Channels
extensions
rancher-extensions
supermicro-sixsq
ozt
os
one-point-x
rio
onlinemeetup
v16-v21-migration
events
onlinetraining
training-1220
training-0110
training-0124
k3s-contributor
submariner
storage
k3os
windows
ci-cd
theranchcast
rfed_ara
nederlands
ukranian
danish
training-0131
masterclass
training-0207
training-0214
terraform-controller
epinio
phillydotnet
swarm
rancher-wrangler
deutsch
russian
chinese
mesos
français
japanese
arm
longhorn-dev
terraform-provider-rke
service-mesh
azure
gcp
academy
random
elemental
espanol
lima
harvester-dev
portugues
kubernetes
kim
hypper
kubewarden
opni
logging
neuvector-security
rancher-setup
developer
office-hours
mexico
cabpr
rke
vsphere
longhorn-storage
k3s
k3d
terraform-provider-rancher2
fleet
amazon
harvester
rke2
s3gw
hobbyfarm
rancher-desktop
general
Title
l
lively-night-78214
12/08/2022, 7:37 AMI run this installation
curl -sfL <https://get.k3s.io> | INSTALL_K3S_VERSION=v1.25.4+k3s1 sh -s - server --datastore-endpoint=\"<mysql://user:pass@tcp>(host:3306)/my_k3s_test"[INFO] Using v1.25.4+k3s1 as release",
"[INFO] Downloading hash <https://github.com/k3s-io/k3s/releases/download/v1.25.4+k3s1/sha256sum-amd64.txt>",
"[INFO] Downloading binary <https://github.com/k3s-io/k3s/releases/download/v1.25.4+k3s1/k3s>",
"[INFO] Verifying binary download",
"[INFO] Installing k3s to /usr/local/bin/k3s",
"[INFO] Skipping installation of SELinux RPM",
"[INFO] Creating /usr/local/bin/kubectl symlink to k3s",
"[INFO] Creating /usr/local/bin/crictl symlink to k3s",
"[INFO] Creating /usr/local/bin/ctr symlink to k3s",
"[INFO] Creating killall script /usr/local/bin/k3s-killall.sh",
"[INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh",
"[INFO] env: Creating environment file /etc/systemd/system/k3s.service.env",
"[INFO] systemd: Creating service file /etc/systemd/system/k3s.service",
"[INFO] systemd: Enabling k3s unit",
"[INFO] systemd: Starting k3s""Created symlink /etc/systemd/system/multi-user.target.wants/k3s.service → /etc/systemd/system/k3s.service.",
"Job for k3s.service failed because the control process exited with error code.",
"See \"systemctl status k3s.service\" and \"journalctl -xe\" for details."ubuntu@my-k3s-server:~$ crictl version
FATA[0000] load config file: stat /var/lib/rancher/k3s/data/7c994f47fd344e1637da337b92c51433c255b387d207b30b3e0262779457afe4/bin/crictl.yaml: no such file or directoryubuntu@my-k3s-server:~$ journalctl -xe
Hint: You are currently not seeing messages from other users and the system.
Users in groups 'adm', 'systemd-journal' can see all messages.
Pass -q to turn off this notice.
No journal files were opened due to insufficient permissions.
ubuntu@myreviews-k3s-server:~$ sudo journalctl -xe
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: <http://www.ubuntu.com/support>
--
-- Automatic restarting of the unit k3s.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Dec 08 07:24:52 myreviews-k3s-server systemd[1]: Stopped Lightweight Kubernetes.
-- Subject: Unit k3s.service has finished shutting down
-- Defined-By: systemd
-- Support: <http://www.ubuntu.com/support>
--
-- Unit k3s.service has finished shutting down.
Dec 08 07:24:52 myreviews-k3s-server systemd[1]: Starting Lightweight Kubernetes...
-- Subject: Unit k3s.service has begun start-up
-- Defined-By: systemd
-- Support: <http://www.ubuntu.com/support>
--
-- Unit k3s.service has begun starting up.
