Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Chapter 1. Troubleshooting RuntimeClass
Diagnose and resolve common build configuration errors related to RuntimeClass isolation. Identifying these issues ensures that builds run in the intended isolated environments and helps maintain cluster security.
1.1. Resolving build failures with RuntimeClassNameNotValid
If the runtimeClassName value violates DNS subdomain naming conventions, the Build or BuildRun status is set to RuntimeClassNameNotValid.
Procedure
Run the following command to check the build status:
$ oc get build buildah-build-kata -o jsonpath='{.status.reason}'To fix this issue, update the
runtimeClassNameto use only lowercase alphanumeric characters, dots (.), or hyphens (-), and ensure it begins and ends with an alphanumeric character.The following example output displays the invalid names:
runtimeClassName: My_Runtime! # Invalid: uppercase, underscore, and special character
runtimeClassName: Kata # Invalid: uppercase letter
runtimeClassName: -kata # Invalid: starts with hyphen+ The following example output displays the valid names:
runtimeClassName: kata # Valid
runtimeClassName: gvisor.runsc # Valid: contains dot
runtimeClassName: kata-containers # Valid: contains hyphen1.2. Resolving build pods in Pending state
When a build pod fails to schedule, examine the pod events for diagnostic details to identify the root cause.
Procedure
Run the following command to examine the pod events:
$ oc describe pod <build-pod-name>Identify any
FailedSchedulingevents, which often result from the following scenarios:The
Buildvalidation only checks string format, a name that is syntactically valid but refers to a missingRuntimeClasswill fail during scheduling. Run the following command to verify the resource exists:$ oc get runtimeclass kataThe targeted nodes must have the Kata runtime properly installed. Confirm the
KataConfigstatus and node readiness:$ oc get kataconfig -o yamlCheck
status.installationStatusto ensure the installation on worker nodes was successful.The operator-managed
kataruntimeClass applies anode-role.kubernetes.io/kata-oc: ""selector. If your build configuration defines additional selectors, they must intersect with theruntimeClassrequirements. Verify node labels:$ oc get nodes --show-labels | grep kata
1.3. Resolve buildRun failures with BuildRunBuildFieldOverrideForbidden
The BuildRunBuildFieldOverrideForbidden error occurs if you try to set runtimeClassName on a BuildRun that has an embedded spec.build.spec rather than a reference to a named Build.
Procedure
Run the following command to check the
BuildRunstatus message:$ oc get buildrun <buildrun-name> -o jsonpath='{.status.conditions[0].message}'To resolve this issue, use one of the following methods:
Define the
runtimeClassNamedirectly within the inlinespec.build.specblock:apiVersion: shipwright.io/v1beta1 kind: BuildRun spec: build: spec: # ... source and strategy fields ... runtimeClassName: kataReference a standalone
Buildby name to use the override field:apiVersion: shipwright.io/v1beta1 kind: BuildRun spec: build: name: buildah-build-kata runtimeClassName: kata
1.4. Resolving build pod failures with RuntimeClass not found error
If events report that the runtimeClass is missing, the operator setup might be incomplete.
Procedure
Confirm the operator is active:
$ oc get csv -n openshift-sandboxed-containers-operatorCheck the
KataConfiginstallation status:$ oc get kataconfig -o jsonpath='{.items[0].status.installationStatus}'- Ensure all worker nodes have completed the mandatory reboot process.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}