容器不会以PV开头

时间:2018-11-02 09:48:19

标签: kubernetes google-kubernetes-engine

第一次使用GCE,以前在带有kops的AWS中使用k8。

我有一个PV和PVC设置,两者都受状态限制。

我有我的第一个部署/吊舱尝试运行,大多数情况下,yaml配置大部分是从AWS的工作设置中复制的。

当我从部署中删除卷时,它会启动并进入运行状态。

连接了卷后,它停在: 开始时间:尚未开始 阶段:待定 状态:ContainerCreating

该容器的日志完全没有,只有一行。

编辑:终于在pod事件中找到了有用的东西,而不是容器日志

  

卷“ tio-pv-ssl”的MountVolume.SetUp失败:安装失败:退出   状态1安装命令:systemd-run安装参数:   --description =用于/var/lib/kubelet/pods/c64b2284-de81-11e8-9ead-42010a9400a0/volumes/kubernetes.io~nfs/tio-pv-ssl的Kubernetes临时挂载   --scope-/ home / kubernetes / containerized_mounter / mounter mount -t nfs 10.148.0.6:/ssl /var/lib/kubelet/pods/c64b2284-de81-11e8-9ead-42010a9400a0/volumes/kubernetes.io~nfs/ tio-pv-ssl   输出:运行范围单位:   运行-r68f0f0ac5bf54be2b47ac60d9e533712.scope安装失败:安装   失败:退出状态32挂载命令:chroot挂载参数:   [/ home / kubernetes / containerized_mounter / rootfs mount -t nfs   10.148.0.6:/ssl /var/lib/kubelet/pods/c64b2284-de81-11e8-9ead-42010a9400a0/volumes/kubernetes.io~nfs/tio-pv-ssl]   输出:mount.nfs:安装时服务器拒绝访问   10.148.0.6:/ssl

使用https://cloud.google.com/launcher/docs/single-node-fileserver设置了NFS服务器10.148.0.6 似乎运行正常,并且/ ssl文件夹位于NFS根目录(/ data / ssl)下

Kubectl的状态

kubectl get pv
NAME              CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS    CLAIM                             STORAGECLASS   REASON    AGE
tio-pv-ssl        1000Gi     RWX            Retain           Bound     core/tio-pv-claim-ssl             standard                 17m

kubectl get pvc --namespace=core
NAME                 STATUS    VOLUME         CAPACITY   ACCESS MODES   STORAGECLASS   AGE
tio-pv-claim-ssl     Bound     tio-pv-ssl     1000Gi     RWX            standard       18m

kubectl get pods --namespace=core
NAME                                READY     STATUS              RESTARTS   AGE
proxy-deployment-64b9cdb55d-8htjf   0/1       ContainerCreating   0          13m

卷Yaml 

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: tio-pv-ssl
spec:
  capacity:
    storage: 1000Gi
  storageClassName: standard
  accessModes:
    - ReadWriteMany
  nfs:
    server: 10.148.0.6
    path: "/ssl"
---                   
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: tio-pv-claim-ssl
  namespace: core
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1Mi
  volumeName: tio-pv-ssl
  storageClassName: standard

部署Yaml 

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: proxy-deployment
spec:
  replicas: 1 
  template:
    metadata:
      labels:
        app: proxy
    spec:
      containers:
      - name: proxy-ctr
        image: asia.gcr.io/xyz/nginx-proxy:latest
        resources:
          limits:
            cpu: "500m"
            memory: 1024Mi
          requests:
            cpu: 100m
            memory: 256Mi
        ports:
        - containerPort: 80
        - containerPort: 443
        volumeMounts:
          - name: tio-ssl-storage
            mountPath: "/etc/nginx/ssl"
      volumes:
        - name: tio-ssl-storage
          persistentVolumeClaim:
            claimName: tio-pv-claim-ssl
  strategy:
    type: "RollingUpdate"
    rollingUpdate:
      maxUnavailable: 1
      maxSurge: 1
---
apiVersion: v1
kind: Service
metadata:
  name: proxyservice
  namespace: core
  labels:
    app: proxy
spec:
  ports:
  - port: 80
    name: port-http
    protocol: TCP
  - port: 443
    name: port-https
    protocol: TCP
  selector:
    app: proxy
  type: LoadBalancer

1 个答案:

答案 0 :(得分:1)

一旦发现隐藏日志的位置,便解决了我自己的问题。

path: "/ssl"

应该是服务器上的完整路径,而不是相对于nfs数据文件夹的相对路径

path: "/data/ssl"
相关问题
最新问题