You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2021/12/13 09:01:09 UTC
[GitHub] [cloudstack] levindecaro opened a new issue #5768: kubernetes service require manual pull secret injection
levindecaro opened a new issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768
<!--
Verify first that your issue/request is not already reported on GitHub.
Also test if the latest release and main branch are affected too.
Always add information AFTER of these HTML comments, but no need to delete the comments.
-->
##### ISSUE TYPE
<!-- Pick one below and delete the rest -->
* Improvement Request
##### COMPONENT NAME
<!--
Categorize the issue, e.g. API, VR, VPN, UI, etc.
-->
~~~
Kubernetes Service Plugin
~~~
##### CLOUDSTACK VERSION
<!--
New line separated list of affected versions, commit ID for issues on main branch.
-->
~~~
4.16.0
~~~
##### CONFIGURATION
<!--
Information about the configuration if relevant, e.g. basic network, advanced networking, etc. N/A otherwise
-->
##### OS / ENVIRONMENT
<!--
Information about the environment if relevant, N/A otherwise
-->
CentOS 7.9
KVM
##### SUMMARY
<!-- Explain the problem/feature briefly -->
When provision number of k8s in ACS, it will stalled by docker hub pull rate limit policy. The k8s instance installation will fail to complete. To workaround this problem, it require injecting the pull secret in the middle of provisioning.
I think ACS should cater private registry authentication for the bootstrapping, or allowing custom property to specify image repository URL, such as quay.io or self hosted anonymous mirror.
##### STEPS TO REPRODUCE
<!--
For bugs, show exactly how to reproduce the problem, using a minimal test-case. Use Screenshots if accurate.
For new features, show how the feature would be used.
-->
<!-- Paste example playbooks or commands between quotes below -->
~~~
1. Create a k8s instance in ACS.
2. ssh into first controlplane node
3. watch ImagePullBackoff event
4. Patch the pull secret
5. Restart the backedoff Pod
6. Wait for all Pod in running state.
~~~
example workaround script
```
read -p "your docker.io login name: " DOCKER_IO_USERNAME
read -p "your docekr.io password: " DOCKER_IO_PASSWORD
for x in `kubectl get ns -o NAME|awk -F / '{print $2}'`;do
kubectl create secret docker-registry docker-secret --docker-server=docker.io --docker-username=${DOCKER_IO_USERNAME} --docker-password=${DOCKER_IO_PASSWORD} --docker-email=dummy -n $x
kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "docker-secret"}]}' -n $x
done
kubectl patch serviceaccount weave-net -p '{"imagePullSecrets": [{"name": "docker-secret"}]}' -n kube-system
kubectl patch serviceaccount kubernetes-dashboard -p '{"imagePullSecrets": [{"name": "docker-secret"}]}' -n kubernetes-dashboard
kubectl get pod -A | awk '{if ($4=="Init:ImagePullBackOff") print "kubectl delete pod " $2 " -n " $1;}' | sh
kubectl get pod -A | awk '{if ($4=="ImagePullBackOff") print "kubectl delete pod " $2 " -n " $1;}' | sh
kubectl get pod -A | awk '{if ($4=="Pending") print "kubectl delete pod " $2 " -n " $1;}' | sh
```
<!-- You can also paste gist.github.com links for larger files -->
##### EXPECTED RESULTS
<!-- What did you expect to happen when running the steps above? -->
~~~
k8s instance created without human invention.
~~~
##### ACTUAL RESULTS
<!-- What actually happened? -->
<!-- Paste verbatim command output between quotes below -->
~~~
Require inject pull secrets manually.
~~~
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] davidjumani edited a comment on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
davidjumani edited a comment on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1032205590
With the latest isos, all necessary images are bundled within. CKS also allows private registry login while creating a cluster (which can be used to point to dockerhub) when the `cloud.kubernetes.cluster.experimental.features.enabled` global setting is enabled
![Screenshot from 2022-02-08 11-04-30](https://user-images.githubusercontent.com/8244774/152924685-fa2eda97-07e2-4353-94c0-1b119ebb07a5.png)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] davidjumani commented on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
davidjumani commented on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1035888309
@levindecaro Can you try creating the cluster with the URL as `https://index.docker.io/v1/` and the email as your dockerhub account instead of email id ?
