[!TIP]
error code
ERROR CODE | COMMENTS |
---|---|
OOMKilled | pod运行过程内存需求持续增加超过为pod设置的内存大小 |
Pending | 调度不成功 or 资源不足 or HostPort 已被占用 |
Waiting/ContainerCreating | 镜像拉取失败 or CNI网络错误 or 容器无法启动 or 磁盘坏道input/output error |
CrashLoopBackOff | 容器曾经启动了但又异常退出 |
ImagePullBackOff | 镜像名称配置错误或者私有镜像的密钥配置错误导致 |
CrashLoopBackOff | 容器退出kubelet正在将它重启 |
InvalidImageName | 无法解析镜像名称 |
ImageInspectError | 无法校验镜像 |
ErrImageNeverPull | 策略禁止拉取镜像 |
ImagePullBackOff | 正在重试拉取 |
RegistryUnavailable | 连接不到镜像中心 |
ErrImagePull | 通用的拉取镜像出错 |
CreateContainerConfigError | 不能创建kubelet使用的容器配置 |
CreateContainerError | 创建容器失败 |
m.internalLifecycle.PreStartContainer | 执行hook报错 |
RunContainerError | 启动容器失败 |
PostStartHookError | 执行hook报错 |
ContainersNotInitialized | 容器没有初始化完毕 |
ContainersNotReady | 容器没有准备完毕 |
ContainerCreating | 容器创建中 |
PodInitializingpod | 初始化中 |
DockerDaemonNotReady | docker还没有完全启动 |
NetworkPluginNotReady | 网络插件还没有完全启动 |
Evicte | pod被驱赶 |
debug services
[!NOTE|label:reference:]
- How to Debug a Kubernetes Service Effectively
- Debug Services
- Access Services Running on Clusters
- DNS for Services and Pods
- svc in cluster can be visit via
CLUSTER-IP
<svc-name>.<namespace>.svc.cluster.local
- create pod from cmd
- svc status
$ kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE jenkins ClusterIP 10.111.230.13 <none> 8080/TCP,50017/TCP 17h
# create new pod
$ kubectl run ubuntu-marslo \
--image=ubuntu:18.04 \
--overrides='{"spec": { "nodeSelector": {"kubernetes.io/hostname": "k8s-node-01"}}}' \
-it \
--rm
# check DNS
<ubuntu-marslo> $ cat /etc/resolv.conf
nameserver 10.96.0.10
search devops.svc.cluster.local svc.cluster.local cluster.local company.com
options ndots:5
# debug
$ nc -zv jenkins.devops.svc.cluster.local 30338
$ nc -zv 10.111.230.13 30338
$ ssh -l marslo -p 30338 -i ~/.ssh/id_rsa jenkins.devops.svc.cluster.local list-plugins
$ ssh -l marslo -p 30338 -i ~/.ssh/id_rsa 10.111.230.13 list-plugins
get podIp
$ kubectl get pods \
-l app=hostnames \
-o go-template='{{range .items}}{{.status.podIP}}{{"\n"}}{{end}}'
check log
[!NOTE|label:references:]
system logs
$ journalctl -u <service> -f
# or
$ journalctl -u kubelet -o cat
# or
$ sudo systemctl status <service> -l --no-pager
pod logs
$ kubectl logs pod <pod_name> --all-containers