在 fargate 中安排 pod 时出现错误 "Pod not supported on Fargate: volumes not supported: dir-authentication not supported because:" 的问题
problem to schedule pod in fargate with error "Pod not supported on Fargate: volumes not supported: dir-authentication not supported because:"
AWS EKS Fargate 的新手。
我在 aws EKS fargate 上创建了一个集群,然后继续安装 helm chart; pods 都处于挂起状态,查看 pod 描述,我注意到有一些错误
eksctl create cluster -f cluster-fargate.yaml
k -n bd describe pod bd-blackduck-authentication-6c8ff5cc85-jwr8m
Name: bd-blackduck-authentication-6c8ff5cc85-jwr8m
Namespace: bd
Priority: 2000001000
Priority Class Name: system-node-critical
Node: <none>
Labels: app=blackduck
component=authentication
eks.amazonaws.com/fargate-profile=fp-bd
name=bd
pod-template-hash=6c8ff5cc85
version=2021.10.5
Annotations: checksum/blackduck-config: 6c1796e5e4218c71ea2ae7a1249fefbb6f7c216f702ea38919a0bb9751b06922
checksum/postgres-config: f21777c0b5bf24b5535a5b4a8dbf98a5df9c9dd2f4a48e5219dcccf46301a982
kubernetes.io/psp: eks.privileged
Status: Pending
IP:
IPs: <none>
Controlled By: ReplicaSet/bd-blackduck-authentication-6c8ff5cc85
Init Containers:
bd-blackduck-postgres-waiter:
Image: docker.io/blackducksoftware/blackduck-postgres-waiter:1.0.0
Port: <none>
Host Port: <none>
Environment Variables from:
bd-blackduck-config ConfigMap Optional: false
Environment:
POSTGRES_HOST: <set to the key 'HUB_POSTGRES_HOST' of config map 'bd-blackduck-db-config'> Optional: false
POSTGRES_PORT: <set to the key 'HUB_POSTGRES_PORT' of config map 'bd-blackduck-db-config'> Optional: false
POSTGRES_USER: <set to the key 'HUB_POSTGRES_USER' of config map 'bd-blackduck-db-config'> Optional: false
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-85q7d (ro)
Containers:
authentication:
Image: docker.io/blackducksoftware/blackduck-authentication:2021.10.5
Port: 8443/TCP
Host Port: 0/TCP
Limits:
memory: 1Gi
Requests:
memory: 1Gi
Liveness: exec [/usr/local/bin/docker-healthcheck.sh https://127.0.0.1:8443/api/health-checks/liveness /opt/blackduck/hub/hub-authentication/security/root.crt /opt/blackduck/hub/hub-authentication/security/blackduck_system.crt /opt/blackduck/hub/hub-authentication/security/blackduck_system.key] delay=240s timeout=10s period=30s #success=1 #failure=10
Environment Variables from:
bd-blackduck-db-config ConfigMap Optional: false
bd-blackduck-config ConfigMap Optional: false
Environment:
HUB_MAX_MEMORY: 512m
DD_ENABLED: false
HUB_MANAGEMENT_ENDPOINT_PROMETHEUS_ENABLED: false
Mounts:
/opt/blackduck/hub/hub-authentication/ldap from dir-authentication (rw)
/opt/blackduck/hub/hub-authentication/security from dir-authentication-security (rw)
/tmp/secrets/HUB_POSTGRES_ADMIN_PASSWORD_FILE from db-passwords (rw,path="HUB_POSTGRES_ADMIN_PASSWORD_FILE")
/tmp/secrets/HUB_POSTGRES_USER_PASSWORD_FILE from db-passwords (rw,path="HUB_POSTGRES_USER_PASSWORD_FILE")
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-85q7d (ro)
Conditions:
Type Status
PodScheduled False
Volumes:
dir-authentication:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: bd-blackduck-authentication
ReadOnly: false
db-passwords:
Type: Secret (a volume populated by a Secret)
SecretName: bd-blackduck-db-creds
Optional: false
dir-authentication-security:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium:
SizeLimit: <unset>
kube-api-access-85q7d:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedScheduling 58s fargate-scheduler Pod not supported on Fargate: volumes not supported: dir-authentication not supported because: PVC bd-blackduck-authentication not bound
我的 storageClass 当前在我的 values.yaml 中设置为 gp2。
接下来我该怎么做才能解决这个问题?
