k8s版本 1.21.1 kube-apiserver.yaml安装官方文档中的kubeapiserver修改 <a href="

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

【错误报告】 <a target="_blank" rel="noopener noreferrer nofollow" href=

【我的/etc/kubecub/manifests/install.conf配置文件如下】 <div class="snippet-clipboard-cont

关于 k8s audit 的配置问题，已经有 mr，预计下个版本 release，<a class="issue-link js-issue-link" data-erro

[Bug][Help]已有k8s 1.22.1集群中部署KubeCube不成功? about kubecube HOT 10 CLOSED

kubecube-io commented on September 23, 2024

[Bug][Help]已有k8s 1.22.1集群中部署KubeCube不成功?

from kubecube.

Comments (10)

zhangshuiyong commented on September 23, 2024 1

@weilaaa 在k8s v21.2上成功部署Kubecube了，谢谢

from kubecube.

zhangshuiyong commented on September 23, 2024

修改- --audit-log-path=/var/log/audit为- --audit-log-path=/var/log/audit/k8s-audit后

apiserver启动成功了，但是hnc-controller-manager部署不成功

from kubecube.

zhangshuiyong commented on September 23, 2024

【错误报告】

from kubecube.

zhangshuiyong commented on September 23, 2024

【错误报告（kubectl logs hnc-controller-manager-5555bd596-lx88n -n hnc-system -c manager)】

{"level":"info","ts":1634268171.6946642,"logger":"setup","msg":"Starting main.go:init()"}
{"level":"info","ts":1634268171.6962216,"logger":"setup","msg":"Finished main.go:init()"}
{"level":"info","ts":1634268171.696237,"logger":"setup","msg":"Parsing flags"}
{"level":"info","ts":1634268171.696259,"logger":"setup","msg":"Creating OpenCensus->Stackdriver exporter"}
{"level":"error","ts":1634268173.6966712,"logger":"setup","msg":"Could not create Stackdriver exporter","error":"stackdriver: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error\n\t/workspace/vendor/github.com/go-logr/zapr/zapr.go:132\nmain.main\n\t/workspace/cmd/manager/main.go:130\nruntime.main\n\t/usr/local/go/src/runtime/proc.go:203"}
{"level":"info","ts":1634268173.6968393,"logger":"setup","msg":"Creating Prometheus exporter"}
{"level":"info","ts":1634268173.6969576,"logger":"setup","msg":"Configuring controller-manager"}
{"level":"info","ts":1634268173.793593,"logger":"controller-runtime.metrics","msg":"metrics server is starting to listen","addr":":8080"}
{"level":"info","ts":1634268173.793737,"logger":"setup","msg":"Starting certificate generation"}
{"level":"info","ts":1634268173.7938797,"logger":"setup","msg":"Starting manager"}
{"level":"info","ts":1634268173.7939167,"logger":"setup","msg":"Waiting for certificate generation to complete"}
{"level":"info","ts":1634268173.7940316,"logger":"controller-runtime.manager","msg":"starting metrics server","path":"/metrics"}
{"level":"info","ts":1634268173.794067,"logger":"controller-runtime.manager.controller.cert-rotator","msg":"Starting EventSource","source":{}}
{"level":"info","ts":1634268173.7941291,"logger":"cert-rotation","msg":"starting cert rotator controller"}
{"level":"info","ts":1634268173.8944368,"logger":"controller-runtime.manager.controller.cert-rotator","msg":"Starting EventSource","source":{}}
{"level":"info","ts":1634268173.8952234,"logger":"cert-rotation","msg":"no cert refresh needed"}
{"level":"info","ts":1634268173.895308,"logger":"cert-rotation","msg":"certs are ready in /tmp/k8s-webhook-server/serving-certs"}
{"level":"info","ts":1634268173.9948213,"logger":"controller-runtime.manager.controller.cert-rotator","msg":"Starting Controller"}
{"level":"info","ts":1634268173.994867,"logger":"controller-runtime.manager.controller.cert-rotator","msg":"Starting workers","worker count":1}
{"level":"error","ts":1634268173.9951758,"logger":"cert-rotation","msg":"Webhook not found. Unable to update certificate.","name":"hnc-validating-webhook-configuration","gvk":"admissionregistration.k8s.io/v1, Kind=ValidatingWebhookConfiguration","error":"ValidatingWebhookConfiguration.admissionregistration.k8s.io \"hnc-validating-webhook-configuration\" not found"}
{"level":"info","ts":1634268175.27618,"logger":"cert-rotation","msg":"CA certs are injected to webhooks"}
{"level":"info","ts":1634268175.2762494,"logger":"setup","msg":"Registering validating webhook (won't work when running locally; use --novalidation)"}
{"level":"info","ts":1634268175.2765014,"logger":"controller-runtime.webhook","msg":"registering webhook","path":"/validate-hnc-x-k8s-io-v1alpha2-hierarchyconfigurations"}
{"level":"info","ts":1634268175.2764978,"logger":"controller-runtime.webhook.webhooks","msg":"starting webhook server"}
{"level":"info","ts":1634268175.2766871,"logger":"controller-runtime.webhook","msg":"registering webhook","path":"/validate-objects"}
{"level":"info","ts":1634268175.276905,"logger":"controller-runtime.webhook","msg":"registering webhook","path":"/validate-hnc-x-k8s-io-v1alpha2-hncconfigurations"}
{"level":"info","ts":1634268175.276971,"logger":"controller-runtime.webhook","msg":"registering webhook","path":"/validate-hnc-x-k8s-io-v1alpha2-subnamespaceanchors"}
{"level":"info","ts":1634268175.2769911,"logger":"controller-runtime.certwatcher","msg":"Updated current TLS certificate"}
{"level":"info","ts":1634268175.2770362,"logger":"controller-runtime.webhook","msg":"registering webhook","path":"/validate-v1-namespace"}
{"level":"info","ts":1634268175.277063,"logger":"controller-runtime.webhook","msg":"serving webhook server","host":"","port":9443}
{"level":"info","ts":1634268175.2770677,"logger":"setup","msg":"Creating controllers","maxReconciles":10}
{"level":"info","ts":1634268175.2771666,"logger":"controller-runtime.certwatcher","msg":"Starting certificate watcher"}
{"level":"info","ts":1634268175.2773364,"logger":"setup","msg":"All controllers started; setup complete"}
{"level":"info","ts":1634268175.277407,"logger":"controller-runtime.manager.controller.hncconfiguration","msg":"Starting EventSource","reconciler group":"hnc.x-k8s.io","reconciler kind":"HNCConfiguration","source":"kind source: /, Kind="}
{"level":"info","ts":1634268175.2774987,"logger":"controller-runtime.manager.controller.hierarchyconfiguration","msg":"Starting EventSource","reconciler group":"hnc.x-k8s.io","reconciler kind":"HierarchyConfiguration","source":"kind source: /, Kind="}
{"level":"info","ts":1634268175.2775834,"logger":"controller-runtime.manager.controller.subnamespaceanchor","msg":"Starting EventSource","reconciler group":"hnc.x-k8s.io","reconciler kind":"SubnamespaceAnchor","source":"kind source: /, Kind="}
{"level":"error","ts":1634268175.2967594,"logger":"controller-runtime.source","msg":"if kind is a CRD, it should be installed before calling Start","kind":"HNCConfiguration.hnc.x-k8s.io","error":"no matches for kind \"HNCConfiguration\" in version \"hnc.x-k8s.io/v1alpha2\""}
{"level":"info","ts":1634268175.2970595,"logger":"cert-rotation","msg":"stopping cert rotator controller"}
{"level":"info","ts":1634268175.2970576,"logger":"controller-runtime.webhook","msg":"shutting down webhook server"}
{"level":"info","ts":1634268175.2970881,"logger":"controller-runtime.manager.controller.cert-rotator","msg":"Stopping workers"}
{"level":"error","ts":1634268175.3039055,"logger":"controller-runtime.source","msg":"if kind is a CRD, it should be installed before calling Start","kind":"HierarchyConfiguration.hnc.x-k8s.io","error":"no matches for kind \"HierarchyConfiguration\" in version \"hnc.x-k8s.io/v1alpha2\""}
{"level":"error","ts":1634268175.303953,"logger":"controller-runtime.manager","msg":"error received after stop sequence was engaged","error":"no matches for kind \"HierarchyConfiguration\" in version \"hnc.x-k8s.io/v1alpha2\""}
{"level":"error","ts":1634268175.639216,"logger":"controller-runtime.source","msg":"if kind is a CRD, it should be installed before calling Start","kind":"SubnamespaceAnchor.hnc.x-k8s.io","error":"no matches for kind \"SubnamespaceAnchor\" in version \"hnc.x-k8s.io/v1alpha2\""}
{"level":"error","ts":1634268175.639286,"logger":"controller-runtime.manager","msg":"error received after stop sequence was engaged","error":"no matches for kind \"SubnamespaceAnchor\" in version \"hnc.x-k8s.io/v1alpha2\""}
{"level":"error","ts":1634268175.6392715,"logger":"setup","msg":"problem running manager","error":"no matches for kind \"HNCConfiguration\" in version \"hnc.x-k8s.io/v1alpha2\"","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error\n\t/workspace/vendor/github.com/go-logr/zapr/zapr.go:132\nmain.main\n\t/workspace/cmd/manager/main.go:204\nruntime.main\n\t/usr/local/go/src/runtime/proc.go:203"}

from kubecube.

zhangshuiyong commented on September 23, 2024

【我的/etc/kubecub/manifests/install.conf配置文件如下】

INSTALL_KUBECUBE_PIVOT="true"

# if install kubecube on member cluster
INSTALL_KUBECUBE_MEMBER="false"

# if install k8s
INSTALL_KUBERNETES="false"

# there are four node mode below:
# "master" : node will be installed as a master of cluster
# "node-join-master" : node will be install as a worker of cluster to join master
# "control-plane-master" : node will be installed as a master to control plane of cluster
# "node-join-control-plane" : node will be installed as a master to join control plane
NODE_MODE="master"

# +optional
# must be set when INSTALL_KUBECUBE_MEMBER="true"
# this value is the name of member cluster you
# want to take over
MEMBER_CLUSTER_NAME=""

# +optional
# must be set when NODE_MODE="control-plane-master"
# or "node-join-control-plane"
CONTROL_PLANE_ENDPOINT="" #{ip}:{port} , dns

# master ip means master node ip of cluster
MASTER_IP="10.206.0.3"

# +optional
# KUBECUBE_HOST must be set when as a member cluster to
# join pivot cluster, the value is pivot node ip
KUBECUBE_HOST=""

# zone has two choice
# 1. "cn" : in mainland
# 2. "others" : out of mainland
ZONE="cn"

# k8s version you want to install
KUBERNETES_VERSION="1.22.1"

# +optional
# the user who can access master node, it can be empty
# when NODE_MODE="master" or "control-plane-master"
SSH_USER="root"

# +optional
# the port specified to access master node, it can be empty
# when NODE_MODE="master" or "control-plane-master"
SSH_PORT=22

# +optional
# must be empty when ACCESS_PRIVATE_KEY_PATH set
# password for master user to access master node
ACCESS_PASSWORD=""

# +optional
# must be empty when ACCESS_PASSWORD set
# ACCESS_PRIVATE_KEY for master user to access master node
ACCESS_PRIVATE_KEY_PATH="/root/.ssh/id_rsa"

from kubecube.

weilaaa commented on September 23, 2024

你好，根据你的配置看，你使用的是 k8s 1.22 的版本，该版本移除了 ingress、IngressClass、Lease、APIService、ValidatingWebhookConfiguration、MutatingWebhookConfiguration、CustomResourceDefinition、TokenReview、SubjectAccessReview 和 CertificateSigningRequest API 的 beta 版本，所以目前的 kubecube 不兼容 1.22 版本，预计下个迭代修复。

from kubecube.

weilaaa commented on September 23, 2024

关于 k8s audit 的配置问题，已经有 mr，预计下个版本 release，kubecube-io/kubecube-installer#30

from kubecube.

zhangshuiyong commented on September 23, 2024

了解，支持1.20.9？
PS. kube-apiserver.yaml的更改顺序要在/bin/bash /etc/kubecube/manifests/install.sh之后（执行以后才有/etc/cube/audit各种配置文件）

@weilaaa

from kubecube.

weilaaa commented on September 23, 2024

了解，支持1.20.9？ PS. kube-apiserver.yaml的更改顺序要在/bin/bash /etc/kubecube/manifests/install.sh之后（执行以后才有/etc/cube/audit各种配置文件）

@weilaaa

支持到 v1.21.2。另外上述提到的 mr，是修改了 kubeadm 使用的 kube-apiserver 的配置 kubeadm init --config=/etc/cube/kubeadm/init.config，这样就可以在 k8s 初始化前，完成 kube-apiserver 配置的修改

from kubecube.

zhujf1989 commented on September 23, 2024

本issue将会关闭，如有问题，可以reopen，感谢支持KubeCube！

from kubecube.

[Bug][Help]已有k8s 1.22.1集群中部署KubeCube不成功? about kubecube HOT 10 CLOSED

Comments (10)

修改- --audit-log-path=/var/log/audit为- --audit-log-path=/var/log/audit/k8s-audit后

【错误报告】

【错误报告（kubectl logs hnc-controller-manager-5555bd596-lx88n -n hnc-system -c manager)】

【我的/etc/kubecub/manifests/install.conf配置文件如下】

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent