CrashLoopBackoff w/ current build

GoogleCloudPlatform / gke-managed-certs

Managed Certificates for Kubernetes clusters using GCLB

Apache License 2.0

246 stars 32 forks source link

CrashLoopBackoff w/ current build #18

Closed wbyoung closed 5 years ago

wbyoung commented 5 years ago

The current build, docker-pullable://eu.gcr.io/managed-certs-gke/managed-certificate-controller@sha256:e9730fe05cb2827fa3c982c3ed08d3b4e7aeba2619d73dea3213b1aceb9b077a was crashing and I didn't see anything in the container logs. I reverted to a prior revision and had success again.

bmhatfield commented 5 years ago

The newest tag that works for me is v0.3.0-3-g9b1dc33

(Side note: I am not sure where these tags/code revisions are coming from, given that this repo has one branch which hasn't been updated since Feb 12th)

You can browse the container history here: https://console.cloud.google.com/gcr/images/managed-certs-gke/EU/managed-certificate-controller?gcrImageListsize=100

bmhatfield commented 5 years ago

I pulled it down locally, and it's hard-panicing:

panic: codecgen version mismatch: current: 8, need 10. Re-generate file: /gopath/src/github.com/GoogleCloudPlatform/gke-managed-certs/vendor/github.com/coreos/etcd/client/keys.generated.go

goroutine 1 [running]:
github.com/GoogleCloudPlatform/gke-managed-certs/vendor/github.com/coreos/etcd/client.init.0()
        /gopath/src/github.com/GoogleCloudPlatform/gke-managed-certs/vendor/github.com/coreos/etcd/client/keys.generated.go:45 +0x104

bmhatfield commented 5 years ago

(the logs don't print on stdout, which is why you can't see them outside the container, instead they are routed to /var/log/managed_certificate_controller.log)

gburiola commented 5 years ago

same thing happening to me

davidebelloni commented 5 years ago

Same here

alexdianomi commented 5 years ago

same here

matti commented 5 years ago

just verified that ~2h old (at the time of writing) eu.gcr.io/managed-certs-gke/managed-certificate-controller@sha256:6edb9b197f74bb6c1827f7fedd2b4658136e79c082603c6809b546b10be112a9 works.

only the latest images are tagged with version tag, after a new ci_latest that appears, the old tag is eventually removed.

krzykwas commented 5 years ago

The ci_latest tag is applied to the newest image built by an internal CI tool.

Stable GKE releases are in gcr.io/google-containers/managed-certificate-controller:<> where TAG in general is one of the tags you can find in this repo. I don't commit to updating the README or deploy/managed-certificate-controller.yaml with the most recent stable GKE release, but README documents what ci_latest is. In general, due to the workflow, changes are first pushed to an internal repo, and only later here. The most recent ci_latest version may not correctly work with deploy/managedcertificates-crd.yaml.