Kubernetes:PersistentVolume验证错误和spec.PersistentVolumeSource:禁止:在创建后不可变
我正试图在本地计算机上部署ping devops,但当我试图设置服务器配置文件时,得到以下错误消息:
验证“lab05-local-profile-deploy.yaml”时出错:验证数据时出错:ValidationError(PersistentVolume):io.k8s.api.core.v1.PersistentVolume中的未知字段“nodeaffinity”;如果选择忽略这些错误,请在应用修补程序时使用--validate=false Error from server(Invalid):Error关闭验证:
有人知道如何解决这个问题吗?
yaml文件如下所示:
apiVersion: v1
data:
PING_IDENTITY_ACCEPT_EULA: "YES"
kind: ConfigMap
metadata:
labels:
role: pingdirectory
name: pingdirectory-environment-variables
---
apiVersion: v1
data:
PING_IDENTITY_ACCEPT_EULA: "YES"
kind: ConfigMap
metadata:
labels:
role: pingfederate
name: pingfederate-environment-variables
---
apiVersion: v1
kind: Service
metadata:
labels:
role: pingdataconsole
name: pingdataconsole
spec:
ports:
- name: https
port: 8443
selector:
role: pingdataconsole
type: NodePort
---
apiVersion: v1
kind: Service
metadata:
labels:
role: pingdirectory
name: pingdirectory
spec:
ports:
- name: ldaps
port: 636
- name: ssl
port: 443
- name: ldap
port: 389
selector:
role: pingdirectory
type: NodePort
---
apiVersion: v1
kind: Service
metadata:
labels:
role: pingfederate
name: pingfederate
spec:
ports:
- name: pf-console
port: 9999
- name: pf-runtime
port: 9031
selector:
role: pingfederate
type: NodePort
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: pd-profile-volume
spec:
accessModes:
- ReadOnlyMany
capacity:
storage: 10Gi
local:
path: /home/alice/projects/devops/lab05/pingidentity-server-profiles/getting-started/pingdirectory
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- docker-desktop
storageClassName: pd-local-in-storage
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: pf-profile-volume
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- docker-desktop
spec:
accessModes:
- ReadOnlyMany
capacity:
storage: 10Gi
local:
path: /home/alice/projects/devops/lab05/pingidentity-server-profiles/getting-started/pingfederate
storageClassName: pf-local-in-storage
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pd-profile-claim
spec:
accessModes:
- ReadOnlyMany
resources:
requests:
storage: 10Gi
storageClassName: pd-local-in-storage
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pf-profile-claim
spec:
accessModes:
- ReadOnlyMany
resources:
requests:
storage: 10Gi
storageClassName: pf-local-in-storage
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
role: pingdataconsole
name: pingdataconsole
spec:
replicas: 1
selector:
matchLabels:
role: pingdataconsole
template:
metadata:
labels:
role: pingdataconsole
name: pingdataconsole
spec:
containers:
- image: pingidentity/pingdataconsole:edge
name: pingdataconsole
ports:
- containerPort: 8443
resources:
limits:
cpu: 200m
memory: 1.5Gi
requests:
cpu: 200m
memory: 1.5Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
role: pingfederate
name: pingfederate
spec:
replicas: 1
selector:
matchLabels:
role: pingfederate
template:
metadata:
labels:
role: pingfederate
name: pingfederate
spec:
containers:
- envFrom:
- configMapRef:
name: pingfederate-environment-variables
- secretRef:
name: devops-secret
optional: true
image: pingidentity/pingfederate:edge
imagePullPolicy: Always
livenessProbe:
failureThreshold: 1
httpGet:
path: /pingfederate/app
port: 9999
scheme: HTTPS
initialDelaySeconds: 100
periodSeconds: 1
name: pingfederate
ports:
- containerPort: 9999
- containerPort: 9031
readinessProbe:
httpGet:
path: /pingfederate/app
port: 9999
scheme: HTTPS
periodSeconds: 10
resources:
limits:
cpu: "1"
memory: 1.5Gi
requests:
cpu: "1"
memory: 1.5Gi
volumeMounts:
- mountPath: /opt/in
name: pf-profile-storage
volumes:
- name: pf-profile-storage
persistentVolumeClaim:
claimName: pf-profile-claim
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
labels:
role: pingdirectory
name: pingdirectory
spec:
replicas: 1
selector:
matchLabels:
role: pingdirectory
serviceName: pingdirectory
template:
metadata:
labels:
role: pingdirectory
name: pingdirectory
spec:
containers:
- envFrom:
- configMapRef:
name: pingdirectory-environment-variables
- secretRef:
name: devops-secret
optional: true
image: pingidentity/pingdirectory:edge
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- /preStop.sh
livenessProbe:
exec:
command:
- /bin/sh
- -c
- /opt/liveness.sh
initialDelaySeconds: 300
periodSeconds: 30
name: pingdirectory
ports:
- containerPort: 636
- containerPort: 443
- containerPort: 389
readinessProbe:
exec:
command:
- /bin/sh
- -c
- /opt/liveness.sh
resources:
limits:
cpu: "2"
memory: 2Gi
requests:
cpu: "2"
memory: 2Gi
volumeMounts:
- mountPath: /opt/in
name: pd-profile-storage
terminationGracePeriodSeconds: 300
volumes:
- name: pd-profile-storage
persistentVolumeClaim:
claimName: pd-profile-claim
共有1个答案
您可能需要检查以前部署的内容。做一个kubectl,获取pv和pvc,并检查是否存在同名的现有资源。如果是这样,请将它们从命名空间中删除,然后再次尝试部署。
-
我有基本授权,它基于Spring启动安全性: 当我尝试在授权后添加新帖子时,我会收到这条消息: 在我的控制器中: 然而,读操作从我的控制器工作得很好,但积垢操作我没有访问权。 我的依赖性如下: 知道吗?提前谢谢!
-
在将我的计算机升级到乌龟SVN版本从1.6升级到1.8.3(SVN 1.8.4)后,我得到了可怕的403禁止错误。 null 在防火墙或身份验证方面,1.8有什么不同吗?Apache服务器使用html并使用网络密码进行身份验证。下一步有哪些举措?
-
我正在尝试使用一个appengine项目中的javaapi创建一个GCS bucket。 我得到以下错误,没有更多的进一步信息。 403 FORBIDDEN{"代码": 403,"错误": [ { "域":"全局","消息":"禁止","原因":"禁止" } ], "消息":"禁止"} 根据在互联网上的阅读,我已经检查了以下内容 启用计费-完成。。启用GoogleCloudStorage API-
-
问题内容: 非常奇怪的错误。我使用的是http://developers.facebook.com/docs/authentication/。所以我创建了对fb的请求并传递redirect_uri。我在本地主机上使用测试站点。所以如果我通过 redirect_uri = http://localhost/test_blog/index.php 它工作正常,但如果我通过 redirect_uri =
-
我使用teraform-aws-lambda模块和terraform-aws-iam模块,下面是这些例子,但是我得到了验证异常错误(输出如下) https://github.com/terraform-aws-modules/terraform-aws-lambda/tree/master/examples/simplehttps://github.com/terraform-aws-module
-
问题内容: 我制作了供个人使用的python脚本,但不适用于Wikipedia … 这项工作: 这不起作用: 这是错误: 问题答案: 在当前代码内: Python 2.X 的Python 3.X 带有Selenium的Python 3.X(执行Javascript函数) 修改后的版本起作用的原因是因为Wikipedia检查User-Agent是“流行的浏览器”