我正在关注 Kubernetes 和 Mongodb 的实验室,但所有 Pod 始终处于 0/1 状态,这意味着什么?我如何让他们准备好 1/1
[root@master-node ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
mongo-express-78fcf796b8-wzgvx 0/1 Pending 0 3m41s
mongodb-deployment-8f6675bc5-qxj4g 0/1 Pending 0 160m
nginx-deployment-64bd7b69c-wp79g 0/1 Pending 0 4h44m
kubectl 获取 pod nginx-deployment-64bd7b69c-wp79g -o yaml
[root@master-node ~]# kubectl get pod nginx-deployment-64bd7b69c-wp79g -o yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: "2021-07-27T17:35:57Z"
generateName: nginx-deployment-64bd7b69c-
labels:
app: nginx
pod-template-hash: 64bd7b69c
name: nginx-deployment-64bd7b69c-wp79g
namespace: default
ownerReferences:
- apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: nginx-deployment-64bd7b69c
uid: 5b1250dd-a209-44be-9efb-7cf5a63a02a3
resourceVersion: "15912"
uid: d71047b4-d0e6-4d25-bb28-c410639a82ad
spec:
containers:
- image: nginx:1.14.2
imagePullPolicy: IfNotPresent
name: nginx
ports:
- containerPort: 8080
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-2zr6k
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-2zr6k
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2021-07-27T17:35:57Z"
message: '0/1 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master:
}, that the pod didn''t tolerate.'
reason: Unschedulable
status: "False"
type: PodScheduled
phase: Pending
qosClass: BestEffort
kubectl 描述 pod nginx-deployment-64bd7b69c-wp79g
[root@master-node ~]# kubectl get pod nginx-deployment-64bd7b69c-wp79g -o yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: "2021-07-27T17:35:57Z"
generateName: nginx-deployment-64bd7b69c-
labels:
app: nginx
pod-template-hash: 64bd7b69c
name: nginx-deployment-64bd7b69c-wp79g
namespace: default
ownerReferences:
- apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: nginx-deployment-64bd7b69c
uid: 5b1250dd-a209-44be-9efb-7cf5a63a02a3
resourceVersion: "15912"
uid: d71047b4-d0e6-4d25-bb28-c410639a82ad
spec:
containers:
- image: nginx:1.14.2
imagePullPolicy: IfNotPresent
name: nginx
ports:
- containerPort: 8080
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-2zr6k
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-2zr6k
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2021-07-27T17:35:57Z"
message: '0/1 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master:
}, that the pod didn''t tolerate.'
reason: Unschedulable
status: "False"
type: PodScheduled
phase: Pending
qosClass: BestEffort
[root@master-node ~]# kubectl describe pod nginx-deployment-64bd7b69c-wp79g
Name: nginx-deployment-64bd7b69c-wp79g
Namespace: default
Priority: 0
Node: <none>
Labels: app=nginx
pod-template-hash=64bd7b69c
Annotations: <none>
Status: Pending
IP:
IPs: <none>
Controlled By: ReplicaSet/nginx-deployment-64bd7b69c
Containers:
nginx:
Image: nginx:1.14.2
Port: 8080/TCP
Host Port: 0/TCP
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-2zr6k (ro)
Conditions:
Type Status
PodScheduled False
Volumes:
kube-api-access-2zr6k:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedScheduling 2m53s (x485 over 8h) default-scheduler 0/1 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master: }, that the pod didn't tolerate.
答案1
您似乎只有一台用于 K8s 集群的服务器。在典型的 K8s 集群中,主节点或控制平面通常与运行工作负载的服务器分开。为此,它具有“污点”,这基本上是排斥豆荚的属性。污点到位后,pod 就无法在 master 上调度。
您可以在输出的“status.conditions.message”元素中看到此信息kubectl get pod:
message: '0/1 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master:}, that the pod didn't tolerate.'
Pod 可以定义容忍度,这允许它们被调度到具有相应污点的节点。该机制在文档中有详细解释:https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
容忍配置应该如下所示(未经测试):
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
对于您的情况,使用中提到的方法可能更容易这个问题。nodeName: master在 pod 定义中指定显式元素。这应该会跳过污点机制并允许安排您的 Pod。
另一种选择是从主节点中删除污点,如下所述:https://stackoverflow.com/q/43147941