Fix: anchor pre-stop failures
kubernetes-controller-manager-anchor pods get stuck in Terminating state because the pre-stop script tries to touch /tmp/stop, which is on a read only root filesystem. This change mounts an emptyDir at /tmp to resolve the issue. The same change is applied to apiserver, etcd, and scheduler anchors, to prevent the issue if readOnlyRootFilesystem is enabled. Related change for haproxy: https://review.opendev.org/685711/ Change-Id: I784498e0dc24da91a983716029973919b96a3055
This commit is contained in:
parent
02fc5342b2
commit
a7c7282ba4
|
@ -99,6 +99,8 @@ spec:
|
|||
mountPath: /tmp/bin
|
||||
- name: {{ .Values.service.name }}-etc
|
||||
mountPath: /tmp/etc
|
||||
- name: pod-tmp
|
||||
mountPath: /tmp
|
||||
{{ if $mounts_kubernetes_apiserver.volumeMounts }}{{ toYaml $mounts_kubernetes_apiserver.volumeMounts | indent 12 }}{{ end }}
|
||||
volumes:
|
||||
- name: {{ .Values.service.name }}-bin
|
||||
|
@ -120,5 +122,7 @@ spec:
|
|||
configMap:
|
||||
name: {{ .Values.service.name }}-etc
|
||||
defaultMode: 0444
|
||||
- name: pod-tmp
|
||||
emptyDir: {}
|
||||
{{ if $mounts_kubernetes_apiserver.volumes }}{{ toYaml $mounts_kubernetes_apiserver.volumes | indent 8 }}{{ end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -91,6 +91,8 @@ spec:
|
|||
mountPath: /host
|
||||
- name: secret
|
||||
mountPath: /secret
|
||||
- name: pod-tmp
|
||||
mountPath: /tmp
|
||||
{{ if $mounts_controller_manager.volumeMounts }}{{ toYaml $mounts_controller_manager.volumeMounts | indent 12 }}{{ end }}
|
||||
volumes:
|
||||
- name: {{ .Values.service.name }}-bin
|
||||
|
@ -108,5 +110,7 @@ spec:
|
|||
secret:
|
||||
secretName: {{ .Values.service.name }}
|
||||
defaultMode: 0444
|
||||
- name: pod-tmp
|
||||
emptyDir: {}
|
||||
{{ if $mounts_controller_manager.volumes }}{{ toYaml $mounts_controller_manager.volumes | indent 8 }}{{ end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -127,6 +127,8 @@ spec:
|
|||
mountPath: /manifests
|
||||
- name: {{ .Values.service.name }}-etc
|
||||
mountPath: /anchor-etcd
|
||||
- name: pod-tmp
|
||||
mountPath: /tmp
|
||||
{{ if $mounts_daemonset_anchor.volumeMounts }}{{ toYaml $mounts_daemonset_anchor.volumeMounts | indent 12 }}{{ end }}
|
||||
volumes:
|
||||
- name: {{ .Values.service.name }}-bin
|
||||
|
@ -161,5 +163,7 @@ spec:
|
|||
configMap:
|
||||
name: {{ .Values.service.name }}-etc
|
||||
defaultMode: 0444
|
||||
- name: pod-tmp
|
||||
emptyDir: {}
|
||||
{{ if $mounts_daemonset_anchor.volumes }}{{ toYaml $mounts_daemonset_anchor.volumes | indent 8 }}{{ end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -81,6 +81,8 @@ spec:
|
|||
mountPath: /host
|
||||
- name: secret
|
||||
mountPath: /secret
|
||||
- name: pod-tmp
|
||||
mountPath: /tmp
|
||||
terminationGracePeriodSeconds: {{ .Values.anchor.termination_grace_period }}
|
||||
volumes:
|
||||
- name: bin
|
||||
|
@ -98,3 +100,5 @@ spec:
|
|||
secret:
|
||||
secretName: kubernetes-scheduler
|
||||
defaultMode: 0444
|
||||
- name: pod-tmp
|
||||
emptyDir: {}
|
||||
|
|
Loading…
Reference in New Issue