Closed jerry-jibu closed 2 years ago
It seems dashboard api pod is still under pulling for a long time around 1 hour. I will try it tomorrow when api pod is ready.
kstone-dashboard-api-5bc95bd54f-ssnmm 0/1 ContainerCreating 0 51m
The dashboard api pod under ContainerCreating
is caused by lack of secret kstone-api-key
# kubectl -n kstone describe pod kstone-dashboard-api-5bc95bd54f-t6vwd
Name: kstone-dashboard-api-5bc95bd54f-t6vwd
Namespace: kstone
Priority: 0
Node: gyj-dev/10.0.16.11
Start Time: Sun, 10 Apr 2022 23:32:50 +0800
Labels: app.kubernetes.io/instance=kstone
app.kubernetes.io/name=dashboard-api
pod-template-hash=5bc95bd54f
Annotations: <none>
Status: Pending
IP:
IPs: <none>
Controlled By: ReplicaSet/kstone-dashboard-api-5bc95bd54f
Containers:
dashboard-api:
Container ID:
Image: tkestack/kstone-api-amd64:v0.1.0-alpha.2
Image ID:
Port: 8080/TCP
Host Port: 0/TCP
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Limits:
cpu: 1
memory: 2G
Requests:
cpu: 100m
memory: 50Mi
Environment:
KUBE_TARGET: kubernetes.default.svc.cluster.local:443
KUBE_TOKEN: eyJhbGciOiJSUzI1NiIsImtpZCI6IkVYZW5MWEozV0VITW90b3FrdTI5NmtHQkxRREM1bGJHcm9yb0dTNXdnLXMifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlLWFkbWluLXRva2VuLXJ2eGw5Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6Imt1YmUtYWRtaW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI3OGNiZDJmYS1iZmEyLTRlMDQtYjNjYi1jY2IzNzg1MDIxNzMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06a3ViZS1hZG1pbiJ9.eeY_yyqzyB6xA3sbNT81Im1lwp4U0qtUlXI4Ngw1wqqa29z9W4KKKkHmoM8vRy2lLAnWkCSIyD9IASTX_Hhgy9DEsu5orJzjRYkBYbN7HwCXMFvmomzw_KqsPCesNSFyj03iVDJklqf4fIIaI71IRtBDPgB1WlfPAUxxXEOBjfGr2E2xFvDyEAKZmV9ysopoJ0dM5XAhqPzmntvwwoeXsnbjCoFTkTOXWXg9jhc14dsSn5WchDrHFXDi9-eW6g9Ku3M9Ojbn7xwNJ_CRBgDXpPqafkndHU0_R9sBYmdLO98Ngdnp36tNg7sYYQgE4l4ASk3SCowQoSQpDcP3Yr6AoQ
Mounts:
/app/certs/ from certs (ro)
/var/run/secrets/kubernetes.io/serviceaccount from kstone-token-r8jqm (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
certs:
Type: Secret (a volume populated by a Secret)
SecretName: kstone-api-key
Optional: false
kstone-token-r8jqm:
Type: Secret (a volume populated by a Secret)
SecretName: kstone-token-r8jqm
Optional: false
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 10m default-scheduler Successfully assigned kstone/kstone-dashboard-api-5bc95bd54f-t6vwd to gyj-dev
Warning FailedMount 3m58s kubelet Unable to attach or mount volumes: unmounted volumes=[certs], unattached volumes=[kstone-token-r8jqm certs]: timed out waiting for the condition
Warning FailedMount 104s (x3 over 8m30s) kubelet Unable to attach or mount volumes: unmounted volumes=[certs], unattached volumes=[certs kstone-token-r8jqm]: timed out waiting for the condition
Warning FailedMount 17s (x13 over 10m) kubelet MountVolume.SetUp failed for volume "certs" : secret "kstone-api-key" not found
# kubectl -n kstone get secrets
NAME TYPE DATA AGE
default-token-fs2hc kubernetes.io/service-account-token 3 96m
grafana Opaque 3 85m
kstone-dashboard-api-key Opaque 1 85m
kstone-prometheus-admission Opaque 3 93m
kstone-prometheus-operator-token-sbxwx kubernetes.io/service-account-token 3 85m
kstone-prometheus-prometheus-token-s9c7x kubernetes.io/service-account-token 3 85m
kstone-token-r8jqm kubernetes.io/service-account-token 3 85m
prometheus-kstone-prometheus-prometheus Opaque 1 85m
prometheus-kstone-prometheus-prometheus-tls-assets Opaque 1 85m
prometheus-kstone-prometheus-prometheus-web-config Opaque 1 85m
sh.helm.release.v1.kstone.v1 helm.sh/release.v1 1 85m
And from code https://github.com/tkestack/kstone/blob/9f868a2ab3298aafd84d0f8f38e772bfa4d74d55/pkg/authentication/helper.go#L37
I think we should add this kstone-api-key secret during helm installation or guide user to specify some private key in values.yaml.
Thanks for the feedback. @lianghao208 Have we fixed this issue? we released v0.2.0-beta.1, you can take a try. @jerry-jibu
This issue has been fixed in #111 , you can upgrade to our new release v0.2.0-beta.1.
This issue has been fixed in #111 , you can upgrade to our new release v0.2.0-beta.1.
Or you can rename the secret name from kstone-api-key
to kstone-dashboard-api-key
.
access dashboard
click
Operation Center
and thenCreate Cluster