kubectl describe pods
logs
pods logs
logs
command:
- bundle exec unicorn -c config/unicorn/production.rb -E production
The container can't start on k8s and some errors occured .
But when I exec
docker run -d image [CMD]
The container works well.
"command" is an array, so each argument has to be a separate element, not all on one line
For anyone else running into this problem:
make sure the gems (including unicorn) are actually installed in the volume used by the container. If not, do a bundle install.
Another reason for this kind of error could be that the directory specified under working_dir (in the docker-compose.yml) does not exist (see Misleading error message "ERROR: Container command not found or does not exist.").
Related
I was trying to get into kubernetes-dashboard Pod, but I keep getting this error:
C:\Users\USER>kubectl exec -n kubernetes-dashboard kubernetes-dashboard-66c887f759-bljtc -it -- sh
OCI runtime exec failed: exec failed: unable to start container process: exec: "sh": executable file not found in $PATH: unknown
command terminated with exit code 126
The Pod is running normally and I can access the Kubernetes UI via the browser. But I was getting some issues getting it running before, and I wanted to get inside the pod to run some commands, but I always get the same error mentioned above.
When I try the same command with a pod running nginx for example, it works:
C:\Users\USER>kubectl exec my-nginx -it -- sh
/ # ls
bin home proc sys
dev lib root tmp
docker-entrypoint.d media run usr
docker-entrypoint.sh mnt sbin var
etc opt srv
/ # exit
Any explanation, please?
Prefix the command to run with /bin so your updated command will look like:
kubectl exec -n kubernetes-dashboard <POD_NAME> -it -- /bin/sh
The reason you're getting that error is because Git in Windows slightly modifies the MSYS that changes command args. Generally using the command /bin/sh or /bash/bash works universally.
That error message means literally what it says: there is no sh or any other shell in the container. There's no particular requirement that a container have a shell, and if a Docker image is built FROM scratch (as the Kubernetes dashboard image is) or a "distroless" image, it just may not contain one.
In most cases you shouldn't need to "enter a container", and you should use kubectl exec (or docker exec) sparingly if at all. This is doubly true in Kubernetes: it's not just that changes you make manually will get lost when the container exits, but also that in Kubernetes you typically have multiple replicas that you can't manually edit all at once, and also that in some cases the cluster can delete and recreate a Pod outside of your control.
I am using the mssql docker image (Linux) for sql server 2019. The default user is not root but mssql.
I need to perform some operations as root inside the container:
docker exec -it sql bash
mssql#7f5a78a63728:/$ sudo <command>
bash: sudo: command not found
Then I start the shell as root:
docker exec -it --user=root sql bash
root#7f5a78a63728:/# <command>
...
This works.
Now I need to do this in a container deployed in an AKS cluster
kubectl exec -it rms-sql-1-sql-server-deployment-86cc45dc5c-tgtm2 -- bash
mssql#rms-sql-1-sql-server-host:/$ sudo <command>
bash: sudo: command not found
as expected. But then:
kubectl exec -it --user=root rms-sql-1-sql-server-deployment-86cc45dc5c-tgtm2 -- bash
error: auth info "root" does not exist
So when the container is in an AKS cluster, starting a shell as root doesn't work.
I then try to ssh into the node and use docker from inside:
kubectl debug node/aks-agentpool-30797540-vmss000000 -it --image=mcr.microsoft.com/aks/fundamental/base-ubuntu:v0.0.11
Creating debugging pod node-debugger-aks-agentpool-30797540-vmss000000-xfrsq with container debugger on node aks-agentpool-30797540-vmss000000.
If you don't see a command prompt, try pressing enter.
root#aks-agentpool-30797540-vmss000000:/# docker ...
bash: docker: command not found
Looks like a Kubernetes cluster node doesn't have docker installed!
Any clues?
