Comments (10)
@weilaaa 在k8s v21.2上成功部署Kubecube了,谢谢
from kubecube.
修改- --audit-log-path=/var/log/audit为- --audit-log-path=/var/log/audit/k8s-audit后
apiserver启动成功了,但是hnc-controller-manager部署不成功
from kubecube.
【错误报告】
from kubecube.
【错误报告(kubectl logs hnc-controller-manager-5555bd596-lx88n -n hnc-system -c manager)】
{"level":"info","ts":1634268171.6946642,"logger":"setup","msg":"Starting main.go:init()"}
{"level":"info","ts":1634268171.6962216,"logger":"setup","msg":"Finished main.go:init()"}
{"level":"info","ts":1634268171.696237,"logger":"setup","msg":"Parsing flags"}
{"level":"info","ts":1634268171.696259,"logger":"setup","msg":"Creating OpenCensus->Stackdriver exporter"}
{"level":"error","ts":1634268173.6966712,"logger":"setup","msg":"Could not create Stackdriver exporter","error":"stackdriver: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error\n\t/workspace/vendor/github.com/go-logr/zapr/zapr.go:132\nmain.main\n\t/workspace/cmd/manager/main.go:130\nruntime.main\n\t/usr/local/go/src/runtime/proc.go:203"}
{"level":"info","ts":1634268173.6968393,"logger":"setup","msg":"Creating Prometheus exporter"}
{"level":"info","ts":1634268173.6969576,"logger":"setup","msg":"Configuring controller-manager"}
{"level":"info","ts":1634268173.793593,"logger":"controller-runtime.metrics","msg":"metrics server is starting to listen","addr":":8080"}
{"level":"info","ts":1634268173.793737,"logger":"setup","msg":"Starting certificate generation"}
{"level":"info","ts":1634268173.7938797,"logger":"setup","msg":"Starting manager"}
{"level":"info","ts":1634268173.7939167,"logger":"setup","msg":"Waiting for certificate generation to complete"}
{"level":"info","ts":1634268173.7940316,"logger":"controller-runtime.manager","msg":"starting metrics server","path":"/metrics"}
{"level":"info","ts":1634268173.794067,"logger":"controller-runtime.manager.controller.cert-rotator","msg":"Starting EventSource","source":{}}
{"level":"info","ts":1634268173.7941291,"logger":"cert-rotation","msg":"starting cert rotator controller"}
{"level":"info","ts":1634268173.8944368,"logger":"controller-runtime.manager.controller.cert-rotator","msg":"Starting EventSource","source":{}}
{"level":"info","ts":1634268173.8952234,"logger":"cert-rotation","msg":"no cert refresh needed"}
{"level":"info","ts":1634268173.895308,"logger":"cert-rotation","msg":"certs are ready in /tmp/k8s-webhook-server/serving-certs"}
{"level":"info","ts":1634268173.9948213,"logger":"controller-runtime.manager.controller.cert-rotator","msg":"Starting Controller"}
{"level":"info","ts":1634268173.994867,"logger":"controller-runtime.manager.controller.cert-rotator","msg":"Starting workers","worker count":1}
{"level":"error","ts":1634268173.9951758,"logger":"cert-rotation","msg":"Webhook not found. Unable to update certificate.","name":"hnc-validating-webhook-configuration","gvk":"admissionregistration.k8s.io/v1, Kind=ValidatingWebhookConfiguration","error":"ValidatingWebhookConfiguration.admissionregistration.k8s.io \"hnc-validating-webhook-configuration\" not found"}
{"level":"info","ts":1634268175.27618,"logger":"cert-rotation","msg":"CA certs are injected to webhooks"}
{"level":"info","ts":1634268175.2762494,"logger":"setup","msg":"Registering validating webhook (won't work when running locally; use --novalidation)"}
{"level":"info","ts":1634268175.2765014,"logger":"controller-runtime.webhook","msg":"registering webhook","path":"/validate-hnc-x-k8s-io-v1alpha2-hierarchyconfigurations"}
{"level":"info","ts":1634268175.2764978,"logger":"controller-runtime.webhook.webhooks","msg":"starting webhook server"}
{"level":"info","ts":1634268175.2766871,"logger":"controller-runtime.webhook","msg":"registering webhook","path":"/validate-objects"}
