Open aokabin opened 5 years ago
証明書関係で落ちてる...?
2019/01/09 15:03:10 [INFO] Running in single server mode, will not peer connections
2019/01/09 15:03:10 [INFO] Creating CRD apps.project.cattle.io
2019/01/09 15:03:10 [INFO] Creating CRD authconfigs.management.cattle.io
2019/01/09 15:03:10 [INFO] Creating CRD apprevisions.project.cattle.io
2019/01/09 15:03:10 [INFO] Creating CRD catalogs.management.cattle.io
2019/01/09 15:03:10 [INFO] Creating CRD pipelineexecutions.project.cattle.io
2019/01/09 15:03:10 [INFO] Creating CRD clusteralerts.management.cattle.io
2019/01/09 15:03:10 [INFO] Creating CRD pipelinesettings.project.cattle.io
2019/01/09 15:03:10 [INFO] Creating CRD clusterevents.management.cattle.io
2019/01/09 15:03:10 [INFO] Creating CRD pipelines.project.cattle.io
2019/01/09 15:03:10 [INFO] Creating CRD clusterloggings.management.cattle.io
E0109 15:03:10.601284 5 autoregister_controller.go:190] v3.project.cattle.io failed with : apiservices.apiregistration.k8s.io "v3.project.cattle.io" already exists
2019/01/09 15:03:10 [INFO] Creating CRD sourcecodecredentials.project.cattle.io
2019/01/09 15:03:10 [INFO] Creating CRD clusterregistrationtokens.management.cattle.io
2019/01/09 15:03:11 [INFO] Creating CRD sourcecodeproviderconfigs.project.cattle.io
2019/01/09 15:03:11 [INFO] Creating CRD clusterroletemplatebindings.management.cattle.io
2019/01/09 15:03:11 [INFO] Creating CRD sourcecoderepositories.project.cattle.io
2019/01/09 15:03:11 [INFO] Creating CRD clusters.management.cattle.io
2019/01/09 15:03:12 [INFO] Creating CRD composeconfigs.management.cattle.io
2019/01/09 15:03:12 [INFO] Creating CRD dynamicschemas.management.cattle.io
2019/01/09 15:03:12 [INFO] Creating CRD globalrolebindings.management.cattle.io
2019/01/09 15:03:12 [INFO] Creating CRD globalroles.management.cattle.io
2019/01/09 15:03:13 [INFO] Creating CRD groupmembers.management.cattle.io
2019/01/09 15:03:13 [INFO] Creating CRD groups.management.cattle.io
2019/01/09 15:03:13 [INFO] Creating CRD listenconfigs.management.cattle.io
2019/01/09 15:03:13 [INFO] Creating CRD nodedrivers.management.cattle.io
2019/01/09 15:03:13 [INFO] Creating CRD nodepools.management.cattle.io
2019/01/09 15:03:14 [INFO] Creating CRD nodetemplates.management.cattle.io
2019/01/09 15:03:14 [INFO] Creating CRD nodes.management.cattle.io
2019/01/09 15:03:14 [INFO] Creating CRD notifiers.management.cattle.io
2019/01/09 15:03:14 [INFO] Creating CRD podsecuritypolicytemplateprojectbindings.management.cattle.io
2019/01/09 15:03:14 [INFO] Creating CRD podsecuritypolicytemplates.management.cattle.io
2019/01/09 15:03:15 [INFO] Creating CRD preferences.management.cattle.io
2019/01/09 15:03:15 [INFO] Creating CRD projectalerts.management.cattle.io
2019/01/09 15:03:15 [INFO] Creating CRD projectloggings.management.cattle.io
2019/01/09 15:03:15 [INFO] Creating CRD projectnetworkpolicies.management.cattle.io
2019/01/09 15:03:15 [INFO] Creating CRD projectroletemplatebindings.management.cattle.io
2019/01/09 15:03:16 [INFO] Creating CRD projects.management.cattle.io
2019/01/09 15:03:16 [INFO] Creating CRD roletemplates.management.cattle.io
2019/01/09 15:03:16 [INFO] Creating CRD settings.management.cattle.io
2019/01/09 15:03:16 [INFO] Creating CRD templatecontents.management.cattle.io
2019/01/09 15:03:16 [INFO] Creating CRD templates.management.cattle.io
2019/01/09 15:03:17 [INFO] Creating CRD templateversions.management.cattle.io
2019/01/09 15:03:17 [INFO] Creating CRD tokens.management.cattle.io
2019/01/09 15:03:17 [INFO] Creating CRD userattributes.management.cattle.io
2019/01/09 15:03:17 [INFO] Creating CRD users.management.cattle.io
2019/01/09 15:03:18 [INFO] Starting API controllers
2019/01/09 15:03:19 [INFO] Starting catalog controller
2019/01/09 15:03:19 [INFO] Starting management controllers
2019/01/09 15:03:20 [INFO] Reconciling GlobalRoles
2019/01/09 15:03:20 [INFO] Listening on :443
2019/01/09 15:03:20 [INFO] Listening on :80
2019/01/09 15:03:20 [INFO] Creating user-base
2019/01/09 15:03:20 [INFO] Creating clusters-create
2019/01/09 15:03:20 [INFO] Creating nodedrivers-manage
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-user-base for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] Creating catalogs-manage
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-clusters-create for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] Creating users-manage
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-nodedrivers-manage for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-catalogs-manage for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] Creating settings-manage
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-users-manage for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] Creating user
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-settings-manage for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] Creating catalogs-use
2019/01/09 15:03:20 [INFO] Creating roles-manage
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-user for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] Creating authn-manage
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-catalogs-use for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-roles-manage for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] Creating podsecuritypolicytemplates-manage
2019/01/09 15:03:20 [INFO] Creating admin
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-authn-manage for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-podsecuritypolicytemplates-manage for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] Reconciling RoleTemplates
2019/01/09 15:03:20 [INFO] Creating read-only
2019/01/09 15:03:20 [INFO] [mgmt-auth-gr-controller] Creating clusterRole cattle-globalrole-admin for corresponding GlobalRole
2019/01/09 15:03:20 [INFO] Creating secrets-manage
2019/01/09 15:03:20 [INFO] Creating persistentvolumeclaims-view
2019/01/09 15:03:20 [INFO] Creating serviceaccounts-view
2019/01/09 15:03:20 [INFO] Creating view
2019/01/09 15:03:20 [INFO] Creating create-ns
2019/01/09 15:03:20 [INFO] Creating admin
2019/01/09 15:03:20 [INFO] Creating ingress-manage
2019/01/09 15:03:20 [INFO] Creating edit
2019/01/09 15:03:20 [INFO] Creating configmaps-manage
2019/01/09 15:03:20 [INFO] Creating configmaps-view
2019/01/09 15:03:20 [INFO] Creating ingress-view
2019/01/09 15:03:20 [INFO] Creating project-owner
2019/01/09 15:03:20 [INFO] Creating workloads-view
2019/01/09 15:03:20 [INFO] Creating serviceaccounts-manage
2019/01/09 15:03:20 [INFO] Creating nodes-manage
2019/01/09 15:03:20 [INFO] Creating workloads-manage
2019/01/09 15:03:20 [INFO] Creating projectroletemplatebindings-manage
2019/01/09 15:03:20 [INFO] Creating project-member
2019/01/09 15:03:20 [INFO] Creating cluster-owner
2019/01/09 15:03:20 [INFO] Creating projects-view
2019/01/09 15:03:20 [INFO] Creating clusterroletemplatebindings-view
2019/01/09 15:03:20 [INFO] Creating services-manage
2019/01/09 15:03:20 [INFO] Creating services-view
2019/01/09 15:03:20 [INFO] Creating secrets-view
2019/01/09 15:03:20 [INFO] Creating projectroletemplatebindings-view
2019/01/09 15:03:20 [INFO] Creating cluster-admin
2019/01/09 15:03:20 [INFO] Creating projects-create
2019/01/09 15:03:20 [INFO] Creating nodes-view
2019/01/09 15:03:20 [INFO] Creating storage-manage
2019/01/09 15:03:20 [INFO] Creating clusterroletemplatebindings-manage
2019/01/09 15:03:20 [INFO] Creating persistentvolumeclaims-manage
2019/01/09 15:03:20 [INFO] Creating cluster-member
2019/01/09 15:03:20 [INFO] Creating new GlobalRoleBinding for GlobalRoleBinding globalrolebinding-4kb6w
2019/01/09 15:03:20 [INFO] [mgmt-auth-grb-controller] Creating clusterRoleBinding for globalRoleBinding globalrolebinding-4kb6w for user user-mncw8 with role cattle-globalrole-admin
2019/01/09 15:03:20 [INFO] Creating node driver amazonec2
2019/01/09 15:03:20 [INFO] Creating node driver azure
2019/01/09 15:03:20 [INFO] Creating node driver digitalocean
2019/01/09 15:03:20 [INFO] Creating node driver exoscale
2019/01/09 15:03:20 [INFO] Creating node driver openstack
2019/01/09 15:03:20 [INFO] Creating node driver otc
2019/01/09 15:03:20 [INFO] Creating node driver packet
2019/01/09 15:03:20 [INFO] Creating node driver rackspace
2019/01/09 15:03:20 [INFO] Creating node driver softlayer
2019/01/09 15:03:20 [INFO] Creating node driver aliyunecs
2019/01/09 15:03:20 [INFO] Creating node driver vmwarevsphere
2019/01/09 15:03:20 [INFO] Rancher startup complete
2019/01/09 15:03:20 [INFO] uploading azureConfig to node schema
2019/01/09 15:03:20 [INFO] uploading azureConfig to node schema
2019/01/09 15:03:21 [INFO] uploading digitaloceanConfig to node schema
2019/01/09 15:03:21 [INFO] uploading digitaloceanConfig to node schema
2019/01/09 15:03:21 [INFO] uploading vmwarevsphereConfig to node schema
2019/01/09 15:03:21 [INFO] uploading vmwarevsphereConfig to node schema
2019/01/09 15:03:23 [INFO] Updating catalog library
2019/01/09 15:03:27 [INFO] 2019/01/09 15:03:27 http: TLS handshake error from 10.10.2.220:57912: remote error: tls: bad certificate
2019/01/09 15:03:27 [INFO] 2019/01/09 15:03:27 http: TLS handshake error from 10.10.2.220:57911: EOF
2019/01/09 15:03:37 [INFO] 2019/01/09 15:03:37 http: TLS handshake error from 10.10.2.220:57957: EOF
2019/01/09 15:03:37 [INFO] 2019/01/09 15:03:37 http: TLS handshake error from 10.10.2.220:57956: EOF
2019/01/09 15:03:47 [INFO] 2019/01/09 15:03:47 http: TLS handshake error from 10.10.2.220:58002: remote error: tls: bad certificate
2019/01/09 15:03:47 [INFO] 2019/01/09 15:03:47 http: TLS handshake error from 10.10.2.220:58003: remote error: tls: bad certificate
2019/01/09 15:03:53 [INFO] Catalog sync done. 30 templates created, 0 templates updated, 0 templates deleted
2019/01/09 15:03:53 [ERROR] CatalogController library [catalog] failed with : failed to sync templates. Resetting commit. Multiple error occurred: [Error in HTTP GET of [file://../logo.png], error: Get file://../logo.png: unsupported protocol scheme "file"]
2019/01/09 15:03:55 [INFO] Updating catalog library
2019/01/09 15:03:55 [INFO] Catalog sync done. 0 templates created, 0 templates updated, 0 templates deleted
2019/01/09 15:03:57 [INFO] 2019/01/09 15:03:57 http: TLS handshake error from 10.10.2.220:58045: EOF
2019/01/09 15:03:57 [INFO] 2019/01/09 15:03:57 http: TLS handshake error from 10.10.2.220:58046: remote error: tls: bad certificate
2019/01/09 15:04:07 [INFO] 2019/01/09 15:04:07 http: TLS handshake error from 10.10.2.220:58089: remote error: tls: bad certificate
2019/01/09 15:04:07 [INFO] 2019/01/09 15:04:07 http: TLS handshake error from 10.10.2.220:58090: remote error: tls: bad certificate
2019/01/09 15:04:17 [INFO] 2019/01/09 15:04:17 http: TLS handshake error from 10.10.2.220:58157: remote error: tls: bad certificate
2019/01/09 15:04:17 [INFO] 2019/01/09 15:04:17 http: TLS handshake error from 10.10.2.220:58158: remote error: tls: bad certificate
2019/01/09 15:04:27 [INFO] 2019/01/09 15:04:27 http: TLS handshake error from 10.10.2.220:58202: remote error: tls: bad certificate