EDIT
The image I used locally and in Kubernetes is exactly the same,
mcr.microsoft.com/mssql/server:2019-latest untouched
David Maze has well mentioned in the comment:
Any change you make in this environment will be lost as soon as the Kubernetes pod is deleted, including if you need to update the underlying image or if its node goes away outside of your control. Would building a custom image with your changes be a more maintainable solution?
Generally, if you want to change something permanently you have to create a new image. Everything you described behaved exactly as it was supposed to. First you have exec the container in docker, then logged in as root. However, in k8s it is a completely different container. Perhaps a different image is used. Second, even if you made a change, it would exist until the container dies. If you want to modify something permanently, you have to create your new image with all the components and the configuration you need. For more information look at pod lifecycle.
Getting following error while accessing the pod...
"OCI runtime exec failed: exec failed: container_linux.go:348:
starting container process caused "exec: \"/bin/bash\": stat
/bin/bash: no such file or directory": unknown command terminated with
exit code 126"
Tried with /bin/sh & /bin/bash
Terminated the node on which this pod is running and bring up the new node, but the result is same.
Also tried deleting the pod, but new pod also behaves in the similar way.
This is because the container you're trying to access doesn't have the /bin/bash executable.
If you really want to execute a shell in the container, you have to use a container image that includes a shell (e.g. /bin/sh or /bin/bash).
trying to shell into the container by kubectl exec -it xxxxxx
but it returns
rpc error: code = 5 desc = open /var/run/docker/libcontainerd/containerd/faf3fd49262cc738e16368001eba5e1113abcb8a87e7b818cb84af3799906149/30fe901c16e0465aa15b596bf3e4f244fb12a7e4133b6e4da5aa35167a8dfb30/shim-log.json: no such file or directory
trying to reboot the node but not help
Thanks #Prafull Ladha
Eventually I restarted the docker (systemctl restart docker) of that Node which my pods could not be shelled, and it resumes to normal
The problem is with containerd, Once the containerd restart in the background, the docker daemon still try to process event streams against the old socket handles. After that, the error handeling when client can't connect to the containerd leads to the CPU spike on machine.
This is the open issue with docker and currently the workaround is to restart the docker.
sudo systemctl restart docker
It appears like some issue with the docker daemon. it would help if you add the logs from the container to research the root cause.
deploy alpine pod and see if you can get into the container. This is to isolate if the problem is with the platform or the pod that you are running.
kubectl run pingpong --image alpine ping 8.8.8.8
kubectl exec -it <pingpong-pod-name> sh
most likely something wrong with the pod that you are running. share the container logs for further help
I've successfully pushed my Docker container image to gcr.io with the following command:
$ gcloud docker push gcr.io/project-id-123456/my-image
But when I try to create a new pod I get the following error:
$ kubectl run my-image --image=gcr.io/project-id-123456/my-image
CONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICAS
my-image my-image gcr.io/project-id-123456/my-image run=my-image 1
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
my-image-of9x7 0/1 Error pulling image (latest) from gcr.io/project-id-123456/my-image, Untar exit status 1 unexpected EOF 0 5m
It doesn't pull on my local as well:
$ docker rmi -f $(docker images -q) # Clear local image cache
$ gcloud docker pull gcr.io/project-id-123456/my-image:latest
…
Error pulling image (latest) from gcr.io/project-id-123456/my-image, Untar re-exec error: exit status 1: output: unexpected EOF
Can someone please suggest me how to fix this?
Ok, after digging around in the Docker code base, I think I have found some similar reports of what you are seeing.
The way this error is displayed changed in 1.7, but this thread seems related:
https://github.com/docker/docker/issues/14792
This turned me onto this fix, which landed in 1.8:
https://github.com/docker/docker/pull/15040
In particular, see this comment:
https://github.com/docker/docker/pull/15040#issuecomment-125661037
The comment seems to indicate that this is only a problem for v1 layers, so our Beta support for v2 may work around this issue.
You can push to our v2 beta via:
gcloud docker --server=beta.gcr.io push beta.gcr.io/project-id-123456/...
You can then simply change the reference in your Pod to "beta.gcr.io/..." and it will pull via v2.