目前,Fargate does not support PersistentVolume back by EBS. You can use EFS 而不是。
AWS EKS Fargate 的新手。
我在 aws EKS fargate 上创建了一个集群,然后继续安装 helm chart; pods 都处于挂起状态,查看 pod 描述,我注意到有一些错误
eksctl create cluster -f cluster-fargate.yaml
k -n bd describe pod bd-blackduck-authentication-6c8ff5cc85-jwr8m
Name: bd-blackduck-authentication-6c8ff5cc85-jwr8m
Namespace: bd
Priority: 2000001000
Priority Class Name: system-node-critical
Node: <none>
Labels: app=blackduck
component=authentication
eks.amazonaws.com/fargate-profile=fp-bd
name=bd
pod-template-hash=6c8ff5cc85
version=2021.10.5
Annotations: checksum/blackduck-config: 6c1796e5e4218c71ea2ae7a1249fefbb6f7c216f702ea38919a0bb9751b06922
checksum/postgres-config: f21777c0b5bf24b5535a5b4a8dbf98a5df9c9dd2f4a48e5219dcccf46301a982
kubernetes.io/psp: eks.privileged
Status: Pending
IP:
IPs: <none>
Controlled By: ReplicaSet/bd-blackduck-authentication-6c8ff5cc85
Init Containers:
bd-blackduck-postgres-waiter:
Image: docker.io/blackducksoftware/blackduck-postgres-waiter:1.0.0
Port: <none>
Host Port: <none>
Environment Variables from:
bd-blackduck-config ConfigMap Optional: false
Environment:
POSTGRES_HOST: <set to the key 'HUB_POSTGRES_HOST' of config map 'bd-blackduck-db-config'> Optional: false
POSTGRES_PORT: <set to the key 'HUB_POSTGRES_PORT' of config map 'bd-blackduck-db-config'> Optional: false
POSTGRES_USER: <set to the key 'HUB_POSTGRES_USER' of config map 'bd-blackduck-db-config'> Optional: false
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-85q7d (ro)
Containers:
authentication:
Image: docker.io/blackducksoftware/blackduck-authentication:2021.10.5
Port: 8443/TCP
Host Port: 0/TCP
Limits:
memory: 1Gi
Requests:
memory: 1Gi
Liveness: exec [/usr/local/bin/docker-healthcheck.sh https://127.0.0.1:8443/api/health-checks/liveness /opt/blackduck/hub/hub-authentication/security/root.crt /opt/blackduck/hub/hub-authentication/security/blackduck_system.crt /opt/blackduck/hub/hub-authentication/security/blackduck_system.key] delay=240s timeout=10s period=30s #success=1 #failure=10
Environment Variables from:
bd-blackduck-db-config ConfigMap Optional: false
bd-blackduck-config ConfigMap Optional: false
Environment:
HUB_MAX_MEMORY: 512m
DD_ENABLED: false
HUB_MANAGEMENT_ENDPOINT_PROMETHEUS_ENABLED: false
Mounts:
/opt/blackduck/hub/hub-authentication/ldap from dir-authentication (rw)
/opt/blackduck/hub/hub-authentication/security from dir-authentication-security (rw)
/tmp/secrets/HUB_POSTGRES_ADMIN_PASSWORD_FILE from db-passwords (rw,path="HUB_POSTGRES_ADMIN_PASSWORD_FILE")
/tmp/secrets/HUB_POSTGRES_USER_PASSWORD_FILE from db-passwords (rw,path="HUB_POSTGRES_USER_PASSWORD_FILE")
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-85q7d (ro)
Conditions:
Type Status
PodScheduled False
Volumes:
dir-authentication:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: bd-blackduck-authentication
ReadOnly: false
db-passwords:
Type: Secret (a volume populated by a Secret)
SecretName: bd-blackduck-db-creds
Optional: false
dir-authentication-security:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium:
SizeLimit: <unset>
kube-api-access-85q7d:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedScheduling 58s fargate-scheduler Pod not supported on Fargate: volumes not supported: dir-authentication not supported because: PVC bd-blackduck-authentication not bound
我的 storageClass 当前在我的 values.yaml 中设置为 gp2。
接下来我该怎么做才能解决这个问题?
目前,Fargate does not support PersistentVolume back by EBS. You can use EFS 而不是。