安装kubesphere报错命名空间terminted
bash
[root@k8smaster ~]# kubectl apply -f kubesphere-installer.yaml
Warning: apiextensions.k8s.io/v1beta1 CustomResourceDefinition is deprecated in v1.16+, unavailable in v1.22+; use apiextensions.k8s.io/v1 CustomResourceDefinition
customresourcedefinition.apiextensions.k8s.io/clusterconfigurations.installer.kubesphere.io created
namespace/kubesphere-system created
serviceaccount/ks-installer created
clusterrole.rbac.authorization.k8s.io/ks-installer created
clusterrolebinding.rbac.authorization.k8s.io/ks-installer created
deployment.apps/ks-installer created
[root@k8smaster ~]# kubectl apply -f cluster-configuration.yaml
clusterconfiguration.installer.kubesphere.io/ks-installer created查看日志
bash
[root@k8smaster ~]# kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') -f
2024-06-06T17:43:51+08:00 INFO : shell-operator latest
2024-06-06T17:43:51+08:00 INFO : HTTP SERVER Listening on 0.0.0.0:9115
2024-06-06T17:43:51+08:00 INFO : Use temporary dir: /tmp/shell-operator
2024-06-06T17:43:51+08:00 INFO : Initialize hooks manager ...
2024-06-06T17:43:51+08:00 INFO : Search and load hooks ...
2024-06-06T17:43:51+08:00 INFO : Load hook config from '/hooks/kubesphere/installRunner.py'
2024-06-06T17:43:57+08:00 INFO : Load hook config from '/hooks/kubesphere/schedule.sh'
2024-06-06T17:43:57+08:00 INFO : Initializing schedule manager ...
2024-06-06T17:43:57+08:00 INFO : KUBE Init Kubernetes client
2024-06-06T17:43:57+08:00 INFO : KUBE-INIT Kubernetes client is configured successfully
2024-06-06T17:43:57+08:00 INFO : MAIN: run main loop
2024-06-06T17:43:57+08:00 INFO : MAIN: add onStartup tasks
2024-06-06T17:43:57+08:00 INFO : QUEUE add all HookRun@OnStartup
2024-06-06T17:43:57+08:00 INFO : MSTOR Create new metric shell_operator_live_ticks
2024-06-06T17:43:57+08:00 INFO : MSTOR Create new metric shell_operator_tasks_queue_length
2024-06-06T17:43:57+08:00 INFO : Running schedule manager ...
2024-06-06T17:43:57+08:00 INFO : GVR for kind 'ClusterConfiguration' is installer.kubesphere.io/v1alpha1, Resource=clusterconfigurations
2024-06-06T17:43:57+08:00 INFO : EVENT Kube event '4584ffb1-b26e-467d-a8a4-c8e8248228d6'
2024-06-06T17:43:57+08:00 INFO : QUEUE add TASK_HOOK_RUN@KUBE_EVENTS kubesphere/installRunner.py
2024-06-06T17:44:00+08:00 INFO : TASK_RUN HookRun@KUBE_EVENTS kubesphere/installRunner.py
2024-06-06T17:44:00+08:00 INFO : Running hook 'kubesphere/installRunner.py' binding 'KUBE_EVENTS' ...
