-
Notifications
You must be signed in to change notification settings - Fork 94
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bind() to unix:/var/run/nginx/nginx-status.sock failed (98: Address in use) #1532
Comments
This configuration is invalid. ...
lifecycle:
preStop:
exec:
command:
- /bin/sleep
- "40 ; nginx -s stop"
... Need to be resolved before startup containers:
- command: ["/bin/sh", "-c"]
args:
[
"rm -rf /var/run/nginx/* /var/lib/nginx/*.sock
;/docker-entrypoint.sh nginx -g 'daemon off;'",
] |
Modified Configuration List apiVersion: v1
kind: Namespace
metadata:
name: nginx-gateway
---
# Source: nginx-gateway-fabric/templates/rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: nginx-gateway
namespace: nginx-gateway
labels:
app.kubernetes.io/name: nginx-gateway
app.kubernetes.io/instance: nginx-gateway
app.kubernetes.io/version: "1.0.0"
annotations: {}
---
# Source: nginx-gateway-fabric/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: nginx-gateway
labels:
app.kubernetes.io/name: nginx-gateway
app.kubernetes.io/instance: nginx-gateway
app.kubernetes.io/version: "1.0.0"
rules:
- apiGroups:
- ""
resources:
- namespaces
- services
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
verbs:
- list
- watch
- apiGroups:
- gateway.networking.k8s.io
resources:
- gatewayclasses
- gateways
- httproutes
- referencegrants
verbs:
- list
- watch
- apiGroups:
- gateway.networking.k8s.io
resources:
- httproutes/status
- gateways/status
- gatewayclasses/status
verbs:
- update
- apiGroups:
- gateway.nginx.org
resources:
- nginxgateways
verbs:
- get
- list
- watch
- apiGroups:
- gateway.nginx.org
resources:
- nginxgateways/status
verbs:
- update
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- get
- update
---
# Source: nginx-gateway-fabric/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: nginx-gateway
labels:
app.kubernetes.io/name: nginx-gateway
app.kubernetes.io/instance: nginx-gateway
app.kubernetes.io/version: "1.0.0"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nginx-gateway
subjects:
- kind: ServiceAccount
name: nginx-gateway
namespace: nginx-gateway
---
# Source: nginx-gateway-fabric/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-gateway
namespace: nginx-gateway
labels:
app.kubernetes.io/name: nginx-gateway
app.kubernetes.io/instance: nginx-gateway
app.kubernetes.io/version: "1.0.0"
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: nginx-gateway
app.kubernetes.io/instance: nginx-gateway
template:
metadata:
labels:
app.kubernetes.io/name: nginx-gateway
app.kubernetes.io/instance: nginx-gateway
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9113"
spec:
containers:
- args:
- static-mode
- --gateway-ctlr-name=gateway.nginx.org/nginx-gateway-controller
- --gatewayclass=nginx
- --config=nginx-gateway-config
- --service=nginx-gateway
- --metrics-port=9113
- --health-port=8081
- --leader-election-lock-name=nginx-gateway-leader-election
env:
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
image: docker.chenpeicheng.top/nginxinc/nginx-gateway-fabric:1.0.0
imagePullPolicy: IfNotPresent
name: nginx-gateway
lifecycle:
preStop:
exec:
command:
- /usr/bin/gateway
- sleep
- --duration=40s # This flag is optional, the default is 30s
ports:
- name: metrics
containerPort: 9113
- name: health
containerPort: 8081
readinessProbe:
httpGet:
path: /readyz
port: health
initialDelaySeconds: 3
periodSeconds: 1
securityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- KILL
drop:
- ALL
readOnlyRootFilesystem: true
runAsUser: 102
runAsGroup: 1001
volumeMounts:
- name: nginx-conf
mountPath: /etc/nginx/conf.d
- name: nginx-secrets
mountPath: /etc/nginx/secrets
- name: nginx-run
mountPath: /var/run/nginx
- image: docker.chenpeicheng.top/nginxinc/nginx-gateway-fabric/nginx:1.0.0
imagePullPolicy: IfNotPresent
name: nginx
command: ["/bin/sh", "-c"]
args:
[
"rm -rf /var/run/nginx/* /var/lib/nginx/*.sock
;/docker-entrypoint.sh nginx -g 'daemon off;'",
]
lifecycle:
preStop:
exec:
command:
- /bin/sleep
- "40"
ports:
- containerPort: 80
name: http
- containerPort: 443
name: https
securityContext:
capabilities:
add:
- NET_BIND_SERVICE
drop:
- ALL
readOnlyRootFilesystem: true
runAsUser: 101
runAsGroup: 1001
volumeMounts:
- name: nginx-conf
mountPath: /etc/nginx/conf.d
- name: nginx-secrets
mountPath: /etc/nginx/secrets
- name: nginx-run
mountPath: /var/run/nginx
- name: nginx-cache
mountPath: /var/cache/nginx
- name: nginx-lib
mountPath: /var/lib/nginx
terminationGracePeriodSeconds: 30
serviceAccountName: nginx-gateway
shareProcessNamespace: true
securityContext:
fsGroup: 1001
runAsNonRoot: true
volumes:
- name: nginx-conf
emptyDir: {}
- name: nginx-secrets
emptyDir: {}
- name: nginx-run
emptyDir: {}
- name: nginx-cache
emptyDir: {}
- name: nginx-lib
emptyDir: {}
---
# Source: nginx-gateway-fabric/templates/gatewayclass.yaml
apiVersion: gateway.networking.k8s.io/v1beta1
kind: GatewayClass
metadata:
name: nginx
labels:
app.kubernetes.io/name: nginx-gateway
app.kubernetes.io/instance: nginx-gateway
app.kubernetes.io/version: "1.0.0"
spec:
controllerName: gateway.nginx.org/nginx-gateway-controller
---
# Source: nginx-gateway-fabric/templates/nginxgateway.yaml
apiVersion: gateway.nginx.org/v1alpha1
kind: NginxGateway
metadata:
name: nginx-gateway-config
namespace: nginx-gateway
labels:
app.kubernetes.io/name: nginx-gateway
app.kubernetes.io/instance: nginx-gateway
app.kubernetes.io/version: "1.0.0"
spec:
logging:
level: info
|
Close work order. |
@chenpeicheng3804 thanks for reporting! This is similar to #1108 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
nginxinc/nginx-gateway-fabric/nginx:1.0.0
"nginx-gateway-fabric/nginx unexpectedly terminated, causing the nginx server to not delete the listen socket file, thus preventing it from restarting."
To Reproduce
Steps to reproduce the behavior:
Expected behavior
After unexpected termination of nginx, delete the server listen sock file.
or
The text was updated successfully, but these errors were encountered: