在实习期间,我必须在kubernetes上启动一个构建。我的设置是K3s。
我的部署文件中一定有错误,请给出解释?
谢谢。
deployment.yml
---
kind: Namespace
apiVersion: v1
metadata:
name: demo
labels:
name: demo
---
kind: Pod
apiVersion: v1
metadata:
name: kaniko-demo
namespace: demo
spec:
containers:
- name: kaniko-demo
image: gcr.io/kaniko-project/executor:latest
args:
[
"--dockerfile=Dockerfile_Kubernetes01",
"--context=dir:///context",
"--cache=true",
"--destination=reg.gitlab.reewayy.io/incubator/npivaut/k3s_kaniko",
"--cache=true",
"--cache-dir=/cache",
]
volumeMounts:
- name: kaniko-secret
mountPath: /kaniko/.docker
- name: kaniko-context
mountPath: /context
- name: kaniko-cache
mountPath: /cache
restartPolicy: Never
volumes:
- name: kaniko-secret
secret:
secretName: regcred
items:
- key: .dockerconfigjson
path: config.json
- name: kaniko-context
hostPath:
path: /tmp/kaniko_context
- name: kaniko-context
hostPath:
path: /tmp/kaniko_cache
kubectl apply -f /home/nicolas/demo-reewayy/k3s/kubernetes-deployment-01.yaml
namespace/demo unchanged
The Pod "kaniko-demo" is invalid:
* spec.volumes[2].name: Duplicate value: "kaniko-context"
* spec.containers[0].volumeMounts[2].name: Not found: "kaniko-cache"
Dockerfile
FROM alpine/git as source
COPY deployment_key /root/.ssh/id_rsa
RUN git clone ssh://git@gitlab.reewayy.io:32222/incubator/npivaut.git ;
cd /git/npivaut && git pull
FROM gradle:7.5.1-jdk17-focal as build
COPY --from=source /git/demo-reewayy /home/gradle/project
USER gradle
WORKDIR /home/gradle/project
RUN gradle :assemble
FROM ibm-semeru-runtimes:open-17-jre-jammy
RUN mkdir /opt/reewayy/demo-reewayy
COPY --from=build /home/gradle/project/build/libs/demo-0.0.1-SNAPSHOT.jar /opt/reewayy/demo/demo-0.0.1-SNAPSHOT.jar
COPY --from=build /home/gradle/project/src/main/resources/application.properties /opt/reewayy/demo/application.properties
RUN useradd -s /bin/bash -u 1000 -U -m -d /home/reewayy reewayy && chown -R reewayy.reewayy /opt/reewayy/
USER reewayy
CMD ["java","-jar","/opt/reewayy/demo-reewayy/demo-0.0.1-SNAPSHOT.jar"]
我的实习导师告诉我要优化部署文件,但我很难理解错误…
错误信息说明了这一切:
The Pod "kaniko-demo" is invalid:
* spec.volumes[2].name: Duplicate value: "kaniko-context"
* spec.containers[0].volumeMounts[2].name: Not found: "kaniko-cache"
您有两个同名的卷,其中一个volumounts引用了一个不存在的卷。
你应该使用:
kind: Pod
apiVersion: v1
spec:
containers:
- name: kaniko-demo
...
volumeMounts:
- name: kaniko-secret
mountPath: /kaniko/.docker
- name: kaniko-context
mountPath: /context
- name: kaniko-cache
mountPath: /cache
...
volumes:
- name: kaniko-secret
secret:
secretName: regcred
items:
- key: .dockerconfigjson
path: config.json
- name: kaniko-context
hostPath:
path: /tmp/kaniko_context
- name: kaniko-cache ### <- fix that one!
hostPath:
path: /tmp/kaniko_cache
谢谢。我明白多了。我的导师顺便告诉我,我可以删除_cache。我将设法解决我以前奇怪地没有的其他错误。
The Pod "kaniko-demo" is invalid: spec: Forbidden: pod updates may not change fields other than `spec.containers[*].image`, `spec.initContainers[*].image`, `spec.activeDeadlineSeconds`, `spec.tolerations` (only additions to existing tolerations) or `spec.terminationGracePeriodSeconds` (allow it to be set to 1 if it was previously negative)
core.PodSpec{
Volumes: []core.Volume{
{
Name: "kaniko-secret",
VolumeSource: core.VolumeSource{
... // 3 identical fields
AWSElasticBlockStore: nil,
GitRepo: nil,
Secret: &core.SecretVolumeSource{
- SecretName: "reg-credentials",
+ SecretName: "regcred",
Items: {{Key: ".dockerconfigjson", Path: "config.json"}},
DefaultMode: &420,
Optional: nil,
},
NFS: nil,
ISCSI: nil,
... // 21 identical fields
},
},
+ {
+ Name: "kaniko-context",
+ VolumeSource: core.VolumeSource{HostPath: &core.HostPathVolumeSource{Path: "/tmp/kaniko_context", Type: &""}},
+ },
{Name: "kube-api-access-5pptr", VolumeSource: {Projected: &{Sources: {{ServiceAccountToken: &{ExpirationSeconds: 3607, Path: "token"}}, {ConfigMap: &{LocalObjectReference: {Name: "kube-root-ca.crt"}, Items: {{Key: "ca.crt", Path: "ca.crt"}}}}, {DownwardAPI: &{Items: {{Path: "namespace", FieldRef: &{APIVersion: "v1", FieldPath: "metadata.namespace"}}}}}}, DefaultMode: &420}}},
},
InitContainers: nil,
Containers: []core.Container{
{
- Name: "kaniko",
+ Name: "kaniko-demo",
Image: "gcr.io/kaniko-project/executor:latest",
Command: nil,
Args: []string{
- "--dockerfile=Dockerfile_Kubernetes01",
+ "--dockerfile=Dockerfileun",
"--context=dir:///context",
"--cache=true",
... // 3 identical elements
},
WorkingDir: "",
Ports: nil,
EnvFrom: nil,
Env: nil,
Resources: {},
VolumeMounts: []core.VolumeMount{
{Name: "kaniko-secret", MountPath: "/kaniko/.docker"},
{
- Name: "kube-api-access-5pptr",
+ Name: "kaniko-context",
- ReadOnly: true,
+ ReadOnly: false,
- MountPath: "/var/run/secrets/kubernetes.io/serviceaccount",
+ MountPath: "/context",
SubPath: "",
MountPropagation: nil,
SubPathExpr: "",
},
},
VolumeDevices: nil,
LivenessProbe: nil,
... // 10 identical fields
},
},
EphemeralContainers: nil,
RestartPolicy: "Never",
... // 26 identical fields