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'
PLAY [localhost] ***************************************************************
TASK [download : include_tasks] ************************************************
skipping: [localhost]
TASK [download : Downloading items] ********************************************
skipping: [localhost]
TASK [download : Synchronizing container] **************************************
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Setting images' namespace override] ***
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Configuring defaults] *****************
ok: [localhost] => {
"msg": "Check roles/kubesphere-defaults/defaults/main.yml"
}
TASK [preinstall : KubeSphere | Checking Kubernetes version] *******************
changed: [localhost]
TASK [preinstall : KubeSphere | Initing Kubernetes version] ********************
ok: [localhost]
TASK [preinstall : KubeSphere | Stopping if Kubernetes version is nonsupport] ***
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
TASK [preinstall : KubeSphere | Checking StorageClass] *************************
changed: [localhost]
TASK [preinstall : KubeSphere | Stopping if StorageClass was not found] ********
skipping: [localhost]
TASK [preinstall : KubeSphere | Checking default StorageClass] *****************
changed: [localhost]
TASK [preinstall : KubeSphere | Stopping if default StorageClass was not found] ***
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
TASK [preinstall : KubeSphere | Checking KubeSphere component] *****************
changed: [localhost]
TASK [preinstall : KubeSphere | Getting KubeSphere component version] **********
skipping: [localhost]
TASK [preinstall : KubeSphere | Getting KubeSphere component version] **********
skipping: [localhost] => (item=ks-openldap)
skipping: [localhost] => (item=ks-redis)
skipping: [localhost] => (item=ks-minio)
skipping: [localhost] => (item=ks-openpitrix)
skipping: [localhost] => (item=elasticsearch-logging)
skipping: [localhost] => (item=elasticsearch-logging-curator)
skipping: [localhost] => (item=istio)
skipping: [localhost] => (item=istio-init)
skipping: [localhost] => (item=jaeger-operator)
skipping: [localhost] => (item=ks-jenkins)
skipping: [localhost] => (item=ks-sonarqube)
skipping: [localhost] => (item=logging-fluentbit-operator)
skipping: [localhost] => (item=uc)
skipping: [localhost] => (item=metrics-server)
PLAY RECAP *********************************************************************
localhost : ok=8 changed=4 unreachable=0 failed=0 skipped=7 rescued=0 ignored=0
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'
PLAY [localhost] ***************************************************************
TASK [download : include_tasks] ************************************************
skipping: [localhost]
TASK [download : Downloading items] ********************************************
skipping: [localhost]
TASK [download : Synchronizing container] **************************************
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Setting images' namespace override] ***
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Configuring defaults] *****************
ok: [localhost] => {
"msg": "Check roles/kubesphere-defaults/defaults/main.yml"
}
TASK [metrics-server : Metrics-Server | Getting metrics-server installation files] ***
skipping: [localhost]
TASK [metrics-server : Metrics-Server | Creating manifests] ********************
skipping: [localhost] => (item={'file': 'metrics-server.yaml'})
TASK [metrics-server : Metrics-Server | Checking Metrics-Server] ***************
skipping: [localhost]
TASK [metrics-server : Metrics-Server | Uninstalling old metrics-server] *******
skipping: [localhost]
TASK [metrics-server : Metrics-Server | Installing new metrics-server] *********
skipping: [localhost]
TASK [metrics-server : Metrics-Server | Waitting for metrics.k8s.io ready] *****
skipping: [localhost]
TASK [metrics-server : Metrics-Server | Importing metrics-server status] *******
skipping: [localhost]
PLAY RECAP *********************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=0 skipped=11 rescued=0 ignored=0
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'
PLAY [localhost] ***************************************************************
TASK [download : include_tasks] ************************************************
skipping: [localhost]
TASK [download : Downloading items] ********************************************
skipping: [localhost]
TASK [download : Synchronizing container] **************************************
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Setting images' namespace override] ***
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Configuring defaults] *****************
ok: [localhost] => {
"msg": "Check roles/kubesphere-defaults/defaults/main.yml"
}
TASK [common : KubeSphere | Checking kube-node-lease namespace] ****************
changed: [localhost]
TASK [common : KubeSphere | Getting system namespaces] *************************
ok: [localhost]
