K3s - Kaniko - Error -The Pod "kaniko-demo" is invalid

Question

during my internship, I have to launch a build on kubernetes. My setup is with K3s.

I must have an error in my deployment file, do you have an explanation please?

Thank you.

deployment.yml

---
kind: Namespace
apiVersion: v1
metadata:
  name: demo
  labels:
    name: demo
---
kind: Pod
apiVersion: v1
metadata:
  name: kaniko-demo
  namespace: demo
spec:
  containers:
    - name: kaniko-demo
      image: gcr.io/kaniko-project/executor:latest
      args:
        [
          "--dockerfile=Dockerfile_Kubernetes01",
          "--context=dir:///context",
          "--cache=true",
          "--destination=reg.gitlab.reewayy.io/incubator/npivaut/k3s_kaniko",
          "--cache=true",
          "--cache-dir=/cache",
        ]
      volumeMounts:
        - name: kaniko-secret
          mountPath: /kaniko/.docker
        - name: kaniko-context
          mountPath: /context
        - name: kaniko-cache
          mountPath: /cache
  restartPolicy: Never
  volumes:
    - name: kaniko-secret
      secret:
        secretName: regcred
        items:
          - key: .dockerconfigjson
            path: config.json
    - name: kaniko-context
      hostPath:
        path: /tmp/kaniko_context
    - name: kaniko-context
      hostPath:
        path: /tmp/kaniko_cache

kubectl apply -f /home/nicolas/demo-reewayy/k3s/kubernetes-deployment-01.yaml 
namespace/demo unchanged
The Pod "kaniko-demo" is invalid: 
* spec.volumes[2].name: Duplicate value: "kaniko-context"
* spec.containers[0].volumeMounts[2].name: Not found: "kaniko-cache"

Dockerfile

FROM alpine/git as source
COPY deployment_key /root/.ssh/id_rsa
RUN git clone ssh://git@gitlab.reewayy.io:32222/incubator/npivaut.git ;\
    cd /git/npivaut && git pull


FROM gradle:7.5.1-jdk17-focal as build
COPY --from=source /git/demo-reewayy /home/gradle/project
USER gradle
WORKDIR /home/gradle/project
RUN gradle :assemble

FROM ibm-semeru-runtimes:open-17-jre-jammy
RUN mkdir /opt/reewayy/demo-reewayy
COPY --from=build /home/gradle/project/build/libs/demo-0.0.1-SNAPSHOT.jar /opt/reewayy/demo/demo-0.0.1-SNAPSHOT.jar
COPY --from=build /home/gradle/project/src/main/resources/application.properties /opt/reewayy/demo/application.properties
RUN useradd -s /bin/bash -u 1000 -U -m -d /home/reewayy reewayy && chown -R reewayy.reewayy /opt/reewayy/
USER reewayy
CMD ["java","-jar","/opt/reewayy/demo-reewayy/demo-0.0.1-SNAPSHOT.jar"]

My internship mentor told me to optimize the deployment file but I have trouble understanding the error...

Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. — Community, Nov 17 '22 at 01:10
kubectl apply -f /home/nicolas/demo-reewayy/k3s/kubernetes-deployment-01.yaml namespace/demo unchanged pod/kaniko configured nicolas@PC-AMD:~$ kubectl -n demo logs kaniko --follow Error from server (BadRequest): container "kaniko" in pod "kaniko" is waiting to start: ContainerCreating — npivaut, Nov 18 '22 at 08:46

score 0 · Answer 1 · answered Nov 20 '22 at 08:45

The error message tells it all:

The Pod "kaniko-demo" is invalid: 
* spec.volumes[2].name: Duplicate value: "kaniko-context"
* spec.containers[0].volumeMounts[2].name: Not found: "kaniko-cache"

You have two volumes with the same name, and one of the volumeMounts referring to a non-existing volume.

