This message was deleted Rancher Users #k3s

Join Slack

This message was deleted.

# k3s

adamant-kite-43734

12/08/2022, 7:37 AM

This message was deleted.

sparse-fireman-14239

12/08/2022, 7:49 AM

https://docs.k3s.io/reference/binary-tools Check that the crictl.yaml file actually exists crictl has to be run as root, afaik.

lively-night-78214

12/08/2022, 7:52 AM

running crictl with root/sudo yields no different result and file

/var/lib/rancher/k3s/data/7c994f47fd344e1637da337b92c51433c255b387d207b30b3e0262779457afe4/bin/crictl.yaml

does not exist

sparse-fireman-14239

12/08/2022, 7:52 AM

And verify that the user can actually connect to mysql and have the correct privileges.

lively-night-78214

12/08/2022, 7:53 AM

in the logs it shows it connect to mysql and checks its schema correctly

sparse-fireman-14239

12/08/2022, 7:53 AM

Copy code

Process: 4373 ExecStart=/usr/local/bin/k3s server --datastore-endpoint=<mysql://OMISSIS:3306>)/my_k3s_test (code=exited, status=1/FAILURE)

lively-night-78214

12/08/2022, 7:53 AM

Copy code

Dec 08 07:24:54 myreviews-k3s-server k3s[4555]: time="2022-12-08T07:24:54Z" level=info msg="Configuring mysql database connection pooling: maxIdleConns=2, maxOpenConns=0, connMaxLifetime=0s"
Dec 08 07:24:54 myreviews-k3s-server k3s[4555]: time="2022-12-08T07:24:54Z" level=info msg="Configuring database table schema and indexes, this may take a moment..."
Dec 08 07:24:55 myreviews-k3s-server k3s[4555]: time="2022-12-08T07:24:55Z" level=info msg="Database tables and indexes are up to date"

lively-night-78214

12/08/2022, 7:56 AM

i saw that msg but i dont get why it is failing if it is actually able to check the db

lively-night-78214

12/08/2022, 7:56 AM

the user has all grants

lively-night-78214

12/08/2022, 7:58 AM

i can login just fine on mysql if i try manually from the server

creamy-pencil-82913

12/08/2022, 8:06 AM

--datastore-endpoint=<mysql://OMISSIS:3306>)/my_k3s_test

does not look like a properly formatted endpoint. It should be something like

user:pass@tcp:(host:3306)/database

as shown in the example. Can you edit the systemd unit and confirm that the value is formatted correctly?

lively-night-78214

12/08/2022, 8:06 AM

i just removed the details

creamy-pencil-82913

12/08/2022, 8:06 AM

If you have weird non-alphanumeric characters in the password, sometimes those get mangled by the install script.

lively-night-78214

12/08/2022, 8:06 AM

but they are correct

lively-night-78214

12/08/2022, 8:06 AM

i know but indeed they are just letters and numbers

lively-night-78214

12/08/2022, 8:07 AM

underscores at most

creamy-pencil-82913

12/08/2022, 8:07 AM

try doing

rm -rf /var/lib/rancher/k3s/data/

and then restarting it

lively-night-78214

12/08/2022, 8:07 AM

by restarting do you mean try the installation again?

creamy-pencil-82913

12/08/2022, 8:07 AM

no, just restarting the service

lively-night-78214

12/08/2022, 8:09 AM

ubuntu@myreviews-k3s-server:~$ sudo systemctl restart k3s.service Job for k3s.service failed because the control process exited with error code.

lively-night-78214

12/08/2022, 8:10 AM

Copy code

Dec 08 08:09:47 myreviews-k3s-server k3s[17516]: time="2022-12-08T08:09:47Z" level=info msg="Starting k3s v1.25.4+k3s1 (0dc63334)"
Dec 08 08:09:49 myreviews-k3s-server k3s[17516]: time="2022-12-08T08:09:49Z" level=info msg="Configuring mysql database connection pooling: maxIdleConns=2, maxOpenConns=0, connMaxLifetime=0s"
Dec 08 08:09:49 myreviews-k3s-server k3s[17516]: time="2022-12-08T08:09:49Z" level=info msg="Configuring database table schema and indexes, this may take a moment..."
Dec 08 08:09:49 myreviews-k3s-server k3s[17516]: time="2022-12-08T08:09:49Z" level=info msg="Database tables and indexes are up to date"
Dec 08 08:09:50 myreviews-k3s-server sudo[17540]:   ubuntu : TTY=pts/0 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/bin/journalctl -xe
Dec 08 08:09:50 myreviews-k3s-server sudo[17540]: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)

