資源傳播失敗:ClusterResourcePlacementApplied 為 False
本文討論如何在 Microsoft azure Kubernetes Fleet Manager 中使用ClusterResourcePlacement物件 API 來傳播資源時,針對問題進行疑難解答ClusterResourcePlacementApplied。
徵兆
當您在 Azure Kubernetes Fleet Manager 中使用 ClusterResourcePlacement API 對象傳播資源時,部署會失敗。 狀態 ClusterResourcePlacementApplied 會顯示為 False。
原因
此問題可能會因為下列其中一個原因而發生:
- 資源已存在於叢集上,而且不是由車隊控制器所管理。 若要解決此問題,請更新
ClusterResourcePlacement指令清單 YAML 檔案以在 內ApplyStrategy使用AllowCoOwnership,以允許艦隊控制器管理資源。 - 另一個
ClusterResourcePlacement部署已使用不同的套用策略來管理所選叢集的資源。 ClusterResourcePlacement部署不會套用指令清單,因為語法錯誤或資源設定無效。 如果資源透過信封對象傳播,也可能會發生此情況。
疑難排解步驟
- 檢視
ClusterResourcePlacement狀態並找出區placementStatuses段。placementStatuses檢查值,以識別哪些叢集已ResourceApplied將條件設定為False,並記下其clusterName值。 Work找出中樞叢集中的物件。 使用識別clusterName的 來找出Work與成員叢集相關聯的物件。 如需詳細資訊,請參閱 如何尋找與ClusterResourcePlacement相關聯的正確工作資源。- 檢查物件的狀態
Work,以瞭解防止成功資源應用程式的特定問題。
案例研究
在下列範例中, ClusterResourcePlacement 嘗試將包含部署的命名空間傳播至兩個成員叢集。 不過,命名空間已存在於一個成員叢集上,特別是 kind-cluster-1。
ClusterResourcePlacement 規格
apiVersion: placement.kubernetes-fleet.io/v1beta1
kind: ClusterResourcePlacement
metadata:
name: crp
spec:
policy:
clusterNames:
- kind-cluster-1
- kind-cluster-2
placementType: PickFixed
resourceSelectors:
- group: ""
kind: Namespace
name: test-ns
version: v1
revisionHistoryLimit: 10
strategy:
type: RollingUpdate
ClusterResourcePlacement 狀態
status:
conditions:
- lastTransitionTime: "2024-05-07T23:32:40Z"
message:couldn't find all the clusters needed as specified by the scheduling
policy
observedGeneration: 1
reason: SchedulingPolicyUnfulfilled
status: "False"
type: ClusterResourcePlacementScheduled
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: All 2 cluster(s) start rolling out the latest resource
observedGeneration: 1
reason: RolloutStarted
status: "True"
type: ClusterResourcePlacementRolloutStarted
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: No override rules are configured for the selected resources
observedGeneration: 1
reason: NoOverrideSpecified
status: "True"
type: ClusterResourcePlacementOverridden
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: Works(s) are succcesfully created or updated in the 2 target clusters'
namespaces
observedGeneration: 1
reason: WorkSynchronized
status: "True"
type: ClusterResourcePlacementWorkSynchronized
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: Failed to apply resources to 1 clusters, please check the `failedPlacements`
status
observedGeneration: 1
reason: ApplyFailed
status: "False"
type: ClusterResourcePlacementApplied
observedResourceIndex: "0"
placementStatuses:
- clusterName: kind-cluster-2
conditions:
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: 'Successfully scheduled resources for placement in kind-cluster-2 (affinity
score: 0, topology spread score: 0): picked by scheduling policy'
observedGeneration: 1
reason: Scheduled
status: "True"
type: Scheduled
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: Detected the new changes on the resources and started the rollout process
observedGeneration: 1
reason: RolloutStarted
status: "True"
type: RolloutStarted
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: No override rules are configured for the selected resources
observedGeneration: 1
reason: NoOverrideSpecified
status: "True"
type: Overridden
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: All of the works are synchronized to the latest
observedGeneration: 1
reason: AllWorkSynced
status: "True"
type: WorkSynchronized
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: All corresponding work objects are applied
observedGeneration: 1
reason: AllWorkHaveBeenApplied
status: "True"
type: Applied
- lastTransitionTime: "2024-05-07T23:32:49Z"
