在Linux / Windows群集上部署服务时,Kubernetes“Failed create pod sandbox”错误

时间:2017-12-19 21:04:53

标签: docker kubernetes docker-container

当我尝试将服务部署到我的群集时,我收到错误:“创建pod沙箱失败”。容器的状态仍然停留在“ContainerCreating”上。我遵循了本教程:https://docs.microsoft.com/en-us/virtualization/windowscontainers/kubernetes/getting-started-kubernetes-windows

我有一个双节点Kubernetes集群,由一个Windows Server 2016工作节点(名为kubernetes)和一个Ubuntu Server 16.04 LTS主节点(名为kuberL)组成。这两个实例都是在AWS上运行的EC2。 

kuber@kuberL:~$ kubectl get nodes
NAME         STATUS    ROLES     AGE       VERSION
kuberL  Ready     <none>    1h        v1.9.0-beta.1
kubernetes    Ready     <none>    1h        v1.10.0-alpha.0.865+73bb9810e0125a

kuber@kuberL:~$ kubectl get pods
NAME                             READY     STATUS              RESTARTS   AGE
iispod-5d75c55f46-vj2b8          0/1       ContainerCreating   0          18m
win-webserver-55566fdb4d-ncjnk   0/1       ContainerCreating   0          18m

命令的输出: kubectl describe pods 

Name:           iispod-5d75c55f46-vj2b8
Namespace:      default
Node:           kubernetes/10.0.1.4
Start Time:     Tue, 19 Dec 2017 03:19:03 +0000
Labels:         pod-template-hash=1831711902
                run=iispod
Annotations:    kubernetes.io/created-by={"kind":"SerializedReference","apiVersion":"v1","reference":{"kind":"ReplicaSet","namespace":"default","name":"iispod-5d75c55f46","uid":"5d27c9a3-e46b-11e7-ac05-000d3a145b63",...
Status:         Pending
IP:             
Controlled By:  ReplicaSet/iispod-5d75c55f46
Containers:
  iispod:
    Container ID:   
    Image:          microsoft/iis
    Image ID:       
    Port:           <none>
    State:          Waiting
      Reason:       ContainerCreating
    Ready:          False
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-qchfs (ro)
Conditions:
  Type           Status
  Initialized    True 
  Ready          False 
  PodScheduled   True 
Volumes:
  default-token-qchfs:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-qchfs
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     <none>
Events:
  Type     Reason                  Age               From                 Message
  ----     ------                  ----              ----                 -------
  Normal   Scheduled               22s               default-scheduler    Successfully assigned iispod-5d75c55f46-vj2b8 to kubernetes
  Normal   SuccessfulMountVolume   22s               kubelet, kubernetes  MountVolume.SetUp succeeded for volume "default-token-qchfs"
  Normal   SandboxChanged          2s (x7 over 19s)  kubelet, kubernetes  Pod sandbox changed, it will be killed and re-created.
  Warning  FailedCreatePodSandBox  1s (x8 over 21s)  kubelet, kubernetes  Failed create pod sandbox.

Name:           win-webserver-55566fdb4d-ncjnk
Namespace:      default
Node:           kubernetes/10.0.1.4
Start Time:     Tue, 19 Dec 2017 20:35:13 +0000
Labels:         app=win-webserver
                pod-template-hash=1112298608
Annotations:    kubernetes.io/created-by={"kind":"SerializedReference","apiVersion":"v1","reference":{"kind":"ReplicaSet","namespace":"default","name":"win-webserver-55566fdb4d","uid":"d385ad85-e465-11e7-ac05-000d3a1...
Status:         Pending
IP:             
Controlled By:  ReplicaSet/win-webserver-55566fdb4d
Containers:
  windowswebserver:
    Container ID:  
    Image:         microsoft/windowsservercore
    Image ID:      
    Port:          <none>
    Command:
      powershell.exe
      -command
       {...omitted}
    State:          Waiting
      Reason:       ContainerCreating
    Ready:          False
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-qchfs (ro)
Conditions:
  Type           Status
  Initialized    True 
  Ready          False 
  PodScheduled   True 
Volumes:
  default-token-qchfs:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-qchfs
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  beta.kubernetes.io/os=windows
Tolerations:     <none>
Events:
  Type     Reason                  Age                From                 Message
  ----     ------                  ----               ----                 -------
  Normal   Scheduled               5m                 default-scheduler    Successfully assigned win-webserver-55566fdb4d-ncjnk to kubernetes
  Normal   SuccessfulMountVolume   5m                 kubelet, kubernetes  MountVolume.SetUp succeeded for volume "default-token-qchfs"
  Warning  FailedCreatePodSandBox  2m (x12 over 5m)   kubelet, kubernetes  Failed create pod sandbox.
  Normal   SandboxChanged          20s (x59 over 5m)  kubelet, kubernetes  Pod sandbox changed, it will be killed and re-created.

在运行kubelet的worker节点上,我在 win-server iispod pod的输出中找到以下内容:

E1219 20:35:39.919989 5676 remote_runtime.go:92]运行时服务中的RunPodSandbox失败:rpc错误:代码=未知desc = 无法启动容器的沙箱容器“win-webserver-55566fdb4d-ncjnk”< / strong>:来自守护程序的错误响应:容器7286a6000122f336349952b0bab6b330cfeddd72d65b1176d4e21e30529c703c在CreateContainer期间遇到错误:失败 Windows系统调用:容器的操作系统与主机的操作系统不匹配。(0xc0370101)额外信息:

我能够在Windows Server 2016节点上运行microsoft / iis映像,使用时没有问题: docker run -d --name myIIS -p 80:80 microsoft / iis

有关如何部署pod的任何想法?

1 个答案:

答案 0 :(得分:0)

这是Windows dockeree特定错误,pause image无法运行,因为它是使用错误的操作系统基础映像构建的。

您关注的网址的当前版本使用PowerShell section on creating the pause image。这一行:

docker build -t kubeletwin/pause .

将暂停图像(基于nanoserver或windowsservercore)和标记构建为kubeletwin/pause

说明省略的是,一旦您构建了暂停图像,就可以通过在节点上运行来测试它:docker run kubeletwin/pause

如果您的容器/主机操作系统不匹配:

  • type dockerfile获取图片正在使用的基本图片类型
  • 对于RTM OS构建运行(Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion").ReleaseId以获取4位主机操作系统版本
  • 对于内部操作系统构建,请查找完整的内部版本号,例如10.0.17677.1000,您还必须将-insider添加到基本图片类型。

然后运行以下命令以标记正确的OS基础构建以匹配暂停图像所请求的基本图像:

docker pull microsoft\<base image type>:<version>
docker tag microsoft\<base image type>:<version> microsoft\<base image type>:latest
docker build .
docker run <image id from build>
相关问题
最新问题