melodic-hamburger-23329
07/08/2022, 4:12 AMflat-ice-58483
07/10/2022, 8:58 AMbland-painting-61617
07/10/2022, 10:06 PMjolly-waitress-71272
07/12/2022, 7:55 PMquiet-energy-91205
07/13/2022, 12:41 PMkubectl logs -n kube-system cilium-4vt6k
Defaulted container "cilium-agent" out of: cilium-agent, mount-cgroup (init), clean-cilium-state (init)
Error from server: Get "<https://192.168.1.3:10250/containerLogs/kube-system/cilium-4vt6k/cilium-agent>": proxy error from 192.168.1.3:6443 while dialing 192.168.1.3:10250, code 500: 500 Internal Server Error
K3s config:
advertise-address: {{ private_ip }}
bind-address: {{ private_ip }}
node-ip: {{ private_ip }}
node-external-ip: {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}
kubelet-arg:
- address={{ private_ip }}
kube-apiserver-arg:
- kubelet-preferred-address-types=InternalIP
flannel-backend: none
disable-kube-proxy: true
disable-network-policy: true
disable:
- servicelb
- traefik
- local-storage
Cilium config:
k8sServiceHost: {{ hostvars[groups['server'][0]]['private_ip'] }}
k8sServicePort: 6443
kubeProxyReplacement: strict
bandwidthManager: true
externalIPs:
enabled: true
hostPort:
enabled: true
nodePort:
enabled: true
hostServices:
enabled: true
hubble:
enabled: false
nodeinit:
restartPods: true
thousands-mechanic-72394
07/13/2022, 7:34 PMnumerous-chef-53737
07/13/2022, 7:44 PMcareful-table-97595
07/14/2022, 12:51 AMincompatible CNI versions; config is \"1.0.0\", plugin supports [\"0.1.0\" \"0.2.0\" \"0.3.0\" \"0.3.1\" \"0.4.0\"]"
So I reverted back to my original version (v1.22+k3s1)
Did I miss something? I haven't found anything relevant in the documentationancient-air-32350
07/14/2022, 6:39 AMaverage-arm-20932
07/15/2022, 5:23 PMHello Team,
I'm using K3s version(v1.22.4+k3s1), I need to send the SSL connections directly to the backend, not decrypt at my Traefik. The backend needs to receive https requests.
The below annotations is not working, could anyone help me here, any help appreciated.
apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>
kind: Ingress
metadata:
name: cp-certissuer-ing
namespace: cp-certissuer
annotations:
<http://traefik.ingress.kubernetes.io/ssl.passthrough|traefik.ingress.kubernetes.io/ssl.passthrough>: "True"
spec:
rules:
- host: <http://server.example.com|server.example.com>
http:
paths:
- backend:
service:
name: cp-certissuer
port:
number: 8080
path: /cert/actuator/info
pathType: Prefix
tls:
- hosts:
- <http://server.example.com|server.example.com>
secretName: cp-certissuer-ssl-secret
bland-painting-61617
07/17/2022, 4:13 PM--etcd-s3-endpoint-ca value (db) S3 custom CA cert to connect to S3 endpoint
custom cert file path? base64 encoded pem file? pem file with no new lines?flat-engine-95579
07/17/2022, 5:01 PMalert-elephant-31589
07/17/2022, 5:23 PMstrong-tomato-67726
07/18/2022, 10:11 AMbrainy-electrician-41196
07/19/2022, 7:18 AMcrooked-rocket-3338
07/19/2022, 2:51 PMfailed to allocate for range
thing.fancy-insurance-98888
07/22/2022, 2:10 AMbest-oil-69865
07/22/2022, 10:20 AMbest-oil-69865
07/22/2022, 10:20 AMflaky-dusk-65029
07/22/2022, 7:13 PMgorgeous-nightfall-51562
07/23/2022, 2:00 AMcool-ocean-71403
07/23/2022, 8:44 AMmagnificent-egg-26329
07/23/2022, 2:14 PM--node-ip value, -i value
When I am installing with the https://get.k3s.io/ shell script?agreeable-area-10613
07/24/2022, 7:05 AMttlSecondsAfterFinished
.
we are only using backoffLimit: 0
and restartPolicy: OnFailure
We are using latest k3s version and i remember that in the past the failures job wasn't deleted and we was able to see the logs a day after..
Any idea?strong-tomato-67726
07/25/2022, 5:13 PMnumerous-sunset-21016
07/26/2022, 11:01 AM--flannel-backend=ipsec
to just pre-populate ``/var/lib/rancher/k3s/server/cred/ipsec.psk` ? Docs don't seem to tell me what the expectation for owning this is.ancient-raincoat-46356
07/28/2022, 7:04 PMancient-raincoat-46356
07/28/2022, 7:05 PMkubeadm init phase admin
?broad-rocket-5348
07/29/2022, 4:56 AMsteep-continent-12582
08/01/2022, 5:40 AMoverlay
snapshotter, understandably seems to not work here
• Trying the native
snapshotter, some containers throwing errors like:
Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create containerd container: copying of parent failed: failed to copy file info for /var/lib/rancher/k3s/agent/containerd/io.containerd.snapshotter.v1.native/snapshots/new-4170709921: failed to chown /var/lib/rancher/k3s/agent/containerd/io.containerd.snapshotter.v1.native/snapshots/new-4170709921: lchown /var/lib/rancher/k3s/agent/containerd/io.containerd.snapshotter.v1.native/snapshots/new-4170709921: invalid argument
• Other times (and I haven't figured out the pattern here, I thought it was under overlay config but seems not), I get this kind of similar but different error, where the native snapshotter is not mentioned, seems this one relates to the pull/unpack rather than the starting:
Failed to pull image "<http://quay.io/prometheus/busybox|quay.io/prometheus/busybox>": rpc error: code = Unknown desc = failed to pull and unpack image "<http://quay.io/prometheus/busybox:latest|quay.io/prometheus/busybox:latest>": failed to extract layer sha256:c7412c2a678786efc84fe4bd0b1a79ecca47457b0eb4d4bceb1f79d6b4f75695: mount callback failed on /var/lib/rancher/k3s/agent/containerd/tmpmounts/containerd-mount4066054735: failed to Lchown "/var/lib/rancher/k3s/agent/containerd/tmpmounts/containerd-mount4066054735/bin" for UID 0, GID 0: lchown /var/lib/rancher/k3s/agent/containerd/tmpmounts/containerd-mount4066054735/bin: invalid argument: unknown
• For both of the above, my GitHub searches seemed to indicate they're caused by not running on an ext4 filesystem, which is true in my situation.
• In some cases I can't start any containers in a pod, in others I can start most except busybox
• I recalled that on docker, I believe I was using devmapper
which seemed to work fine and did not have this problem, but as far as I can tell, devmapper
is either not included at all in the k3s version of containerd, or just not configured (some places say it's not included, but I see errors in the containerd.log and ctr plugin ls
output that kind of indicate it's there but not working. I'm also not 100% sure if it would fix my problem.
So, my questions (and thanks in advance) are:
• How come only the busybox image so far has this particular problem? I've gotten a bunch of others to work so far.
• Is there some tweak to the native
snapshotter that can be done to allow things to work?
• If not, is there a simply way to get devmapper
working?