2019/01/09 15:04:27 [INFO] 2019/01/09 15:04:27 http: TLS handshake error from 10.10.2.220:58203: remote error: tls: bad certificate
2019/01/09 15:04:37 [INFO] 2019/01/09 15:04:37 http: TLS handshake error from 10.10.2.220:58245: EOF
2019/01/09 15:04:37 [INFO] 2019/01/09 15:04:37 http: TLS handshake error from 10.10.2.220:58246: remote error: tls: bad certificate
2019/01/09 15:04:47 [INFO] 2019/01/09 15:04:47 http: TLS handshake error from 10.10.2.220:58290: remote error: tls: bad certificate
2019/01/09 15:04:47 [INFO] 2019/01/09 15:04:47 http: TLS handshake error from 10.10.2.220:58289: remote error: tls: bad certificate
2019/01/09 15:04:57 [INFO] 2019/01/09 15:04:57 http: TLS handshake error from 10.10.2.220:58333: remote error: tls: bad certificate
2019/01/09 15:04:57 [INFO] 2019/01/09 15:04:57 http: TLS handshake error from 10.10.2.220:58332: EOF
2019/01/09 15:05:07 [INFO] 2019/01/09 15:05:07 http: TLS handshake error from 10.10.2.220:58375: remote error: tls: bad certificate
2019/01/09 15:05:07 [INFO] 2019/01/09 15:05:07 http: TLS handshake error from 10.10.2.220:58376: remote error: tls: bad certificate
2019/01/09 15:05:17 [INFO] 2019/01/09 15:05:17 http: TLS handshake error from 10.10.2.220:58417: remote error: tls: bad certificate
2019/01/09 15:05:17 [INFO] 2019/01/09 15:05:17 http: TLS handshake error from 10.10.2.220:58418: remote error: tls: bad certificate
2019/01/09 15:05:27 [INFO] 2019/01/09 15:05:27 http: TLS handshake error from 10.10.2.220:58460: remote error: tls: bad certificate
2019/01/09 15:05:27 [INFO] 2019/01/09 15:05:27 http: TLS handshake error from 10.10.2.220:58461: remote error: tls: bad certificate
2019/01/09 15:05:37 [INFO] 2019/01/09 15:05:37 http: TLS handshake error from 10.10.2.220:58502: remote error: tls: bad certificate
2019/01/09 15:05:37 [INFO] 2019/01/09 15:05:37 http: TLS handshake error from 10.10.2.220:58503: remote error: tls: bad certificate
2019/01/09 15:05:47 [INFO] 2019/01/09 15:05:47 http: TLS handshake error from 10.10.2.220:58548: remote error: tls: bad certificate
2019/01/09 15:05:47 [INFO] 2019/01/09 15:05:47 http: TLS handshake error from 10.10.2.220:58547: remote error: tls: bad certificate
2019/01/09 15:05:57 [INFO] 2019/01/09 15:05:57 http: TLS handshake error from 10.10.2.220:58589: remote error: tls: bad certificate
2019/01/09 15:05:57 [INFO] 2019/01/09 15:05:57 http: TLS handshake error from 10.10.2.220:58590: EOF
2019/01/09 15:06:07 [INFO] 2019/01/09 15:06:07 http: TLS handshake error from 10.10.2.220:58633: EOF
2019/01/09 15:06:07 [INFO] 2019/01/09 15:06:07 http: TLS handshake error from 10.10.2.220:58632: remote error: tls: bad certificate
2019/01/09 15:06:17 [INFO] 2019/01/09 15:06:17 http: TLS handshake error from 10.10.2.220:58674: remote error: tls: bad certificate
2019/01/09 15:06:17 [INFO] 2019/01/09 15:06:17 http: TLS handshake error from 10.10.2.220:58675: remote error: tls: bad certificate
2019/01/09 15:06:27 [INFO] 2019/01/09 15:06:27 http: TLS handshake error from 10.10.2.220:58717: remote error: tls: bad certificate
2019/01/09 15:06:27 [INFO] 2019/01/09 15:06:27 http: TLS handshake error from 10.10.2.220:58718: remote error: tls: bad certificate
2019/01/09 15:06:37 [INFO] 2019/01/09 15:06:37 http: TLS handshake error from 10.10.2.220:58760: remote error: tls: bad certificate
2019/01/09 15:06:37 [INFO] 2019/01/09 15:06:37 http: TLS handshake error from 10.10.2.220:58759: remote error: tls: bad certificate
2019/01/09 15:06:47 [INFO] 2019/01/09 15:06:47 http: TLS handshake error from 10.10.2.220:58803: remote error: tls: bad certificate
2019/01/09 15:06:47 [INFO] 2019/01/09 15:06:47 http: TLS handshake error from 10.10.2.220:58804: remote error: tls: bad certificate
2019/01/09 15:06:57 [INFO] 2019/01/09 15:06:57 http: TLS handshake error from 10.10.2.220:58846: EOF
