Sau*_*ora 2 openstack keystone kubernetes kubernetes-helm kubernetes-pod
我有一个简单的服务和 pod,如下所述,但就绪探测失败,抱怨连接被拒绝
apiVersion: v1
kind: Service
metadata:
name: keystone-api
spec:
selector:
app: keystone
ports:
- protocol: TCP
port: 5000
targetPort: 5000
name: public
- protocol: TCP
port: 35357
targetPort: 35357
name: admin
...
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: keystone
labels:
app: keystone
spec:
replicas: 1
selector:
matchLabels:
app: keystone
template:
metadata:
labels:
app: keystone
spec:
containers:
- name: keystone
image: openio/openstack-keystone
readinessProbe:
tcpSocket:
port: 5000
env:
- name: OS_IDENTITY_ADMIN_PASSWD
value: password
- name: IPADDR
valueFrom:
fieldRef:
fieldPath: status.podIP
ports:
- containerPort: 5000
name: public
- containerPort: 35357
name: admin
错误:
Normal Pulled 37m kubelet, kind-pl Successfully pulled image "openio/openstack-keystone"
Normal Created 37m kubelet, kind-pl Created container keystone
Normal Started 37m kubelet, kind-pl Started container keystone
Warning Unhealthy 35m (x8 over 37m) kubelet, kind-pl Readiness probe failed: dial tcp 10.244.0.10:5000: connect: connection refused
这就是我启动部署和服务的方式 kubectl apply -f application.yaml --namespace=heat
我在这里缺少什么?服务规范
spec:
clusterIP: 10.96.162.65
ports:
- name: public
port: 5000
protocol: TCP
targetPort: 5000
- name: admin
port: 35357
protocol: TCP
targetPort: 35357
selector:
app: keystone
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
从我的 VM: telnet 10.96.162.65 5000 尝试 10.96.162.65 ...
Kubectl 描述 pod 日志:
Namespace: heat
Priority: 0
Node: kind-control-plane/172.17.0.2
Start Time: Sun, 19 Apr 2020 16:04:36 +0530
Labels: app=keystone
pod-template-hash=8587f8dc76
Annotations: <none>
Status: Running
IP: 10.244.0.10
IPs:
IP: 10.244.0.10
Controlled By: ReplicaSet/keystone-8587f8dc76
Containers:
keystone:
Container ID: containerd://9888e62ac7df3f076bd542591a6413a0ef5b70be2c792bbf06e423b5dae89ca0
Image: openio/openstack-keystone
Image ID: docker.io/openio/openstack-keystone@sha256:62c8e36046ead4289ca4a6a49774bc589e638f46c0921f40703570ccda47a320
Ports: 5000/TCP, 35357/TCP
Host Ports: 0/TCP, 0/TCP
State: Running
Started: Sun, 19 Apr 2020 16:08:01 +0530
Ready: True
Restart Count: 0
Readiness: tcp-socket :5000 delay=0s timeout=1s period=10s #success=1 #failure=3
Environment:
OS_IDENTITY_ADMIN_PASSWD: password
IPADDR: (v1:status.podIP)
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-wf2bp (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-wf2bp:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-wf2bp
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events: <none>
## Kubectl log podname logs:
10.244.0.10 - - [19/Apr/2020 11:14:33] "POST /v3/auth/tokens HTTP/1.1" 201 2161
2020-04-19 11:14:33.699 49 INFO keystone.common.wsgi [req-fc64c89f-724c-4838-bc34-3907a8f79041 411ecaea9d3241a88e86355ba22f7a0f 277a0fe02d174c47bae4d67e697be0a7 - default default] GET http://10.244.0.10:35357/v3/services/heat
2020-04-19 11:14:33.705 49 WARNING keystone.common.wsgi [req-fc64c89f-724c-4838-bc34-3907a8f79041 411ecaea9d3241a88e86355ba22f7a0f 277a0fe02d174c47bae4d67e697be0a7 - default default] Could not find service: heat.: ServiceNotFound: Could not find service: heat.
