search

coreos / tectonic-installer

Install a Kubernetes cluster the CoreOS Tectonic Way: HA, self-hosted, RBAC, etcd Operator, and more
Apache License 2.0
601 stars 266 forks source link

azure loadbalancer fails to create #3144

Open adamdecaf opened 6 years ago

adamdecaf commented 6 years ago

Versions

Tectonic version

1.8.9-tectonic.1

Platform

azure

What happened?

I tried to create a Service with type: LoadBalancer and ran into an issue.

Original Error: autorest/azure: Service returned an error. Status=404 Code="ResourceNotFound" Message="The Resource 'Microsoft.Network/networkSecurityGroups/subscriptions' under resource group 'staging-tectonic' was not found."

$ kubectl --context k8s-banno-staging-context -n ingress-internal des
cribe svc ingress-internal
Name:                     ingress-internal
Namespace:                ingress-internal
Labels:                   <none>
Annotations:              kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"ingress-internal","namespace":"ingress-internal"},"spec":{"ports":[{"name":"ht...
Selector:                 app=ingress-internal
Type:                     NodePort
IP:                       172.17.105.212
Port:                     http  80/TCP
TargetPort:               80/TCP
NodePort:                 http  30896/TCP
Endpoints:                172.16.1.207:80,172.16.2.11:80
Port:                     https  443/TCP
TargetPort:               443/TCP
NodePort:                 https  30735/TCP
Endpoints:                172.16.1.207:443,172.16.2.11:443
Session Affinity:         None
External Traffic Policy:  Cluster
Events:
  Type     Reason                      Age               From                Message
  ----     ------                      ----              ----                -------
  Normal   Type                        12m               service-controller  NodePort -> LoadBalancer
  Normal   EnsuringLoadBalancer        2m (x8 over 12m)  service-controller  Ensuring load balancer
  Warning  CreatingLoadBalancerFailed  2m (x8 over 12m)  service-controller  Error creating load balancer (will retry): Failed to ensure load balancer for service ingress-internal/ingress-internal: network.SecurityGroupsClient#Get: Failure responding to request: StatusCode=404 -- Original Error: autorest/azure: Service returned an error. Status=404 Code="ResourceNotFound" Message="The Resource 'Microsoft.Network/networkSecurityGroups/subscriptions' under resource group 'staging-tectonic' was not found."
  Normal   Type                        4s                service-controller  LoadBalancer -> NodePort

What you expected to happen?

A service with type: LoadBalancer would be setup and provisioned for me.

Other information

We do have the following set:

 tectonic_azure_external_resource_group   = "${azurerm_resource_group.tectonic.name}"
    "azurerm_resource_group.tectonic": {
        "type": "azurerm_resource_group",
        "depends_on": [],
        "primary": {
            "id": "/subscriptions/8b2ca1d4-44ba-47ae-b4e2-ef8aca9d3155/resourceGroups/staging-tectonic",
            "attributes": {
                "id": "/subscriptions/8b2ca1d4-44ba-47ae-b4e2-ef8aca9d3155/resourceGroups/staging-tectonic",
                "location": "southcentralus",
                "name": "staging-tectonic",
                "tags.%": "0"
            },
            "meta": {
            },
            "tainted": false
        },
        "deposed": [],
        "provider": ""
    }

Our kube-cloud-cfg secret has "resourceGroup": "staging-tectonic".

adamdecaf commented 6 years ago

I think this exists in staging-vnet (not staging-tectonic), but I'm unsure how to change that to test myself.