proud-finland-41550
08/02/2022, 5:08 AMproud-plumber-22060
08/03/2022, 4:27 PMkubectl get nodes
it will just timeout. At times I can't even install the k8s example nginx app. I've installed k3s via the standard k3s install script, no options set. sudo k3s check-config
passes, there's a two missing modules. The logs are loaded with errors of slow sql and errors like this : Get \"<https://127.0.0.1:6443/api/v1/nodes/ubuntu-s-1vcpu-1gb-sfo3-01?timeout=10s>\": net/http: request canceled (Client.Timeout exceeded while awaiting headers)"
and many other endpoints.broad-tomato-47786
08/04/2022, 1:57 AMbroad-tomato-47786
08/04/2022, 1:58 AMcurl -sfL <https://get.k3s.io> | sh -
• 2. set up another kubernetes node by k3s agent ...
on the same machinebroad-tomato-47786
08/04/2022, 1:59 AMflat-engine-95579
08/04/2022, 6:42 AMillegal instruction
when executed.
My second try is to build it on a much more powerful x86_64 machine. I have tried using qemu and docker to emulate the pi's architecture, but some of the binaries are still the wrong architecture. The build process for k3s with dapper is also somewhat contrived, and running the building inside a (qemu) docker container makes it kind of hard to "trick" the whole build process into thinking it's on an old raspi.
Would it be easier to try and cross-compile the binaries? Also, what are https://github.com/k3s-io/k3s-root used for exactly? Should I also build this?refined-magician-25478
08/05/2022, 3:06 PMimportant-art-22288
08/05/2022, 4:59 PMx-forwarded-for
headers through the CNI — all requests were showing up internally with the internal IP of the CNI in the header. It looks like there are some complicated workarounds with Flannel there but I ditched that route given the complexity.
Is there any good way to do this, or am I thinking about it wrong? All I need to do is to have some ingresses only exposed to the local network, and others exposed to the public internet, if possible. The current Pi networking config just forwards 443 and 80 through the router configuration, but if there’s a better way to do that I’m open to itmysterious-toddler-89639
08/05/2022, 5:22 PM[root@ip-172-21-1-217 rocky]# k3s --version
k3s version v1.24.3+k3s1 (990ba0e8)
go version go1.18.1
The installation script is running successfully. I disabled the selinux before so to make the k3s process a little bit faster and easier., but at the moment an getting this error from the metrics service
E0805 17:15:09.404108 3602 available_controller.go:524] <http://v1beta1.metrics.k8s.io|v1beta1.metrics.k8s.io> failed with: failing or missing response from <https://10.42.0.24:4443/apis/metrics.k8s.io/v1beta1>: Get "<https://10.42.0.24:4443/apis/metrics.k8s.io/v1beta1>": proxy error from 127.0.0.1:6443 while dialing 10.42.0.24:4443, code 503: 503 Service Unavailable
W0805 17:15:10.410003 3602 handler_proxy.go:102] no RequestInfo found in the context
W0805 17:15:10.410002 3602 handler_proxy.go:102] no RequestInfo found in the context
E0805 17:15:10.410062 3602 controller.go:116] loading OpenAPI spec for "<http://v1beta1.metrics.k8s.io|v1beta1.metrics.k8s.io>" failed with: failed to retrieve openAPI spec, http error: ResponseCode: 503, Body: service unavailable
, Header: map[Content-Type:[text/plain; charset=utf-8] X-Content-Type-Options:[nosniff]]
E0805 17:15:10.410084 3602 controller.go:113] loading OpenAPI spec for "<http://v1beta1.metrics.k8s.io|v1beta1.metrics.k8s.io>" failed with: Error, could not get list of group versions for APIService
I0805 17:15:10.410093 3602 controller.go:129] OpenAPI AggregationController: action for item <http://v1beta1.metrics.k8s.io|v1beta1.metrics.k8s.io>: Rate Limited Requeue.
I0805 17:15:10.412183 3602 controller.go:126] OpenAPI AggregationController: action for item <http://v1beta1.metrics.k8s.io|v1beta1.metrics.k8s.io>: Rate Limited Requeue.
