安装 fargate 配置文件和 coreddns 插件时出现问题;我对某些部分使用了 terraform,而kubetctl对于其他部分,fargate 配置文件是通过 terraform 创建的:
fargate_profiles = {
kube-system-profile = {
name = "kube-system-profile"
selectors = [
{
namespace = "kube-system"
labels = {
name = "kube-system"
k8s-app = "kube-dns"
}
}
]
tags = {
Cost = "DaCost"
Environment = "dev"
Name = "coredns-fargate-profile"
}
},
swiftalk-dev-profile = {
name = "dev-profile"
selectors = [
{
namespace = "dev"
labels = {
name = "dev"
}
}
]
tags = {
Cost = "DaCost"
Environment = "dev"
Name = "dev-profile"
}
},
}
然后我使用 terraform 再次安装 coredns 插件
resource "aws_eks_addon" "core_dns" {
addon_name = "coredns"
addon_version = "v1.8.3-eksbuild.1"
cluster_name = "${var.eks_cluster_name}-dev"
resolve_conflicts = "OVERWRITE"
tags = { "eks_addon" = "coredns", name = "kube-system" }
depends_on = [kubernetes_namespace.dev]
}
我为 fargate 修补了 coredns 部署
kubectl patch deployment coredns \
--namespace kube-system \
--type=json \
-p='[{"op": "remove", "path": "/spec/template/metadata/annotations/eks.amazonaws.com~1compute-type"}]'
然后重新启动
kubectl rollout restart -n kube-system deployment/coredns
然而,coredns pod 仍然处于待处理状态
kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-5766d4545-g6nxn 0/1 Pending 0 46m
coredns-5766d4545-xng48 0/1 Pending 0 46m
coredns-b744fccf4-hb726 0/1 Pending 0 77m
云监控日志指出了寻找节点进行部署的 Pod,而不是fargate
I0723 10:24:38.059960 1 factory.go:319] "Unable to schedule pod; no nodes are registered to the cluster; waiting" pod="kube-system/coredns-b744fccf4-hb726"
I0723 10:24:38.060078 1 factory.go:319] "Unable to schedule pod; no nodes are registered to the cluster; waiting" pod="kube-system/coredns-5766d4545-xng48"
答案1
在我的案例中,问题在于启用 Cluster Public Access Endpoint 后,我只能使用公共 CIDR(我们的 VPN),这意味着我必须添加 pod CIDRS 或启用私有访问端点,如本文所述
https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
现在它起作用了,无需修补 coredns 部署