在 K8 1.16 的 AKS 中使用 Helm3 部署 Web 应用程序时出错

时间:2021-02-15 11:31:35

标签: kubernetes yaml kubernetes-helm azure-aks

我正在尝试在 K8 1.16 中部署我的应用程序并使用 csi 驱动程序连接到 Key Vault。

如果我使用 kubectl apply -f secretproviderclass.yaml 从 CLI 手动应用资源 SecretProviderClass 并执行 kubectl get SecretProviderClass -o yaml,我会看到以下内容。

apiVersion: v1
items:
apiVersion: secrets-store.csi.x-k8s.io/v1alpha1
kind: SecretProviderClass
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"secrets-store.csi.x-k8s.io/v1alpha1","kind":"SecretProviderClass","metadata":{"annotations":{},"name":"azure-kvname","namespace":"default"},"spec":{"parameters":{"cloudName":"","keyvaultName":"KAVO03","objects":"array:\n - |\n objectName: db-su-pwd\n objectAlias: "" # [OPTIONAL available for version \u003e 0.0.4] object alias\n objectType: secret # object types: secret, key or cert\n objectVersion: "" # [OPTIONAL] object versions, default to latest if empty\n - |\n objectName: db-admin-user\n objectAlias: "" # [OPTIONAL available for version \u003e 0.0.4] object alias\n objectType: secret # object types: secret, key or cert\n objectVersion: "" # [OPTIONAL] object versions, default to latest if empty\n - |\n objectName: insights-key\n objectAlias: "" # [OPTIONAL available for version \u003e 0.0.4] object alias\n objectType: secret # object types: secret, key or cert\n objectVersion: "" # [OPTIONAL] object versions, default to latest if empty\n - |\n objectName: auth0-client-secret\n objectAlias: "" # [OPTIONAL available for version \u003e 0.0.4] object alias\n objectType: secret # object types: secret, key or cert\n objectVersion: "" # [OPTIONAL] object versions, default to latest if empty\n - |\n objectName: redis-secret\n objectAlias: "" # [OPTIONAL available for version \u003e 0.0.4] object alias\n objectType: secret # object types: secret, key or cert\n objectVersion: "" # [OPTIONAL] object versions, default to latest if empty\n - |\n objectName: db-app-pwd\n objectAlias: "" # [OPTIONAL available for version \u003e 0.0.4] object alias\n objectType: secret # object types: secret, key or cert\n objectVersion: "" # [OPTIONAL] object versions, default to latest if empty\n - |\n objectName: storage-container-string\n objectAlias: "" # [OPTIONAL available for version \u003e 0.0.4] object alias\n objectType: secret # object types: secret, key or cert\n objectVersion: "" # [OPTIONAL] object versions, default to latest if empty\n - |\n objectName: rootCrt\n objectAlias: "" # [OPTIONAL available for version \u003e 0.0.4] object alias\n objectType: secret # object types: secret, key or cert\n objectVersion: "" # [OPTIONAL] object versions, default to latest if empty\n - |\n objectName: db-adfuser-pwd\n objectAlias: "" # [OPTIONAL available for version \u003e 0.0.4] object alias\n objectType: secret # object types: secret, key or cert\n objectVersion: "" # [OPTIONAL] object versions, default to latest if empty \n","resourceGroup":"KAVRG03","subscriptionId":"548e0e0b-fd7f-480d-9f47-f15ef0489899","tenantId":"5b973f99-77df-4beb-b27d-aa0c70b85678","usePodIdentity":"false","useVMManagedIdentity":"false","userAssignedIdentityID":""},"provider":"azure"}}
creationTimestamp: "2021-01-22T06:59:21Z"
generation: 4
name: azure-kvname
namespace: default
resourceVersion: "1544268"
selfLink: /apis/secrets-store.csi.x-k8s.io/v1alpha1/namespaces/default/secretproviderclasses/azure-kvname
uid: 76829f28-02cc-49b8-ab33-710c3d4b042a
spec:
parameters:
cloudName: ""
keyvaultName: KAVO03
objects: "array:\n - |\n objectName: db-su-pwd\n objectAlias: ""
\ # [OPTIONAL available for version > 0.0.4] object alias\n objectType:
secret # object types: secret, key or cert\n objectVersion: ""
\ # [OPTIONAL] object versions, default to latest if empty\n - |\n
\ objectName: db-admin-user\n objectAlias: "" # [OPTIONAL
available for version > 0.0.4] object alias\n objectType: secret #
object types: secret, key or cert\n objectVersion: "" # [OPTIONAL]
object versions, default to latest if empty\n - |\n objectName: insights-key\n
\ objectAlias: "" # [OPTIONAL available for version > 0.0.4] object
alias\n objectType: secret # object types: secret, key or cert\n
\ objectVersion: "" # [OPTIONAL] object versions, default to latest
if empty\n - |\n objectName: auth0-client-secret\n objectAlias: ""
\ # [OPTIONAL available for version > 0.0.4] object alias\n objectType:
secret # object types: secret, key or cert\n objectVersion: ""
\ # [OPTIONAL] object versions, default to latest if empty\n - |\n
\ objectName: redis-secret\n objectAlias: "" # [OPTIONAL available
for version > 0.0.4] object alias\n objectType: secret # object
types: secret, key or cert\n objectVersion: "" # [OPTIONAL] object
versions, default to latest if empty\n - |\n objectName: db-app-pwd\n
\ objectAlias: "" # [OPTIONAL available for version > 0.0.4] object
alias\n objectType: secret # object types: secret, key or cert\n
\ objectVersion: "" # [OPTIONAL] object versions, default to latest
if empty\n - |\n objectName: storage-container-string\n objectAlias:
"" # [OPTIONAL available for version > 0.0.4] object alias\n objectType:
secret # object types: secret, key or cert\n objectVersion: ""
\ # [OPTIONAL] object versions, default to latest if empty\n - |\n
\ objectName: rootCrt\n objectAlias: "" # [OPTIONAL available for
version > 0.0.4] object alias\n objectType: secret # object types:
secret, key or cert\n objectVersion: "" # [OPTIONAL] object versions,
default to latest if empty\n - |\n objectName: db-adfuser-pwd\n
\ objectAlias: "" # [OPTIONAL available for version > 0.0.4] object
alias\n objectType: secret # object types: secret, key or cert\n
\ objectVersion: "" # [OPTIONAL] object versions, default to latest
if empty \n"
resourceGroup: KAVRG03
subscriptionId: 548e0e0b-fd7f-480d-9f47-f15ef0489899
tenantId: 5b973f99-77df-4beb-b27d-aa0c70b85678
usePodIdentity: "false"
useVMManagedIdentity: "false"
userAssignedIdentityID: ""
provider: azure

