search

jcmoraisjr / haproxy-ingress

HAProxy Ingress
https://haproxy-ingress.github.io
Apache License 2.0
1.02k stars 272 forks source link

Unable to run haproxy-ingress pod, getting permission denied error #1131

Open kalyanteja19 opened 1 month ago

kalyanteja19 commented 1 month ago

Description of the problem Initially, we are having issues with leader election. After pod restart, haproxy is working fine. Hence, we build the image based on the code from master branch (based on pull request 1087 merge). Now, we are getting /start.sh permission denied during initialization of pod. Pod is going into crashloopbackoff state.

Expected behavior

Pod should run without any issues.

Steps to reproduce the problem

  1. Clone the code from master code branch
  2. Build image from the master code using make docker-build command
  3. Deploy it on the kubernetes, it is running on to crashloopbackoff issues

Environment information

HAProxy Ingress version: based on master code

kalyanteja19 commented 1 month ago

@jcmoraisjr , We need your help to resolve this issue at earliest, can you please assist. Currently, all of our 100+ haproxy applications are facing this issue.

jcmoraisjr commented 1 month ago

Hi, is there any error message you can share, so we can better identify where the problem is.

kalyanteja19 commented 3 weeks ago

/start.sh permission denied

Hi @jcmoraisjr ,

We are getting error as below when we check the logs of haproxy ingress pod.

/start.sh permission denied

jcmoraisjr commented 3 weeks ago

Wondering how you're building your customized image. It seems it's working as expected when I build the image myself:

$ ~> cd ~/.../haproxy-ingress/

$ ~/j/g/s/g/j/haproxy-ingress (master)> make image
...
Successfully tagged localhost/haproxy-ingress:latest

$ ~/j/g/s/g/j/haproxy-ingress (master)> docker images |head
REPOSITORY                            TAG             IMAGE ID       CREATED         SIZE
localhost/haproxy-ingress             latest          0ebcc31e4278   8 seconds ago   92.6MB
...

$ ~/j/g/s/g/j/haproxy-ingress (master)> docker run -ti --rm localhost/haproxy-ingress:latest sh
/ $ id
uid=99(haproxy) gid=99(haproxy) groups=99(haproxy)
/ $ ls -la /start.sh
-rwxr-xr-x    1 root     root          1089 Jun  6 22:27 /start.sh
/ $

$ ~/j/g/s/g/j/haproxy-ingress (master)> grep -A4 ' image:' haproxy-ingress-values.yaml
  image:
    registry: localhost
    repository: haproxy-ingress
    tag: latest
    pullPolicy: Never

$ ~/j/g/s/g/j/haproxy-ingress (master)> helm install haproxy-ingress haproxy-ingress/haproxy-ingress --create-namespace --namespace ingress-controller --version 0.15.0-alpha.2 --devel -f haproxy-ingress-values.yaml
NAME: haproxy-ingress
...

$ ~/j/g/s/g/j/haproxy-ingress (master)> kubectl -n ingress-controller logs pods/haproxy-ingress-557cdf96b9-jpcbd -f
I0610 13:15:12.107244       7 config.go:143] "version info" logger="config" controller-publicname="HAProxy Ingress" controller-release="local" controller-build="git-660edd4c" controller-repo="https://github.com/jcmoraisjr/haproxy-ingress.git"
...
I0610 13:15:21.912228       7 services.go:268] "finish haproxy update" logger="services" id=2 parse-ingress-ms=1.25852 write-maps-ms=0.094819 total-ms=1.353339
kalyanteja19 commented 3 weeks ago

Wondering how you're building your customized image. It seems it's working as expected when I build the image myself:

$ ~> cd ~/.../haproxy-ingress/

$ ~/j/g/s/g/j/haproxy-ingress (master)> make image
...
Successfully tagged localhost/haproxy-ingress:latest

$ ~/j/g/s/g/j/haproxy-ingress (master)> docker images |head
REPOSITORY                            TAG             IMAGE ID       CREATED         SIZE
localhost/haproxy-ingress             latest          0ebcc31e4278   8 seconds ago   92.6MB
...

$ ~/j/g/s/g/j/haproxy-ingress (master)> docker run -ti --rm localhost/haproxy-ingress:latest sh
/ $ id
uid=99(haproxy) gid=99(haproxy) groups=99(haproxy)
/ $ ls -la /start.sh
-rwxr-xr-x    1 root     root          1089 Jun  6 22:27 /start.sh
/ $

$ ~/j/g/s/g/j/haproxy-ingress (master)> grep -A4 ' image:' haproxy-ingress-values.yaml
  image:
    registry: localhost
    repository: haproxy-ingress
    tag: latest
    pullPolicy: Never

$ ~/j/g/s/g/j/haproxy-ingress (master)> helm install haproxy-ingress haproxy-ingress/haproxy-ingress --create-namespace --namespace ingress-controller --version 0.15.0-alpha.2 --devel -f haproxy-ingress-values.yaml
NAME: haproxy-ingress
...

$ ~/j/g/s/g/j/haproxy-ingress (master)> kubectl -n ingress-controller logs pods/haproxy-ingress-557cdf96b9-jpcbd -f
I0610 13:15:12.107244       7 config.go:143] "version info" logger="config" controller-publicname="HAProxy Ingress" controller-release="local" controller-build="git-660edd4c" controller-repo="https://github.com/jcmoraisjr/haproxy-ingress.git"
...
I0610 13:15:21.912228       7 services.go:268] "finish haproxy update" logger="services" id=2 parse-ingress-ms=1.25852 write-maps-ms=0.094819 total-ms=1.353339

@jcmoraisjr, sure. We are using make docker-build command as in the readme file. Here is the error when we run make docker-build.

image

We will try with make image option and let you know.

Also, we want to deploy it on our production clusters. As seen in notes, alpha is not recommended, please suggest any timelines for next production release.