在K8s集群测试环境中通过helm工具安装prometheus-operator
来监控集群状态时,经过反复的操作,删除导致helm中的release都删除了,但是K8s中却存在相应的资源未当清除,从而导致了以下问题的发生。
错误信息提示如下:
[root@k8s-master prometheus-operator]# helm install prometheus-operator .
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
Error: rendered manifests contain a resource that already exists. Unable to continue with install: existing resource conflict: namespace: , name: prometheus-operator-grafana, existing_kind: policy/v1beta1, Kind=PodSecurityPolicy, new_kind: policy/v1beta1, Kind=PodSecurityPolicy
根据上面错误提示有以下几个地方需要留意:
PodSecurityPolicy,policy,namespace,resource,manifests 大致对应的资源信息就是下面要操作的。就是要把之前创建的相关资源都删除了。
此方法并非适合所有同学,因为每个人的环境,操作不同,但是本人遇到的问题通过此方法(非常麻烦)解决了。
helm3版本
[root@k8s-master prometheus-operator]# helm version
version.BuildInfo{Version:"v3.1.2", GitCommit:"d878d4d45863e42fd5cff6743294a11d28a9abce", GitTreeState:"clean", GoVersion:"go1.13.8"}
确定是否已经有正在运行的release
[root@k8s-master prometheus-operator]# helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
检查Kubernetes以下几个资源清单,是否存在相应的记录
[root@k8s-master prometheus-operator]# kubectl get svc,po,secrets -L owner-helm
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE OWNER-HELM
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 28h
NAME TYPE DATA AGE OWNER-HELM
secret/alertmanager-prometheus-operator-alertmanager Opaque 1 96m
secret/default-token-khmnl kubernetes.io/service-account-token 3 28h
secret/prometheus-operator-admission Opaque 3 5h29m
secret/prometheus-operator-alertmanager-token-8mhf9 kubernetes.io/service-account-token 3 96m
secret/prometheus-operator-grafana Opaque 3 96m
secret/prometheus-operator-grafana-test-token-jwcdp kubernetes.io/service-account-token 3 96m
secret/prometheus-operator-grafana-token-g877w kubernetes.io/service-account-token 3 96m
secret/prometheus-operator-kube-state-metrics-token-pb65r kubernetes.io/service-account-token 3 96m
secret/prometheus-operator-operator-token-kchbp kubernetes.io/service-account-token 3 96m
secret/prometheus-operator-prometheus-node-exporter-token-5ngmp kubernetes.io/service-account-token 3 96m
secret/prometheus-operator-prometheus-token-f7hmd kubernetes.io/service-account-token 3 96m
可以看出上面的secret资源列表中包含了多个资源,这些资源因为已经存在了,所以在使用helm安装prometheus-operator
就会出现上面的提示。
由于涉及到的资源比较多,这里不做详细的列出,
删除serviceaccounts
kubectl delete serviceaccounts -l heritage=Helm
kubectl delete serviceaccounts -l app.kubernetes.io/managed-by=Helm
删除configmaps
kubectl delete configmaps -l app.kubernetes.io/name=grafana
kubectl delete configmaps -l release=prometheus-operator
删除admissionregistration
kubectl delete mutatingwebhookconfigurations.admissionregistration.k8s.io prometheus-operator-admission
删除clusterroles
kubectl delete clusterroles.rbac.authorization.k8s.io -l release=prometheus-operator
kubectl delete clusterroles.rbac.authorization.k8s.io -l app.kubernetes.io/managed-by=Helm
删除clusterrolebindings
kubectl delete clusterrolebindings.rbac.authorization.k8s.io -l heritage=Helm
kubectl delete clusterrolebindings.rbac.authorization.k8s.io -l app.kubernetes.io/managed-by=Helm
删除podsecuritypolicies.policy
kubectl delete podsecuritypolicies.policy -l app.kubernetes.io/managed-by=Helm
kubectl delete podsecuritypolicies.policy -l heritage=Helm
删除validatingwebhookconfigurations
kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io prometheus-operator-admission
出现这类情况是因为以前有创建过相应的资源,但是通过手动删除的方式,并未完全删除导致。建议通过配置文件的方式来删除,如果是通过helm install
安装的,则可以通过uninstall
来实现反安装即可。