2019/01/09 15:06:57 [INFO] 2019/01/09 15:06:57 http: TLS handshake error from 10.10.2.220:58847: EOF
2019/01/09 15:07:00 [INFO] [mgmt-cluster-rbac-delete] Creating namespace c-rbl7z
2019/01/09 15:07:00 [INFO] [mgmt-cluster-rbac-delete] Creating Default project for cluster c-rbl7z
2019/01/09 15:07:00 [INFO] [mgmt-project-rbac-create] Creating namespace p-4cmk5
2019/01/09 15:07:00 [INFO] [mgmt-cluster-rbac-delete] Creating System project for cluster c-rbl7z
2019/01/09 15:07:00 [INFO] [mgmt-project-rbac-create] Creating creator projectRoleTemplateBinding for user user-mncw8 for project p-4cmk5
2019/01/09 15:07:00 [INFO] [mgmt-project-rbac-create] Creating namespace p-nt5vl
2019/01/09 15:07:00 [INFO] [mgmt-cluster-rbac-delete] Updating cluster c-rbl7z
2019/01/09 15:07:00 [INFO] [mgmt-project-rbac-create] Creating creator clusterRoleTemplateBinding for user user-mncw8 for cluster c-rbl7z
2019/01/09 15:07:00 [INFO] [mgmt-project-rbac-create] Creating creator projectRoleTemplateBinding for user user-mncw8 for project p-nt5vl
2019/01/09 15:07:00 [INFO] [mgmt-auth-crtb-controller] Setting InitialRolesPopulated condition on project p-4cmk5
2019/01/09 15:07:00 [INFO] [mgmt-project-rbac-create] Updating project p-4cmk5
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating clusterRole p-4cmk5-projectowner
2019/01/09 15:07:00 [INFO] [mgmt-auth-crtb-controller] Creating clusterRole c-rbl7z-clusterowner
2019/01/09 15:07:00 [INFO] [mgmt-auth-crtb-controller] Creating clusterRoleBinding for membership in cluster c-rbl7z for subject user-mncw8
2019/01/09 15:07:00 [INFO] [mgmt-auth-crtb-controller] Setting InitialRolesPopulated condition on project p-nt5vl
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating roleBinding for membership in project p-4cmk5 for subject user-mncw8
2019/01/09 15:07:00 [INFO] [mgmt-auth-crtb-controller] Creating role cluster-owner in namespace c-rbl7z
2019/01/09 15:07:00 [INFO] [mgmt-auth-crtb-controller] Creating roleBinding for subject user-mncw8 with role cluster-owner in namespace
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating clusterRole c-rbl7z-clustermember
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating clusterRole p-nt5vl-projectowner
2019/01/09 15:07:00 [INFO] [mgmt-auth-crtb-controller] Setting InitialRolesPopulated condition on cluster
2019/01/09 15:07:00 [INFO] [mgmt-cluster-rbac-delete] Updating cluster c-rbl7z
2019/01/09 15:07:00 [INFO] [mgmt-project-rbac-create] Updating project p-nt5vl
2019/01/09 15:07:00 [INFO] [mgmt-auth-crtb-controller] Creating role cluster-owner in namespace p-4cmk5
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating roleBinding for membership in project p-nt5vl for subject user-mncw8
2019/01/09 15:07:00 [INFO] [mgmt-project-rbac-create] Updating project p-4cmk5
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating clusterRoleBinding for membership in cluster c-rbl7z for subject user-mncw8
2019/01/09 15:07:00 [INFO] [mgmt-auth-crtb-controller] Creating roleBinding for subject user-mncw8 with role cluster-owner in namespace
2019/01/09 15:07:00 [INFO] [mgmt-auth-crtb-controller] Creating role cluster-owner in namespace p-nt5vl
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Updating clusterRoleBinding clusterrolebinding-9c65g for cluster membership in cluster c-rbl7z for subject user-mncw8
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating role project-owner in namespace c-rbl7z
2019/01/09 15:07:00 [INFO] [mgmt-project-rbac-create] Updating project p-4cmk5
2019/01/09 15:07:00 [INFO] [mgmt-auth-crtb-controller] Creating roleBinding for subject user-mncw8 with role cluster-owner in namespace
