如何修复在EKS中使用FSx作为持久卷时出现的问题?

huangapple go评论80阅读模式
英文:

How can I fix this issue with using FSx as Persistent Volume for EKS?

问题

I have a cluster with nodes that are windows based. I followed this Using SMB CSI Driver on Amazon EKS Windows nodes | Microsoft Workloads on AWS but when I deployed the Windows pod (step 5.6), the pods are in pending state. This is the Warning I got:

Reason: FailedMount

From: kublet

Message:

  1. MountVolume.MountDevice failed for volume "pv-smb" : rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix C:\var\lib\kubelet\plugins\smb.csi.k8s.io\csi.sock: connect: No connection could be made because the target machine actively refused it."

  2. Unable to attach or mount volumes: unmounted volumes=[smb], unattached volumes=[smb kube-api-access-5v5p6]: timed out waiting for the condition

I would appreciate if anyone would help me out on this. Thank you 如何修复在EKS中使用FSx作为持久卷时出现的问题?

EDIT: After checking the connectivity and security group which was fixed, ended up with another error:

MountVolume.MountDevice failed for volume "pv-smb" : rpc error: code = Internal desc = volume(FSx_id) mount "//Fsx_id.AD_DNS_name/share" on "\var\lib\kubelet\plugins\kubernetes.io\csi\smb.csi.k8s.io\da35e2ac08d4bd6b3f917c217d32fc33bb4c2b87b9068efb5845c8eb666d8d5d\globalmount" failed with NewSmbGlobalMapping(\Fsx_id.AD_DNS_name\share, c:\var\lib\kubelet\plugins\kubernetes.io\csi\smb.csi.k8s.io\da35e2ac08d4bd6b3f917c217d32fc33bb4c2b87b9068efb5845c8eb666d8d5d\globalmount) failed with error: rpc error: code = Unknown desc = NewSmbGlobalMapping failed. output: "New-SmbGlobalMapping : The network path was not found. \r\nAt line:1 char:190\r\n+ ... ser, $PWord;New-SmbGlobalMapping -RemotePath $Env:smbremotepath -Cred ...\r\n+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n + CategoryInfo : NotSpecified: (MSFT_SmbGlobalMapping:ROOT/Microsoft/...mbGlobalMapping) [New-SmbGlobalMa \r\n pping], CimException\r\n + FullyQualifiedErrorId : Windows System Error 53,New-SmbGlobalMapping\r\n \r\n", err: exit status 1

英文:

I have a cluster with nodes that are windows based. I followed this Using SMB CSI Driver on Amazon EKS Windows nodes | Microsoft Workloads on AWS but when I deployed the Windows pod (step 5.6), the pods are in pending state. This is the Warning I got:

Reason: FailedMount

From: kublet

Message:

  1. MountVolume.MountDevice failed for volume "pv-smb" : rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix C:\\var\\lib\\kubelet\\plugins\\smb.csi.k8s.io\\csi.sock: connect: No connection could be made because the target machine actively refused it."

  2. Unable to attach or mount volumes: unmounted volumes=[smb], unattached volumes=[smb kube-api-access-5v5p6]: timed out waiting for the condition

I would appreciate if anyone would help me out on this. Thank you 如何修复在EKS中使用FSx作为持久卷时出现的问题?

EDIT: After checking the connectivity and security group which was fixed, ended up with another error:

MountVolume.MountDevice failed for volume "pv-smb" : rpc error: code = Internal desc = volume(FSx_id) mount "//Fsx_id.AD_DNS_name/share" on "\var\lib\kubelet\plugins\kubernetes.io\csi\smb.csi.k8s.io\da35e2ac08d4bd6b3f917c217d32fc33bb4c2b87b9068efb5845c8eb666d8d5d\globalmount" failed with NewSmbGlobalMapping(\Fsx_id.AD_DNS_name\share, c:\var\lib\kubelet\plugins\kubernetes.io\csi\smb.csi.k8s.io\da35e2ac08d4bd6b3f917c217d32fc33bb4c2b87b9068efb5845c8eb666d8d5d\globalmount) failed with error: rpc error: code = Unknown desc = NewSmbGlobalMapping failed. output: "New-SmbGlobalMapping : The network path was not found. \r\nAt line:1 char:190\r\n+ ... ser, $PWord;New-SmbGlobalMapping -RemotePath $Env:smbremotepath -Cred ...\r\n+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n + CategoryInfo : NotSpecified: (MSFT_SmbGlobalMapping:ROOT/Microsoft/...mbGlobalMapping) [New-SmbGlobalMa \r\n pping], CimException\r\n + FullyQualifiedErrorId : Windows System Error 53,New-SmbGlobalMapping\r\n \r\n", err: exit status 1

答案1

得分: 1

以下是您要翻译的内容:

- missing driver:
C:\var\lib\kubelet\plugins\smb.csi.k8s.io\csi.sock 存在于 Windows 节点上。您可以 SSH 进入 Windows 节点,检查文件是否存在。如果缺失,表示 CSI 驱动安装存在问题。

- network connection, firewall, security group issues:
测试从 Windows 节点连接到 SMB 共享的连通性。您可以使用诸如 Test-NetConnection 的工具进行测试:Test-NetConnection -Port

根据错误消息,我理解可能涉及安全组和网络访问问题。

如果您已经测试过这些并检查了安全规则,请提供更多详细信息以进行故障排除。

--- 编辑上述问题后 ---

  • 验证 FSx 访问权限
  • 检查凭据和身份验证:确保用于访问 FSx 文件系统的凭据有效,并具有必要的权限。
  • 查看 SMB 配置:仔细检查 SMB(Server Message Block)挂载的配置参数。确保共享路径准确无误,以及所有必要的与 SMB 相关的设置,如身份验证方法和访问控制,都正确配置。
  • 检查此教程以逐步指南,以查看是否遗漏了什么。https://aws.amazon.com/blogs/storage/accessing-smb-file-shares-remotely-with-amazon-fsx-for-windows-file-server/
英文:

Some possible reasons:

- missing driver:
C:\var\lib\kubelet\plugins\smb.csi.k8s.io\csi.sock exists on the Windows nodes. You can SSH into the Windows nodes and check if the file is present. If it's missing, it indicates an issue with the CSI driver installation.

- network connection, firewall, security group issues:
Test the connectivity to the SMB share from a Windows node. You cand use tools like Test-NetConnection: Test-NetConnection -Port <port>.

As far as I understand from the error message it is probably security groups and network access issue.

If you already tested these and checked security rules, please provide more details to troubleshoot.

--- After Edit of Question Above ---

  • Verify FSx access permissions
  • Check credentials and authentication: Ensure that the credentials used to access the FSx file system are valid and have the necessary permissions.
  • Review the SMB configuration: Double-check the configuration parameters for the SMB (Server Message Block) mount. Make sure the share path is accurate, and all necessary SMB-related settings, such as authentication methods and access control, are properly configured.
  • check this tutorial for step by step instructions to see if you are missing something. https://aws.amazon.com/blogs/storage/accessing-smb-file-shares-remotely-with-amazon-fsx-for-windows-file-server/

huangapple
  • 本文由 发表于 2023年5月25日 23:03:50
  • 转载请务必保留本文链接:https://go.coder-hub.com/76333766.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定