但是如果我在我的代码中检查相同的 yaml 并让它通过 azure 管道使用 helm3 进行部署,我会看到:

PS C:\Work_EY\k8> kubectl get SecretProviderClass -o yaml

apiVersion: v1
items:
apiVersion: secrets-store.csi.x-k8s.io/v1alpha1
kind: SecretProviderClass
metadata:
annotations:
meta.helm.sh/release-name: backend-qa
meta.helm.sh/release-namespace: default
creationTimestamp: "2021-02-12T12:57:34Z"
generation: 1
labels:
app.kubernetes.io/managed-by: Helm
name: azure-kvname
namespace: default
resourceVersion: "3831652"
selfLink: /apis/secrets-store.csi.x-k8s.io/v1alpha1/namespaces/default/secretproviderclasses/azure-kvname
uid: c8d93db4-4261-44d5-8e8a-6c4bc72b655c
spec:
parameters:
cloudName: ""
keyvaultName: KVKS02
objects: "array:\n - |\n objectName: db-su-pwd\n objectAlias: ""
\ # [OPTIONAL available for version > 0.0.4] object alias\n objectType:
secret # object types: secret, key or cert\n objectVersion: ""
\ # [OPTIONAL] object versions, default to latest if empty\n - |\n
\ objectName: db-admin-user\n objectAlias: "" # [OPTIONAL
available for version > 0.0.4] object alias\n objectType: secret #
object types: secret, key or cert\n objectVersion: "" # [OPTIONAL]
object versions, default to latest if empty\n - |\n objectName: insights-key\n
\ objectAlias: "" # [OPTIONAL available for version > 0.0.4] object
alias\n objectType: secret # object types: secret, key or cert\n
\ objectVersion: "" # [OPTIONAL] object versions, default to latest
if empty\n - |\n objectName: auth0-client-secret\n objectAlias: ""
\ # [OPTIONAL available for version > 0.0.4] object alias\n objectType:
secret # object types: secret, key or cert\n objectVersion: ""
\ # [OPTIONAL] object versions, default to latest if empty\n - |\n
\ objectName: redis-secret\n objectAlias: "" # [OPTIONAL available
for version > 0.0.4] object alias\n objectType: secret # object
types: secret, key or cert\n objectVersion: "" # [OPTIONAL] object
versions, default to latest if empty\n - |\n objectName: db-app-pwd\n
\ objectAlias: "" # [OPTIONAL available for version > 0.0.4] object
alias\n objectType: secret # object types: secret, key or cert\n
\ objectVersion: "" # [OPTIONAL] object versions, default to latest
if empty\n - |\n objectName: storage-container-string\n objectAlias:
"" # [OPTIONAL available for version > 0.0.4] object alias\n objectType:
secret # object types: secret, key or cert\n objectVersion: ""
\ # [OPTIONAL] object versions, default to latest if empty\n - |\n
\ objectName: rootCrt\n objectAlias: "" # [OPTIONAL available for
version > 0.0.4] object alias\n objectType: secret # object types:
secret, key or cert\n objectVersion: "" # [OPTIONAL] object versions,
default to latest if empty\n - |\n objectName: db-adfuser-pwd\n
\ objectAlias: "" # [OPTIONAL available for version > 0.0.4] object
alias\n objectType: secret # object types: secret, key or cert\n
\ objectVersion: "" # [OPTIONAL] object versions, default to latest
if empty \n"
resourceGroup: KAVRG03
subscriptionId: 548e0e0b-fd7f-480d-9f47-f15ef0489899
tenantId: 5b973f99-77df-4beb-b27d-aa0c70b85678
usePodIdentity: "false"
useVMManagedIdentity: "false"
userAssignedIdentityID: ""
provider: azure
kind: List
metadata:
resourceVersion: ""
selfLink: "

因此我的部署失败了。 我发现注释有所不同。

还有一点,我在描述豆荚时看到以下错误:

Normal Scheduled default-scheduler Successfully assigned default/backend-qa-app-backend-69b78c789-cb4cc to aks-agentpool-33316079-vmss000002
Warning FailedMount 34s kubelet, aks-agentpool-33316079-vmss000002 MountVolume.SetUp failed for volume "keyvault" : kubernetes.io/csi: mounter.SetupAt failed: rpc error: code = DeadlineExceeded desc = context deadline exceeded

任何解决此问题的想法!

0 个答案:

没有答案
相关问题
最新问题