main] external/envoy/source/server/server.cc:332] starting main dispatch loop
[2017-11-02 19:40:19.392][14][warning][main] external/envoy/source/server/server.cc:316] all clusters initialized. initializing init manager
[2017-11-02 19:40:19.427][14][warning][config] external/envoy/source/server/listener_manager_impl.cc:451] all dependencies initialized. starting workers
[2017-11-02 19:41:19.429][14][warning][main] external/envoy/source/server/drain_manager_impl.cc:62] shutting down parent after drain
但是proxy_init处于等待状态。
答案 0 :(得分:0)
在部署之前,可以使用名为Initializers的Kubernetes中的alpha功能将Istio sidecars自动注入Pod。请确保您的群集已启用初始化器alpha功能。例如,这需要在GKE中部署alpha集群。在IBM Bluemix容器服务中,应在1.7.x k8s群集中启用alpha功能。
答案 1 :(得分:0)
经过进一步研究后发现,已知问题已在1.8中得到修复,其中init容器可以在PodInitializing状态等待。 https://github.com/kubernetes/kubernetes/pull/51644。工作在1.8罚款。