https://rancher.com/ logo
Title
i

incalculable-garage-62568

08/09/2022, 7:41 AM
Hi all! I have set up a new Kubernetes cluster on AKS, and want to add Rancher to it. When I use the official guidelines on the Rancher Docs, the Helm upgrade fails to add the Ingress NGINX controller to it. The ready-state of the Workload
ingress-nginx-controller
never gets fulfilled and the Helm install times-out. I only notice a CrashLoopBackOff that the Containers are NotReady. Is there any way I can find out the logs of the unready containers?
The logs of the
kubectl describe pod
command shows this:
Events:
  Type     Reason     Age                  From               Message
  ----     ------     ----                 ----               -------
  Normal   Scheduled  23m                  default-scheduler  Successfully assigned ingress-nginx/ingress-nginx-controller-85dbddf586-frx5q to aks-agentpool-31772624-vmss000002
  Normal   Killing    22m                  kubelet            Container controller failed liveness probe, will be restarted
  Normal   Pulled     22m (x2 over 23m)    kubelet            Container image "<http://k8s.gcr.io/ingress-nginx/controller:v0.41.2@sha256:1f4f402b9c14f3ae92b11ada1dfe9893a88f0faeb0b2f4b903e2c67a0c3bf0de|k8s.gcr.io/ingress-nginx/controller:v0.41.2@sha256:1f4f402b9c14f3ae92b11ada1dfe9893a88f0faeb0b2f4b903e2c67a0c3bf0de>" already present on machine
  Normal   Created    22m (x2 over 23m)    kubelet            Created container controller
  Normal   Started    22m (x2 over 23m)    kubelet            Started container controller
  Warning  Unhealthy  21m (x10 over 23m)   kubelet            Readiness probe failed: HTTP probe failed with statuscode: 500
  Warning  Unhealthy  13m (x38 over 23m)   kubelet            Liveness probe failed: HTTP probe failed with statuscode: 500
  Warning  BackOff    3m5s (x43 over 16m)  kubelet            Back-off restarting failed container
And these are the logs of the
kubectl logs <pod>
command:
I0809 07:44:13.725823       7 flags.go:205] "Watching for Ingress" class="nginx"
W0809 07:44:13.726269       7 flags.go:210] Ingresses with an empty class will also be processed by this Ingress controller
W0809 07:44:13.727394       7 client_config.go:608] Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
I0809 07:44:13.728386       7 main.go:241] "Creating API client" host="<https://10.0.0.1:443>"
I0809 07:44:13.754067       7 main.go:285] "Running in Kubernetes cluster" major="1" minor="22" git="v1.22.11" state="clean" commit="6b66c9a34569cd5a6e330eda21d1d8bd792e164e" platform="linux/amd64"
I0809 07:44:13.816110       7 main.go:105] "SSL fake certificate created" file="/etc/ingress-controller/ssl/default-fake-certificate.pem"
I0809 07:44:13.818516       7 main.go:115] "Enabling new Ingress features available since Kubernetes v1.18"
W0809 07:44:13.820772       7 main.go:127] No IngressClass resource with name nginx found. Only annotation will be used.
I0809 07:44:13.836931       7 ssl.go:528] "loading tls certificate" path="/usr/local/certificates/cert" key="/usr/local/certificates/key"
I0809 07:44:13.864072       7 nginx.go:249] "Starting NGINX Ingress controller"
I0809 07:44:13.885858       7 event.go:282] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"ingress-nginx", Name:"ingress-nginx-controller", UID:"0e8021d3-b217-482d-8b7f-e1df18ea1793", APIVersion:"v1", ResourceVersion:"403319", FieldPath:""}): type: 'Normal' reason: 'CREATE' ConfigMap ingress-nginx/ingress-nginx-controller
E0809 07:44:14.969568       7 reflector.go:127] <http://k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156|k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156>: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E0809 07:44:16.357525       7 reflector.go:127] <http://k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156|k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156>: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E0809 07:44:18.654378       7 reflector.go:127] <http://k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156|k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156>: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E0809 07:44:23.617389       7 reflector.go:127] <http://k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156|k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156>: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E0809 07:44:33.106745       7 reflector.go:127] <http://k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156|k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156>: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E0809 07:44:47.317909       7 reflector.go:127] <http://k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156|k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156>: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
I0809 07:45:12.457059       7 main.go:187] "Received SIGTERM, shutting down"
I0809 07:45:12.457089       7 nginx.go:365] "Shutting down controller queues"
E0809 07:45:12.457253       7 store.go:178] timed out waiting for caches to sync
I0809 07:45:12.457293       7 nginx.go:291] "Starting NGINX process"
I0809 07:45:12.457585       7 queue.go:78] "queue has been shutdown, failed to enqueue" key="&ObjectMeta{Name:initial-sync,GenerateName:,Namespace:,SelfLink:,UID:,ResourceVersion:,Generation:0,CreationTimestamp:0001-01-01 00:00:00 +0000 UTC,DeletionTimestamp:<nil>,DeletionGracePeriodSeconds:nil,Labels:map[string]string{},Annotations:map[string]string{},OwnerReferences:[]OwnerReference{},Finalizers:[],ClusterName:,ManagedFields:[]ManagedFieldsEntry{},}"
I0809 07:45:12.457607       7 nginx.go:311] "Starting validation webhook" address=":8443" certPath="/usr/local/certificates/cert" keyPath="/usr/local/certificates/key"
I0809 07:45:12.457638       7 leaderelection.go:243] attempting to acquire leader lease  ingress-nginx/ingress-controller-leader-nginx...
I0809 07:45:12.473576       7 status.go:84] "New leader elected" identity="ingress-nginx-controller-85dbddf586-sfnk8"
I0809 07:45:12.477240       7 status.go:131] "removing value from ingress status" address=[20.223.32.255]
I0809 07:45:12.477292       7 nginx.go:373] "Stopping admission controller"
I0809 07:45:12.477323       7 nginx.go:381] "Stopping NGINX process"
E0809 07:45:12.477349       7 nginx.go:314] "Error listening for TLS connections" err="http: Server closed"
2022/08/09 07:45:12 [notice] 43#43: signal process started
I0809 07:45:13.481467       7 nginx.go:394] "NGINX process has stopped"
I0809 07:45:13.481519       7 main.go:195] "Handled quit, awaiting Pod deletion"
t

tall-school-18125

08/09/2022, 11:34 PM
You would need to manually install an ingress on AKS as described in this doc https://rancher.com/docs/rancher/v2.6/en/installation/resources/k8s-tutorials/aks/
i

incalculable-garage-62568

08/10/2022, 8:43 AM
That is in fact what I did, but the last Helm install command failed. I had added a flag to it, and then it worked
Someone in another Thread said that, and that fixed my issue
t

tall-school-18125

08/10/2022, 3:34 PM
What flag did you add? We can update the docs.