search

istio / istio.io

Source for the istio.io site
https://istio.io/
Apache License 2.0
761 stars 1.54k forks source link

White Space error in the demo.yaml profile for 1.5 and 1.6 for linux x86 #7572

Closed Stormarov45 closed 4 months ago

Stormarov45 commented 4 years ago

The last two lines for the demo.yaml file in the /manifest/profiles location has a missing nl/cr (mising blank line) that causes kiali not to load correctly. Due to not creating a kiali demo secret.

I had this problem with both 1.5 and 1.6 on a REHL platform using the newest version of Go and KinD.

The "values" segment of the file looks like this:

  values:
    global:
      proxy:
        resources:
          requests:
            cpu: 10m
            memory: 40Mi

    pilot:
      autoscaleEnabled: false

    mixer:
      adapters:
        useAdapterCRDs: false
        kubernetesenv:
          enabled: true
        prometheus:
          enabled: true
          metricsExpiryDuration: 10m
        stackdriver:
          enabled: false
        stdio:
          enabled: true
          outputAsJson: false
      policy:
        autoscaleEnabled: false
      telemetry:
        autoscaleEnabled: false

    gateways:
      istio-egressgateway:
        autoscaleEnabled: false
      istio-ingressgateway:
        autoscaleEnabled: false
    kiali:
      createDemoSecret: true

When you add the the blank line like this it deploys fine

    gateways:
      istio-egressgateway:
        autoscaleEnabled: false
      istio-ingressgateway:
        autoscaleEnabled: false

    kiali:
      createDemoSecret: true

Otherwise you get various errors that only sometimes reference a missing kiali secret and manually creating a secret doesn't help because it gets placed in the wrong location.

Stormarov45 commented 4 years ago

Here is an example of the describe pod kiali-xxx output:

Events:
  Type     Reason       Age                  From                         Message
  ----     ------       ----                 ----                         -------
  Normal   Scheduled    22m                  default-scheduler            Successfully assigned istio-system/kiali-d45468dc4-r2vqh to kind-control-plane
  Warning  FailedMount  22m                  kubelet, kind-control-plane  MountVolume.SetUp failed for volume "kiali-secret" : failed to sync secret cache: timed out waiting for the condition
  Warning  FailedMount  22m                  kubelet, kind-control-plane  MountVolume.SetUp failed for volume "kiali-configuration" : failed to sync configmap cache: timed out waiting for the condition
  Warning  Failed       22m                  kubelet, kind-control-plane  Failed to pull image "quay.io/kiali/kiali:v1.18": rpc error: code = Unknown desc = failed to pull and unpack image "quay.io/kiali/kiali:v1.18": failed to copy: httpReaderSeeker: failed open: failed to do request: Get https://cdn.quay.io/sha256/57/57584b59d88badb977c5077949af3d65f9b9f864d1c9f295a97aed0ab555e865?Expires=1591888559&Signature=-signature-was-here-&Key-Pair-Id=-key-pair-ID-was-here-: x509: certificate signed by unknown authority
  Warning  Failed       21m                  kubelet, kind-control-plane  Failed to pull image "quay.io/kiali/kiali:v1.18": rpc error: code = Unknown desc = failed to pull and unpack image "quay.io/kiali/kiali:v1.18": failed to copy: httpReaderSeeker: failed open: failed to do request: Get https://cdn.quay.io/sha256/57/57584b59d88badb977c5077949af3d65f9b9f864d1c9f295a97aed0ab555e865?Expires=1591888574&Signature=-signature-was-here-&Key-Pair-Id=-key-pair-ID-was-here-: x509: certificate signed by unknown authority
  Warning  Failed       21m                  kubelet, kind-control-plane  Failed to pull image "quay.io/kiali/kiali:v1.18": rpc error: code = Unknown desc = failed to pull and unpack image "quay.io/kiali/kiali:v1.18": failed to copy: httpReaderSeeker: failed open: failed to do request: Get https://cdn.quay.io/sha256/57/57584b59d88badb977c5077949af3d65f9b9f864d1c9f295a97aed0ab555e865?Expires=1591888602&Signature=-signature-was-here-&Key-Pair-Id=-key-pair-ID-was-here-: x509: certificate signed by unknown authority
  Warning  Failed       20m (x4 over 22m)    kubelet, kind-control-plane  Error: ErrImagePull
  Normal   Pulling      20m (x4 over 22m)    kubelet, kind-control-plane  Pulling image "quay.io/kiali/kiali:v1.18"
  Warning  Failed       20m                  kubelet, kind-control-plane  Failed to pull image "quay.io/kiali/kiali:v1.18": rpc error: code = Unknown desc = failed to pull and unpack image "quay.io/kiali/kiali:v1.18": failed to copy: httpReaderSeeker: failed open: failed to do request: Get https://cdn.quay.io/sha256/3a/3aa8b87b7f88ed441a44c1fcafdcc80e48dd5b7e0f3d24961941c95b5470c5fd?Expires=1591888655&Signature=-signature-was-here-&Key-Pair-Id=-key-pair-ID-was-here-: x509: certificate signed by unknown authority
  Normal   BackOff      7m5s (x64 over 22m)  kubelet, kind-control-plane  Back-off pulling image "quay.io/kiali/kiali:v1.18"
  Warning  Failed       2m5s (x86 over 22m)  kubelet, kind-control-plane  Error: ImagePullBackOff
dgn commented 4 years ago

Here is an example of the describe pod kiali-xxx output:

Events:
  Type     Reason       Age                  From                         Message
  ----     ------       ----                 ----                         -------
  Normal   Scheduled    22m                  default-scheduler            Successfully assigned istio-system/kiali-d45468dc4-r2vqh to kind-control-plane
  Warning  FailedMount  22m                  kubelet, kind-control-plane  MountVolume.SetUp failed for volume "kiali-secret" : failed to sync secret cache: timed out waiting for the condition
  Warning  FailedMount  22m                  kubelet, kind-control-plane  MountVolume.SetUp failed for volume "kiali-configuration" : failed to sync configmap cache: timed out waiting for the condition
  Warning  Failed       22m                  kubelet, kind-control-plane  Failed to pull image "quay.io/kiali/kiali:v1.18": rpc error: code = Unknown desc = failed to pull and unpack image "quay.io/kiali/kiali:v1.18": failed to copy: httpReaderSeeker: failed open: failed to do request: Get https://cdn.quay.io/sha256/57/57584b59d88badb977c5077949af3d65f9b9f864d1c9f295a97aed0ab555e865?Expires=1591888559&Signature=-signature-was-here-&Key-Pair-Id=-key-pair-ID-was-here-: x509: certificate signed by unknown authority
  Warning  Failed       21m                  kubelet, kind-control-plane  Failed to pull image "quay.io/kiali/kiali:v1.18": rpc error: code = Unknown desc = failed to pull and unpack image "quay.io/kiali/kiali:v1.18": failed to copy: httpReaderSeeker: failed open: failed to do request: Get https://cdn.quay.io/sha256/57/57584b59d88badb977c5077949af3d65f9b9f864d1c9f295a97aed0ab555e865?Expires=1591888574&Signature=-signature-was-here-&Key-Pair-Id=-key-pair-ID-was-here-: x509: certificate signed by unknown authority
  Warning  Failed       21m                  kubelet, kind-control-plane  Failed to pull image "quay.io/kiali/kiali:v1.18": rpc error: code = Unknown desc = failed to pull and unpack image "quay.io/kiali/kiali:v1.18": failed to copy: httpReaderSeeker: failed open: failed to do request: Get https://cdn.quay.io/sha256/57/57584b59d88badb977c5077949af3d65f9b9f864d1c9f295a97aed0ab555e865?Expires=1591888602&Signature=-signature-was-here-&Key-Pair-Id=-key-pair-ID-was-here-: x509: certificate signed by unknown authority
  Warning  Failed       20m (x4 over 22m)    kubelet, kind-control-plane  Error: ErrImagePull
  Normal   Pulling      20m (x4 over 22m)    kubelet, kind-control-plane  Pulling image "quay.io/kiali/kiali:v1.18"
  Warning  Failed       20m                  kubelet, kind-control-plane  Failed to pull image "quay.io/kiali/kiali:v1.18": rpc error: code = Unknown desc = failed to pull and unpack image "quay.io/kiali/kiali:v1.18": failed to copy: httpReaderSeeker: failed open: failed to do request: Get https://cdn.quay.io/sha256/3a/3aa8b87b7f88ed441a44c1fcafdcc80e48dd5b7e0f3d24961941c95b5470c5fd?Expires=1591888655&Signature=-signature-was-here-&Key-Pair-Id=-key-pair-ID-was-here-: x509: certificate signed by unknown authority
  Normal   BackOff      7m5s (x64 over 22m)  kubelet, kind-control-plane  Back-off pulling image "quay.io/kiali/kiali:v1.18"
  Warning  Failed       2m5s (x86 over 22m)  kubelet, kind-control-plane  Error: ImagePullBackOff

The error suggests that Quay had issues

Stormarov45 commented 4 years ago

That's the problem. It sent me on a red herring for like 2 weeks. What really happened was that Kiali never created a secret to complete the x509 handshake with Quay.com

dgn commented 4 years ago

That's the problem. It sent me on a red herring for like 2 weeks. What really happened was that Kiali never created a secret to complete the x509 handshake with Quay.com

No, you don't need a secret for that. Kiali images are publicly accessible

Stormarov45 commented 4 years ago

No, you don't need a secret for that. Kiali images are publicly accessible

And yet without it, it didn't work. So explain that one.