Dec 08 07:24:52 myreviews-k3s-server sh[4543]: + /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service
Dec 08 07:24:52 myreviews-k3s-server sh[4543]: /bin/sh: 1: /usr/bin/systemctl: not found
Dec 08 07:24:52 myreviews-k3s-server k3s[4555]: time="2022-12-08T07:24:52Z" level=info msg="Starting k3s v1.25.4+k3s1 (0dc63334)"
Dec 08 07:24:54 myreviews-k3s-server k3s[4555]: time="2022-12-08T07:24:54Z" level=info msg="Configuring mysql database connection pooling: maxIdleConns=2, maxOpenConns=0, connMaxLifetime=0s"
Dec 08 07:24:54 myreviews-k3s-server k3s[4555]: time="2022-12-08T07:24:54Z" level=info msg="Configuring database table schema and indexes, this may take a moment..."
Dec 08 07:24:55 myreviews-k3s-server k3s[4555]: time="2022-12-08T07:24:55Z" level=info msg="Database tables and indexes are up to date"
Dec 08 07:24:56 myreviews-k3s-server sudo[4573]: ubuntu : TTY=pts/0 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/bin/journalctl -xe
Dec 08 07:24:56 myreviews-k3s-server sudo[4573]: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)systemctl status k3s.service
● k3s.service - Lightweight Kubernetes
Loaded: loaded (/etc/systemd/system/k3s.service; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Thu 2022-12-08 07:24:18 UTC; 3s ago
Docs: <https://k3s.io>
Process: 4373 ExecStart=/usr/local/bin/k3s server --datastore-endpoint=<mysql://OMISSIS:3306>)/my_k3s_test (code=exited, status=1/FAILURE)
Process: 4372 ExecStartPre=/sbin/modprobe overlay (code=exited, status=0/SUCCESS)
Process: 4370 ExecStartPre=/sbin/modprobe br_netfilter (code=exited, status=0/SUCCESS)
Process: 4363 ExecStartPre=/bin/sh -xc ! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service (code=exited, status=0/SUCCESS)
Main PID: 4373 (code=exited, status=1/FAILURE)s
sparse-fireman-14239
12/08/2022, 7:49 AMhttps://docs.k3s.io/reference/binary-tools
Check that the crictl.yaml file actually exists
crictl has to be run as root, afaik.
l
lively-night-78214
12/08/2022, 7:52 AMrunning crictl with root/sudo yields no different result and
file
/var/lib/rancher/k3s/data/7c994f47fd344e1637da337b92c51433c255b387d207b30b3e0262779457afe4/bin/crictl.yamls
sparse-fireman-14239
12/08/2022, 7:52 AMAnd verify that the user can actually connect to mysql and have the correct privileges.
l
lively-night-78214
12/08/2022, 7:53 AMin the logs it shows it connect to mysql and checks its schema correctly
s
sparse-fireman-14239
12/08/2022, 7:53 AMProcess: 4373 ExecStart=/usr/local/bin/k3s server --datastore-endpoint=<mysql://OMISSIS:3306>)/my_k3s_test (code=exited, status=1/FAILURE)l
lively-night-78214
12/08/2022, 7:53 AMDec 08 07:24:54 myreviews-k3s-server k3s[4555]: time="2022-12-08T07:24:54Z" level=info msg="Configuring mysql database connection pooling: maxIdleConns=2, maxOpenConns=0, connMaxLifetime=0s"
Dec 08 07:24:54 myreviews-k3s-server k3s[4555]: time="2022-12-08T07:24:54Z" level=info msg="Configuring database table schema and indexes, this may take a moment..."
