kubernetes - EKS kube-system 部署 CrashLoopBackOff
问题描述
我正在尝试将 Kube 状态指标部署到kube-system运行 Kubernetes v1.14 的 EKS 集群(eks.4)中的命名空间中。
Kubernetes 连接
provider "kubernetes" {
host = var.cluster.endpoint
token = data.aws_eks_cluster_auth.cluster_auth.token
cluster_ca_certificate = base64decode(var.cluster.certificate)
load_config_file = true
}
部署清单(作为 .tf)
resource "kubernetes_deployment" "kube_state_metrics" {
metadata {
name = "kube-state-metrics"
namespace = "kube-system"
labels = {
k8s-app = "kube-state-metrics"
}
}
spec {
replicas = 1
selector {
match_labels = {
k8s-app = "kube-state-metrics"
}
}
template {
metadata {
labels = {
k8s-app = "kube-state-metrics"
}
}
spec {
container {
name = "kube-state-metrics"
image = "quay.io/coreos/kube-state-metrics:v1.7.2"
port {
name = "http-metrics"
container_port = 8080
}
port {
name = "telemetry"
container_port = 8081
}
liveness_probe {
http_get {
path = "/healthz"
port = "8080"
}
initial_delay_seconds = 5
timeout_seconds = 5
}
readiness_probe {
http_get {
path = "/"
port = "8080"
}
initial_delay_seconds = 5
timeout_seconds = 5
}
}
service_account_name = "kube-state-metrics"
}
}
}
}
我还从https://github.com/kubernetes/kube-state-metrics/tree/master/kubernetes部署了所有必需的 RBAC 清单- 为简洁起见,在此处进行了编辑。
当我terraform apply在上面的部署上运行时,Terraform 输出如下:
kubernetes_deployment.kube_state_metrics: Still creating... [6m50s elapsed]
最终在 10m 处超时。
这是kube-state-metricspod的日志输出
I0910 23:41:19.412496 1 main.go:140] metric white-blacklisting: blacklisting the following items:
W0910 23:41:19.412535 1 client_config.go:541] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
W0910 23:41:19.412565 1 client_config.go:546] error creating inClusterConfig, falling back to default config: open /var/run/secrets/kubernetes.io/serviceaccount/token: no such file or directory
F0910 23:41:19.412782 1 main.go:148] Failed to create client: invalid configuration: no configuration has been provided
解决方案
添加以下内容使spec我成功部署。
automount_service_account_token = true
为了后代:
resource "kubernetes_deployment" "kube_state_metrics" {
metadata {
name = "kube-state-metrics"
namespace = "kube-system"
labels = {
k8s-app = "kube-state-metrics"
}
}
spec {
replicas = 1
selector {
match_labels = {
k8s-app = "kube-state-metrics"
}
}
template {
metadata {
labels = {
k8s-app = "kube-state-metrics"
}
}
spec {
automount_service_account_token = true
container {
name = "kube-state-metrics"
image = "quay.io/coreos/kube-state-metrics:v1.7.2"
port {
name = "http-metrics"
container_port = 8080
}
port {
name = "telemetry"
container_port = 8081
}
liveness_probe {
http_get {
path = "/healthz"
port = "8080"
}
initial_delay_seconds = 5
timeout_seconds = 5
}
readiness_probe {
http_get {
path = "/"
port = "8080"
}
initial_delay_seconds = 5
timeout_seconds = 5
}
}
service_account_name = "kube-state-metrics"
}
}
}
}
推荐阅读
- c# - 在 Polly CircuitBreaker 中设置 durationOfBreak
- android - 无法解决:Firebase auth 15.0.0
- c++ - 如何将 QListWidget 中的当前选择设置为无?
- html - 滚动时如何将标题更改为可移动标题?
- excel - Excel Range 不那么笨拙
- r - 在 R 中从外部 jpg 创建 GIF 或视频
- c++ - 在 C++ 模板参数中,是否可以指定该类型的类型和出现次数?
- java - 从泛型方法中返回 this
- html - 带有绝对定位的儿童不工作的旋转木马
- php - 如果我想检查 PDOstmt->execute() 返回的内容,我是否在 if 语句中再次调用它?