creamy-pencil-82913

12/08/2022, 8:10 AM

what is the output of

journalctl -n 50 -l -u k3s

lively-night-78214

12/08/2022, 8:11 AM

Copy code

-- Logs begin at Thu 2022-12-08 07:10:28 UTC, end at Thu 2022-12-08 08:11:25 UTC. --
Dec 08 08:10:57 myreviews-k3s-server systemd[1]: k3s.service: Scheduled restart job, restart counter is at 12.
Dec 08 08:10:57 myreviews-k3s-server systemd[1]: Stopped Lightweight Kubernetes.
Dec 08 08:10:57 myreviews-k3s-server systemd[1]: Starting Lightweight Kubernetes...
Dec 08 08:10:57 myreviews-k3s-server sh[17804]: + /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service
Dec 08 08:10:57 myreviews-k3s-server sh[17804]: /bin/sh: 1: /usr/bin/systemctl: not found
Dec 08 08:10:57 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:10:57Z" level=info msg="Starting k3s v1.25.4+k3s1 (0dc63334)"
Dec 08 08:10:58 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:10:58Z" level=info msg="Configuring mysql database connection pooling: maxIdleConns=2, maxOpenConns=0, connMaxLifetime=0s"
Dec 08 08:10:58 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:10:58Z" level=info msg="Configuring database table schema and indexes, this may take a moment..."
Dec 08 08:10:58 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:10:58Z" level=info msg="Database tables and indexes are up to date"
Dec 08 08:11:00 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:00Z" level=info msg="Slow SQL (started: 2022-12-08 08:10:59.034109225 +0000 UTC m=+1.763292914) (total time: 1.464733848s):  SELECT ( SELECT MAX(rkv.id) AS id F
Dec 08 08:11:00 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:00Z" level=info msg="Kine available at <unix://kine.sock>"
Dec 08 08:11:01 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:01Z" level=info msg="Slow SQL (started: 2022-12-08 08:11:00.771949377 +0000 UTC m=+3.501133034) (total time: 1.093364032s):  SELECT * FROM ( SELECT ( SELECT MAX
Dec 08 08:11:01 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:01Z" level=info msg="Slow SQL (started: 2022-12-08 08:11:00.792156733 +0000 UTC m=+3.521340379) (total time: 1.146873127s):  SELECT * FROM ( SELECT ( SELECT MAX
Dec 08 08:11:02 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:02Z" level=fatal msg="starting kubernetes: preparing server: bootstrap data already found and encrypted with different token"
Dec 08 08:11:02 myreviews-k3s-server systemd[1]: k3s.service: Main process exited, code=exited, status=1/FAILURE
Dec 08 08:11:02 myreviews-k3s-server systemd[1]: k3s.service: Failed with result 'exit-code'.
Dec 08 08:11:02 myreviews-k3s-server systemd[1]: Failed to start Lightweight Kubernetes.
Dec 08 08:11:07 myreviews-k3s-server systemd[1]: k3s.service: Service hold-off time over, scheduling restart.
Dec 08 08:11:07 myreviews-k3s-server systemd[1]: k3s.service: Scheduled restart job, restart counter is at 13.
Dec 08 08:11:07 myreviews-k3s-server systemd[1]: Stopped Lightweight Kubernetes.
Dec 08 08:11:07 myreviews-k3s-server systemd[1]: Starting Lightweight Kubernetes...

lively-night-78214

12/08/2022, 8:12 AM

is it possible that the connection with mysql is too slow and k3s has a time out and dies ?

lively-night-78214

12/08/2022, 8:12 AM

i can connect instantly but just wondering

creamy-pencil-82913

12/08/2022, 8:12 AM

creamy-pencil-82913

12/08/2022, 8:12 AM

Copy code

Dec 08 08:11:02 myreviews-k3s-server k3s[17815]: time="2022-12-08T08:11:02Z" level=fatal msg="starting kubernetes: preparing server: bootstrap data already found and encrypted with different token"

creamy-pencil-82913

12/08/2022, 8:12 AM

You are reusing a database from a previous install and have not supplied the same --token value

lively-night-78214

12/08/2022, 8:13 AM

ohhh interesting so i cant do that

lively-night-78214

12/08/2022, 8:13 AM

didnt know

creamy-pencil-82913

12/08/2022, 8:13 AM

wipe the database, or supply the same --token

lively-night-78214

12/08/2022, 8:13 AM

where do i get the token if i wanted to reuse it?

creamy-pencil-82913

12/08/2022, 8:13 AM

from the other server that you connected to that database

lively-night-78214

12/08/2022, 8:13 AM

destroyed

creamy-pencil-82913

12/08/2022, 8:14 AM

if you didn’t specify it, it was randomly generated

lively-night-78214

12/08/2022, 8:14 AM

i mean is it somewhere on the db?

lively-night-78214

12/08/2022, 8:14 AM

i guess it will be encrypted on db so no use to look it up

creamy-pencil-82913

12/08/2022, 8:14 AM

no. the token is used as an encryption key to protect the RSA keys for the cluster CAs. You cannot access them without the token, and the token cannot be derived from the encrypted data

creamy-pencil-82913

12/08/2022, 8:17 AM

The importance of the token is called out in the docs at https://docs.k3s.io/installation/ha - we could probably put the warning a little higher up I guess?

Ensure that you retain a copy of this token as it is required when restoring from backup and adding nodes. Previously, K3s did not enforce the use of a token when using external SQL datastores.

If you reuse the same datastore, you are technically adding nodes to an existing cluster. It’s just that there aren’t currently any nodes in it.

lively-night-78214

12/08/2022, 8:18 AM

maybe moving it in the docs might help but I am just looking at it from a disaster recovery point of view

lively-night-78214

12/08/2022, 8:19 AM

in my case it probably makes more sense to start clean all the times

creamy-pencil-82913

12/08/2022, 8:20 AM

yeah for DR purposes, you need to either specify your own token in the config on the servers, or copy the token off the first node if you let it create a random one for you, and then reuse that token on all other servers.

lively-night-78214

12/08/2022, 8:29 AM

i just checked the script and i can see K3S_TOKEN . Is this token the same one and is it also used by nodes to join servers?

creamy-pencil-82913

12/08/2022, 8:35 AM

that’s the token, yes

👍 1

lively-night-78214

12/08/2022, 8:36 AM

i will add that to my secrets to ensure i can recover the db too

517 Views

Open in Slack

Previous Next