search

clastix / coaks-baseline-architecture

Capsule over AKS baseline reference architecture
9 stars 4 forks source link

Unable to install Capsule latest version on AKS cluster #20

Open saikumar0412 opened 1 week ago

saikumar0412 commented 1 week ago

I am trying to install capsule on AKS 1.30.3 and unable to succeed with the installation capsule controller is going into crashloop.

I suspect like its the issue with the docker image of capsule it self as its unable to start the entrypoint. kindly help me to get this isse resolved.

 Error: failed to create containerd task: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "/manager": stat /manager: no such file or directory: unknown
prometherion commented 1 week ago

@saikumar0412 I think you just need to use the latest Helm Chart for Capsule, or simply remove the command which has been changed since switching over ko as builder.

saikumar0412 commented 1 week ago

Thanks for the help, I am trying to pull the latest version of the helm chart, but unable to pull the latest helmchart locally.

I reffered the actual repo to fetch 0.6.0 is the latest version correct me if am wrong. https://github.com/projectcapsule/capsule/blob/main/charts/capsule/Chart.yaml

$ helm pull clastix/capsule --version 0.6.0
Error: chart "capsule" matching 0.6.0 not found in clastix index. (try 'helm repo update'): no chart version found for capsule-0.6.0

Only available versions are below

$ helm search repo clastix
NAME                            CHART VERSION   APP VERSION DESCRIPTION                                       
clastix/capsule                 0.4.6           0.3.3       A Helm chart to deploy the Capsule Operator for...
clastix/capsule-proxy           0.5.0           0.4.4       Helm Chart for Capsule Proxy, addon for Capsule...
clastix/capsule-rancher-addon   0.1.1           v0.1.1      A Helm chart for Kubernetes                       
clastix/console                 0.0.1           0.0.1       Kamaji is a tool aimed to build and operate Kub...
clastix/k8sgpu                  1.2.3           v1.2.3      K8sGPU is a Virtual Kubelet implementation to a...
clastix/kamaji                  1.0.0           v1.0.0      Kamaji is the Hosted Control Plane Manager for ...
clastix/kamaji-console          0.0.5           v0.0.2      Kamaji deploys and operates Kubernetes at scale...
clastix/kamaji-etcd             0.8.0           3.5.6       Helm chart for deploying a multi-tenant `etcd` ...
prometherion commented 1 week ago

Capsule has been donated to the CNCF on the Sandbox area, please, follow the instructions available in the repository of Project Capsule.

Then, it would be appreciated if this repository receives the updated instructions to install according to the latest changes.

saikumar0412 commented 1 week ago

Thanks for your help. I am able to install after using helm repo projectcapsule. How ever creating tenant is failing with below error. Could you please help.

I Have installed capsule on my AKS cluster, currently we are doing a POC. installation is sucessful and all the components are healthy. am trying to create Tenant using below yaml config and its throwing the error:

Also please do let me know if you have any enterprise version we would like to initiate a discussion about it.

Error from server (InternalError): error when creating "tenant.yaml": Internal error occurred: failed calling webhook "tenants.projectcapsule.dev": failed to call webhook: Post "https://capsule-webhook-service.capsule-system.svc:443/tenants?timeout=30s": http: server gave HTTP response to HTTPS client

apiVersion: capsule.clastix.io/v1beta2
kind: Tenant
metadata:
  name: user
spec:
  owners:
  - name: emailofuser
    kind: User
  namespaceOptions:
    quota: 2
prometherion commented 1 week ago

Regarding the issue, it seems Capsule hasn't yet provisioned HTTPS certificates required for the Dynamic Admission Controllers, we should get more information and debug info to properly understand what's not going on.

Also please do let me know if you have any enterprise version we would like to initiate a discussion about it. We offer Support over Capsule in delivering an enterprise distribution of Capsule, please get in touch here.

saikumar0412 commented 1 week ago

@prometherion Thanks for sharing your input. I have saved your support plan details, will get in touch once we complete PoC and have how many internaly users are interested in it. But currently could you point out where the issue possibly couldbe.

About AKS cluster:

Private AKS cluster with outbound UDR. all the required ports are whitelisted. apart from that we dont have any restrictions.

saikumar0412 commented 5 days ago

@prometherion could you please check once, if you can mention things that I need to cross check it would be really appreciated.

saikumar0412 commented 4 days ago

@prometherion I have managed to get through the tls related error, now the problem am facing is I have created a tenant with below config

kind: Tenant
metadata:
  name: user
spec:
  owners:
  - name: emailofuser
    kind: User
  namespaceOptions:
    quota: 2

even though he is the owner of the tenant, he is getting forbidden error while creating a new namespace, (Also this user has AKS cluster User role assigned) but still cant create a ns.