search

apache / camel-k

Apache Camel K is a lightweight integration platform, born on Kubernetes, with serverless superpowers
https://camel.apache.org/camel-k
Apache License 2.0
868 stars 349 forks source link

IntergationPlatform Registry not Accepting Minikube's DNS URI #5914

Closed cfitzw closed 3 weeks ago

cfitzw commented 3 weeks ago

What happened?

While testing v2.5 and attempting to use minikube's dns uri (registry.kube-system.svc.cluster.local), the kit builds but the pull fails.

All other factors the same, when using the IP, everything works.

In conjunction with this code fix, I believe the documentation here should be updated...

from:

NOTE: a local minikube registry can be enabled via minikube addons enable registry and the IP to use running kubectl -n kube-system get service registry -o jsonpath='{.spec.clusterIP}'.

to:

NOTE: a local minikube registry can be enabled via minikube addons enable registry which exposes a DNS URI that can be used for the registry address (address: "registry.kube-system.svc.cluster.local"). The IP can otherwise be found by running kubectl -n kube-system get service registry -o jsonpath='{.spec.clusterIP}'.

Steps to reproduce

# file itp.yaml
apiVersion: camel.apache.org/v1
kind: IntegrationPlatform
metadata:
  labels:
    app: camel-k
  name: camel-k
#  namespace: camel-k
spec:
  build:
    registry:
      address: "registry.kube-system.svc.cluster.local"
      organization: camel-k
      insecure: true
# file: hello.yaml
- from:
    uri: "timer:tick?period=3000"
    steps:
      - setBody:
          constant: "Hello world from Camel K"
      - to: "log:info"

Run:

  1. kubectl apply -f itp.yaml
  2. kamel run hello.yaml

Relevant log output

{"level":"info","ts":"2024-10-30T17:38:53Z","logger":"camel-k.maven.build","msg":"Containerizing application to registry.kube-system.svc.cluster.local/default/camel-k-kit-csh6u9huep5c73de2umg:9922..."}
{"level":"info","ts":"2024-10-30T17:38:53Z","logger":"camel-k.maven.build","msg":"Base image 'eclipse-temurin:17' does not use a specific image digest - build may not be reproducible"}
{"level":"info","ts":"2024-10-30T17:38:53Z","logger":"camel-k.maven.build","msg":"Getting manifest for base image eclipse-temurin:17..."}
{"level":"info","ts":"2024-10-30T17:38:53Z","logger":"camel-k.maven.build","msg":"Building extra files layer..."}
{"level":"info","ts":"2024-10-30T17:38:54Z","logger":"camel-k.maven.build","msg":"Failed to connect to https://registry.kube-system.svc.cluster.local/v2/ over HTTPS. Attempting again with HTTP."}
{"level":"info","ts":"2024-10-30T17:38:54Z","logger":"camel-k.maven.build","msg":"The base image requires auth. Trying again for eclipse-temurin:17..."}
{"level":"info","ts":"2024-10-30T17:38:54Z","logger":"camel-k.maven.build","msg":"Using base image with digest: sha256:4b2851daf1f84dfc80b2574de320a6040fb91ddd409f60ac0482f5bcb8d46dea"}
{"level":"info","ts":"2024-10-30T17:39:06Z","logger":"camel-k.maven.build","msg":""}
{"level":"info","ts":"2024-10-30T17:39:06Z","logger":"camel-k.maven.build","msg":"Container entrypoint set to [/__cacert_entrypoint.sh] (inherited from base image)"}
{"level":"info","ts":"2024-10-30T17:39:06Z","logger":"camel-k.maven.build","msg":"Container program arguments set to [jshell]"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.maven.build","msg":""}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.maven.build","msg":"Built and pushed image as registry.kube-system.svc.cluster.local/default/camel-k-kit-csh6u9huep5c73de2umg:9922"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.maven.build","msg":""}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.maven.build","msg":"------------------------------------------------------------------------"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.maven.build","msg":"BUILD SUCCESS"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.maven.build","msg":"------------------------------------------------------------------------"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.maven.build","msg":"Total time:  14.994 s"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.maven.build","msg":"Finished at: 2024-10-30T17:39:07Z"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.maven.build","msg":"------------------------------------------------------------------------"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.controller.build","msg":"Build duration 21.687604155s","request-namespace":"default","request-name":"hello","build-attempt":0,"build-result":"Succeeded","build-duration":21.687604155,"api-version":"camel.apache.org/v1","kind":"Build","ns":"default","name":"kit-csh6u9huep5c73de2umg"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.controller.build","msg":"State transition","request-namespace":"default","request-name":"kit-csh6u9huep5c73de2umg","api-version":"camel.apache.org/v1","kind":"Build","ns":"default","name":"kit-csh6u9huep5c73de2umg","phase-from":"Running","phase-to":"Succeeded"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.controller.integrationkit","msg":"Invoking action build","request-namespace":"default","request-name":"kit-csh6u9huep5c73de2umg","api-version":"camel.apache.org/v1","kind":"IntegrationKit","ns":"default","name":"kit-csh6u9huep5c73de2umg"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.controller.integrationkit","msg":"State transition","request-namespace":"default","request-name":"kit-csh6u9huep5c73de2umg","api-version":"camel.apache.org/v1","kind":"IntegrationKit","ns":"default","name":"kit-csh6u9huep5c73de2umg","phase-from":"Build Running","phase-to":"Ready"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.controller.integrationkit","msg":"Invoking action monitor","request-namespace":"default","request-name":"kit-csh6u9huep5c73de2umg","api-version":"camel.apache.org/v1","kind":"IntegrationKit","ns":"default","name":"kit-csh6u9huep5c73de2umg"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k","msg":"Kit kit-csh6u9huep5c73de2umg ready, notify integration: hello"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.controller.integration","msg":"State transition","request-namespace":"default","request-name":"hello","api-version":"camel.apache.org/v1","kind":"Integration","ns":"default","name":"hello","phase-from":"Building Kit","phase-to":"Deploying"}
{"level":"info","ts":"2024-10-30T17:39:07Z","logger":"camel-k.controller.integration","msg":"State transition","request-namespace":"default","request-name":"hello","api-version":"camel.apache.org/v1","kind":"Integration","ns":"default","name":"hello","phase-from":"Deploying","phase-to":"Running"}
{"level":"info","ts":"2024-10-30T17:39:23Z","logger":"camel-k.controller.integration","msg":"State transition","request-namespace":"default","request-name":"hello","api-version":"camel.apache.org/v1","kind":"Integration","ns":"default","name":"hello","phase-from":"Running","phase-to":"Error"}
{"level":"info","ts":"2024-10-30T17:39:23Z","logger":"camel-k.controller.integration","msg":"Integration error","request-namespace":"default","request-name":"hello","api-version":"camel.apache.org/v1","kind":"Integration","ns":"default","name":"hello","reason":"Error","error-message":"Back-off pulling image \"registry.kube-system.svc.cluster.local/default/camel-k-kit-csh6u9huep5c73de2umg@sha256:543072f185372f0e43d89a4ab8053da7975170796bf714954f538b571f4f4b65\""}

Camel K version

v2.5.0-nightly

squakez commented 3 weeks ago

Hello, thanks for reporting. Unfortunately I believe this is a Kubernetes architecture limitation. We have analyzed and reported this in the "run your own container registry" guide:

[Minkube] deploys a container registry as a Pod, and you can use the service cluster IP. We cannot use the service URL as it won’t be available in the Kubernetes components which are in charge to run the Deployment (it does not use Service/Pod cluster DNS). However, it can use the Cluster IP which is available throughout all the cluster or any Ingress which would expose the service publicly.

The Kubernetes DNS is not able to use any of it's internal service out of the box. I think you need to tweak the low level configuration of the platform to be able to do that (something in the same fashion as Kind does, for instance).

cfitzw commented 3 weeks ago

Excellent - already accounted for in the documentation, sorry for missing it. Feel free to close this out.