Kubernetes has been widely adopted by organizations and companies thanks to its powerful feature for deploying and managing containerized applications. It provides a scalable solution for container management and flexibility that allow you to use in multi-cloud platforms as well. However, as it covers a broad range of aspects of containers, the breadth of potential problems also becomes large.
Let’s take a look at CreateContainerConfigError, a common Kubernetes error.
What is CreateContainerConfigError?
CreateContainerConfigError often happens when you have a missing ConfigMap or Secret needed to start a container. To resolve these issues, we first need to understand what they are.
A ConfigMap is an API object that contains non-sensitive data in key-value pairs. ConfigMaps can be used by pods as environment variables, command line arguments, or as configuration files. A ConfigMap allows you to decouple broad environment-specific configuration from your container images. This helps your applications to be easily portable.
A Kubernetes Secret is an object that stores confidential data such as passwords, tokens, and keys. This sensitive information, without Secret, may be put in a pod specification or in a container image. With Kubernetes secret, you can pull your sensitive data from a central location without having to put them within your application code. Kubernetes Secrets are conceptually similar to ConfigMap but Secrets are for confidential information.
How to debug CreateContainerConfigError
We can use kubectl to check the status of pods. Try the following command.
This command will return pod name and pod’s status. In one of pod’s status sections, CreateContainerConfigError will appear. This command allows us to pinpoint which pod is experiencing the error. Note the pod name and try the following command.
In the pod_name section, replace it with the problematic pod name. This will tell you more details about your error in that pod. To view the information of ConfigMap, try:
The output of the command may be null, which means your ConfigMap setting is not correct. What we need to do next is to check the pod definition file and create ConfigMap. Within your definition file, check the configMapKeyRef section that looks like:
Among the values, check the name value that is, in this case, “pod-config”. Now, we need to create a ConfigMap file named after “pod-config”. To do so,
This will create a new config file. Now, let’s apply it by:
To check the ConfigMap we just created, execute this command again:
This will show the name of your config correctly mapped. Lastly, let’s check your pod’s status again by:
When you successfully created the ConfigMap, the status should appear as “Running”. This should resolve the problem caused by incorrect ConfigMap.
As pointed out, when your Kubernetes Secret is missing, your pod can be stuck at ContainerCreating status. Let’s have a look at how to resolve it. Just like we did above, we can start by executing:
The status will show that your pod is in a ContainerCreating state. Note the pod’s name and run “kubectl describe” as below.
In the output, check if there is any secret related error in the message section like below.
To see the secret information, try:
As the error message told us, your secret information is missing so the command will show an empty result. Let’s create a new one.
Then, create a secret file that looks like below.
Now, run “kubectl get secret” to get information about the secret you created. This will show you the new secret. Finally, let’s check the status of the pod whose previous status was in ContainerCreating.
When things are correctly configured, the status should appear as “Running”