TASK [common : set_fact] *******************************************************
ok: [localhost]
TASK [common : debug] **********************************************************
ok: [localhost] => {
"msg": [
"kubesphere-system",
"kubesphere-controls-system",
"kubesphere-monitoring-system",
"kubesphere-monitoring-federated",
"kube-node-lease",
"kubesphere-logging-system",
"istio-system",
"istio-system"
]
}
TASK [common : KubeSphere | Creating KubeSphere namespace] *********************
changed: [localhost] => (item=kubesphere-system)
changed: [localhost] => (item=kubesphere-controls-system)
changed: [localhost] => (item=kubesphere-monitoring-system)
changed: [localhost] => (item=kubesphere-monitoring-federated)
changed: [localhost] => (item=kube-node-lease)
changed: [localhost] => (item=kubesphere-logging-system)
changed: [localhost] => (item=istio-system)
changed: [localhost] => (item=istio-system)
TASK [common : KubeSphere | Labeling system-workspace] *************************
changed: [localhost] => (item=default)
changed: [localhost] => (item=kube-public)
changed: [localhost] => (item=kube-system)
changed: [localhost] => (item=kubesphere-system)
changed: [localhost] => (item=kubesphere-controls-system)
changed: [localhost] => (item=kubesphere-monitoring-system)
changed: [localhost] => (item=kubesphere-monitoring-federated)
changed: [localhost] => (item=kube-node-lease)
changed: [localhost] => (item=kubesphere-logging-system)
changed: [localhost] => (item=istio-system)
changed: [localhost] => (item=istio-system)
TASK [common : KubeSphere | Creating ImagePullSecrets] *************************
changed: [localhost] => (item=default)
changed: [localhost] => (item=kube-public)
changed: [localhost] => (item=kube-system)
changed: [localhost] => (item=kubesphere-system)
changed: [localhost] => (item=kubesphere-controls-system)
changed: [localhost] => (item=kubesphere-monitoring-system)
changed: [localhost] => (item=kubesphere-monitoring-federated)
changed: [localhost] => (item=kube-node-lease)
failed: [localhost] (item=kubesphere-logging-system) => {"ansible_loop_var": "item", "changed": true, "cmd": "cat <<EOF | kubectl apply -f -\n apiVersion: v1\n kind: Secret\n metadata:\n name: qingcloud\n namespace: \"kubesphere-logging-system\"\n data:\n .dockerconfigjson: eyJhdXRocyI6eyJkb2NrZXJodWIucWluZ2Nsb3VkLmNvbSI6eyJhdXRoIjoiWjNWbGMzUTZaM1ZsYzNRPSJ9fX0=\n type: kubernetes.io/dockerconfigjson\nEOF\n", "delta": "0:00:00.504699", "end": "2024-06-06 17:45:00.569030", "item": "kubesphere-logging-system", "msg": "non-zero return code", "rc": 1, "start": "2024-06-06 17:45:00.064331", "stderr": "Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace kubesphere-logging-system because it is being terminated", "stderr_lines": ["Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace kubesphere-logging-system because it is being terminated"], "stdout": "", "stdout_lines": []}
failed: [localhost] (item=istio-system) => {"ansible_loop_var": "item", "changed": true, "cmd": "cat <<EOF | kubectl apply -f -\n apiVersion: v1\n kind: Secret\n metadata:\n name: qingcloud\n namespace: \"istio-system\"\n data:\n .dockerconfigjson: eyJhdXRocyI6eyJkb2NrZXJodWIucWluZ2Nsb3VkLmNvbSI6eyJhdXRoIjoiWjNWbGMzUTZaM1ZsYzNRPSJ9fX0=\n type: kubernetes.io/dockerconfigjson\nEOF\n", "delta": "0:00:00.530170", "end": "2024-06-06 17:45:01.779233", "item": "istio-system", "msg": "non-zero return code", "rc": 1, "start": "2024-06-06 17:45:01.249063", "stderr": "Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace istio-system because it is being terminated", "stderr_lines": ["Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace istio-system because it is being terminated"], "stdout": "", "stdout_lines": []}
failed: [localhost] (item=istio-system) => {"ansible_loop_var": "item", "changed": true, "cmd": "cat <<EOF | kubectl apply -f -\n apiVersion: v1\n kind: Secret\n metadata:\n name: qingcloud\n namespace: \"istio-system\"\n data:\n .dockerconfigjson: eyJhdXRocyI6eyJkb2NrZXJodWIucWluZ2Nsb3VkLmNvbSI6eyJhdXRoIjoiWjNWbGMzUTZaM1ZsYzNRPSJ9fX0=\n type: kubernetes.io/dockerconfigjson\nEOF\n", "delta": "0:00:00.445114", "end": "2024-06-06 17:45:02.714422", "item": "istio-system", "msg": "non-zero return code", "rc": 1, "start": "2024-06-06 17:45:02.269308", "stderr": "Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace istio-system because it is being terminated", "stderr_lines": ["Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace istio-system because it is being terminated"], "stdout": "", "stdout_lines": []}
PLAY RECAP *********************************************************************
localhost : ok=7 changed=3 unreachable=0 failed=1 skipped=4 rescued=0 ignored=0
2024-06-07T09:52:30+08:00 INFO : EVENT Kube event '4584ffb1-b26e-467d-a8a4-c8e8248228d6'
2024-06-07T09:52:30+08:00 INFO : QUEUE add TASK_HOOK_RUN@KUBE_EVENTS kubesphere/installRunner.py
2024-06-07T09:52:31+08:00 INFO : TASK_RUN HookRun@KUBE_EVENTS kubesphere/installRunner.py
2024-06-07T09:52:31+08:00 INFO : Running hook 'kubesphere/installRunner.py' binding 'KUBE_EVENTS' ...
