k8s更新资源的时候报错
问题一:创建资源的时候报错–validate=false[root@hdss7-22 ~]# kubectl apply -f http://k8s-yaml.od.com/dashboard/rbac-minimal.yamlserviceaccount/kubernetes-dashboard unchangedrole.rbac.authorization.k8s.io/kubernetes
问题一:创建资源的时候报错–validate=false
[root@hdss7-22 ~]# kubectl apply -f http://k8s-yaml.od.com/dashboard/rbac-minimal.yaml
serviceaccount/kubernetes-dashboard unchanged
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal unchanged
error: error validating “http://k8s-yaml.od.com/dashboard/rbac-minimal.yaml”: error validating data: [ValidationError(RoleBinding.roleRef): unknown field “apiGroups” in io.k8s.api.rbac.v1.RoleRef, ValidationError(RoleBinding.roleRef): missing required field “apiGroup” in io.k8s.api.rbac.v1.RoleRef]; if you choose to ignore these errors, turn validation off with --validate=false
解决办法 后面加上字段
[root@hdss7-22 ~]# kubectl apply -f http://k8s-yaml.od.com/dashboard/rbac-minimal.yaml --validate=false
serviceaccount/kubernetes-dashboard unchanged
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal unchanged
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
问题二:创建资源的时候报错rolesRef
[root@hdss7-22 ~]# kubectl apply -f http://k8s-yaml.od.com/dashboard/rbac-minimal.yaml
serviceaccount/kubernetes-dashboard unchanged
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal unchanged
error: error validating “http://k8s-yaml.od.com/dashboard/rbac-minimal.yaml”: error validating data: [ValidationError(RoleBinding): unknown field “rolesRef” in io.k8s.api.rbac.v1.RoleBinding, ValidationError(RoleBinding): missing required field “roleRef” in io.k8s.api.rbac.v1.RoleBinding]; if you choose to ignore these errors, turn validation off with --validate=false
有下面的方法没用
[root@hdss7-22 ~]# kubectl apply -f http://k8s-yaml.od.com/dashboard/rbac-minimal.yaml --validate=false
serviceaccount/kubernetes-dashboard unchanged
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal unchanged
The RoleBinding “kubernetes-dashboard-minimal” is invalid:
- roleRef.kind: Unsupported value: “”: supported values: “Role”, “ClusterRole”
- roleRef.name: Required value
这个时候去修改下自己的rbac-minimal.yaml文件有个单词rolesRef写错了应该是roleRef
问题三: 创建资源后pod一直处于CrashLoopBackOff等待状态
[root@hdss7-22 ~]# kubectl get po -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-6b6c4f9648-qb9fw 1/1 Running 3 13d
kubernetes-dashboard-6d58ccc9fc-wg6nx 0/1 CrashLoopBackOff 5 3m40s
traefik-ingress-8t8zl 1/1 Running 1 10d
traefik-ingress-xhwk7 1/1 Running 0 10d
解决办法
查看事务信息
Events:
Type Reason Age From Message
Normal Scheduled 114s default-scheduler Successfully assigned kube-system/kubernetes-dashboard-6d58ccc9fc-wg6nx to hdss7-22.host.com
Normal Pulled 13s (x5 over 113s) kubelet, hdss7-22.host.com Container image “harbor.od.com/public/dashboard:v1.8.3” already present on machine
Normal Created 13s (x5 over 113s) kubelet, hdss7-22.host.com Created container kubernetes-dashboard
Normal Started 13s (x5 over 113s) kubelet, hdss7-22.host.com Started container kubernetes-dashboard
Warning BackOff 9s (x10 over 107s) kubelet, hdss7-22.host.com Back-off restarting failed container
查看日志
[root@hdss7-22 ~]# kubectl logs -n kube-system kubernetes-dashboard-6d58ccc9fc-wg6nx
2021/06/30 14:41:00 Starting overwatch
2021/06/30 14:41:00 Using in-cluster config to connect to apiserver
2021/06/30 14:41:00 Using service account token for csrf signing
2021/06/30 14:41:00 No request provided. Skipping authorization
2021/06/30 14:41:00 Successful initial request to the apiserver, version: v1.15.2
2021/06/30 14:41:00 Generating JWE encryption key
2021/06/30 14:41:00 New synchronizer has been registered: kubernetes-dashboard-key-holder-kube-system. Starting
2021/06/30 14:41:00 Starting secret synchronizer for kubernetes-dashboard-key-holder in namespace kube-system
2021/06/30 14:41:00 Synchronizer kubernetes-dashboard-key-holder-kube-system exited with error: unexpected object: &Secret{ObjectMeta:k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta{Name:,GenerateName:,Namespace:,SelfLink:,UID:,ResourceVersion:,Generation:0,CreationTimestamp:0001-01-01 00:00:00 +0000 UTC,DeletionTimestamp:,DeletionGracePeriodSeconds:nil,Labels:map[string]string{},Annotations:map[string]string{},OwnerReferences:[],Finalizers:[],ClusterName:,Initializers:nil,},Data:map[string][]byte{},Type:,StringData:map[string]string{},}
2021/06/30 14:41:02 Restarting synchronizer: kubernetes-dashboard-key-holder-kube-system.
2021/06/30 14:41:02 Starting secret synchronizer for kubernetes-dashboard-key-holder in namespace kube-system
2021/06/30 14:41:02 Synchronizer kubernetes-dashboard-key-holder-kube-system exited with error: kubernetes-dashboard-key-holder-kube-system watch ended with timeout
2021/06/30 14:41:03 Storing encryption key in a secret
panic: secrets is forbidden: User “system:serviceaccount:kube-system:kubernetes-dashboard” cannot create resource “secrets” in API group “” in the namespace “kube-system”
goroutine 1 [running]:
github.com/kubernetes/dashboard/src/app/backend/auth/jwe.(*rsaKeyHolder).init(0xc4204e3d20)
/home/travis/build/kubernetes/dashboard/.tmp/backend/src/github.com/kubernetes/dashboard/src/app/backend/auth/jwe/keyholder.go:131 +0x2d3
github.com/kubernetes/dashboard/src/app/backend/auth/jwe.NewRSAKeyHolder(0x1a7ee00, 0xc4202b2b40, 0xc4202b2b40, 0x127b962)
/home/travis/build/kubernetes/dashboard/.tmp/backend/src/github.com/kubernetes/dashboard/src/app/backend/auth/jwe/keyholder.go:170 +0x83
main.initAuthManager(0x1a7e300, 0xc420066c60, 0xc4205d3c68, 0x1)
/home/travis/build/kubernetes/dashboard/.tmp/backend/src/github.com/kubernetes/dashboard/src/app/backend/dashboard.go:183 +0x12f
main.main()
/home/travis/build/kubernetes/dashboard/.tmp/backend/src/github.com/kubernetes/dashboard/src/app/backend/dashboard.go:101 +0x28c
解决办法;查看自己的资源是不是没有创建成功,我是把问题一 资源创建后就解决了
开源、云原生的融合云平台
更多推荐
0
0- 0
已为社区贡献3条内容
所有评论(0)