无法加载云提供程序配置'/etc/appgw/azure.json' [英] Unable to load cloud provider config '/etc/appgw/azure.json'

问题描述

我无法通过应用程序网关连接我的应用程序，并且Azure网关入口控制器容器已排定，但未处于就绪状态.

I am unable to connect my app through application gateway and Azure gateway ingress controller pod is scheduled but not in ready state.

在下面，我附上了错误日志和入口控制器的说明.

Below i have attached the error logs and description of the ingress controller.

我想在这里找出问题所在.我已遵循Azure文档来使用AAD身份部署AGIC.

I want to identify what is the issue here. I have followed the Azure documentation to deploy AGIC with AAD identities.

错误:正在读取Az上下文文件"/etc/appgw/azure.json"；失败:打开/etc/appgw/azure.json:权限被拒绝

Error: Reading Az Context file "/etc/appgw/azure.json" failed: open /etc/appgw/azure.json: permission denied

Name:         ingress-azure-1601834933-77f4978499-jzsr5
Namespace:    default
Priority:     0
Node:         aks-agentpool-26714526-vmss000002/10.240.0.226
Start Time:   Fri, 09 Oct 2020 14:50:44 +0530
Labels:       aadpodidbinding=ingress-azure-1601834933
              app=ingress-azure
              pod-template-hash=77f4978499
              release=ingress-azure-1601834933
Annotations:  checksum/config: cfd91a5a7795ab06d41d6b5e7df20965936069437759bdf4e18323fc52894138
              prometheus.io/port: 8123
              prometheus.io/scrape: true
Status:       Running
IP:           10.240.1.2
IPs:
  IP:           10.240.1.2
Controlled By:  ReplicaSet/ingress-azure-1601834933-77f4978499
Containers:
  ingress-azure:
    Container ID:   docker://c93ed14bdeb798b6ff9e0e1feaafd9f23afba19b3dd31391c4635dbf69e2d2e6
    Image:          mcr.microsoft.com/azure-application-gateway/kubernetes-ingress:1.2.1
    Image ID:       docker-pullable://mcr.microsoft.com/azure-application-gateway/kubernetes-ingress@sha256:cf1df9645ded72127967c99bbf88b758b5b19b698ba18a9ed74c3a7ebf016ef1
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Fri, 09 Oct 2020 16:22:59 +0530
    Last State:     Terminated
      Reason:       Error
      Exit Code:    255
      Started:      Fri, 09 Oct 2020 16:12:45 +0530
      Finished:     Fri, 09 Oct 2020 16:22:57 +0530
    Ready:          False
    Restart Count:  9
    Liveness:       http-get http://:8123/health/alive delay=15s timeout=1s period=20s #success=1 #failure=3
    Readiness:      http-get http://:8123/health/ready delay=5s timeout=1s period=10s #success=1 #failure=3
    Environment Variables from:
      ingress-azure-1601834933  ConfigMap  Optional: false
    Environment:
      AZURE_CLOUD_PROVIDER_LOCATION:  /etc/appgw/azure.json
      AGIC_POD_NAME:                  ingress-azure-1601834933-77f4978499-jzsr5 (v1:metadata.name)
      AGIC_POD_NAMESPACE:             default (v1:metadata.namespace)
    Mounts:
      /etc/appgw/azure.json from azure (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from ingress-azure-1601834933-token-j26h8 (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             False 
  ContainersReady   False 
  PodScheduled      True 
Volumes:
  azure:
    Type:          HostPath (bare host directory volume)
    Path:          /etc/kubernetes/azure.json
    HostPathType:  File
  ingress-azure-1601834933-token-j26h8:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  ingress-azure-1601834933-token-j26h8
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                 node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason     Age                    From     Message
  ----     ------     ----                   ----     -------
  Warning  Unhealthy  2m49s (x563 over 97m)  kubelet  Readiness probe failed: Get http://10.240.1.2:8123/health/ready: net/http: request canceled (Client.Timeout exceeded while awaiting headers)




-------------------------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------------------------------



ERROR: logging before flag.Parse: I1009 10:22:18.658900       1 utils.go:115] Using verbosity level 3 from environment variable APPGW_VERBOSITY_LEVEL
ERROR: logging before flag.Parse: I1009 10:22:18.658983       1 main.go:78] Unable to load cloud provider config '/etc/appgw/azure.json'. Error: Reading Az Context file "/etc/appgw/azure.json" failed: open /etc/appgw/azure.json: permission denied
I1009 10:22:18.691424       1 environment.go:240] KUBERNETES_WATCHNAMESPACE is not set. Watching all available namespaces.
I1009 10:22:18.691567       1 main.go:128] Appication Gateway Details: Subscription="17dbc3e5-9c62-4898-80e8-47d8ac77d641" Resource Group="dev-cluster" Name="test-app-gateway"
I1009 10:22:18.691581       1 auth.go:46] Creating authorizer from Azure Managed Service Identity
I1009 10:22:18.691643       1 httpserver.go:57] Starting API Server on :8123

推荐答案

$ helm卸载ingress-azure

$ helm uninstall ingress-azure

$ helm install ingress-azure -f helm-config.yaml application-gateway-kubernetes-ingress/ingress-azure --version 1.2.0

$ helm install ingress-azure -f helm-config.yaml application-gateway-kubernetes-ingress/ingress-azure --version 1.2.0

为我解决的问题

这篇关于无法加载云提供程序配置'/etc/appgw/azure.json'的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！