{"level":"info","ts":1634268175.276905,"logger":"controller-runtime.webhook","msg":"registering webhook","path":"/validate-hnc-x-k8s-io-v1alpha2-hncconfigurations"}
{"level":"info","ts":1634268175.276971,"logger":"controller-runtime.webhook","msg":"registering webhook","path":"/validate-hnc-x-k8s-io-v1alpha2-subnamespaceanchors"}
{"level":"info","ts":1634268175.2769911,"logger":"controller-runtime.certwatcher","msg":"Updated current TLS certificate"}
{"level":"info","ts":1634268175.2770362,"logger":"controller-runtime.webhook","msg":"registering webhook","path":"/validate-v1-namespace"}
{"level":"info","ts":1634268175.277063,"logger":"controller-runtime.webhook","msg":"serving webhook server","host":"","port":9443}
{"level":"info","ts":1634268175.2770677,"logger":"setup","msg":"Creating controllers","maxReconciles":10}
{"level":"info","ts":1634268175.2771666,"logger":"controller-runtime.certwatcher","msg":"Starting certificate watcher"}
{"level":"info","ts":1634268175.2773364,"logger":"setup","msg":"All controllers started; setup complete"}
{"level":"info","ts":1634268175.277407,"logger":"controller-runtime.manager.controller.hncconfiguration","msg":"Starting EventSource","reconciler group":"hnc.x-k8s.io","reconciler kind":"HNCConfiguration","source":"kind source: /, Kind="}
{"level":"info","ts":1634268175.2774987,"logger":"controller-runtime.manager.controller.hierarchyconfiguration","msg":"Starting EventSource","reconciler group":"hnc.x-k8s.io","reconciler kind":"HierarchyConfiguration","source":"kind source: /, Kind="}
{"level":"info","ts":1634268175.2775834,"logger":"controller-runtime.manager.controller.subnamespaceanchor","msg":"Starting EventSource","reconciler group":"hnc.x-k8s.io","reconciler kind":"SubnamespaceAnchor","source":"kind source: /, Kind="}
{"level":"error","ts":1634268175.2967594,"logger":"controller-runtime.source","msg":"if kind is a CRD, it should be installed before calling Start","kind":"HNCConfiguration.hnc.x-k8s.io","error":"no matches for kind \"HNCConfiguration\" in version \"hnc.x-k8s.io/v1alpha2\""}
{"level":"info","ts":1634268175.2970595,"logger":"cert-rotation","msg":"stopping cert rotator controller"}
{"level":"info","ts":1634268175.2970576,"logger":"controller-runtime.webhook","msg":"shutting down webhook server"}
{"level":"info","ts":1634268175.2970881,"logger":"controller-runtime.manager.controller.cert-rotator","msg":"Stopping workers"}
{"level":"error","ts":1634268175.3039055,"logger":"controller-runtime.source","msg":"if kind is a CRD, it should be installed before calling Start","kind":"HierarchyConfiguration.hnc.x-k8s.io","error":"no matches for kind \"HierarchyConfiguration\" in version \"hnc.x-k8s.io/v1alpha2\""}
{"level":"error","ts":1634268175.303953,"logger":"controller-runtime.manager","msg":"error received after stop sequence was engaged","error":"no matches for kind \"HierarchyConfiguration\" in version \"hnc.x-k8s.io/v1alpha2\""}
{"level":"error","ts":1634268175.639216,"logger":"controller-runtime.source","msg":"if kind is a CRD, it should be installed before calling Start","kind":"SubnamespaceAnchor.hnc.x-k8s.io","error":"no matches for kind \"SubnamespaceAnchor\" in version \"hnc.x-k8s.io/v1alpha2\""}
{"level":"error","ts":1634268175.639286,"logger":"controller-runtime.manager","msg":"error received after stop sequence was engaged","error":"no matches for kind \"SubnamespaceAnchor\" in version \"hnc.x-k8s.io/v1alpha2\""}
{"level":"error","ts":1634268175.6392715,"logger":"setup","msg":"problem running manager","error":"no matches for kind \"HNCConfiguration\" in version \"hnc.x-k8s.io/v1alpha2\"","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error\n\t/workspace/vendor/github.com/go-logr/zapr/zapr.go:132\nmain.main\n\t/workspace/cmd/manager/main.go:204\nruntime.main\n\t/usr/local/go/src/runtime/proc.go:203"}
from kubecube.