It does not necessarily add the secret to kubernetes but creates a `~/.docker/config.json` file which is used to authenticate with dockerhub while pulling images
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
nvazquez commented on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1029558229
@Pearl1594 @davidjumani any input about this issue?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] davidjumani commented on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
davidjumani commented on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1068788553
Thanks for the update @levindecaro
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] davidjumani commented on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
davidjumani commented on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1035892766
It appears as though the docker config file is not in the right location and only on worker nodes. I'll create a patch to fix it
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] davidjumani edited a comment on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
davidjumani edited a comment on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1035892766
It appears as though the docker config file is not in the right location and only on worker nodes. I'll create a patch to fix it
Edit: CKS will be moving to contrainerd and will be fixed as part of https://github.com/apache/cloudstack/pull/5863
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] davidjumani commented on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
davidjumani commented on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1032205590
With the latest isos, all necessary images are bundled within. CKS also allows private registry login while creating a cluster (which can be used to point to dockerhub) when the `cloud.kubernetes.cluster.experimental.features.enabled` global setting is enabled
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pearl1594 commented on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
Pearl1594 commented on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1035899523
@levindecaro from 4.16.1 onward we will be moving away from docker and using containerd as the container runtime, hence the necessary config for using private registry to pull images will be handled by configuring the /etc/containerd/config.toml file. This is handled by #5863 & is still under testing. Thanks
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] levindecaro commented on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
levindecaro commented on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1035978372
@davidjumani @Pearl1594 Thank you for your update, I think there are requiring effort to workout documentation for CKS and troubleshoot guide. Btw, is it possible to capture the provisioning logs to somewhere in ACS console or agent logs..etc. Since it is quite hard to troubleshoot without having to login into each VM, sometime is it not possible without owner's credential.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] levindecaro commented on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
levindecaro commented on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1034438887
@davidjumani I tried this option with specifying those registry info, however it did not create the corresponding secret for the k8s instances, thus the bootstrap still fail without manual injecting the pull secret. Thanks for your help.
```
2022-02-09 19:53:57,855 DEBUG [c.c.a.ApiServlet] (qtp2129144075-797:ctx-2d4fcbf5) (logid:ec6e558d) ===START=== 172.16.2.198 -- GET name=k8s-testing&description=k8s-testing&zoneid=5e43ac5b-d657-49f2-98e1-7304476d28ed&kubernetesversionid=1497a201-8827-4280-9d60-e8710f612e90&serviceofferingid=fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4&size=1&noderootdisksize=8&keypair=mykey&dockerregistryusername=levindecaro&dockerregistryurl=docker.io&dockerregistryemail=levindecaro%40gmail.com&command=createKubernetesCluster&response=json
2022-02-09 19:53:57,916 INFO [c.c.a.ApiServer] (qtp2129144075-797:ctx-2d4fcbf5 ctx-5b68f773) (logid:ec6e558d) Invalid docker registry url specified