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating role project-owner in namespace c-rbl7z
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating roleBinding for subject user-mncw8 with role project-owner in namespace
2019/01/09 15:07:00 [INFO] [mgmt-project-rbac-create] Updating project p-nt5vl
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating role project-owner in namespace p-4cmk5
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating role admin in namespace p-4cmk5
2019/01/09 15:07:00 [INFO] [mgmt-project-rbac-create] Updating project p-nt5vl
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating roleBinding for subject user-mncw8 with role project-owner in namespace
2019/01/09 15:07:00 [ERROR] ProjectRoleTemplateBindingController p-nt5vl/creator-project-owner [mgmt-auth-prtb-controller] failed with : couldn't create role project-owner: roles.rbac.authorization.k8s.io "project-owner" already exists
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating roleBinding for subject user-mncw8 with role project-owner in namespace
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating roleBinding for subject user-mncw8 with role admin in namespace
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating role project-owner in namespace p-nt5vl
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating role admin in namespace p-nt5vl
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating roleBinding for subject user-mncw8 with role project-owner in namespace
2019/01/09 15:07:00 [INFO] [mgmt-auth-prtb-controller] Creating roleBinding for subject user-mncw8 with role admin in namespace
2019/01/09 15:07:00 [INFO] [mgmt-cluster-rbac-delete] Updating cluster c-rbl7z
2019/01/09 15:07:07 [INFO] 2019/01/09 15:07:07 http: TLS handshake error from 10.10.2.220:58889: remote error: tls: bad certificate
2019/01/09 15:07:07 [INFO] 2019/01/09 15:07:07 http: TLS handshake error from 10.10.2.220:58890: EOF
2019/01/09 15:07:17 [INFO] 2019/01/09 15:07:17 http: TLS handshake error from 10.10.2.220:58933: remote error: tls: bad certificate
2019/01/09 15:07:17 [INFO] 2019/01/09 15:07:17 http: TLS handshake error from 10.10.2.220:58932: remote error: tls: bad certificate
2019/01/09 15:07:27 [INFO] 2019/01/09 15:07:27 http: TLS handshake error from 10.10.2.220:58977: remote error: tls: bad certificate
2019/01/09 15:07:27 [INFO] 2019/01/09 15:07:27 http: TLS handshake error from 10.10.2.220:58976: EOF
2019/01/09 15:07:37 [INFO] 2019/01/09 15:07:37 http: TLS handshake error from 10.10.2.220:59018: EOF
2019/01/09 15:07:37 [INFO] 2019/01/09 15:07:37 http: TLS handshake error from 10.10.2.220:59019: remote error: tls: bad certificate
2019/01/09 15:07:47 [INFO] 2019/01/09 15:07:47 http: TLS handshake error from 10.10.2.220:59065: remote error: tls: bad certificate
2019/01/09 15:07:47 [INFO] 2019/01/09 15:07:47 http: TLS handshake error from 10.10.2.220:59064: remote error: tls: bad certificate
色々試してみてる
まず、logを表示させるために
docker logs -f CONTAINER_ID
やってみた
E0110 03:15:41.527011 5 clusterroleaggregation_controller.go:180] admin failed with : Operation cannot be fulfilled on clusterroles.rbac.authorization.k8s.io "admin": the object has been modified; please apply your changes to the latest version and try again
E0110 03:15:41.527366 5 clusterroleaggregation_controller.go:180] edit failed with : Operation cannot be fulfilled on clusterroles.rbac.authorization.k8s.io "edit": the object has been modified; please apply your changes to the latest version and try again
こんなエラーが
また、こういうのも多々みられた
2019/01/10 03:15:33 [INFO] 2019/01/10 03:15:33 http: TLS handshake error from 10.10.4.106:61744: remote error: tls: bad certificate
そのipは何だろう...?
