Ingress nginx-controller - 卷“webhook-cert”失败

tag-icon tag-icon nginx docker kubernetes
Ingress nginx-controller - 卷“webhook-cert”失败

我跑:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.48.1/deploy/static/provider/aws/deploy.yaml

但它没有起作用。

Events:
Type     Reason       Age                     From               Message
----     ------       ----                    ----               -------
  Normal   Scheduled    8m56s                   default-scheduler  Successfully assigned ingress-nginx/ingress-nginx-controller-68649d49b8-g5r58 to ip-10-40-0-32.ap-northeast-2.compute.internal
  Warning  FailedMount  8m56s (x2 over 8m56s)   kubelet            MountVolume.SetUp failed for volume "webhook-cert" : secret "ingress-nginx-admission" not found
  Normal   Killing      7m56s                   kubelet            Container controller failed liveness probe, will be restarted
  Normal   Pulled       7m45s (x2 over 8m54s)   kubelet            Container image "k8s.gcr.io/ingress-nginx/controller:v0.48.1@sha256:e9fb216ace49dfa4a5983b183067e97496e7a8b307d2093f4278cd550c303899" already present on machine
  Normal   Created      7m45s (x2 over 8m54s)   kubelet            Created container controller
  Normal   Started      7m45s (x2 over 8m53s)   kubelet            Started container controller
  Warning  Unhealthy    7m16s (x7 over 8m36s)   kubelet            Liveness probe failed: HTTP probe failed with statuscode: 500
  Warning  Unhealthy    3m46s (x30 over 8m36s)  kubelet            Readiness probe failed: HTTP probe failed with statuscode: 500

日志……

Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
{"level":"info",
"msg":"patching webhook configurations 'ingress-nginx-admission' mutating=false, validating=true, failurePolicy=Fail",
"source":"k8s/k8s.go:39",
"time":"2021-08-17T18:08:40Z"
}
{"err":"the server could not find the requested resource",
"level":"fatal",
"msg":"failed getting validating webhook",
"source":"k8s/k8s.go:48","time":"2021-08-17T18:08:40Z"
}

我尝试将部署更改--ingress-class=nginx--ingress-class=nginx2,或安装 v0.35,或尝试:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx /controller-v0.48.1/deploy/static/provider/baremetal/deploy.yaml

但同样的错误又重复出现。

环境:

  • kubeadm 版本:v1.22.0
  • Docker 版本:20.10.7
  • 操作系统:ubuntu
  • AWS EC2 实例

答案1

MountVolume.SetUp failed for volume "webhook-cert" : secret "ingress-nginx-admission" not found

正如您在事件中看到的,缺少secret "ingress-nginx-admission"。这可能是因为您使用了过时的 yaml。
您可以从这里或者直接使用 helm。

网络负载均衡器 (NLB)

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/deploy.yaml

  1. 下载 deploy.yaml 模板 wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/nlb-with-tls-termination/deploy.yaml
  2. 编辑文件并更改 Kubernetes 集群使用的 VPC CIDR: proxy-real-ip-cidr: XXX.XXX.XXX/XX
  3. 同时更改 AWS 证书管理器 (ACM) ID: arn:aws:acm:us-west-2:XXXXXXXX:certificate/XXXXXX-XXXXXXX-XXXXXXX-XXXXXXXX
  4. 部署清单: kubectl apply -f deploy.yaml

相关内容