2022-02-09 19:53:57,916 DEBUG [c.c.a.ApiServlet] (qtp2129144075-797:ctx-2d4fcbf5 ctx-5b68f773) (logid:ec6e558d) ===END=== 172.16.2.198 -- GET name=k8s-testing&description=k8s-testing&zoneid=5e43ac5b-d657-49f2-98e1-7304476d28ed&kubernetesversionid=1497a201-8827-4280-9d60-e8710f612e90&serviceofferingid=fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4&size=1&noderootdisksize=8&keypair=mykey&dockerregistryusername=levindecaro&dockerregistryurl=docker.io&dockerregistryemail=levindecaro%40gmail.com&command=createKubernetesCluster&response=json
2022-02-09 19:54:13,327 DEBUG [c.c.a.ApiServlet] (qtp2129144075-797:ctx-5b969d75) (logid:002ca782) ===START=== 172.16.2.198 -- GET name=k8s-testing&description=k8s-testing&zoneid=5e43ac5b-d657-49f2-98e1-7304476d28ed&kubernetesversionid=1497a201-8827-4280-9d60-e8710f612e90&serviceofferingid=fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4&size=1&noderootdisksize=8&keypair=mykey&dockerregistryusername=levindecaro&dockerregistryurl=https:%2F%2Fdocker.io&dockerregistryemail=levindecaro%40gmail.com&command=createKubernetesCluster&response=json
2022-02-09 19:54:13,591 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] (API-Job-Executor-59:ctx-124f92ad job-46798) (logid:b5129e82) Executing AsyncJobVO {id:46798, userId: 9, accountId: 9, instanceType: VirtualMachine, instanceId: 107, cmd: org.apache.cloudstack.api.command.user.kubernetes.cluster.CreateKubernetesClusterCmd, cmdInfo: {"dockerregistryusername":"levindecaro","keypair":"mykey","description":"k8s-testing","httpmethod":"GET","dockerregistrypassword":"xxxxxxxxx","ctxAccountId":"9","uuid":"874c1baa-f076-471d-afd9-bda9d33b550f","cmdEventType":"KUBERNETES.CLUSTER.CREATE","kubernetesversionid":"1497a201-8827-4280-9d60-e8710f612e90","size":"1","serviceofferingid":"fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4","dockerregistryurl":"https://docker.io","response":"json","ctxUserId":"9","dockerregistryemail":"levindecaro@gmail.com","name":"k8s-testing","zoneid":"5e43ac5b-d657-49f2-98e1-7304476d28ed","ctxStartEventId":"93575","id":"107","ctxDetails":"{\"interface com.cloud.dc.DataCenter\":\"5e4
3ac5b-d657-49f2-98e1-7304476d28ed\",\"interface com.cloud.kubernetes.version.KubernetesSupportedVersion\":\"1497a201-8827-4280-9d60-e8710f612e90\",\"interface com.cloud.network.Network\":\"7a97228e-19cb-47b8-870b-9925eba0ca74\",\"interface com.cloud.offering.ServiceOffering\":\"fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4\"}","noderootdisksize":"8"}, cmdVersion: 0, status: IN_PROGRESS, processStatus: 0, resultCode: 0, result: null, initMsid: 90520735245649, completeMsid: null, lastUpdated: null, lastPolled: null, created: null, removed: null}
2022-02-09 19:54:13,593 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) submit async job-46798, details: AsyncJobVO {id:46798, userId: 9, accountId: 9, instanceType: VirtualMachine, instanceId: 107, cmd: org.apache.cloudstack.api.command.user.kubernetes.cluster.CreateKubernetesClusterCmd, cmdInfo: {"dockerregistryusername":"levindecaro","keypair":"mykey","description":"k8s-testing","httpmethod":"GET","dockerregistrypassword":"xxxxxxxxx","ctxAccountId":"9","uuid":"874c1baa-f076-471d-afd9-bda9d33b550f","cmdEventType":"KUBERNETES.CLUSTER.CREATE","kubernetesversionid":"1497a201-8827-4280-9d60-e8710f612e90","size":"1","serviceofferingid":"fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4","dockerregistryurl":"https://docker.io","response":"json","ctxUserId":"9","dockerregistryemail":"levindecaro@gmail.com","name":"k8s-testing","zoneid":"5e43ac5b-d657-49f2-98e1-7304476d28ed","ctxStartEventId":"93575","id":"107","ctxDetails":"{\"interface com.clo
ud.dc.DataCenter\":\"5e43ac5b-d657-49f2-98e1-7304476d28ed\",\"interface com.cloud.kubernetes.version.KubernetesSupportedVersion\":\"1497a201-8827-4280-9d60-e8710f612e90\",\"interface com.cloud.network.Network\":\"7a97228e-19cb-47b8-870b-9925eba0ca74\",\"interface com.cloud.offering.ServiceOffering\":\"fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4\"}","noderootdisksize":"8"}, cmdVersion: 0, status: IN_PROGRESS, processStatus: 0, resultCode: 0, result: null, initMsid: 90520735245649, completeMsid: null, lastUpdated: null, lastPolled: null, created: null, removed: null}
