Fatal编程技术网
  • kubernetes/
  • Kubernetes:错误kubectl编辑部署

Kubernetes:错误kubectl编辑部署

kubernetes

Kubernetes:错误kubectl编辑部署,kubernetes,kubectl,Kubernetes,Kubectl,我试图通过以下方式编辑kubernetes中的部署: kubectl -n <namespace> edit deployment <depolyment_name>. 有人能帮忙吗 已附加apiserver的编辑部署文件: kubectl-n联合系统编辑部署apiserver (****之间的代码是我添加的行) 我正在尝试在联合API中配置准入控制器 谢谢 dnsPolicy: ClusterFirst # DELETE imagePullSecrets:

我试图通过以下方式编辑kubernetes中的部署:

kubectl -n <namespace> edit deployment <depolyment_name>.
有人能帮忙吗

已附加apiserver的编辑部署文件:

kubectl-n联合系统编辑部署apiserver

(****之间的代码是我添加的行)

我正在尝试在联合API中配置准入控制器

谢谢

  dnsPolicy: ClusterFirst
  # DELETE imagePullSecrets:
  # DELETE - {}
  restartPolicy: Always
我强烈建议删除
imagePullSecrets
块。由于这些对象的mergeKey为
名称
,但该对象没有
名称
,因此很容易导致您遇到的错误。如果YAML是在这种情况下提供给您的编辑器的,那么我几乎可以肯定这是一个kubernetes错误:它应该总是(?)允许通过
kubectl edit
往返YAML,如果没有其他原因的话,就是在这种情况下。

编辑它之后,它有一个语法错误。您需要为任何人粘贴部署内容以帮助IDK,configmap看起来不错,可能是额外的
volumeMounts
键,而不是它下面的项目?我尝试了这两种方法。我不确定是语法错误,因为这个问题也是当我试图改变名称或端口或其他东西。你设法解决你的问题?在这种情况下,请考虑把这个答案标记为正确的,因为它会帮助别人知道(a)你的问题得到解决(b)看看这里,如果他们有类似的问题,在这种情况下,kubectl是否编辑了YAML文件?我想知道我们是否需要查找或打开kubernetes发送“非法”YAMLW的bug在那种情况下是什么意思?包含错误内容
imagePullSecrets:\n-{}\n
删除imagePullSecrets后:\n-{}\n通过联盟控制平面连接到群集的连接已断开。可能与这一变化有关?类似于kubectl get namespace/get cluster的命令返回未找到资源,并且控制器管理器容器上存在错误: 
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "1"
    federation.alpha.kubernetes.io/federation-name: fed
  creationTimestamp: 2018-04-01T13:26:40Z
  generation: 1
  labels:
    app: federated-cluster
  name: apiserver
  namespace: federation-system
  resourceVersion: "393140"
  selfLink: /apis/extensions/v1beta1/namespaces/federation-system/deployments/apiserver
  uid: <uid>
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: federated-cluster
      module: federation-apiserver
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      annotations:
        federation.alpha.kubernetes.io/federation-name: fed
      creationTimestamp: null
      labels:
        app: federated-cluster
        module: federation-apiserver
      name: apiserver
    spec:
      containers:
      - command:
        - /fcp
        - federation-apiserver
        - --admission-control=NamespaceLifecycle
        - --advertise-address=<master-ip>
        - --bind-address=0.0.0.0
        - --client-ca-file=/etc/federation/apiserver/ca.crt
        - --etcd-servers=http://localhost:2379
        - --secure-port=8443
        - --tls-cert-file=/etc/federation/apiserver/server.crt
        - --tls-private-key-file=/etc/federation/apiserver/server.key
        **- --enable-admission-plugins=SchedulingPolicy
        - --admission-control-config-file=/etc/kubernetes/admission/config.yml**
        image: gcr.io/k8s-jkns-e2e-gce-federation/fcp-amd64:v1.9.0-alpha.3
        imagePullPolicy: IfNotPresent
        name: apiserver
        ports:
        - containerPort: 8443
          name: https
          protocol: TCP
        - containerPort: 8080
          name: local
          protocol: TCP
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /etc/federation/apiserver
          name: apiserver-credentials
          readOnly: true
        **volumeMounts:
        - mountPath: /etc/kubernetes/admission
          name: admission-config**
      - command:
        - /usr/local/bin/etcd
        - --data-dir
        - /var/etcd/data
        image: gcr.io/google_containers/etcd:3.1.10
        imagePullPolicy: IfNotPresent
        name: etcd
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      imagePullSecrets:
      - {}
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      volumes:
      - name: apiserver-credentials
        secret:
          defaultMode: 420
          secretName: apiserver-credentials
      **- name: admission-config
        configMap:
          name: admission**
status:
  availableReplicas: 1
  conditions:
  - lastTransitionTime: 2018-04-01T13:26:40Z
    lastUpdateTime: 2018-04-01T13:26:40Z
    message: Deployment has minimum availability.
    reason: MinimumReplicasAvailable
    status: "True"
    type: Available
  - lastTransitionTime: 2018-04-01T13:26:40Z
    lastUpdateTime: 2018-04-01T13:27:20Z
    message: ReplicaSet "apiserver-8484fd45f8" has successfully progressed.
    reason: NewReplicaSetAvailable
    status: "True"
    type: Progressing
  observedGeneration: 1
  readyReplicas: 1
  replicas: 1
  updatedReplicas: 1

kubectl create -f scheduling-policy-admission.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: admission
  namespace: federation-system
data:
  config.yml: |
    apiVersion: apiserver.k8s.io/v1alpha1
    kind: AdmissionConfiguration
    plugins:
    - name: SchedulingPolicy
      path: /etc/kubernetes/admission/scheduling-policy-config.yml
  scheduling-policy-config.yml: |
    kubeconfig: /etc/kubernetes/admission/opa-kubeconfig
  opa-kubeconfig: |
    clusters:
      - name: opa-api
        cluster:
          server: http://opa.federation-system.svc.cluster.local:8181/v0/data/kubernetes/placement
    users:
      - name: scheduling-policy
        user:
          token: deadbeefsecret
    contexts:
      - name: default
        context:
          cluster: opa-api
          user: scheduling-policy
    current-context: default

  dnsPolicy: ClusterFirst
  # DELETE imagePullSecrets:
  # DELETE - {}
  restartPolicy: Always