さっきのip、どうやら手元のMacのアドレスみたい、ここからこのrancher VMにアクセスしようとして流けど、証明書エラーで失敗している、って感じかな この証明書エラーは、crtを持ってくることで解決できそう ただ、そのcrtはどこにある?rancherの中?
...と思ったけど、TLSエラーはこちらで解消可能みたい
etcdもControlPaneも両方入れる必要があるっぽい
頑張って動いている感じがあるので、もしかしたらうまくいってるかも?
うまくいったああああ!!!!
1つめはもしかすると、全部(あるいはetcdとControlPane)を入れてあげる必要があるのかも
念の為、Vagrantのmasterから繋いでみる
Vagrantからはやはりうまくいかないなぁ workerだけも、+etcdでもダメっぽかった 1つのdomainから1つだけなのかもしれないけど
anagoで試してみる dockerがなかったので、以下を参考にinstall
sudo chkconfig docker on
sudo service docker start
anago、CentOSのバージョンが6系だったため、 --unless-stoppedオプションがつけられるDockerのバージョンを入れられず一旦断念(今後CentOS7を入れる予定)
というわけで、kumanomiに入れようとしているが、なんか失敗してそうな感じ
にゃーん etcdとcontrolplaneの追加をしてみたが
[controlPlane] Failed to bring up Control Plane: Failed to verify healthcheck: Failed to check https://localhost:6443/healthz for service [kube-apiserver] on host [10.0.0.68]: Get https://localhost:6443/healthz: read tcp [::1]:47058->[::1]:6443: read: connection reset by peer, log: I0116 13:13:43.430923 1 plugins.go:161] Loaded 6 validating admission controller(s) successfully in the following order: LimitRanger,ServiceAccount,Priority,PersistentVolumeClaimResize,ValidatingAdmissionWebhook,ResourceQuota.
api-serverの調子が悪そうなので、api-serverのログを見てみる
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
611b4983d0be rancher/hyperkube:v1.11.6-rancher1 "/opt/rke-tools/entr…" 10 minutes ago Up 8 seconds kube-apiserver
9e234b6bbda8 rancher/rke-tools:v0.1.15 "/opt/rke-tools/rke-…" 10 minutes ago Up 10 minutes etcd-rolling-snapshots
a4b98f06e177 rancher/coreos-etcd:v3.2.18 "/usr/local/bin/etcd…" 10 minutes ago Up 10 minutes etcd
9668cbc93168 rancher/rancher-agent:v2.1.5 "run.sh --server htt…" 11 minutes ago Up 11 minutes modest_lichterman
$ sudo docker logs -f 611b4983d0be
storage_decorator.go:57] Unable to create storage backend: config (&{etcd3 /registry [https://10.0.0.68:2379] /etc/kubernetes/ssl/kube-node-key.pem /etc/kubernetes/ssl/kube-node.pem /etc/kubernetes/ssl/kube-ca.pem true false 1000 0xc420228600 <nil> 5m0s 1m0s}), err (context deadline exceeded)
こういうエラーでしたわ
どうもetcdへの接続がうまくいってなさそうなので、etcdもログ見てみる
$ sudo docker logs -f a4b98f06e177
WARNING: 2019/01/16 13:05:17 Failed to dial 0.0.0.0:2379: connection error: desc = "transport: authentication handshake failed: remote error: tls: bad certificate"; please retry.
tlsエラー?怪しいなぁ
rancher、なんか容量が少なくなっていたので、一度コンテナとじて再度起動してみた なおも変わらず...原因もよくわからないけど、etcdにアクセスできてない?
etcdをrancher側につけてみた、だめ
EC2ではCentOS7で再現しなかった、クリーンインストールしたサーバーでも検証を行ってみる
1 と同じことをやるのだけど、プラットフォームをVMとVagrantにしてみる