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'
PLAY [localhost] ***************************************************************
TASK [download : include_tasks] ************************************************
skipping: [localhost]
TASK [download : Downloading items] ********************************************
skipping: [localhost]
TASK [download : Synchronizing container] **************************************
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Setting images' namespace override] ***
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Configuring defaults] *****************
ok: [localhost] => {
"msg": "Check roles/kubesphere-defaults/defaults/main.yml"
}
TASK [preinstall : KubeSphere | Checking Kubernetes version] *******************
changed: [localhost]
TASK [preinstall : KubeSphere | Initing Kubernetes version] ********************
ok: [localhost]
TASK [preinstall : KubeSphere | Stopping if Kubernetes version is nonsupport] ***
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
TASK [preinstall : KubeSphere | Checking StorageClass] *************************
changed: [localhost]
TASK [preinstall : KubeSphere | Stopping if StorageClass was not found] ********
skipping: [localhost]
TASK [preinstall : KubeSphere | Checking default StorageClass] *****************
changed: [localhost]
TASK [preinstall : KubeSphere | Stopping if default StorageClass was not found] ***
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
TASK [preinstall : KubeSphere | Checking KubeSphere component] *****************
changed: [localhost]
TASK [preinstall : KubeSphere | Getting KubeSphere component version] **********
skipping: [localhost]
TASK [preinstall : KubeSphere | Getting KubeSphere component version] **********
skipping: [localhost] => (item=ks-openldap)
skipping: [localhost] => (item=ks-redis)
skipping: [localhost] => (item=ks-minio)
skipping: [localhost] => (item=ks-openpitrix)
skipping: [localhost] => (item=elasticsearch-logging)
skipping: [localhost] => (item=elasticsearch-logging-curator)
skipping: [localhost] => (item=istio)
skipping: [localhost] => (item=istio-init)
skipping: [localhost] => (item=jaeger-operator)
skipping: [localhost] => (item=ks-jenkins)
skipping: [localhost] => (item=ks-sonarqube)
skipping: [localhost] => (item=logging-fluentbit-operator)
skipping: [localhost] => (item=uc)
skipping: [localhost] => (item=metrics-server)
PLAY RECAP *********************************************************************
localhost : ok=8 changed=4 unreachable=0 failed=0 skipped=7 rescued=0 ignored=0
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'
PLAY [localhost] ***************************************************************
TASK [download : include_tasks] ************************************************
skipping: [localhost]
TASK [download : Downloading items] ********************************************
skipping: [localhost]
TASK [download : Synchronizing container] **************************************
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Setting images' namespace override] ***
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Configuring defaults] *****************
ok: [localhost] => {
"msg": "Check roles/kubesphere-defaults/defaults/main.yml"
}
TASK [metrics-server : Metrics-Server | Getting metrics-server installation files] ***
skipping: [localhost]
TASK [metrics-server : Metrics-Server | Creating manifests] ********************
skipping: [localhost] => (item={'file': 'metrics-server.yaml'})
TASK [metrics-server : Metrics-Server | Checking Metrics-Server] ***************
skipping: [localhost]
