search

amazon-archives / aws-service-operator

AWS Service Operator allows you to create AWS resources using kubectl.
Apache License 2.0
733 stars 103 forks source link

Cluster Name Validation Needed #115

Open davidxjohnson opened 5 years ago

davidxjohnson commented 5 years ago

I created the role and S3 bucket using a modified CF template. After editing the k8s yaml provided (to set account, region, cluster-name and bucket parameters), I deployed the k8s objects ... but the pod is in CrashLoopBackOff state.

I checked kube2iam logs (snippet below), seems to be working:

$ kubectl logs kube2iam-jwf4v -n kube-system | grep aws-service-operator

time="2018-10-14T16:31:57Z" level=debug msg="Namespace OnUpdate" ns.name=aws-service-operator
time="2018-10-14T16:31:57Z" level=debug msg="Pod OnUpdate" pod.iam.role="arn:aws:iam::XXXXXXXXXXXX:role/k8s-aws-service-operator" pod.name=aws-service-operator-9d5cc5d6f-ht79h pod.namespace=aws-service-operator pod.status.ip=192.168.208.6 pod.status.phase=Running

The operator logs indicate an error creating an SNS topic:


$ kubectl logs -f -n aws-service-operator deploy/aws-service-operator

time="2018-10-14T16:18:02Z" level=info msg="Getting kubernetes context" hostname=aws-service-operator-9d5cc5d6f-ht79h
time="2018-10-14T16:18:02Z" level=info msg="Registering resources" hostname=aws-service-operator-9d5cc5d6f-ht79h
time="2018-10-14T16:18:06Z" level=info msg="Region: us-east-1" hostname=aws-service-operator-9d5cc5d6f-ht79h
time="2018-10-14T16:18:06Z" level=info msg="Watching the resources" hostname=aws-service-operator-9d5cc5d6f-ht79h
time="2018-10-14T16:18:06Z" level=error msg="Error creating SNS Topic with error 'InvalidParameter: Invalid parameter: Topic Name\n\tstatus code: 400, request id: ea491505-b717-5aec-b42b-4138d96944b0'" hostname=aws-service-operator-9d5cc5d6f-ht79h
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1107ff7]

goroutine 1 [running]:
github.com/awslabs/aws-service-operator/pkg/queue.(*Queue).Register(0xc4203e5980, 0x1457df9, 0x8, 0x1426b00, 0xc420541548, 0x0, 0xc42037a6f0, 0x0, 0xc4205414a8, 0x4289c4, ...)
        /Users/heichris/Code/src/github.com/awslabs/aws-service-operator/pkg/queue/queue.go:94 +0x187
github.com/awslabs/aws-service-operator/pkg/operator/s3bucket.(*Controller).StartWatch(0xc42000e4e0, 0x0, 0x0, 0xc42008a840, 0x0, 0x0)
        /Users/heichris/Code/src/github.com/awslabs/aws-service-operator/pkg/operator/s3bucket/controller.go:67 +0x201
github.com/awslabs/aws-service-operator/pkg/server.(*Server).Run(0xc4201ae008, 0xc42008a840)
        /Users/heichris/Code/src/github.com/awslabs/aws-service-operator/pkg/server/server.go:106 +0x9d1
main.glob..func2(0x1ec8be0, 0xc420339180, 0x0, 0x4)
        /Users/heichris/Code/src/github.com/awslabs/aws-service-operator/cmd/aws-service-operator/server.go:33 +0x1d3
github.com/awslabs/aws-service-operator/vendor/github.com/spf13/cobra.(*Command).execute(0x1ec8be0, 0xc4203390c0, 0x4, 0x4, 0x1ec8be0, 0xc4203390c0)
        /Users/heichris/Code/src/github.com/awslabs/aws-service-operator/vendor/github.com/spf13/cobra/command.go:766 +0x2c1
github.com/awslabs/aws-service-operator/vendor/github.com/spf13/cobra.(*Command).ExecuteC(0x1ec8980, 0x1, 0x1, 0xc42000c680)
        /Users/heichris/Code/src/github.com/awslabs/aws-service-operator/vendor/github.com/spf13/cobra/command.go:852 +0x30a
github.com/awslabs/aws-service-operator/vendor/github.com/spf13/cobra.(*Command).Execute(0x1ec8980, 0x1, 0x1)
        /Users/heichris/Code/src/github.com/awslabs/aws-service-operator/vendor/github.com/spf13/cobra/command.go:800 +0x2b
main.main()
        /Users/heichris/Code/src/github.com/awslabs/aws-service-operator/cmd/aws-service-operator/main.go:34 +0x66```
christopherhein commented 5 years ago

What did you set -i <cluster-name> as, it looks like it thinks that is invalid. Background we use that to prefix the sns-topic that is created for each resource. @davidxjohnson

davidxjohnson commented 5 years ago

The deployment descriptor is thus:

  apiVersion: apps/v1beta1
  metadata:
    name: aws-service-operator
    namespace: aws-service-operator
  spec:
    replicas: 1
    template:
      metadata:
        annotations:
          iam.amazonaws.com/role: arn:aws:iam::XXXXXXXXXXXX:role/k8s-aws-service-operator
        labels:
          app: aws-service-operator
      spec:
        serviceAccountName: aws-service-operator
        containers:
        - name: aws-service-operator
          image: awsserviceoperator/aws-service-operator:v0.0.1-alpha2
          imagePullPolicy: Always
          args:
            - server
            - --cluster-name=nonprod-us-east-1.mydomain.net
            - --region=us-east-1
            - --account-id=XXXXXXXXXXXX
            - --bucket=mydomain-nonprod-aws-operator

Just realized from your reply that the dots in the cluster name are invalid as topic names.

Topic name contains invalid characters. Must contain only alphanumeric characters, hyphens (-), or underscores (_).

christopherhein commented 5 years ago

Yeah, that would cause the issue. I'm going to change the description of this issue to validation on the Cluster name.

christopherhein commented 5 years ago

We might want to wrap this into this issue - https://github.com/awslabs/aws-service-operator/issues/103

davidxjohnson commented 5 years ago

Changing the cluster name did the trick. I see successful sns subscription, topic and queue messages in teh logs.