2022-02-09 19:54:13,595 DEBUG [c.c.a.ApiServlet] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) ===END=== 172.16.2.198 -- GET name=k8s-testing&description=k8s-testing&zoneid=5e43ac5b-d657-49f2-98e1-7304476d28ed&kubernetesversionid=1497a201-8827-4280-9d60-e8710f612e90&serviceofferingid=fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4&size=1&noderootdisksize=8&keypair=mykey&dockerregistryusername=levindecaro&dockerregistryurl=https:%2F%2Fdocker.io&dockerregistryemail=levindecaro%40gmail.com&command=createKubernetesCluster&response=json
[root@cloudstack-1 management]# grep 002ca782 management-server.log.2022-02-09
2022-02-09 19:54:13,327 DEBUG [c.c.a.ApiServlet] (qtp2129144075-797:ctx-5b969d75) (logid:002ca782) ===START=== 172.16.2.198 -- GET name=k8s-testing&description=k8s-testing&zoneid=5e43ac5b-d657-49f2-98e1-7304476d28ed&kubernetesversionid=1497a201-8827-4280-9d60-e8710f612e90&serviceofferingid=fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4&size=1&noderootdisksize=8&keypair=mykey&dockerregistryusername=levindecaro&dockerregistryurl=https:%2F%2Fdocker.io&dockerregistryemail=levindecaro%40gmail.com&command=createKubernetesCluster&response=json
2022-02-09 19:54:13,336 DEBUG [c.c.a.ApiServer] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) CIDRs from which account 'Acct[d09266b9-4e22-40b8-a013-da17fc4a3cac-levindecaro] -- Account {"id": 9, "name": "levindecaro", "uuid": "d09266b9-4e22-40b8-a013-da17fc4a3cac"}' is allowed to perform API calls: 0.0.0.0/0,::/0
2022-02-09 19:54:13,351 DEBUG [c.c.u.AccountManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Access to Acct[d09266b9-4e22-40b8-a013-da17fc4a3cac-levindecaro] -- Account {"id": 9, "name": "levindecaro", "uuid": "d09266b9-4e22-40b8-a013-da17fc4a3cac"} granted to Acct[d09266b9-4e22-40b8-a013-da17fc4a3cac-levindecaro] -- Account {"id": 9, "name": "levindecaro", "uuid": "d09266b9-4e22-40b8-a013-da17fc4a3cac"} by DomainChecker
2022-02-09 19:54:13,354 DEBUG [c.c.u.AccountManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Access to Acct[d09266b9-4e22-40b8-a013-da17fc4a3cac-levindecaro] -- Account {"id": 9, "name": "levindecaro", "uuid": "d09266b9-4e22-40b8-a013-da17fc4a3cac"} granted to Acct[d09266b9-4e22-40b8-a013-da17fc4a3cac-levindecaro] -- Account {"id": 9, "name": "levindecaro", "uuid": "d09266b9-4e22-40b8-a013-da17fc4a3cac"} by DomainChecker
2022-02-09 19:54:13,386 DEBUG [c.c.k.c.KubernetesClusterManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Checking host ID: fba3180c-6cd0-4b48-9b78-88b46ebc58cc for capacity already reserved 1
2022-02-09 19:54:13,387 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Checking if host: 49 has enough capacity for requested CPU: 3000 and requested RAM: (2.00 GB) 2147483648 , cpuOverprovisioningFactor: 12.0
2022-02-09 19:54:13,389 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Hosts's actual total CPU: 140000 and CPU after applying overprovisioning: 1680000
2022-02-09 19:54:13,389 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Free CPU: 1477000 , Requested CPU: 3000
2022-02-09 19:54:13,389 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Free RAM: (75.43 GB) 80992567296 , Requested RAM: (2.00 GB) 2147483648
2022-02-09 19:54:13,389 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Host has enough CPU and RAM available
2022-02-09 19:54:13,389 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) STATS: Can alloc CPU from host: 49, used: 203000, reserved: 0, actual total: 140000, total with overprovisioning: 1680000; requested cpu:3000,alloc_from_last_host?:false ,considerReservedCapacity?: true
2022-02-09 19:54:13,389 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) STATS: Can alloc MEM from host: 49, used: (301.25 GB) 323464724480, reserved: (0 bytes) 0, total: (376.68 GB) 404457291776; requested mem: (2.00 GB) 2147483648, alloc_from_last_host?: false , considerReservedCapacity?: true
2022-02-09 19:54:13,390 DEBUG [c.c.k.c.KubernetesClusterManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Found host ID: fba3180c-6cd0-4b48-9b78-88b46ebc58cc for with enough capacity, CPU=3000 RAM=(2.00 GB) 2147483648
2022-02-09 19:54:13,392 DEBUG [c.c.k.c.KubernetesClusterManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Checking host ID: fba3180c-6cd0-4b48-9b78-88b46ebc58cc for capacity already reserved 2
