Столкновение с ошибкой crashloopback при попытке установить falco

Пытался установить falco с помощью helm. Когда я проверил свои поды с помощью kubectl get pods, мои стручки Falco показывают ошибку crashloopbackoff. Когда я проверил мои события с помощью kubectl describe pod, он показывает следующее:

      Name:         falco-xvjv8
Namespace:    default
Priority:     0
Node:         minikube/192.168.49.2
Start Time:   Mon, 30 Aug 2021 14:16:19 +0530
Labels:       app=falco
              controller-revision-hash=657444bc8
              pod-template-generation=1
              role=security
Annotations:  checksum/certs: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
              checksum/config: b3e7235ffa87a7967af2b7acfb01e2f827cc2f50b18c466f64c6bb64b386244b
              checksum/rules: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Status:       Running
IP:           172.17.0.2
IPs:
  IP:           172.17.0.2
Controlled By:  DaemonSet/falco
Containers:
  falco:
    Container ID:  docker://13612f380312475a98855f99e68397e8d2bcd33f42b8cae31af3dbc2a01a8d4f
    Image:         docker.io/falcosecurity/falco:0.29.1
    Image ID:      docker-pullable://falcosecurity/falco@sha256:626eb862a90e2935417a4e523562e009c0d710af1fa0877eda065cae5ed19817
    Port:          <none>
    Host Port:     <none>
    Args:
      /usr/bin/falco
      --cri
      /run/containerd/containerd.sock
      -K
      /var/run/secrets/kubernetes.io/serviceaccount/token
      -k
      https://$(KUBERNETES_SERVICE_HOST)
      -pk
    State:          Waiting
      Reason:       CrashLoopBackOff
    Last State:     Terminated
      Reason:       Error
      Exit Code:    1
      Started:      Mon, 30 Aug 2021 14:17:19 +0530
      Finished:     Mon, 30 Aug 2021 14:17:20 +0530
    Ready:          False
    Restart Count:  3
    Limits:
      cpu:     1
      memory:  1Gi
    Requests:
      cpu:        100m
      memory:     512Mi
    Liveness:     http-get http://:8765/healthz delay=60s timeout=5s period=15s #success=1 #failure=3
    Readiness:    http-get http://:8765/healthz delay=30s timeout=5s period=15s #success=1 #failure=3
    Environment:  <none>
    Mounts:
      /etc/falco from config-volume (rw)
      /host/boot from boot-fs (ro)
      /host/dev from dev-fs (ro)
      /host/etc from etc-fs (ro)
      /host/lib/modules from lib-modules (rw)
      /host/proc from proc-fs (ro)
      /host/run/containerd/containerd.sock from containerd-socket (rw)
      /host/usr from usr-fs (ro)
      /host/var/run/docker.sock from docker-socket (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from falco-token-jssjc (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             False 
  ContainersReady   False 
  PodScheduled      True 
Volumes:
  docker-socket:
    Type:          HostPath (bare host directory volume)
    Path:          /var/run/docker.sock
    HostPathType:  
  containerd-socket:
    Type:          HostPath (bare host directory volume)
    Path:          /run/containerd/containerd.sock
    HostPathType:  
  dev-fs:
    Type:          HostPath (bare host directory volume)
    Path:          /dev
    HostPathType:  
  proc-fs:
    Type:          HostPath (bare host directory volume)
    Path:          /proc
    HostPathType:  
  boot-fs:
    Type:          HostPath (bare host directory volume)
    Path:          /boot
    HostPathType:  
  lib-modules:
    Type:          HostPath (bare host directory volume)
    Path:          /lib/modules
    HostPathType:  
  usr-fs:
    Type:          HostPath (bare host directory volume)
    Path:          /usr
    HostPathType:  
  etc-fs:
    Type:          HostPath (bare host directory volume)
    Path:          /etc
    HostPathType:  
  config-volume:
    Type:      ConfigMap (a volume populated by a ConfigMap)
    Name:      falco
    Optional:  false
  falco-token-jssjc:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  falco-token-jssjc
    Optional:    false
QoS Class:       Burstable
Node-Selectors:  <none>
Tolerations:     node-role.kubernetes.io/master:NoSchedule
                 node.kubernetes.io/disk-pressure:NoSchedule op=Exists
                 node.kubernetes.io/memory-pressure:NoSchedule op=Exists
                 node.kubernetes.io/not-ready:NoExecute op=Exists
                 node.kubernetes.io/pid-pressure:NoSchedule op=Exists
                 node.kubernetes.io/unreachable:NoExecute op=Exists
                 node.kubernetes.io/unschedulable:NoSchedule op=Exists
Events:
  Type     Reason     Age                From               Message
  ----     ------     ----               ----               -------
  Normal   Scheduled  85s                default-scheduler  Successfully assigned default/falco-xvjv8 to minikube
  Normal   Pulled     26s (x4 over 76s)  kubelet            Container image "docker.io/falcosecurity/falco:0.29.1" already present on machine
  Normal   Created    24s (x4 over 75s)  kubelet            Created container falco
  Normal   Started    24s (x4 over 74s)  kubelet            Started container falco
  Warning  BackOff    7s (x11 over 68s)  kubelet            Back-off restarting failed container

Я долго застревал с этой ошибкой. В чем может быть причина этой ошибки?

Источник

0 ответов

Другие вопросы по тегам