You should use:

kind: Pod
apiVersion: v1
spec:
  containers:
    - name: kaniko-demo
...
      volumeMounts:
        - name: kaniko-secret
          mountPath: /kaniko/.docker
        - name: kaniko-context
          mountPath: /context
        - name: kaniko-cache
          mountPath: /cache
...
  volumes:
    - name: kaniko-secret
      secret:
        secretName: regcred
        items:
          - key: .dockerconfigjson
            path: config.json
    - name: kaniko-context
      hostPath:
        path: /tmp/kaniko_context
    - name: kaniko-cache  ### <- fix that one!
      hostPath:
        path: /tmp/kaniko_cache

score 0 · Answer 2 · answered Nov 21 '22 at 10:57

Thanks for the leads. I understand a little better. My mentor told me in passing that I could remove the _cache. I will try to solve the rest of my errors which I strangely did not have before.

The Pod "kaniko-demo" is invalid: spec: Forbidden: pod updates may not change fields other than `spec.containers[*].image`, `spec.initContainers[*].image`, `spec.activeDeadlineSeconds`, `spec.tolerations` (only additions to existing tolerations) or `spec.terminationGracePeriodSeconds` (allow it to be set to 1 if it was previously negative)
  core.PodSpec{
    Volumes: []core.Volume{
        {
            Name: "kaniko-secret",
            VolumeSource: core.VolumeSource{
                ... // 3 identical fields
                AWSElasticBlockStore: nil,
                GitRepo:              nil,
                Secret: &core.SecretVolumeSource{
-                   SecretName:  "reg-credentials",
+                   SecretName:  "regcred",
                    Items:       {{Key: ".dockerconfigjson", Path: "config.json"}},
                    DefaultMode: &420,
                    Optional:    nil,
                },
                NFS:   nil,
                ISCSI: nil,
                ... // 21 identical fields
            },
        },
+       {
+           Name:         "kaniko-context",
+           VolumeSource: core.VolumeSource{HostPath: &core.HostPathVolumeSource{Path: "/tmp/kaniko_context", Type: &""}},
+       },
        {Name: "kube-api-access-5pptr", VolumeSource: {Projected: &{Sources: {{ServiceAccountToken: &{ExpirationSeconds: 3607, Path: "token"}}, {ConfigMap: &{LocalObjectReference: {Name: "kube-root-ca.crt"}, Items: {{Key: "ca.crt", Path: "ca.crt"}}}}, {DownwardAPI: &{Items: {{Path: "namespace", FieldRef: &{APIVersion: "v1", FieldPath: "metadata.namespace"}}}}}}, DefaultMode: &420}}},
    },
    InitContainers: nil,
    Containers: []core.Container{
        {
-           Name:    "kaniko",
+           Name:    "kaniko-demo",
            Image:   "gcr.io/kaniko-project/executor:latest",
            Command: nil,
            Args: []string{
-               "--dockerfile=Dockerfile_Kubernetes01",
+               "--dockerfile=Dockerfileun",
                "--context=dir:///context",
                "--cache=true",
                ... // 3 identical elements
            },
            WorkingDir: "",
            Ports:      nil,
            EnvFrom:    nil,
            Env:        nil,
            Resources:  {},
            VolumeMounts: []core.VolumeMount{
                {Name: "kaniko-secret", MountPath: "/kaniko/.docker"},
                {
-                   Name:             "kube-api-access-5pptr",
+                   Name:             "kaniko-context",
-                   ReadOnly:         true,
+                   ReadOnly:         false,
-                   MountPath:        "/var/run/secrets/kubernetes.io/serviceaccount",
+                   MountPath:        "/context",
                    SubPath:          "",
                    MountPropagation: nil,
                    SubPathExpr:      "",
                },
            },
            VolumeDevices: nil,
            LivenessProbe: nil,
            ... // 10 identical fields
        },
    },
    EphemeralContainers: nil,
    RestartPolicy:       "Never",
    ... // 26 identical fields

K3s - Kaniko - Error -The Pod "kaniko-demo" is invalid

2 Answers2