153. rancher 迁移后集群出现错误状态为“fleet-default/<cluster-name>-admission-configuration-psact”未找到

访问Rancher-K8S解决方案博主,企业合作伙伴 :
https://blog.csdn.net/lidw2009

Environment  环境
  • A Rancher v2.x instance migrated between clusters, using rancher-backup operator 105.0.0+up6.0.0 or < 104.1.0+up5.0.4
    Rancher v2.x 实例通过 rancher-backup operator 105.0.0+up6.0.0 或 < 104.1.0+up5.0.4 在集群间迁移
  • A Rancher-provisioned RKE2 or K3s cluster with a Pod Security Admission Configuration Template configured
    一个由 Rancher 配置的 RKE2 或 K3s 集群,配置了 Pod 安全准入配置文件
Situation  地理位置

After migrating a Rancher instance using the rancher-backup operator, with a backup created using rancher-backup operator 105.0.0+up6.0.0 or < 104.1.0+up5.0.4, Rancher-provisioned RKE2 or K3s clusters, with a Pod Security Admission Configuration Template configured, are in an error state with the following message:
在使用 rancher 备份操作员迁移 Rancher 实例 ,并使用 rancher 备份操作员 105.0.0+up6.0.0 或< 104.1.0+up5.0.4 创建备份后,配置了 Pod 安全准入配置模板的 Rancher 配置 RKE2 或 K3s 集群将出现以下错误状态:

 
       
<span style="color:#000000"><span style="background-color:#ffffff"><span style="background-color:#efefef"><code>Error retrieving secret fleet-default/<cluster-name>-admission-configuration-psact while rendering files: secrets "<cluster-name>-admission-configuration-psact" not found</code></span></span></span>
Resolution  结局

The issue can be mitigated by upgrading the version of the rancher-backup operator that is used to perform the backup and restore during migration, to a version > 104.1.0+up5.0.4, with the exception of 105.0.0+up6.0.0.
通过升级用于迁移时执行备份和恢复的牧场备份操作员版本,可以缓解>104.1.0+up5.0.4,例外是 105.0.0+up6.0.0。

To resolve this after migration with an affected rancher-backup operator version, you must manually transfer the missing Fleet secret from the existing Rancher local cluster to the new cluster, to which Rancher has been migrated.
迁移后使用受影响的牧场备份运营商版本后要解决这个问题,你必须手动将缺失的舰队机密从现有牧场本地集群转移到牧场者已迁移到的新集群。

If the existing cluster is still accessible, use kubectl to export the missing secret as a YAML file and create it in the new cluster:
如果现有集群仍然可访问,使用 kubectl 导出缺失的秘密文件为 YAML 文件,并在新集群中创建:

 

  1. Identify the full name and namespace of the secret from the error message: <namespace>/<cluster-name>-admission-configuration-psact
    从错误消息中识别秘密的全名和命名空间:<namespace>/<cluster-name>-admission-configuration-psact
  2. Run the following command against the existing cluster, replacing <cluster-name> and <namespace>:
    对现有集群运行以下命令,替换<cluster-name>和 <namespace>:
    <span style="color:#000000"><span style="background-color:#ffffff"><span style="background-color:#efefef"><code>kubectl get secret <cluster-name>-admission-configuration-psact --namespace <namespace> -o yaml > fleet-secret.yaml</code></span></span></span>
  3. Apply the secret manifest in the new Rancher local cluster:
    在新的 Rancher 本地集群中应用秘密清单:
    <span style="color:#000000"><span style="background-color:#ffffff"><span style="background-color:#efefef"><code>kubectl apply -f fleet-secret.yaml</code></span></span></span>
Cause  病因

The issue is caused by the failure of the rancher-backup operator to back up admission-configuration-psact secrets in backup-operator 105.0.0+up6.0.0 or < 104.1.0+up5.0.4
问题源于牧场备份操作员未能在备份操作员 105.0.0+up6.0.0 或< 104.1.0+up5.0.4中备份准入配置-psact秘密

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

K8S解决方案

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值