Проблема с использованием oauth-proxy для openshift
Пытаюсь подключить контейнер с oauth-proxy для openshift. В результате получается следующее:
Name: reverse-words-8d68f47f7-vlnpf
Namespace: maximvasil79-dev
Priority: -3
Priority Class Name: sandbox-users-pods
Node: ip-10-0-232-111.ec2.internal/10.0.232.111
Start Time: Wed, 31 Aug 2022 15:28:05 +0300
Labels: name=reverse-words
pod-template-hash=8d68f47f7
Annotations: k8s.v1.cni.cncf.io/network-status:
[{
"name": "openshift-sdn",
"interface": "eth0",
"ips": [
"10.128.2.39"
],
"default": true,
"dns": {}
}]
k8s.v1.cni.cncf.io/networks-status:
[{
"name": "openshift-sdn",
"interface": "eth0",
"ips": [
"10.128.2.39"
],
"default": true,
"dns": {}
}]
kubernetes.io/limit-ranger:
LimitRanger plugin set: cpu, memory request for container reverse-words; cpu, memory limit for container reverse-words; cpu, memory reques...
openshift.io/scc: restricted
Status: Running
IP: 10.128.2.39
IPs:
IP: 10.128.2.39
Controlled By: ReplicaSet/reverse-words-8d68f47f7
Containers:
reverse-words:
Container ID: cri-o://b7bfa5e3ee3892a6cf0840c88d40b0cc3bdf300ec7f2c53b3483c7a4e1554e58
Image: quay.io/mavazque/reversewords:latest
Image ID: quay.io/mavazque/reversewords@sha256:b38909ff6ce0677856a2f07689ba19ebd7b84c0d86b70d1624ff64e74ecac772
Port: 8080/TCP
Host Port: 0/TCP
State: Running
Started: Wed, 31 Aug 2022 15:28:39 +0300
Ready: True
Restart Count: 0
Limits:
cpu: 1
memory: 750Mi
Requests:
cpu: 10m
memory: 64Mi
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-qk25t (ro)
oauth-proxy:
Container ID: cri-o://110aebfb5b933231e0c59c54ab8eb379db733fde3052ef27f384bc67552faeba
Image: quay.io/openshift/origin-oauth-proxy:4.9.0
Image ID: quay.io/openshift/origin-oauth-proxy@sha256:0e72ed64cdf76828392ef8cfe4ee49d644a013ac00ff1590d6c53774d77615e3
Port: 8888/TCP
Host Port: 0/TCP
Args:
--provider=openshift
--https-address=:8888
--http-address=
--email-domain=*
--upstream=http://localhost:8080
--tls-cert=/etc/tls/private/tls.crt
--tls-key=/etc/tls/private/tls.key
--client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token
--cookie-secret-file=/etc/proxy/secrets/session_secret
--openshift-service-account=reversewords
--openshift-ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
--skip-auth-regex=^/metrics
State: Waiting
Reason: CrashLoopBackOff
Last State: Terminated
Reason: Error
Exit Code: 1
Started: Wed, 31 Aug 2022 15:39:27 +0300
Finished: Wed, 31 Aug 2022 15:39:27 +0300
Ready: False
Restart Count: 7
Limits:
cpu: 1
memory: 750Mi
Requests:
cpu: 10m
memory: 64Mi
Environment: <none>
Mounts:
/etc/proxy/secrets from secret-reversewords-proxy (rw)
/etc/tls/private from secret-reversewords-tls (rw)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-qk25t (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
secret-reversewords-tls:
Type: Secret (a volume populated by a Secret)
SecretName: reversewords-tls
Optional: false
secret-reversewords-proxy:
Type: Secret (a volume populated by a Secret)
SecretName: reversewords-proxy
Optional: false
kube-api-access-qk25t:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
ConfigMapName: openshift-service-ca.crt
ConfigMapOptional: <nil>
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/memory-pressure:NoSchedule op=Exists
node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 15m default-scheduler Successfully assigned maximvasil79-dev/reverse-words-8d68f47f7-vlnpf to ip-10-0-232-111.ec2.internal
Warning FailedMount 15m (x6 over 15m) kubelet MountVolume.SetUp failed for volume "secret-reversewords-tls" : secret "reversewords-tls" not found
Normal AddedInterface 14m multus Add eth0 [10.128.2.39/23] from openshift-sdn
Normal Pulling 14m kubelet Pulling image "quay.io/mavazque/reversewords:latest"
Normal Pulled 14m kubelet Successfully pulled image "quay.io/mavazque/reversewords:latest" in 136.824314ms
Normal Created 14m kubelet Created container reverse-words
Normal Started 14m kubelet Started container reverse-words
Normal Started 14m (x3 over 14m) kubelet Started container oauth-proxy
Normal Pulled 14m (x4 over 14m) kubelet Container image "quay.io/openshift/origin-oauth-proxy:4.9.0" already present on machine
Normal Created 14m (x4 over 14m) kubelet Created container oauth-proxy
Warning BackOff 18s (x69 over 14m) kubelet Back-off restarting failed container
Подскажите пожалуйста, в чём может быть проблема?