Dec 08 07:24:55 myreviews-k3s-server k3s[4555]: time="2022-12-08T07:24:55Z" level=info msg="Database tables and indexes are up to date"i saw that msg but i dont get why it is failing if it is actually able to check the db
the user has all grants
i can login just fine on mysql if i try manually from the server
c
creamy-pencil-82913
12/08/2022, 8:06 AM--datastore-endpoint=<mysql://OMISSIS:3306>)/my_k3s_testuser:pass@tcp:(host:3306)/databasel
lively-night-78214
12/08/2022, 8:06 AMi just removed the details
c
creamy-pencil-82913
12/08/2022, 8:06 AMIf you have weird non-alphanumeric characters in the password, sometimes those get mangled by the install script.
l
lively-night-78214
12/08/2022, 8:06 AMbut they are correct
i know but indeed they are just letters and numbers
underscores at most
c
creamy-pencil-82913
12/08/2022, 8:07 AMtry doing
rm -rf /var/lib/rancher/k3s/data/l
lively-night-78214
12/08/2022, 8:07 AMby restarting do you mean try the installation again?
c
creamy-pencil-82913
12/08/2022, 8:07 AMno, just restarting the service
l
lively-night-78214
12/08/2022, 8:09 AMubuntu@myreviews-k3s-server:~$ sudo systemctl restart k3s.service
Job for k3s.service failed because the control process exited with error code.
Dec 08 08:09:47 myreviews-k3s-server k3s[17516]: time="2022-12-08T08:09:47Z" level=info msg="Starting k3s v1.25.4+k3s1 (0dc63334)"
Dec 08 08:09:49 myreviews-k3s-server k3s[17516]: time="2022-12-08T08:09:49Z" level=info msg="Configuring mysql database connection pooling: maxIdleConns=2, maxOpenConns=0, connMaxLifetime=0s"
Dec 08 08:09:49 myreviews-k3s-server k3s[17516]: time="2022-12-08T08:09:49Z" level=info msg="Configuring database table schema and indexes, this may take a moment..."
Dec 08 08:09:49 myreviews-k3s-server k3s[17516]: time="2022-12-08T08:09:49Z" level=info msg="Database tables and indexes are up to date"
Dec 08 08:09:50 myreviews-k3s-server sudo[17540]: ubuntu : TTY=pts/0 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/bin/journalctl -xe
Dec 08 08:09:50 myreviews-k3s-server sudo[17540]: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)c
creamy-pencil-82913
12/08/2022, 8:10 AMwhat is the output of
journalctl -n 50 -l -u k3sl
lively-night-78214
12/08/2022, 8:11 AM-- Logs begin at Thu 2022-12-08 07:10:28 UTC, end at Thu 2022-12-08 08:11:25 UTC. --
Dec 08 08:10:57 myreviews-k3s-server systemd[1]: k3s.service: Scheduled restart job, restart counter is at 12.
Dec 08 08:10:57 myreviews-k3s-server systemd[1]: Stopped Lightweight Kubernetes.
Dec 08 08:10:57 myreviews-k3s-server systemd[1]: Starting Lightweight Kubernetes...
Dec 08 08:10:57 myreviews-k3s-server sh[17804]: + /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service
Dec 08 08:10:57 myreviews-k3s-server sh[17804]: /bin/sh: 1: /usr/bin/systemctl: not found
Dec 08 08:10:57 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:10:57Z" level=info msg="Starting k3s v1.25.4+k3s1 (0dc63334)"
Dec 08 08:10:58 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:10:58Z" level=info msg="Configuring mysql database connection pooling: maxIdleConns=2, maxOpenConns=0, connMaxLifetime=0s"
Dec 08 08:10:58 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:10:58Z" level=info msg="Configuring database table schema and indexes, this may take a moment..."
