Comments (4)
@tburschka -- Can you describe one of the pods in 'CreateContainerConfigError' state? Thanks.
from charts.
Closing this issue due to inactivity. Please reopen in case you continue to face this issue.
from charts.
I've faced the same issue here is the helm values used:
version: "3.0.6"
values:
rbac:
pspEnabled: true
cstor:
enabled: true
rbac:
pspEnabled: true
openebsNDM:
enabled: true
openebs-ndm:
enabled: true
ndmExporter:
enabled: true
zfs-localpv:
enabled: true
rbac:
pspEnabled: true
kubectl -n openebs describe pod openebs-cstor-csi-controller-0
Name: openebs-cstor-csi-controller-0
Namespace: openebs
Priority: 900000000
Priority Class Name: openebs-cstor-csi-controller-critical
Node: one.one.one.one/1.1.1.1
Start Time: Thu, 30 Dec 2021 09:43:45 +0100
Labels: chart=cstor-3.0.2
component=openebs-cstor-csi-controller
controller-revision-hash=openebs-cstor-csi-controller-5497b66796
heritage=Helm
name=openebs-cstor-csi-controller
openebs.io/component-name=openebs-cstor-csi-controller
openebs.io/version=3.0.0
release=openebs
statefulset.kubernetes.io/pod-name=openebs-cstor-csi-controller-0
Annotations: kubernetes.io/psp: global-restricted-psp
Status: Pending
IP: 10.42.3.128
IPs:
IP: 10.42.3.128
Controlled By: StatefulSet/openebs-cstor-csi-controller
Containers:
csi-resizer:
Container ID:
Image: k8s.gcr.io/sig-storage/csi-resizer:v1.2.0
Image ID:
Port: <none>
Host Port: <none>
Args:
--v=5
--csi-address=$(ADDRESS)
--leader-election
State: Waiting
Reason: CreateContainerConfigError
Ready: False
Restart Count: 0
Environment:
ADDRESS: /var/lib/csi/sockets/pluginproxy/csi.sock
Mounts:
/var/lib/csi/sockets/pluginproxy/ from socket-dir (rw)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-czq89 (ro)
csi-snapshotter:
Container ID:
Image: k8s.gcr.io/sig-storage/csi-snapshotter:v3.0.3
Image ID:
Port: <none>
Host Port: <none>
Args:
--csi-address=$(ADDRESS)
State: Waiting
Reason: CreateContainerConfigError
Ready: False
Restart Count: 0
Environment:
ADDRESS: /var/lib/csi/sockets/pluginproxy/csi.sock
Mounts:
/var/lib/csi/sockets/pluginproxy/ from socket-dir (rw)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-czq89 (ro)
snapshot-controller:
Container ID:
Image: k8s.gcr.io/sig-storage/snapshot-controller:v3.0.3
Image ID:
Port: <none>
Host Port: <none>
Args:
--v=5
--leader-election=false
State: Waiting
Reason: CreateContainerConfigError
Ready: False
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-czq89 (ro)
csi-provisioner:
Container ID:
Image: k8s.gcr.io/sig-storage/csi-provisioner:v3.0.0
Image ID:
Port: <none>
Host Port: <none>
Args:
--csi-address=$(ADDRESS)
--v=5
--feature-gates=Topology=true
--extra-create-metadata=true
--metrics-address=:22011
--timeout=250s
--default-fstype=ext4
State: Waiting
Reason: CreateContainerConfigError
Ready: False
Restart Count: 0
Environment:
MY_NAME: openebs-cstor-csi-controller-0 (v1:metadata.name)
ADDRESS: /var/lib/csi/sockets/pluginproxy/csi.sock
Mounts:
/var/lib/csi/sockets/pluginproxy/ from socket-dir (rw)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-czq89 (ro)
csi-attacher:
Container ID:
Image: k8s.gcr.io/sig-storage/csi-attacher:v3.1.0
Image ID:
Port: <none>
Host Port: <none>
Args:
--v=5
--csi-address=$(ADDRESS)
State: Waiting
Reason: CreateContainerConfigError
Ready: False
Restart Count: 0
Environment:
ADDRESS: /var/lib/csi/sockets/pluginproxy/csi.sock
Mounts:
/var/lib/csi/sockets/pluginproxy/ from socket-dir (rw)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-czq89 (ro)
cstor-csi-plugin:
Container ID:
Image: openebs/cstor-csi-driver:3.0.0
Image ID:
Port: <none>
Host Port: <none>
Args:
--endpoint=$(OPENEBS_CSI_ENDPOINT)
--url=$(OPENEBS_CSI_API_URL)
--plugin=$(OPENEBS_CONTROLLER_DRIVER)
State: Waiting
Reason: CreateContainerConfigError
Ready: False
Restart Count: 0
Environment:
OPENEBS_CONTROLLER_DRIVER: controller
OPENEBS_CSI_ENDPOINT: unix:///var/lib/csi/sockets/pluginproxy/csi.sock
OPENEBS_CSI_API_URL: https://openebs.io
OPENEBS_NAMESPACE: openebs (v1:metadata.namespace)
OPENEBS_IO_INSTALLER_TYPE: cstor-helm
OPENEBS_IO_ENABLE_ANALYTICS: true
Mounts:
/var/lib/csi/sockets/pluginproxy/ from socket-dir (rw)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-czq89 (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
socket-dir:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium:
SizeLimit: <unset>
kube-api-access-czq89:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 44m default-scheduler Successfully assigned openebs/openebs-cstor-csi-controller-0 to one.one.one.one
Warning Failed 43m (x2 over 43m) kubelet Error: container has runAsNonRoot and image will run as root (pod: "openebs-cstor-csi-controller-0_openebs(d3ed5431-8137-4ec7-9aab-82c58e27c283)", container: snapshot-controller)
Warning Failed 43m (x2 over 43m) kubelet Error: container has runAsNonRoot and image will run as root (pod: "openebs-cstor-csi-controller-0_openebs(d3ed5431-8137-4ec7-9aab-82c58e27c283)", container: csi-resizer)
Normal Pulled 43m (x2 over 43m) kubelet Container image "k8s.gcr.io/sig-storage/csi-snapshotter:v3.0.3" already present on machine
Warning Failed 43m (x2 over 43m) kubelet Error: container has runAsNonRoot and image will run as root (pod: "openebs-cstor-csi-controller-0_openebs(d3ed5431-8137-4ec7-9aab-82c58e27c283)", container: csi-snapshotter)
Normal Pulled 43m (x2 over 43m) kubelet Container image "k8s.gcr.io/sig-storage/snapshot-controller:v3.0.3" already present on machine
Normal Pulled 43m (x2 over 43m) kubelet Container image "openebs/cstor-csi-driver:3.0.0" already present on machine
Normal Pulled 43m (x2 over 43m) kubelet Container image "k8s.gcr.io/sig-storage/csi-provisioner:v3.0.0" already present on machine
Warning Failed 43m (x2 over 43m) kubelet Error: container has runAsNonRoot and image will run as root (pod: "openebs-cstor-csi-controller-0_openebs(d3ed5431-8137-4ec7-9aab-82c58e27c283)", container: csi-provisioner)
Normal Pulled 43m (x2 over 43m) kubelet Container image "k8s.gcr.io/sig-storage/csi-attacher:v3.1.0" already present on machine
Warning Failed 43m (x2 over 43m) kubelet Error: container has runAsNonRoot and image will run as root (pod: "openebs-cstor-csi-controller-0_openebs(d3ed5431-8137-4ec7-9aab-82c58e27c283)", container: csi-attacher)
Warning Failed 43m (x2 over 43m) kubelet Error: container has runAsNonRoot and image will run as root (pod: "openebs-cstor-csi-controller-0_openebs(d3ed5431-8137-4ec7-9aab-82c58e27c283)", container: cstor-csi-plugin)
Normal Pulled 3m54s (x184 over 43m) kubelet Container image "k8s.gcr.io/sig-storage/csi-resizer:v1.2.0" already present on machine
from charts.
I could solve the issue with the following ClusterRoleBindings:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app: openebs
name: openebs-cstor-psp
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: openebs-psp
subjects:
- kind: ServiceAccount
name: openebs-cstor-csi-controller-sa
namespace: openebs
- kind: ServiceAccount
name: openebs-cstor-operator
namespace: openebs
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app: openebs
name: openebs-ndm-psp
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: openebs-psp
subjects:
- kind: ServiceAccount
name: openebs-ndm
namespace: openebs
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app: openebs
name: openebs-zfs-controller-psp
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: openebs-psp
subjects:
- kind: ServiceAccount
name: openebs-zfs-controller-sa
namespace: openebs
from charts.
Related Issues (20)
- init-pvc pod runs with priviledged security context
- ValidatingWebhookConfiguration object left behind after disabling cStor/legacy HOT 3
- node selection not available for openebs-ndm:ndmExporter
- Chart: Allow configuring of deployment strategy
- Installing the latest helm chart release 3.3.0 includes images tagged 3.2.0 HOT 1
- helm upgrade failed with "nil pointer evaluating interface {}.enabled" HOT 1
- 3.3.0 -> 3.4.0
- Chart 3.4.0 Referenced in Chart.yaml but no tar.gz exists HOT 1
- Enabling ndmExporter results in duplicate "name" keys HOT 1
- allowVolumeExpansion helm parameter for localPV device storage class
- upgrading to install jiva causes resource mapping not found
- typo in LVM driver image name HOT 2
- Support NDM `metaconfigs` HOT 2
- Upgrade 3.7.0->3.8.0 fails when there exists a volumesnapshotclass HOT 3
- Incorrect OPENEBS_IO_BASE_PATH when mayastor enabled
- Wrong override for jiva image in helm chart in release 3.10.0 HOT 1
- Publish to OCI
- Issue with webdocs deploying helmchart for OpenEBS
- Missing Chart for nfs provisioner HOT 1
- [Bug] DaemonSet openebs-ndm has too much RBAC permission which may leads the whole cluster being hijacked HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from charts.