TASK [metrics-server : Metrics-Server | Uninstalling old metrics-server] *******
skipping: [localhost]
TASK [metrics-server : Metrics-Server | Installing new metrics-server] *********
skipping: [localhost]
TASK [metrics-server : Metrics-Server | Waitting for metrics.k8s.io ready] *****
skipping: [localhost]
TASK [metrics-server : Metrics-Server | Importing metrics-server status] *******
skipping: [localhost]
PLAY RECAP *********************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=0 skipped=11 rescued=0 ignored=0
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'
PLAY [localhost] ***************************************************************
TASK [download : include_tasks] ************************************************
skipping: [localhost]
TASK [download : Downloading items] ********************************************
skipping: [localhost]
TASK [download : Synchronizing container] **************************************
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Setting images' namespace override] ***
skipping: [localhost]
TASK [kubesphere-defaults : KubeSphere | Configuring defaults] *****************
ok: [localhost] => {
"msg": "Check roles/kubesphere-defaults/defaults/main.yml"
}
TASK [common : KubeSphere | Checking kube-node-lease namespace] ****************
changed: [localhost]
TASK [common : KubeSphere | Getting system namespaces] *************************
ok: [localhost]
TASK [common : set_fact] *******************************************************
ok: [localhost]
TASK [common : debug] **********************************************************
ok: [localhost] => {
"msg": [
"kubesphere-system",
"kubesphere-controls-system",
"kubesphere-monitoring-system",
"kubesphere-monitoring-federated",
"kube-node-lease",
"kubesphere-logging-system",
"istio-system",
"istio-system"
]
}
TASK [common : KubeSphere | Creating KubeSphere namespace] *********************
changed: [localhost] => (item=kubesphere-system)
changed: [localhost] => (item=kubesphere-controls-system)
changed: [localhost] => (item=kubesphere-monitoring-system)
changed: [localhost] => (item=kubesphere-monitoring-federated)
changed: [localhost] => (item=kube-node-lease)
changed: [localhost] => (item=kubesphere-logging-system)
changed: [localhost] => (item=istio-system)
changed: [localhost] => (item=istio-system)
TASK [common : KubeSphere | Labeling system-workspace] *************************
changed: [localhost] => (item=default)
changed: [localhost] => (item=kube-public)
changed: [localhost] => (item=kube-system)
changed: [localhost] => (item=kubesphere-system)
changed: [localhost] => (item=kubesphere-controls-system)
changed: [localhost] => (item=kubesphere-monitoring-system)
changed: [localhost] => (item=kubesphere-monitoring-federated)
changed: [localhost] => (item=kube-node-lease)
changed: [localhost] => (item=kubesphere-logging-system)
changed: [localhost] => (item=istio-system)
changed: [localhost] => (item=istio-system)
TASK [common : KubeSphere | Creating ImagePullSecrets] *************************
changed: [localhost] => (item=default)
changed: [localhost] => (item=kube-public)
changed: [localhost] => (item=kube-system)
changed: [localhost] => (item=kubesphere-system)
changed: [localhost] => (item=kubesphere-controls-system)
changed: [localhost] => (item=kubesphere-monitoring-system)
changed: [localhost] => (item=kubesphere-monitoring-federated)
changed: [localhost] => (item=kube-node-lease)
failed: [localhost] (item=kubesphere-logging-system) => {"ansible_loop_var": "item", "changed": true, "cmd": "cat <<EOF | kubectl apply -f -\n apiVersion: v1\n kind: Secret\n metadata:\n name: qingcloud\n namespace: \"kubesphere-logging-system\"\n data:\n .dockerconfigjson: eyJhdXRocyI6eyJkb2NrZXJodWIucWluZ2Nsb3VkLmNvbSI6eyJhdXRoIjoiWjNWbGMzUTZaM1ZsYzNRPSJ9fX0=\n type: kubernetes.io/dockerconfigjson\nEOF\n", "delta": "0:00:00.539907", "end": "2024-06-07 09:53:31.003414", "item": "kubesphere-logging-system", "msg": "non-zero return code", "rc": 1, "start": "2024-06-07 09:53:30.463507", "stderr": "Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace kubesphere-logging-system because it is being terminated", "stderr_lines": ["Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace kubesphere-logging-system because it is being terminated"], "stdout": "", "stdout_lines": []}
failed: [localhost] (item=istio-system) => {"ansible_loop_var": "item", "changed": true, "cmd": "cat <<EOF | kubectl apply -f -\n apiVersion: v1\n kind: Secret\n metadata:\n name: qingcloud\n namespace: \"istio-system\"\n data:\n .dockerconfigjson: eyJhdXRocyI6eyJkb2NrZXJodWIucWluZ2Nsb3VkLmNvbSI6eyJhdXRoIjoiWjNWbGMzUTZaM1ZsYzNRPSJ9fX0=\n type: kubernetes.io/dockerconfigjson\nEOF\n", "delta": "0:00:00.565095", "end": "2024-06-07 09:53:31.998505", "item": "istio-system", "msg": "non-zero return code", "rc": 1, "start": "2024-06-07 09:53:31.433410", "stderr": "Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace istio-system because it is being terminated", "stderr_lines": ["Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace istio-system because it is being terminated"], "stdout": "", "stdout_lines": []}
failed: [localhost] (item=istio-system) => {"ansible_loop_var": "item", "changed": true, "cmd": "cat <<EOF | kubectl apply -f -\n apiVersion: v1\n kind: Secret\n metadata:\n name: qingcloud\n namespace: \"istio-system\"\n data:\n .dockerconfigjson: eyJhdXRocyI6eyJkb2NrZXJodWIucWluZ2Nsb3VkLmNvbSI6eyJhdXRoIjoiWjNWbGMzUTZaM1ZsYzNRPSJ9fX0=\n type: kubernetes.io/dockerconfigjson\nEOF\n", "delta": "0:00:00.481929", "end": "2024-06-07 09:53:32.971047", "item": "istio-system", "msg": "non-zero return code", "rc": 1, "start": "2024-06-07 09:53:32.489118", "stderr": "Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace istio-system because it is being terminated", "stderr_lines": ["Error from server (Forbidden): error when creating \"STDIN\": secrets \"qingcloud\" is forbidden: unable to create new content in namespace istio-system because it is being terminated"], "stdout": "", "stdout_lines": []}
PLAY RECAP *********************************************************************
localhost : ok=7 changed=3 unreachable=0 failed=1 skipped=4 rescued=0 ignored=0报错显示
secrets "qingcloud" is forbidden: unable to create new content in namespace istio-system because it is being terminated", "stderr_lines": ["Error from server (Forbidden): error when creating "STDIN": secrets "qingcloud" is forbidden: unable to create new content in namespace istio-system because it is being terminated"], "stdout": "", "stdout_lines": []
翻译一下:是因为创建命名空间istio-system报错,因为他的状态是terminated 结束:终止状态,
matlab
查看命名空间
[root@k8smaster ~]# kubectl get ns
NAME STATUS AGE
default Active 176d
ingress-nginx Active 167d
istio-system Terminating 120d
kube-node-lease Active 176d
kube-public Active 176d
kube-system Active 176d
kubeedge Active 120d
kubesphere-controls-system Active 120d
kubesphere-devops-system Active 120d
kubesphere-logging-system Terminating 120d
kubesphere-monitoring-federated Active 120d
kubesphere-monitoring-system Active 16h
kubesphere-system Active 16h
bash
[root@k8smaster ~]# kubectl delete ns istio-system
namespace "istio-system" deleted
^C
[root@k8smaster ~]# kubectl get pod -n istio-system
No resources found in istio-system namespace.
[root@k8smaster ~]# kubectl get ns istio-system -o json>istio-system.json
[root@k8smaster ~]# vi istio-system.json
删除里面框起来的字段
yaml
"spec": {
"finalizers": [
"kubernetes"
]
},
bash
[root@k8smaster ~]# kubectl proxy --port=8081
Starting to serve on 127.0.0.1:8081重新开启一个终端,执行
bash
[root@k8smaster ~]# curl -k -H "Content-Type: application/json" -X PUT --data-binary @istio-system.json http://127.0.0.1:8081/api/v1/namespaces/istio-system/finalize
{
"kind": "Namespace",
"apiVersion": "v1",
"metadata": {
"name": "istio-system",
"selfLink": "/api/v1/namespaces/istio-system/finalize",
"uid": "e4d5e8c7-04ac-49ef-9de9-63aad0dc0bac",
"resourceVersion": "2854048",
"creationTimestamp": "2024-02-07T02:27:46Z",
"deletionTimestamp": "2024-02-21T02:09:23Z",
"labels": {
"istio-injection": "disabled",
"kubesphere.io/namespace": "istio-system",
"kubesphere.io/workspace": "system-workspace"
},
"managedFields": [
{
"manager": "kubectl",
"operation": "Update",
"apiVersion": "v1",
"time": "2024-02-07T03:43:47Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:metadata":{"f:labels":{".":{},"f:istio-injection":{},"f:kubesphere.io/namespace":{},"f:kubesphere.io/workspace":{}}},"f:status":{"f:phase":{}}}
},
{
"manager": "kube-controller-manager",
"operation": "Update",
"apiVersion": "v1",
"time": "2024-02-21T02:09:33Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:status":{"f:conditions":{".":{},"k:{\"type\":\"NamespaceContentRemaining\"}":{".":{},"f:lastTransitionTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}},"k:{\"type\":\"NamespaceDeletionContentFailure\"}":{".":{},"f:lastTransitionTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}},"k:{\"type\":\"NamespaceDeletionDiscoveryFailure\"}":{".":{},"f:lastTransitionTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}},"k:{\"type\":\"NamespaceDeletionGroupVersionParsingFailure\"}":{".":{},"f:lastTransitionTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}},"k:{\"type\":\"NamespaceFinalizersRemaining\"}":{".":{},"f:lastTransitionTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}}}}}
}
]
},
"spec": {
},
"status": {
"phase": "Terminating",
"conditions": [
{
"type": "NamespaceDeletionDiscoveryFailure",
"status": "False",
"lastTransitionTime": "2024-06-07T00:39:58Z",
"reason": "ResourcesDiscovered",
"message": "All resources successfully discovered"
},
{
"type": "NamespaceDeletionGroupVersionParsingFailure",
"status": "False",
"lastTransitionTime": "2024-02-21T02:09:33Z",
"reason": "ParsedGroupVersions",
"message": "All legacy kube types successfully parsed"
},
{
"type": "NamespaceDeletionContentFailure",
"status": "False",
"lastTransitionTime": "2024-02-21T02:09:33Z",
"reason": "ContentDeleted",
"message": "All content successfully deleted, may be waiting on finalization"
},
{
"type": "NamespaceContentRemaining",
"status": "True",
"lastTransitionTime": "2024-02-21T02:09:33Z",
"reason": "SomeResourcesRemain",
"message": "Some resources are remaining: kialis.kiali.io has 1 resource instances"
},
{
"type": "NamespaceFinalizersRemaining",
"status": "True",
"lastTransitionTime": "2024-02-21T02:09:33Z",
"reason": "SomeFinalizersRemain",
"message": "Some content in the namespace has finalizers remaining: finalizer.kiali in 1 resource instances"
}
]
}
}查看命名空间istio-system命名空间已经被删除
bash
[root@k8smaster ~]# kubectl get ns
NAME STATUS AGE
default Active 176d
ingress-nginx Active 167d
kube-node-lease Active 176d
kube-public Active 176d
kube-system Active 176d
kubeedge Active 120d
kubesphere-controls-system Active 121d
kubesphere-devops-system Active 121d
kubesphere-logging-system Terminating 121d
kubesphere-monitoring-federated Active 121d
kubesphere-monitoring-system Active 17h
kubesphere-system Active 17h再删除kubesphere-logging-system
bash
[root@k8smaster ~]# kubectl get ns kubesphere-logging-system -o json > logging.json
[root@k8smaster ~]# vi logging.json
#删除里面内容
"finalizers": [
"kubernetes"
]执行
bash
[root@k8smaster ~]#curl -k -H "Content-Type: application/json" -X PUT --data-binary @logging.json http://127.0.0.1:8081/api/v1/namespaces/kubesphere-logging-system/finalize查看已经被删除
bash
[root@k8smaster ~]# kubectl get ns
NAME STATUS AGE
default Active 176d
ingress-nginx Active 167d
kube-node-lease Active 176d
kube-public Active 176d
kube-system Active 176d
kubeedge Active 120d
kubesphere-controls-system Active 121d
kubesphere-devops-system Active 121d
kubesphere-monitoring-federated Active 121d
kubesphere-monitoring-system Active 17h
kubesphere-system Active 17h已解决