What would be the best way to debug this? or if you had this issue in the past what would be the solution?
thanks in advancerich-crowd-19730
08/06/2022, 7:33 PMbest-wall-17038
08/07/2022, 5:43 PMlocal-path
?important-art-22288
08/07/2022, 7:39 PMhostname.local
syntax which is working correctly — however, I’m trying to host several apps at once and running into issues with path name collision. Since I don’t have access to adding subdomains given that I’m hosting locally (would rather not go the route of host files) I’m trying to deploy apps under /path/{subpaths}
but running into issues with the names not resolving. For example with the traefik dashboard I was hoping to deploy an ingress under hostname.local/traefik/dashboard
rather than ``hostname.local/dashboard` . to avoid name clash. Is something like this possible or do I need to pursue a different route?thousands-advantage-10804
08/07/2022, 10:52 PMError: Transaction test error:
package k3s-selinux-1.1-1.el8.noarch does not verify: Header V4 RSA/SHA1 Signature, key ID e257814a: BAD
cuddly-egg-57762
08/08/2022, 12:17 PM/var/lib/rancher/k3s/agent/images/
, but when I do the same thing with cilium operator and cilium "client" images tar files they seems to be not imported automatically during the cluster init.
Do the auto-import only works for k3s airgap package? Or am I making something wrong?
I put here also the list of images directory and the crictl image list after the k3s cluster init:
[root@rocky1 srv]# ls /var/lib/rancher/k3s/agent/images/
cilium-operator.tar cilium.tar k3s-airgap-images-amd64.tar.gz metallb-controller.tar metallb-speaker.tar
[root@rocky1 srv]# crictl image list
IMAGE TAG IMAGE ID SIZE
<http://docker.io/rancher/klipper-helm|docker.io/rancher/klipper-helm> v0.7.3-build20220613 38b3b9ad736af 239MB
<http://docker.io/rancher/klipper-lb|docker.io/rancher/klipper-lb> v0.3.5 dbd43b6716a08 8.51MB
<http://docker.io/rancher/local-path-provisioner|docker.io/rancher/local-path-provisioner> v0.0.21 fb9b574e03c34 35.3MB
<http://docker.io/rancher/mirrored-coredns-coredns|docker.io/rancher/mirrored-coredns-coredns> 1.9.1 99376d8f35e0a 49.7MB
<http://docker.io/rancher/mirrored-library-busybox|docker.io/rancher/mirrored-library-busybox> 1.34.1 62aedd01bd852 1.47MB
<http://docker.io/rancher/mirrored-library-traefik|docker.io/rancher/mirrored-library-traefik> 2.6.2 72463d8000a35 103MB
<http://docker.io/rancher/mirrored-metrics-server|docker.io/rancher/mirrored-metrics-server> v0.5.2 f73640fb50619 65.7MB
<http://docker.io/rancher/mirrored-pause|docker.io/rancher/mirrored-pause> 3.6 6270bb605e12e 686kB
Thanks a lot for your help!bumpy-agency-19657
08/08/2022, 8:50 PM"kubectl exec -it myapp-deploy2-859f8f4dfc-9xv8v -- ls"
I get the following error: "Error from server: error dialing backend: x509: certificate is valid for. localhost not worker"
How can I execute a exec command in a pod on worker node?jolly-waitress-71272
08/08/2022, 9:04 PMmelodic-hamburger-23329
08/09/2022, 7:37 AMnerdctl system prune --all
doesn’t seem to work with k3s.
`$ nerdctl version`:
WARN[0000] unable to determine buildctl version: exec: "buildctl": executable file not found in $PATH
WARN[0000] unable to determine runc version: exec: "runc": executable file not found in $PATH
Client:
Version: v0.22.2
OS/Arch: linux/amd64
Git commit: 2899222cb0715f1e5ffe356d10c3439ee8ee3ba4
builctl:
Version:
Server:
containerd:
Version: v1.6.6-k3s1
GitCommit:
runc:
Version:
`nerdctl system prune --all`:
WARNING! This will remove:
- all stopped containers
- all networks not used by at least one container
- all images without at least one container associated to them
Are you sure you want to continue? [y/N] y
FATA[0000] needs CNI plugin "firewall" to be installed in CNI_PATH ("/var/lib/rancher/k3s/data/current/bin"), see <https://github.com/containernetworking/plugins/releases>: exec: "/var/lib/rancher/k3s/data/current/bin/firewall": stat /var/lib/rancher/k3s/data/current/bin/firewall: no such file or directory
`cat /etc/nerdctl/nerdctl.toml`:
address = "unix:///run/k3s/containerd/containerd.sock"
namespace = "<http://k8s.io|k8s.io>"
snapshotter = "stargz"
cgroup_manager = "systemd"