Dec 08 08:10:58 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:10:58Z" level=info msg="Database tables and indexes are up to date"
Dec 08 08:11:00 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:00Z" level=info msg="Slow SQL (started: 2022-12-08 08:10:59.034109225 +0000 UTC m=+1.763292914) (total time: 1.464733848s): SELECT ( SELECT MAX(rkv.id) AS id F
Dec 08 08:11:00 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:00Z" level=info msg="Kine available at <unix://kine.sock>"
Dec 08 08:11:01 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:01Z" level=info msg="Slow SQL (started: 2022-12-08 08:11:00.771949377 +0000 UTC m=+3.501133034) (total time: 1.093364032s): SELECT * FROM ( SELECT ( SELECT MAX
Dec 08 08:11:01 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:01Z" level=info msg="Slow SQL (started: 2022-12-08 08:11:00.792156733 +0000 UTC m=+3.521340379) (total time: 1.146873127s): SELECT * FROM ( SELECT ( SELECT MAX
Dec 08 08:11:02 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:02Z" level=fatal msg="starting kubernetes: preparing server: bootstrap data already found and encrypted with different token"
Dec 08 08:11:02 myreviews-k3s-server systemd[1]: k3s.service: Main process exited, code=exited, status=1/FAILURE
Dec 08 08:11:02 myreviews-k3s-server systemd[1]: k3s.service: Failed with result 'exit-code'.
Dec 08 08:11:02 myreviews-k3s-server systemd[1]: Failed to start Lightweight Kubernetes.
Dec 08 08:11:07 myreviews-k3s-server systemd[1]: k3s.service: Service hold-off time over, scheduling restart.
Dec 08 08:11:07 myreviews-k3s-server systemd[1]: k3s.service: Scheduled restart job, restart counter is at 13.
Dec 08 08:11:07 myreviews-k3s-server systemd[1]: Stopped Lightweight Kubernetes.
Dec 08 08:11:07 myreviews-k3s-server systemd[1]: Starting Lightweight Kubernetes...is it possible that the connection with mysql is too slow and k3s has a time out and dies ?
i can connect instantly but just wondering
c
creamy-pencil-82913
12/08/2022, 8:12 AMno
Dec 08 08:11:02 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:02Z" level=fatal msg="starting kubernetes: preparing server: bootstrap data already found and encrypted with different token"You are reusing a database from a previous install and have not supplied the same --token value
l
lively-night-78214
12/08/2022, 8:13 AMohhh interesting so i cant do that
didnt know
c
creamy-pencil-82913
12/08/2022, 8:13 AMwipe the database, or supply the same --token
l
lively-night-78214
12/08/2022, 8:13 AMwhere do i get the token if i wanted to reuse it?
c
creamy-pencil-82913
12/08/2022, 8:13 AMfrom the other server that you connected to that database
l
lively-night-78214
12/08/2022, 8:13 AMdestroyed
c
creamy-pencil-82913
12/08/2022, 8:14 AMif you didn’t specify it, it was randomly generated
l
lively-night-78214
12/08/2022, 8:14 AMi mean is it somewhere on the db?
i guess it will be encrypted on db so no use to look it up
c
creamy-pencil-82913
12/08/2022, 8:14 AMno. the token is used as an encryption key to protect the RSA keys for the cluster CAs. You cannot access them without the token, and the token cannot be derived from the encrypted data
The importance of the token is called out in the docs at https://docs.k3s.io/installation/ha - we could probably put the warning a little higher up I guess?
Ensure that you retain a copy of this token as it is required when restoring from backup and adding nodes. Previously, K3s did not enforce the use of a token when using external SQL datastores.If you reuse the same datastore, you are technically adding nodes to an existing cluster. It’s just that there aren’t currently any nodes in it.
l
lively-night-78214
12/08/2022, 8:18 AMmaybe moving it in the docs might help but I am just looking at it from a disaster recovery point of view
in my case it probably makes more sense to start clean all the times
c
creamy-pencil-82913
12/08/2022, 8:20 AMyeah for DR purposes, you need to either specify your own token in the config on the servers, or copy the token off the first node if you let it create a random one for you, and then reuse that token on all other servers.
l
lively-night-78214
12/08/2022, 8:29 AMi just checked the script and i can see K3S_TOKEN . Is this token the same one and is it also used by nodes to join servers?
c
creamy-pencil-82913
12/08/2022, 8:35 AMthat’s the token, yes
👍 1
l
lively-night-78214
12/08/2022, 8:36 AMi will add that to my secrets to ensure i can recover the db too