标签:return failed ftc hostPath docker k8s type HostPathType
一、问题背景
- 当前Cluster K8s Version: v1.17.4
- 需要升级到K8s Version:v1.19.3
- 在升级过程中,有个Pod卡在ContainerCreating状态
api-9flnb 0/1 ContainerCreating 0 4d19h api-bb8th 1/1 Running 0 4d20h api-zwtpp 1/1 Running 0 4d20h
二、问题分析
- Describe该Pod状态,提示hostPath type check failed: /var/run/docker.sock is not a file
Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning FailedMount 11m (x3543 over 4d18h) kubelet (combined from similar events): Unable to attach or mount volumes: unmounted volumes=[docker-socket], unattached volumes=[xxxx-service-account-token-rjqz7 nginx-certs host-timezone docker-socket helm-home etc-pki kubernetes-root-ca-file root-ca-file bcmt-home etcd-client-certs]: timed out waiting for the condition Warning FailedMount 2m39s (x2889 over 4d19h) kubelet MountVolume.SetUp failed for volume "docker-socket" : hostPath type check failed: /var/run/docker.sock is not a file
- 查看该Pod中volume "docker-socket"的声明,Path是/var/run/docker.sock,HostPathType是File
Volumes: etcd-client-certs: Type: Secret (a volume populated by a Secret) SecretName: etcd-client-certs Optional: false nginx-certs: Type: HostPath (bare host directory volume) Path: /opt/bcmt/config/bcmt-api/certs HostPathType: Directory docker-socket: Type: HostPath (bare host directory volume) Path: /var/run/docker.sock HostPathType: File - 查看K8s从v1.17.4到v1.19.3关于Type检测方面的相关代码变化
首先,报错的代码函数是checkTypeInternal(),在文件host_path.go定义,会判断HostPathType和实际Type是否一致,否则报错。
func checkTypeInternal(ftc hostPathTypeChecker, pathType *v1.HostPathType) error {
switch *pathType {
case v1.HostPathDirectoryOrCreate:
if !ftc.Exists() {
return ftc.MakeDir()
}
fallthrough
case v1.HostPathDirectory:
if !ftc.IsDir() {
return fmt.Errorf("hostPath type check failed: %s is not a directory", ftc.GetPath())
}
case v1.HostPathFileOrCreate:
if !ftc.Exists() {
return ftc.MakeFile()
}
fallthrough
case v1.HostPathFile:
if !ftc.IsFile() {
return fmt.Errorf("hostPath type check failed: %s is not a file", ftc.GetPath())
}
case v1.HostPathSocket:
if !ftc.IsSocket() {
return fmt.Errorf("hostPath type check failed: %s is not a socket file", ftc.GetPath())
}
case v1.HostPathCharDev:
if !ftc.IsChar() {
return fmt.Errorf("hostPath type check failed: %s is not a character device", ftc.GetPath())
}
case v1.HostPathBlockDev:
if !ftc.IsBlock() {
return fmt.Errorf("hostPath type check failed: %s is not a block device", ftc.GetPath())
}
default:
return fmt.Errorf("%s is an invalid volume type", *pathType)
}
return nil
}
然后,结合我们pod的定义,HostPathType是File,但是实际Path文件/var/run/docker.sock应该是Socket,所以报错是正确的。疑问在于,为什么v1.17.4没有报错(亲测v1.18.x也不会报错),而到了v1.19.3才开始报错???
- 检查checkTypeInternal函数代码有无改动,---> 结果是无改动
- 检查入参hostPathTypeChecker传值是否有改动, --->发现有改动
- v1.17.x和v1.18.x中,IsFile()定义如下
-
func (ftc *fileTypeChecker) IsFile() bool { if !ftc.Exists() { return false } return !ftc.IsDir() } - v1.19.x开始,IsFile()更新如下
func (ftc *fileTypeChecker) IsFile() bool {
if !ftc.Exists() {
return false
}
pathType, err := ftc.hu.GetFileType(ftc.path)
if err != nil {
return false
}
return string(pathType) == string(v1.HostPathFile)
}
三、问题结论
- K8s从v1.19.x修复了IsFile()函数检测功能不完备的Bug;
- 我们的Pod Mount Volume 文件.sock时指定HostPathType错误(应该是Socket, 不应该是File),但是在v1.19.x之前因为k8s的bug正好将错就错反而没有问题,等v1.19.x修复了该Bug就会出现Volume Mount失败的问题
四、解决方案:.sock文件的HostPathType要设置成Socket
Volumes:
docker-socket:
Type: HostPath (bare host directory volume)
Path: /var/run/docker.sock
HostPathType: Socket
标签:return,failed,ftc,hostPath,docker,k8s,type,HostPathType 来源: https://www.cnblogs.com/fat-girl-spring/p/15876284.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。