cni_path = "/var/lib/rancher/k3s/data/current/bin"
cni_netconfpath = "/var/lib/rancher/k3s/agent/etc/cni/net.d"
With plain v1.6.6 containerd (RD 1.5.0 in containerd mode with k8s disabled) the commands executed without issues.cool-forest-29147
08/09/2022, 9:31 AMcrooked-elephant-85769
08/09/2022, 5:49 PMaloof-oyster-85392
08/10/2022, 7:27 AMcurl -sfL <https://get.k3s.io> | K3S_URL=<https://10.0.0.90:6443/> K3S_TOKEN=PRE_SHARED_TOKEN_KEY INSTALL_K3S_EXEC="--docker" INSTALL_K3S_VERSION="v1.23.9+k3s1" sh -s -
Some information about my Jetson Nano:
ubuntu@w5:~$ docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.8.2-docker)
compose: Docker Compose (Docker Inc., v2.6.0)
Server:
Containers: 9
Running: 6
Paused: 0
Stopped: 3
Images: 592
Server Version: 20.10.17
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux nvidia
Default Runtime: nvidia
Init Binary: docker-init
containerd version: 0197261a30bf81f1ee8e6a4dd2dea0ef95d67ccb
runc version: v1.1.3-0-g6724737
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.253-tegra
Operating System: Ubuntu 18.04.6 LTS
OSType: linux
Architecture: aarch64
CPUs: 4
Total Memory: 3.863GiB
Name: w5
ID: FVGZ:HQ4F:6UZT:JDNG:CWYN:SUFJ:RM2P:MI5U:44OS:WA4R:ZMT2:6QCT
Docker Root Dir: /var/lib/docker
Debug Mode: false
Username: aslanpour
Registry: <https://index.docker.io/v1/>
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
cuddly-egg-57762
08/10/2022, 9:07 AM0/1 nodes are available: 1 node(s) had untolerated taint {<http://node.kubernetes.io/not-ready|node.kubernetes.io/not-ready>: }. preemption: 0/1 nodes are available: 1 Preemption is not helpful for scheduling.
am I missing something? Or should I deploy cilium in a different way and then deploy other helm resource using the manifests?
Thanks for your helpstale-fish-49559
08/10/2022, 7:22 PMcuddly-egg-57762
08/11/2022, 8:14 AM/var/lib/rancher/k3s/agent/images/
and specified a manifest file in /var/lib/rancher/k3s/server/manifests/
.
The problem of course, since it is airgapped, it's that the job pod report the following error:
Error: failed to download "metallb/metallb" at version "0.12.1"
How may I provide to the job pod a tar.gz with the chart definition? Is it possible?
Thanks in advance for your helpincalculable-air-54033
08/11/2022, 12:44 PM<http://docker.io/rancher/klipper-helm|docker.io/rancher/klipper-helm>
<http://docker.io/rancher/klipper-lb|docker.io/rancher/klipper-lb>
<http://docker.io/rancher/local-path-provisioner|docker.io/rancher/local-path-provisioner>
<http://docker.io/rancher/mirrored-coredns-coredns|docker.io/rancher/mirrored-coredns-coredns>
<http://docker.io/rancher/mirrored-library-busybox|docker.io/rancher/mirrored-library-busybox>
<http://docker.io/rancher/mirrored-library-traefik|docker.io/rancher/mirrored-library-traefik>
<http://docker.io/rancher/mirrored-metrics-server|docker.io/rancher/mirrored-metrics-server>
<http://docker.io/rancher/mirrored-pause|docker.io/rancher/mirrored-pause>
stale-fish-49559
08/11/2022, 3:59 PMevel=warning msg="Failed to remove cgroup (will retry)" error="rmdir /sys/fs/cgroup/cpuacct/kubepods/burstable/pod0ec7b43f-bdb3-4601-8b5b-a6353c88ce93/69bf1ec361729a88f1ccbe8e5566e4d7f0a137b59e1602f1ee3bd38cfb5ec5a4: device or resource busy"
most-crowd-3167
08/11/2022, 8:21 PMhelm list
. I want to look at the logs of helm-controller, but it doesn't seem like there is actually a pod running for this.limited-traffic-81887
08/12/2022, 9:24 PMkubectl logs hello-raspi
the full error looks like this Error from server: Get "<https://10.0.0.142:10250/containerLogs/default/hello-raspi/hello-raspi>": proxy error from 127.0.0.1:6443 while dialing 10.0.0.142:10250, code 503: 503 Service Unavailable
. Can anyone point me in the right direction, google is tough on a specific error like thiskind-nightfall-56861
08/14/2022, 10:33 PMaverage-photographer-35368
08/15/2022, 5:40 PMubuntu@ip-10-0-1-25:~/mentha/k3s-garden$ curl <https://update.k3s.io/v1-release/channels/stable>
<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body>
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>openresty/1.15.8.1</center>
</body>
</html>
fierce-monkey-81592
08/15/2022, 10:58 PM