message: The availability of work object crp-4-work isn't trackable
observedGeneration: 1
reason: WorkNotTrackable
status: "True"
type: Available
- clusterName: kind-cluster-1
conditions:
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: 'Successfully scheduled resources for placement in kind-cluster-1 (affinity
score: 0, topology spread score: 0): picked by scheduling policy'
observedGeneration: 1
reason: Scheduled
status: "True"
type: Scheduled
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: Detected the new changes on the resources and started the rollout process
observedGeneration: 1
reason: RolloutStarted
status: "True"
type: RolloutStarted
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: No override rules are configured for the selected resources
observedGeneration: 1
reason: NoOverrideSpecified
status: "True"
type: Overridden
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: All of the works are synchronized to the latest
observedGeneration: 1
reason: AllWorkSynced
status: "True"
type: WorkSynchronized
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: Work object crp-4-work isn't applied
observedGeneration: 1
reason: NotAllWorkHaveBeenApplied
status: "False"
type: Applied
failedPlacements:
- condition:
lastTransitionTime: "2024-05-07T23:32:40Z"
message: 'Failed to apply manifest: failed to process the request due to a
client error: resource exists and isn't managed by the fleet controller
and co-ownernship is disallowed'
reason: ManifestsAlreadyOwnedByOthers
status: "False"
type: Applied
kind: Namespace
name: test-ns
version: v1
selectedResources:
- kind: Namespace
name: test-ns
version: v1
- group: apps
kind: Deployment
name: test-nginx
namespace: test-ns
version: v1
在 的 kind-cluster-1區failedPlacements段中,message欄位會說明為何資源未套用在成員叢集上。 在上 conditions 一節中 Applied ,的 kind-cluster-1 條件會標示為 false ,並顯示 NotAllWorkHaveBeenApplied 原因。 這表示 Work 未套用適用於成員叢集 kind-cluster-1 的物件。 如需詳細資訊,請參閱 如何尋找與 ClusterResourcePlacement相關聯的正確工作資源。
kind-cluster-1 的工作狀態
status:
conditions:
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: 'Apply manifest {Ordinal:0 Group: Version:v1 Kind:Namespace Resource:namespaces
Namespace: Name:test-ns} failed'
observedGeneration: 1
reason: WorkAppliedFailed
status: "False"
type: Applied
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: ""
observedGeneration: 1
reason: WorkAppliedFailed
status: Unknown
type: Available
manifestConditions:
- conditions:
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: 'Failed to apply manifest: failed to process the request due to a client
error: resource exists and isn't managed by the fleet controller and co-ownernship
is disallowed'
reason: ManifestsAlreadyOwnedByOthers
status: "False"
type: Applied
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: Manifest isn't applied yet
reason: ManifestApplyFailed
status: Unknown
type: Available
identifier:
kind: Namespace
name: test-ns
ordinal: 0
resource: namespaces
version: v1
- conditions:
- lastTransitionTime: "2024-05-07T23:32:40Z"
message: Manifest is already up to date
observedGeneration: 1
reason: ManifestAlreadyUpToDate
status: "True"
type: Applied
- lastTransitionTime: "2024-05-07T23:32:51Z"
message: Manifest is trackable and available now
observedGeneration: 1
reason: ManifestAvailable
status: "True"
type: Available
identifier:
group: apps
kind: Deployment
name: test-nginx
namespace: test-ns
ordinal: 1
resource: deployments
version: v1
Work檢查狀態,特別是區manifestConditions段。 您可以看到無法套用命名空間,但命名空間內的部署已從中樞傳播到成員叢集。
解決方法
在這裡情況下,潛在的解決方案是在 ApplyStrategy 原則中將 設定AllowCoOwnershiptrue為 。 不過,請務必注意,用戶應該做出此決策,因為資源可能不會共用。
此外,您可以檢閱 Apply Work Controller 的記錄,以深入瞭解資源無法使用的原因。
與我們連絡,以取得說明
如果您有問題或需要相關協助,請建立支援要求,或詢問 Azure community 支援。 您也可以向 Azure 意見反應社群提交產品意見反應。