【我的/etc/kubecub/manifests/install.conf配置文件如下】
INSTALL_KUBECUBE_PIVOT="true"
# if install kubecube on member cluster
INSTALL_KUBECUBE_MEMBER="false"
# if install k8s
INSTALL_KUBERNETES="false"
# there are four node mode below:
# "master" : node will be installed as a master of cluster
# "node-join-master" : node will be install as a worker of cluster to join master
# "control-plane-master" : node will be installed as a master to control plane of cluster
# "node-join-control-plane" : node will be installed as a master to join control plane
NODE_MODE="master"
# +optional
# must be set when INSTALL_KUBECUBE_MEMBER="true"
# this value is the name of member cluster you
# want to take over
MEMBER_CLUSTER_NAME=""
# +optional
# must be set when NODE_MODE="control-plane-master"
# or "node-join-control-plane"
CONTROL_PLANE_ENDPOINT="" #{ip}:{port} , dns
# master ip means master node ip of cluster
MASTER_IP="10.206.0.3"
# +optional
# KUBECUBE_HOST must be set when as a member cluster to
# join pivot cluster, the value is pivot node ip
KUBECUBE_HOST=""
# zone has two choice
# 1. "cn" : in mainland
# 2. "others" : out of mainland
ZONE="cn"
# k8s version you want to install
KUBERNETES_VERSION="1.22.1"
# +optional
# the user who can access master node, it can be empty
# when NODE_MODE="master" or "control-plane-master"
SSH_USER="root"
# +optional
# the port specified to access master node, it can be empty
# when NODE_MODE="master" or "control-plane-master"
SSH_PORT=22
# +optional
# must be empty when ACCESS_PRIVATE_KEY_PATH set
# password for master user to access master node
ACCESS_PASSWORD=""
# +optional
# must be empty when ACCESS_PASSWORD set
# ACCESS_PRIVATE_KEY for master user to access master node
ACCESS_PRIVATE_KEY_PATH="/root/.ssh/id_rsa"
from kubecube.
你好,根据你的配置看,你使用的是 k8s 1.22 的版本,该版本移除了 ingress、IngressClass、Lease、APIService、ValidatingWebhookConfiguration、MutatingWebhookConfiguration、CustomResourceDefinition、TokenReview、SubjectAccessReview 和 CertificateSigningRequest API 的 beta 版本,所以目前的 kubecube 不兼容 1.22 版本,预计下个迭代修复。
from kubecube.
关于 k8s audit 的配置问题,已经有 mr,预计下个版本 release,kubecube-io/kubecube-installer#30
from kubecube.
了解,支持1.20.9?
PS. kube-apiserver.yaml的更改顺序要在/bin/bash /etc/kubecube/manifests/install.sh之后(执行以后才有/etc/cube/audit各种配置文件)
from kubecube.
了解,支持1.20.9? PS. kube-apiserver.yaml的更改顺序要在/bin/bash /etc/kubecube/manifests/install.sh之后(执行以后才有/etc/cube/audit各种配置文件)
支持到 v1.21.2。另外上述提到的 mr,是修改了 kubeadm 使用的 kube-apiserver 的配置 kubeadm init --config=/etc/cube/kubeadm/init.config
,这样就可以在 k8s 初始化前,完成 kube-apiserver 配置的修改
from kubecube.
本issue将会关闭,如有问题,可以reopen,感谢支持KubeCube!
from kubecube.
Related Issues (20)
- 租户不能删除 HOT 1
- [Bug]日志输出乱码 HOT 2
- [Bug]按照文档一路安装,从1.2-到1.4【logseer】 真用不起 HOT 2
- [Bug] 部署脚本缺少必要的终止判断 HOT 1
- 1.7的安装文档弄下,到了1.4怎么就没了 HOT 4
- kubecube all in one 安装方式的一些疑问 HOT 1
- [Feature]hnc support hncresourcequota,是不是可以使用最新的来更新了? HOT 1
- Helm安装kubecube问题 HOT 2
- 在已有k8s集群中安装kubecube后,可以在kubecube中管理集群中已有的资源吗? HOT 1
- [Bug] helm安装时 Nodeport 和已经存在的Ingress的port冲突且无法规避 HOT 2
- 创建项目时报错 HOT 1
- [Bug]使用通用认证方式接入第三方认证时用户在kubecube中不会自动创建 HOT 1
- [Bug]Helm 安装失败 HOT 2
- [Feature] 组件监控里面为什么没有信息 HOT 1
- [Feature]官网提供的安装教程以及其他信息很久没更新 HOT 4
- [Feature]支持带有边缘节点的k8s集群纳入嘛
- [Bug]跟ceph存储集群混合部署会无法正常运行kubecube
- [Bug] Helm安装失败 HOT 1
- [Bug]k8s证书到期,k8s更新证书后,在kubecube更新集群证书和kubecube的secret后不生效还是无法再kubecube界面看到集群
- 安装失败,提示:Found multiple CRI endpoints on the host.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubecube.