kubectl이 Pod READY 0/1 상태를 얻습니다.

tag-icon tag-icon kubernetes
kubectl이 Pod READY 0/1 상태를 얻습니다.

Kubernetes 및 Mongodb에 대한 연구실을 따르고 있지만 모든 포드는 항상 0/1 상태입니다. 이것이 무엇을 의미합니까? 어떻게 준비하나요? 1/1

[root@master-node ~]# kubectl get pod
NAME                                 READY   STATUS    RESTARTS   AGE
mongo-express-78fcf796b8-wzgvx       0/1     Pending   0          3m41s
mongodb-deployment-8f6675bc5-qxj4g   0/1     Pending   0          160m
nginx-deployment-64bd7b69c-wp79g     0/1     Pending   0          4h44m

kubectl은 포드 nginx-deployment-64bd7b69c-wp79g -o yaml을 가져옵니다.

[root@master-node ~]# kubectl get pod nginx-deployment-64bd7b69c-wp79g -o yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: "2021-07-27T17:35:57Z"
  generateName: nginx-deployment-64bd7b69c-
  labels:
    app: nginx
    pod-template-hash: 64bd7b69c
  name: nginx-deployment-64bd7b69c-wp79g
  namespace: default
  ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: true
    controller: true
    kind: ReplicaSet
    name: nginx-deployment-64bd7b69c
    uid: 5b1250dd-a209-44be-9efb-7cf5a63a02a3
  resourceVersion: "15912"
  uid: d71047b4-d0e6-4d25-bb28-c410639a82ad
spec:
  containers:
  - image: nginx:1.14.2
    imagePullPolicy: IfNotPresent
    name: nginx
    ports:
    - containerPort: 8080
      protocol: TCP
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-2zr6k
      readOnly: true
  dnsPolicy: ClusterFirst
  enableServiceLinks: true
  preemptionPolicy: PreemptLowerPriority
  priority: 0
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: default
  serviceAccountName: default
  terminationGracePeriodSeconds: 30
  tolerations:
  - effect: NoExecute
    key: node.kubernetes.io/not-ready
    operator: Exists
    tolerationSeconds: 300
  - effect: NoExecute
    key: node.kubernetes.io/unreachable
    operator: Exists
    tolerationSeconds: 300
  volumes:
  - name: kube-api-access-2zr6k
    projected:
      defaultMode: 420
      sources:
      - serviceAccountToken:
          expirationSeconds: 3607
          path: token
      - configMap:
          items:
          - key: ca.crt
            path: ca.crt
          name: kube-root-ca.crt
      - downwardAPI:
          items:
          - fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
            path: namespace
status:
  conditions:
  - lastProbeTime: null
    lastTransitionTime: "2021-07-27T17:35:57Z"
    message: '0/1 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master:
      }, that the pod didn''t tolerate.'
    reason: Unschedulable
    status: "False"
    type: PodScheduled
  phase: Pending
  qosClass: BestEffort

kubectl은 nginx-deployment-64bd7b69c-wp79g 포드를 설명합니다.

[root@master-node ~]# kubectl get pod nginx-deployment-64bd7b69c-wp79g -o yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: "2021-07-27T17:35:57Z"
  generateName: nginx-deployment-64bd7b69c-
  labels:
    app: nginx
    pod-template-hash: 64bd7b69c
  name: nginx-deployment-64bd7b69c-wp79g
  namespace: default
  ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: true
    controller: true
    kind: ReplicaSet
    name: nginx-deployment-64bd7b69c
    uid: 5b1250dd-a209-44be-9efb-7cf5a63a02a3
  resourceVersion: "15912"
  uid: d71047b4-d0e6-4d25-bb28-c410639a82ad
spec:
  containers:
  - image: nginx:1.14.2
    imagePullPolicy: IfNotPresent
    name: nginx
    ports:
    - containerPort: 8080
      protocol: TCP
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-2zr6k
      readOnly: true
  dnsPolicy: ClusterFirst
  enableServiceLinks: true
  preemptionPolicy: PreemptLowerPriority
  priority: 0
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: default
  serviceAccountName: default
  terminationGracePeriodSeconds: 30
  tolerations:
  - effect: NoExecute
    key: node.kubernetes.io/not-ready
    operator: Exists
    tolerationSeconds: 300
  - effect: NoExecute
    key: node.kubernetes.io/unreachable
    operator: Exists
    tolerationSeconds: 300
  volumes:
  - name: kube-api-access-2zr6k
    projected:
      defaultMode: 420
      sources:
      - serviceAccountToken:
          expirationSeconds: 3607
          path: token
      - configMap:
          items:
          - key: ca.crt
            path: ca.crt
          name: kube-root-ca.crt
      - downwardAPI:
          items:
          - fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
            path: namespace
status:
  conditions:
  - lastProbeTime: null
    lastTransitionTime: "2021-07-27T17:35:57Z"
    message: '0/1 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master:
      }, that the pod didn''t tolerate.'
    reason: Unschedulable
    status: "False"
    type: PodScheduled
  phase: Pending
  qosClass: BestEffort
[root@master-node ~]# kubectl describe pod nginx-deployment-64bd7b69c-wp79g
Name:           nginx-deployment-64bd7b69c-wp79g
Namespace:      default
Priority:       0
Node:           <none>
Labels:         app=nginx
                pod-template-hash=64bd7b69c
Annotations:    <none>
Status:         Pending
IP:
IPs:            <none>
Controlled By:  ReplicaSet/nginx-deployment-64bd7b69c
Containers:
  nginx:
    Image:        nginx:1.14.2
    Port:         8080/TCP
    Host Port:    0/TCP
    Environment:  <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-2zr6k (ro)
Conditions:
  Type           Status
  PodScheduled   False
Volumes:
  kube-api-access-2zr6k:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason            Age                   From               Message
  ----     ------            ----                  ----               -------
  Warning  FailedScheduling  2m53s (x485 over 8h)  default-scheduler  0/1 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master: }, that the pod didn't tolerate.

답변1

K8s 클러스터에 서버가 하나만 있는 것 같습니다. 일반적인 K8s 클러스터에서 마스터 노드 또는 제어 평면은 일반적으로 워크로드를 실행하는 서버와 분리되어 있습니다. 이를 위해 기본적으로 꼬투리를 밀어내는 속성인 "오염"이 있습니다. 오염이 발생하면 마스터에서 포드를 예약할 수 없습니다.

출력의 "status.conditions.message" 요소에서 이 정보를 볼 수 있습니다 kubectl get pod.

message: '0/1 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master:}, that the pod didn't tolerate.'

포드는 허용 오차를 정의하여 해당 오염이 있는 노드에 포드를 예약할 수 있습니다. 메커니즘은 문서에 자세히 설명되어 있습니다.https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/

공차 구성은 다음과 같아야 합니다(테스트되지 않음).

tolerations:
- key: "node-role.kubernetes.io/master"
  operator: "Exists"
  effect: "NoSchedule"

귀하의 경우에는 언급된 방법을 사용하는 것이 더 쉬울 수 있습니다.이 문제. nodeName: master포드 정의에 명시적 요소를 지정합니다. 이렇게 하면 오염 메커니즘을 건너뛰고 포드를 예약할 수 있습니다.

또 다른 옵션은 아래 설명된 대로 마스터 노드에서 오염을 제거하는 것입니다.https://stackoverflow.com/q/43147941

관련 정보