dashboard crash when creating cluster

Question

dashboard crash when creating cluster

jerry-jibu opened this issue 2 years ago · comments

install kstone chart with following configuration

# version: master 78c67cf8e4aa8b704096cbc071e8eaa1b1de8a62
helm install kstone . -n kstone -f values.test.yaml

# ui version
kubectl -n kstone get pods kstone-dashboard-7c6cd6554c-7lj8z -o yaml |grep image
...
- image: tkestack/kstone-dashboard:v0.1.0-alpha.2
    imagePullPolicy: IfNotPresent
    image: tkestack/kstone-dashboard:v0.1.0-alpha.2
    imageID: docker-pullable://tkestack/kstone-dashboard@sha256:7bc9ba9e449bd9848f1074d060b8d6d51298cb4d15ff3f4ebe777e0fb3ed0f76

access dashboard
click Operation Center and then Create Cluster

Jerry · Answer 1 · Sun Apr 10 2022 23:23:59 GMT+0800 (China Standard Time)

It seems dashboard api pod is still under pulling for a long time around 1 hour.
I will try it tomorrow when api pod is ready.

kstone-dashboard-api-5bc95bd54f-ssnmm           0/1     ContainerCreating   0          51m

Jerry · Answer 2 · Sun Apr 10 2022 23:55:45 GMT+0800 (China Standard Time)

The dashboard api pod under ContainerCreating is caused by lack of secret kstone-api-key

# kubectl -n kstone describe pod kstone-dashboard-api-5bc95bd54f-t6vwd
Name:           kstone-dashboard-api-5bc95bd54f-t6vwd
Namespace:      kstone
Priority:       0
Node:           gyj-dev/10.0.16.11
Start Time:     Sun, 10 Apr 2022 23:32:50 +0800
Labels:         app.kubernetes.io/instance=kstone
                app.kubernetes.io/name=dashboard-api
                pod-template-hash=5bc95bd54f
Annotations:    <none>
Status:         Pending
IP:
IPs:            <none>
Controlled By:  ReplicaSet/kstone-dashboard-api-5bc95bd54f
Containers:
  dashboard-api:
    Container ID:
    Image:          tkestack/kstone-api-amd64:v0.1.0-alpha.2
    Image ID:
    Port:           8080/TCP
    Host Port:      0/TCP
    State:          Waiting
      Reason:       ContainerCreating
    Ready:          False
    Restart Count:  0
    Limits:
      cpu:     1
      memory:  2G
    Requests:
      cpu:     100m
      memory:  50Mi
    Environment:
      KUBE_TARGET:  kubernetes.default.svc.cluster.local:443
      KUBE_TOKEN:   eyJhbGciOiJSUzI1NiIsImtpZCI6IkVYZW5MWEozV0VITW90b3FrdTI5NmtHQkxRREM1bGJHcm9yb0dTNXdnLXMifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlLWFkbWluLXRva2VuLXJ2eGw5Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6Imt1YmUtYWRtaW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI3OGNiZDJmYS1iZmEyLTRlMDQtYjNjYi1jY2IzNzg1MDIxNzMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06a3ViZS1hZG1pbiJ9.eeY_yyqzyB6xA3sbNT81Im1lwp4U0qtUlXI4Ngw1wqqa29z9W4KKKkHmoM8vRy2lLAnWkCSIyD9IASTX_Hhgy9DEsu5orJzjRYkBYbN7HwCXMFvmomzw_KqsPCesNSFyj03iVDJklqf4fIIaI71IRtBDPgB1WlfPAUxxXEOBjfGr2E2xFvDyEAKZmV9ysopoJ0dM5XAhqPzmntvwwoeXsnbjCoFTkTOXWXg9jhc14dsSn5WchDrHFXDi9-eW6g9Ku3M9Ojbn7xwNJ_CRBgDXpPqafkndHU0_R9sBYmdLO98Ngdnp36tNg7sYYQgE4l4ASk3SCowQoSQpDcP3Yr6AoQ
    Mounts:
      /app/certs/ from certs (ro)
      /var/run/secrets/kubernetes.io/serviceaccount from kstone-token-r8jqm (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             False
  ContainersReady   False
  PodScheduled      True
Volumes:
  certs:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  kstone-api-key
    Optional:    false
  kstone-token-r8jqm:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  kstone-token-r8jqm
    Optional:    false
QoS Class:       Burstable
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type     Reason       Age                   From               Message
  ----     ------       ----                  ----               -------
  Normal   Scheduled    10m                   default-scheduler  Successfully assigned kstone/kstone-dashboard-api-5bc95bd54f-t6vwd to gyj-dev
  Warning  FailedMount  3m58s                 kubelet            Unable to attach or mount volumes: unmounted volumes=[certs], unattached volumes=[kstone-token-r8jqm certs]: timed out waiting for the condition
  Warning  FailedMount  104s (x3 over 8m30s)  kubelet            Unable to attach or mount volumes: unmounted volumes=[certs], unattached volumes=[certs kstone-token-r8jqm]: timed out waiting for the condition
  Warning  FailedMount  17s (x13 over 10m)    kubelet            MountVolume.SetUp failed for volume "certs" : secret "kstone-api-key" not found

# kubectl -n kstone get secrets
NAME                                                 TYPE                                  DATA   AGE
default-token-fs2hc                                  kubernetes.io/service-account-token   3      96m
grafana                                              Opaque                                3      85m
kstone-dashboard-api-key                             Opaque                                1      85m
kstone-prometheus-admission                          Opaque                                3      93m
kstone-prometheus-operator-token-sbxwx               kubernetes.io/service-account-token   3      85m
kstone-prometheus-prometheus-token-s9c7x             kubernetes.io/service-account-token   3      85m
kstone-token-r8jqm                                   kubernetes.io/service-account-token   3      85m
prometheus-kstone-prometheus-prometheus              Opaque                                1      85m
prometheus-kstone-prometheus-prometheus-tls-assets   Opaque                                1      85m
prometheus-kstone-prometheus-prometheus-web-config   Opaque                                1      85m
sh.helm.release.v1.kstone.v1                         helm.sh/release.v1                    1      85m

And from code https://github.com/tkestack/kstone/blob/9f868a2ab3298aafd84d0f8f38e772bfa4d74d55/pkg/authentication/helper.go#L37

I think we should add this kstone-api-key secret during helm installation or guide user to specify some private key in values.yaml.

tangcong · Answer 3 · Mon Apr 18 2022 15:06:24 GMT+0800 (China Standard Time)

Thanks for the feedback. @lianghao208 Have we fixed this issue? we released v0.2.0-beta.1， you can take a try. @jerry-jibu

royliang · Answer 4 · Mon Apr 18 2022 15:12:19 GMT+0800 (China Standard Time)

This issue has been fixed in #111 , you can upgrade to our new release v0.2.0-beta.1.

royliang · Answer 5 · Mon Apr 18 2022 15:14:38 GMT+0800 (China Standard Time)

This issue has been fixed in #111 , you can upgrade to our new release v0.2.0-beta.1.

Or you can rename the secret name from kstone-api-key to kstone-dashboard-api-key.