2022-02-09 19:54:13,392 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Checking if host: 49 has enough capacity for requested CPU: 6000 and requested RAM: (4.00 GB) 4294967296 , cpuOverprovisioningFactor: 12.0
2022-02-09 19:54:13,395 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Hosts's actual total CPU: 140000 and CPU after applying overprovisioning: 1680000
2022-02-09 19:54:13,395 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Free CPU: 1477000 , Requested CPU: 6000
2022-02-09 19:54:13,395 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Free RAM: (75.43 GB) 80992567296 , Requested RAM: (4.00 GB) 4294967296
2022-02-09 19:54:13,395 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Host has enough CPU and RAM available
2022-02-09 19:54:13,395 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) STATS: Can alloc CPU from host: 49, used: 203000, reserved: 0, actual total: 140000, total with overprovisioning: 1680000; requested cpu:6000,alloc_from_last_host?:false ,considerReservedCapacity?: true
2022-02-09 19:54:13,395 DEBUG [c.c.c.CapacityManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) STATS: Can alloc MEM from host: 49, used: (301.25 GB) 323464724480, reserved: (0 bytes) 0, total: (376.68 GB) 404457291776; requested mem: (4.00 GB) 4294967296, alloc_from_last_host?: false , considerReservedCapacity?: true
2022-02-09 19:54:13,395 DEBUG [c.c.k.c.KubernetesClusterManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Found host ID: fba3180c-6cd0-4b48-9b78-88b46ebc58cc for with enough capacity, CPU=6000 RAM=(4.00 GB) 4294967296
2022-02-09 19:54:13,395 INFO [c.c.k.c.KubernetesClusterManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Suitable hosts found in datacenter ID: 5e43ac5b-d657-49f2-98e1-7304476d28ed, creating deployment destination
2022-02-09 19:54:13,400 INFO [c.c.k.c.KubernetesClusterManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Creating network for account ID: d09266b9-4e22-40b8-a013-da17fc4a3cac from the network offering ID: 6297c837-129f-4a60-b860-24e3d72ae63c as part of Kubernetes cluster: k8s-testing deployment process
2022-02-09 19:54:13,409 DEBUG [c.c.r.ResourceLimitManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Checking if amount of resources of Type = 'network' for Account Name = levindecaro in Domain Id = 2 is exceeded: Account Resource Limit = 20, Current Account Resource Amount = 7, Requested Resource Amount = 1.
2022-02-09 19:54:13,411 DEBUG [c.c.r.ResourceLimitManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Checking if domain resource limits of Type 'network' for Domain Id = 2 is exceeded: Domain Resource Limit = (-0.00 KB) -1, Current Domain Resource Amount = (188 bytes) 188, Requested Resource Amount = (1 bytes) 1.
2022-02-09 19:54:13,430 DEBUG [c.c.n.g.BigSwitchBcfGuestNetworkGuru] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Refusing to design this network, the physical isolation type is not BCF_SEGMENT
2022-02-09 19:54:13,431 DEBUG [o.a.c.n.c.m.ContrailGuru] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Refusing to design this network
2022-02-09 19:54:13,434 DEBUG [c.c.n.g.NiciraNvpGuestNetworkGuru] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Refusing to design this network
2022-02-09 19:54:13,436 DEBUG [o.a.c.n.o.OpendaylightGuestNetworkGuru] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Refusing to design this network
2022-02-09 19:54:13,438 DEBUG [c.c.n.g.OvsGuestNetworkGuru] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Refusing to design this network
2022-02-09 19:54:13,440 DEBUG [c.c.n.g.DirectNetworkGuru] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) VXLAN: VLAN
2022-02-09 19:54:13,440 DEBUG [c.c.n.g.DirectNetworkGuru] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) VXLAN: VXLAN
2022-02-09 19:54:13,440 INFO [c.c.n.g.DirectNetworkGuru] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Refusing to design this network
2022-02-09 19:54:13,445 INFO [c.c.n.g.DirectNetworkGuru] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Refusing to design this network
2022-02-09 19:54:13,449 DEBUG [o.a.c.n.g.SspGuestNetworkGuru] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) SSP not configured to be active