10.244.0.10 - - [19/Apr/2020 11:14:33] "GET /v3/services/heat HTTP/1.1" 404 90
2020-04-19 11:14:33.970 49 INFO keystone.common.wsgi [req-3589e675-8818-4b82-ad7d-c944d9e2a232 411ecaea9d3241a88e86355ba22f7a0f 277a0fe02d174c47bae4d67e697be0a7 - default default] GET http://10.244.0.10:35357/v3/services?name=heat
10.244.0.10 - - [19/Apr/2020 11:14:34] "GET /v3/services?name=heat HTTP/1.1" 200 341
2020-04-19 11:14:34.210 49 INFO keystone.common.wsgi [req-492a3e9f-8892-4204-8ca9-c1465e28e709 411ecaea9d3241a88e86355ba22f7a0f 277a0fe02d174c47bae4d67e697be0a7 - default default] POST http://10.244.0.10:35357/v3/endpoints
10.244.0.10 - - [19/Apr/2020 11:14:34] "POST /v3/endpoints HTTP/1.1" 201 360
10.244.0.10 - - [19/Apr/2020 11:14:38] "GET / HTTP/1.1" 300 267
2020-04-19 11:14:38.089 49 INFO keystone.common.wsgi [req-4c8952b3-7d5b-4ee3-9cf9-f736e1628448 - - - - -] POST http://10.244.0.10:35357/v3/auth/tokens
10.244.0.10 - - [19/Apr/2020 11:14:38] "POST /v3/auth/tokens HTTP/1.1" 201 2367
2020-04-19 11:14:38.737 49 INFO keystone.common.wsgi [req-ebd817f5-d473-4909-b04d-ff0e1d5badab - - - - -] POST http://10.244.0.10:35357/v3/auth/tokens
10.244.0.10 - - [19/Apr/2020 11:14:39] "POST /v3/auth/tokens HTTP/1.1" 201 2367
2020-04-19 11:14:39.635 49 INFO keystone.common.wsgi [req-b68139dc-c62f-4fd7-9cfc-e472a88b9022 411ecaea9d3241a88e86355ba22f7a0f 277a0fe02d174c47bae4d67e697be0a7 - default default] GET http://10.244.0.10:35357/v3/services/heat
2020-04-19 11:14:39.640 49 WARNING keystone.common.wsgi [req-b68139dc-c62f-4fd7-9cfc-e472a88b9022 411ecaea9d3241a88e86355ba22f7a0f 277a0fe02d174c47bae4d67e697be0a7 - default default] Could not find service: heat.: ServiceNotFound: Could not find service: heat.
10.244.0.10 - - [19/Apr/2020 11:14:39] "GET /v3/services/heat HTTP/1.1" 404 90
2020-04-19 11:14:39.814 49 INFO keystone.common.wsgi [req-6562f24f-f032-4150-86d9-951318918871 411ecaea9d3241a88e86355ba22f7a0f 277a0fe02d174c47bae4d67e697be0a7 - default default] GET http://10.244.0.10:35357/v3/services?name=heat
10.244.0.10 - - [19/Apr/2020 11:14:39] "GET /v3/services?name=heat HTTP/1.1" 200 341
2020-04-19 11:14:40.043 49 INFO keystone.common.wsgi [req-6542d767-29bf-4c1a-bbd9-a81a72e106dc 411ecaea9d3241a88e86355ba22f7a0f 277a0fe02d174c47bae4d67e697be0a7 - default default] POST http://10.244.0.10:35357/v3/endpoints
10.244.0.10 - - [19/Apr/2020 11:14:40] "POST /v3/endpoints HTTP/1.1" 201 362
[root@keystone-8587f8dc76-rthmn /]# openstack service list
+----------------------------------+--------------+---------------+
| ID | Name | Type |
+----------------------------------+--------------+---------------+
| ec5ad9402b3b46599f3f8862e79429b3 | keystone | identity |
| 625d8b82a67d472981789f10ba37c381 | openio-swift | object-store |
| 415b33b5d45c48f6916d38f7b146953a | heat | orchestration |
+----------------------------------+--------------+---------------+
特尔;博士:
我做了一些测试,你的 docker 镜像和部署看起来真的很好,我能够登录到 pod,它正在运行并在端口上侦听。
Warning Unhealthy...: connection refused原因是没有给 Pod 足够的时间来启动它。我使用以下几行编辑了您的部署:
readinessProbe:
tcpSocket:
port: 5000
initialDelaySeconds: 300
periodSeconds: 30
解释:
initialDelaySeconds:容器启动后,在启动 liveness 或 readiness 探针之前的秒数。默认为 0 秒。最小值为 0。
periodSeconds:执行探测的频率(以秒为单位)。默认为 10 秒。最小值为 1 秒。
注意:在我的测试中,我注意到 pod 需要大约 5 分钟才能运行,比默认的 10 秒长得多,这就是我将其设置为 300 秒的原因。
这意味着 5 分钟后,该 Pod 在端口 5000 上提供服务。
将该initialDelaySeconds行添加到您的部署中,您应该没问题。
这是我的复制品:
apiVersion: v1
kind: Service
metadata:
name: keystone-api
spec:
selector:
app: keystone
ports:
- protocol: TCP
port: 5000
targetPort: 5000
name: public
- protocol: TCP
port: 35357
targetPort: 35357
name: admin
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: keystone
labels:
app: keystone
spec:
replicas: 1
selector:
matchLabels:
app: keystone
template:
metadata:
labels:
app: keystone
spec:
containers:
- name: keystone
image: openio/openstack-keystone
readinessProbe:
tcpSocket:
port: 5000
initialDelaySeconds: 300
periodSeconds: 30
env:
- name: OS_IDENTITY_ADMIN_PASSWD
value: password
- name: IPADDR
valueFrom:
fieldRef:
fieldPath: status.podIP
ports:
- containerPort: 5000
name: public
- containerPort: 35357
name: admin
$ kubectl get pods -w
NAME READY STATUS RESTARTS AGE
keystone-7fd895cfb5-kqnnn 0/1 Running 0 3m28s
ubuntu 1/1 Running 0 113m
keystone-7fd895cfb5-kqnnn 1/1 Running 0 5m4s
1/1而我describe的 pod:$ kubectl describe pod keystone-586b8948d5-c4lpq
Name: keystone-586b8948d5-c4lpq
Namespace: default
Priority: 0
Node: minikube/192.168.39.39
Start Time: Mon, 20 Apr 2020 15:02:24 +0000
Labels: app=keystone
pod-template-hash=586b8948d5
Annotations: <none>
Status: Running
IP: 172.17.0.7
IPs:
IP: 172.17.0.7
Controlled By: ReplicaSet/keystone-586b8948d5
Containers:
keystone:
Container ID: docker://8bc14d2b6868df6852967c4a68c997371006a5d83555c500d86060e48c549165
Image: openio/openstack-keystone
Image ID: docker-pullable://openio/openstack-keystone@sha256:62c8e36046ead4289ca4a6a49774bc589e638f46c0921f40703570ccda47a320
Ports: 5000/TCP, 35357/TCP
Host Ports: 0/TCP, 0/TCP
State: Running
Started: Mon, 20 Apr 2020 15:02:26 +0000
Ready: True
Restart Count: 0
Readiness: tcp-socket :5000 delay=300s timeout=1s period=30s #success=1 #failure=3
Environment:
OS_IDENTITY_ADMIN_PASSWD: password
IPADDR: (v1:status.podIP)
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-kcw8c (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-kcw8c:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-kcw8c
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled <unknown> default-scheduler Successfully assigned default/keystone-586b8948d5-c4lpq to minikube
Normal Pulling 7m12s kubelet, minikube Pulling image "openio/openstack-keystone"
Normal Pulled 7m11s kubelet, minikube Successfully pulled image "openio/openstack-keystone"
Normal Created 7m11s kubelet, minikube Created container keystone
Normal Started 7m11s kubelet, minikube Started container keystone
正如您现在所看到的,没有错误。
如果您有任何疑问,请在评论中告诉我。
我检查了 docker 指令,它确实运行了,但不知何故,应用程序没有正确部署。要使用 docker 检查它很简单,因为它们正在使用主机网络,因此您可以从您的主机执行此操作,netstat您将看到端口 5000 上没有任何监听。
我访问了容器并keystone-v3.sh再次运行了 init 脚本 ( ),它开始工作了。我在 kubernetes 上做了同样的事情Deployment,它也有效。
所以,这是你的功能Deployment:
apiVersion: apps/v1
kind: Deployment
metadata:
name: keystone
labels:
app: keystone
spec:
replicas: 1
selector:
matchLabels:
app: keystone
template:
metadata:
labels:
app: keystone
spec:
containers:
- name: keystone
image: openio/openstack-keystone
command: ["./keystone-v3.sh"] #<- you add this line
readinessProbe:
tcpSocket:
port: 5000
env:
- name: OS_IDENTITY_ADMIN_PASSWD
value: password
- name: IPADDR
valueFrom:
fieldRef:
fieldPath: status.podIP
ports:
- containerPort: 5000
name: public
- containerPort: 35357
name: admin
~$ kubectl get po
NAME READY STATUS RESTARTS AGE
alpine-786c6d498d-dsxfh 1/1 Running 1 11d
curler-755cc7cfff-fwz4g 1/1 Running 1 11d
keystone-6d997f4f8c-5kkxc 1/1 Running 0 26m
nginx-6db489d4b7-jlhql 1/1 Running 1 11d
~$ kubectl logs --tail 5 keystone-6d997f4f8c-5kkxc
********************************************************************************
STARTING test server keystone.server.wsgi.initialize_public_application
Available at http://keystone-6d997f4f8c-5kkxc:5000/
DANGER! For testing only, do not use in production
********************************************************************************
~$
或者您尝试从图像中修复它,但我想这不是您的存储库,对吧?
更新
检查一下:
~$ sudo docker run -d --net=host -e IPADDR=192.168.56.102 openio/openstack-keystone
Unable to find image 'openio/openstack-keystone:latest' locally
latest: Pulling from openio/openstack-keystone
ab5ef0e58194: Pull complete
ca37595f2b63: Pull complete
878ef80688be: Pull complete
Digest: sha256:62c8e36046ead4289ca4a6a49774bc589e638f46c0921f40703570ccda47a320
Status: Downloaded newer image for openio/openstack-keystone:latest
703a05b8fdc8b7294895122b6f369a4d0a6b4582104ed360d6be68d012ea5b3c
~$ netstat -tlpn | grep 5000
NOTE: NOTHING LISTENING ON PORT 5000
~$ sudo docker ps | grep openio
703a05b8fdc8 openio/openstack-keystone "/keystone-v3.sh" 34 seconds ago Up 32 seconds quizzical_swartz
~$ sudo docker exec -it 703a05b8fdc8 bash
[root@v1-17-master /]# ls
anaconda-post.log bin dev etc home keystone-v3.log keystone-v3.sh lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
[root@v1-17-master /]# tail keystone-v3.sh
openstack endpoint create --region "$OS_OBJECTSTORE_SERVICE_REGION" 'object-store' internal "$OS_OBJECTSTORE_URL_INTERNAL"
openstack endpoint create --region "$OS_OBJECTSTORE_SERVICE_REGION" 'object-store' admin "$OS_OBJECTSTORE_URL_ADMIN"
# Demo user
openstack domain create "$OS_USER_DEMO_DOMAIN"
openstack project create "$OS_USER_DEMO_PROJECT"
openstack user create --password "$OS_USER_DEMO_PASSWD" --project "$OS_USER_DEMO_PROJECT" "$OS_USER_DEMO_USERNAME"
openstack role add --user "$OS_USER_DEMO_USERNAME" --project "$OS_USER_DEMO_PROJECT" "$OS_USER_DEMO_ROLE"
echo '> Starting Keystone public service ...'
/usr/bin/keystone-wsgi-public --port 5000
[root@v1-17-master /]# /usr/bin/keystone-wsgi-public --port 5000 &
[1] 172
[root@v1-17-master /]# exit
~$ sudo netstat -tlpn | grep 5000
tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN 10207/python2
| 归档时间: |
|
| 查看次数: |
8317 次 |
| 最近记录: |