问题描述
让microk8在两个节点上运行。最近,由于Ready服务无法启动,主节点无法进入microk8s.daemon-containerd状态。在尝试使cert-manager配置在k8s集群中运行之后,这种情况开始发生。
据我所知cert-manager-webhook窗格正在第二个节点上运行。
我尝试过microk8s stop / microk8s start。此时,我什至尝试过microk8s reset,但是容器化总是显示相同的错误。
输出:
$ kubectl get node
NAME STATUS ROLES AGE VERSION
pi-k8s-00 NotReady <none> 77d v1.18.6-1+b4f4cb0b7fe3c1
pi-k8s-01 Ready <none> 77d v1.19.2-34+37bbd8cebecb60
$ kubectl get pod -n cert-manager
NAME READY STATUS RESTARTS AGE
cert-manager-676b755d5f-6bjxv 1/1 Running 0 12m
cert-manager-cainjector-795f67b984-tsmw9 1/1 Running 3 12m
cert-manager-webhook-86c4dcd4b5-bgrmb 1/1 Running 0 12m
$ sudo journalctl -u snap.microk8s.daemon-containerd
...
Oct 17 10:42:33 pi-k8s-00 microk8s.daemon-containerd[44363]: time="2020-10-17T10:42:33.848409047Z" level=fatal msg="Failed to run CRI service" error="Failed to recover state: Failed to reserve sandBox name \"cert-manager-webhook>
Oct 17 10:42:33 pi-k8s-00 systemd[1]: snap.microk8s.daemon-containerd.service: Main process exited,code=exited,status=1/FAILURE
Oct 17 10:42:33 pi-k8s-00 systemd[1]: snap.microk8s.daemon-containerd.service: Failed with result 'exit-code'.
Oct 17 10:42:34 pi-k8s-00 systemd[1]: snap.microk8s.daemon-containerd.service: Scheduled restart job,restart counter is at 5.
Oct 17 10:42:34 pi-k8s-00 systemd[1]: Stopped Service for snap application microk8s.daemon-containerd.
Oct 17 10:42:34 pi-k8s-00 systemd[1]: snap.microk8s.daemon-containerd.service: Start request repeated too quickly.
Oct 17 10:42:34 pi-k8s-00 systemd[1]: snap.microk8s.daemon-containerd.service: Failed with result 'exit-code'.
Oct 17 10:42:34 pi-k8s-00 systemd[1]: Failed to start Service for snap application microk8s.daemon-containerd.
$ uname -a
Linux pi-k8s-00 5.4.0-1021-raspi #24-Ubuntu SMP PREEMPT Mon Oct 5 09:59:23 UTC 2020 aarch64 aarch64 aarch64 GNU/Linux
如何使主节点恢复到良好的运行/就绪状态?
-更新---
输出:
$ less /var/snap/microk8s/current/inspection-report/snap.microk8s.daemon-containerd/journal.log
Oct 18 14:48:03 pi-k8s-00 microk8s.daemon-containerd[239043]: time="2020-10-18T14:48:03.936439781Z" level=fatal msg="Failed to run CRI service" error="Failed to recover state: Failed to reserve sandBox name \"cert-manager-webhook-64b9b4fdfd-9d6tm_cert-manager_81fb08ac-7e87-42bd-9123-b0b8b098fe50_3\": name \"cert-manager-webhook-64b9b4fdfd-9d6tm_cert-manager_81fb08ac-7e87-42bd-9123-b0b8b098fe50_3\" is reserved for \"149b0aa92e3eb042f87353ead44a7247e756c8071f804bfbec3b781a5565e52c\""
那将是什么ID?我该去哪里,应该怎么做才能释放东西?
通过浏览'failed to reserve sandbox name' error after hard reboot #1014中的注释,我尝试过:
$ sudo ctr -n=k8s.io containers info 149b0aa92e3eb042f87353ead44a7247e756c8071f804bfbec3b781a5565e52c
ctr: container "149b0aa92e3eb042f87353ead44a7247e756c8071f804bfbec3b781a5565e52c" in namespace "k8s.io": not found
但是从输出中可以看出,不存在具有该ID的容器?
解决方法
似乎容器数据已损坏,因此解决此问题的方法是通过执行以下操作来重新创建容器数据:
$ microk8s.stop
$ mv /var/snap/microk8s/common/var/lib/containerd /var/snap/microk8s/common/var/lib/_containerd
$ microk8s.start
Kubernetes主节点再次显示为状态Ready:
$ kubectl get node
NAME STATUS ROLES AGE VERSION
pi-k8s-00 Ready <none> 84d v1.19.2-34+37bbd8cebecb60
pi-k8s-01 Ready <none> 84d v1.19.2-34+37bbd8cebecb60
有关更多详细信息,请参见我在microk8s github问题页面Failed to Reserve Sandbox Name上的帖子。