如何解决AzureFile挂载错误（22）：容器内部参数无效？

Question

我在AKS（1.18.2）容器中安装AzureFile Share时出错（在已安装cifs-utils的Ubuntu 18.04之上构建）：

Warning  FailedMount  0s  kubelet, aks-nodepool1-37397744-vmss000001  MountVolume.SetUp failed for volume "myapplication-logs" : mount failed: exit status 32
Mounting command: systemd-run
Mounting arguments: --description=Kubernetes transient mount for /var/lib/kubelet/pods/5e19e1d0-0bfd-4760-a87a-00cb0f3e573a/volumes/kubernetes.io~azure-file/crawler-logs --scope -- mount -t cifs -o file_mode=0777,dir_mode=0777,vers=3.0,<masked> //myazurestorage.file.core.windows.net/crawler-logs /var/lib/kubelet/pods/5e19e1d0-0bfd-4760-a87a-00cb0f3e573a/volumes/kubernetes.io~azure-file/myapplication-logs
Output: Running scope as unit run-r403b463e326d4562a7e44dc8fe018b4b.scope.
mount error(22): Invalid argument
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)

这是我的Yaml配置：

    kind: StorageClass
    apiVersion: storage.k8s.io/v1
    metadata:
      name: myapplication-logs
    provisioner: kubernetes.io/azure-file
    reclaimPolicy: Retain
    allowVolumeExpansion: true
    parameters:
      skuName: Standard_LRS
    ---
    apiVersion: v1
    kind: PersistentVolume
    metadata:
      name: myapplication-logs
    spec:
      capacity:
        storage: 3Gi
      accessModes:
        - ReadWriteMany
      storageClassName: myapplication-logs
      azureFile:
        secretName: azurefilesharesecretname}
        shareName: myapplication-logs
        readOnly: false
    ---
    apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: myapplication-logs
    spec:
      accessModes:
      - ReadWriteMany
      storageClassName: myapplication-logs
      resources:
        requests:
          storage: 3Gi
    ---
    apiVersion: apps/v1
    spec:
      selector:
        matchLabels:
          app: myapplication
      replicas: 1
      template:
        spec:
          containers:
            name: myapplication
            readinessProbe:
              httpGet:
                path: /probes/ready
                port: 5000
              timeoutSeconds: 60
              periodSeconds: 10
            ports:
            - containerPort: 21602
            - containerPort: 5000
            livenessProbe:
              httpGet:
                path: /probes/healthy
                port: 5000
              initialDelaySeconds: 30
              periodSeconds: 10
              timeoutSeconds: 30
            image: myappacr.azurecr.io/myapplication:1.0.391
            volumeMounts:
            - readOnly: true
              name: secrets-volume
              mountPath: /usr/bin/myapp/Secrets
            - name: configuration-volume
              mountPath: /usr/bin/myapp/Configuration
            - name: myapplication-logs
              mountPath: /usr/bin/myapp/logs
    
          imagePullSecrets:
          - name: acr-dev-regcred
          volumes:
          - name: secrets-volume
            secret:
              secretName: myapplication-secrets
          - configMap:
              name: myapplication-configuration
            name: configuration-volume
          - name: myapplication-logs
            persistentVolumeClaim:
              claimName: myapplication-logs
        metadata:
          labels:
            app: myapplication
    kind: Deployment
    metadata:
      name: myapplication-deployment
      labels:
        app: myapplication

StorageClass，PersistentVolume和PersistentVolumeClaim已成功部署，没有任何错误\事件。

无法找出问题所在？ 有什么想法吗？

Answer 1

有两种方法可以将Azure文件共享作为卷从AKS中的容器中使用

1. 手动创建和使用具有Azure文件共享的卷。文件here

在这种情况下，PV需要指定mountOptions

apiVersion: v1
kind: PersistentVolume
metadata:
  name: azurefile
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteMany
  storageClassName: azurefile
  azureFile:
    secretName: azure-secret
    shareName: aksshare
    readOnly: false
  mountOptions:
  - dir_mode=0777
  - file_mode=0777
  - uid=1000
  - gid=1000
  - mfsymlinks
  - nobrl

1. 动态创建持久卷并将其与Azure文件一起使用。文件here

在这种情况下，StorageClass需要具有mountOptions

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: my-azurefile
provisioner: kubernetes.io/azure-file
mountOptions:
  - dir_mode=0777
  - file_mode=0777
  - uid=0
  - gid=0
  - mfsymlinks
  - cache=strict
parameters:
  skuName: Standard_LRS

现在查看您的Yaml，因为您同时创建了PersistentVolume和StorageClass，所以似乎在混合使用手动模式和动态模式。我建议采用一种合适的方法，并正确指定mountOptions，这对于两种模式都是必不可少的。

Answer 2

问题解决了！ 我创建的秘密存在问题。 它是使用kubectl apply -f secret.json创建的，而accounttoragekey并未在base64中编码。

感谢Azure支持！