2022-02-09 19:54:13,451 DEBUG [c.c.n.g.BrocadeVcsGuestNetworkGuru] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Refusing to design this network
2022-02-09 19:54:13,520 DEBUG [o.a.c.e.o.NetworkOrchestrator] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Releasing lock for Acct[d09266b9-4e22-40b8-a013-da17fc4a3cac-levindecaro] -- Account {"id": 9, "name": "levindecaro", "uuid": "d09266b9-4e22-40b8-a013-da17fc4a3cac"}
2022-02-09 19:54:13,528 DEBUG [c.c.r.ResourceLimitManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Updating resource Type = network count for Account = 9 Operation = increasing Amount = 1
2022-02-09 19:54:13,564 INFO [c.c.k.c.KubernetesClusterManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) Kubernetes cluster name: k8s-testing and ID: 874c1baa-f076-471d-afd9-bda9d33b550f has been created
2022-02-09 19:54:13,593 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) submit async job-46798, details: AsyncJobVO {id:46798, userId: 9, accountId: 9, instanceType: VirtualMachine, instanceId: 107, cmd: org.apache.cloudstack.api.command.user.kubernetes.cluster.CreateKubernetesClusterCmd, cmdInfo: {"dockerregistryusername":"levindecaro","keypair":"mykey","description":"k8s-testing","httpmethod":"GET","dockerregistrypassword":"xxxxxxxxx","ctxAccountId":"9","uuid":"874c1baa-f076-471d-afd9-bda9d33b550f","cmdEventType":"KUBERNETES.CLUSTER.CREATE","kubernetesversionid":"1497a201-8827-4280-9d60-e8710f612e90","size":"1","serviceofferingid":"fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4","dockerregistryurl":"https://docker.io","response":"json","ctxUserId":"9","dockerregistryemail":"levindecaro@gmail.com","name":"k8s-testing","zoneid":"5e43ac5b-d657-49f2-98e1-7304476d28ed","ctxStartEventId":"93575","id":"107","ctxDetails":"{\"interface com.clo
ud.dc.DataCenter\":\"5e43ac5b-d657-49f2-98e1-7304476d28ed\",\"interface com.cloud.kubernetes.version.KubernetesSupportedVersion\":\"1497a201-8827-4280-9d60-e8710f612e90\",\"interface com.cloud.network.Network\":\"7a97228e-19cb-47b8-870b-9925eba0ca74\",\"interface com.cloud.offering.ServiceOffering\":\"fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4\"}","noderootdisksize":"8"}, cmdVersion: 0, status: IN_PROGRESS, processStatus: 0, resultCode: 0, result: null, initMsid: 90520735245649, completeMsid: null, lastUpdated: null, lastPolled: null, created: null, removed: null}
2022-02-09 19:54:13,595 DEBUG [c.c.a.ApiServlet] (qtp2129144075-797:ctx-5b969d75 ctx-33df8871) (logid:002ca782) ===END=== 172.16.2.198 -- GET name=k8s-testing&description=k8s-testing&zoneid=5e43ac5b-d657-49f2-98e1-7304476d28ed&kubernetesversionid=1497a201-8827-4280-9d60-e8710f612e90&serviceofferingid=fd72248c-0d18-4f0a-a4d9-0dd6f73f3dd4&size=1&noderootdisksize=8&keypair=mykey&dockerregistryusername=levindecaro&dockerregistryurl=https:%2F%2Fdocker.io&dockerregistryemail=levindecaro%40gmail.com&command=createKubernetesCluster&response=json
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] davidjumani commented on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
davidjumani commented on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1038979642
@levindecaro Thanks, we're updating the documentation. As for the logs, as of now the only way to capture k8s node specific logs is to ssh into the node via the ssh key provided at the time of cluster creation
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] levindecaro commented on issue #5768: kubernetes service require manual pull secret injection
Posted by GitBox <gi...@apache.org>.
levindecaro commented on issue #5768:
URL: https://github.com/apache/cloudstack/issues/5768#issuecomment-1065840308
> @levindecaro Can you try creating the cluster with the URL as `https://index.docker.io/v1/` and the email as your dockerhub account instead of email id ? It does not necessarily add the secret to kubernetes but creates a `~/.docker/config.json` file which is used to authenticate with dockerhub while pulling images
Hi @davidjumani , i just re-tested the CKS on 4.16.1, the URL for docker login should set to https://registry-1.docker.io/ instead of https://index.docker.io/v1/ .
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org