search

kstone-io / kstone

Kstone is an etcd management platform, providing cluster management, monitoring, backup, inspection, data migration, visual viewing of etcd data, and intelligent diagnosis.
Apache License 2.0
679 stars 106 forks source link

dashboard crash when creating cluster #112

Closed jerry-jibu closed 2 years ago

jerry-jibu commented 2 years ago
  1. install kstone chart with following configuration
# version: master 78c67cf8e4aa8b704096cbc071e8eaa1b1de8a62
helm install kstone . -n kstone -f values.test.yaml

# ui version
kubectl -n kstone get pods kstone-dashboard-7c6cd6554c-7lj8z -o yaml |grep image
...
- image: tkestack/kstone-dashboard:v0.1.0-alpha.2
    imagePullPolicy: IfNotPresent
    image: tkestack/kstone-dashboard:v0.1.0-alpha.2
    imageID: docker-pullable://tkestack/kstone-dashboard@sha256:7bc9ba9e449bd9848f1074d060b8d6d51298cb4d15ff3f4ebe777e0fb3ed0f76

  1. access dashboard

  2. click Operation Center and then Create Cluster test-tke

jerry-jibu commented 2 years ago

It seems dashboard api pod is still under pulling for a long time around 1 hour. I will try it tomorrow when api pod is ready.

kstone-dashboard-api-5bc95bd54f-ssnmm           0/1     ContainerCreating   0          51m
jerry-jibu commented 2 years ago

The dashboard api pod under ContainerCreating is caused by lack of secret kstone-api-key

# kubectl -n kstone describe pod kstone-dashboard-api-5bc95bd54f-t6vwd
Name:           kstone-dashboard-api-5bc95bd54f-t6vwd
Namespace:      kstone
Priority:       0
Node:           gyj-dev/10.0.16.11
Start Time:     Sun, 10 Apr 2022 23:32:50 +0800
Labels:         app.kubernetes.io/instance=kstone
                app.kubernetes.io/name=dashboard-api
                pod-template-hash=5bc95bd54f
Annotations:    <none>
Status:         Pending
IP:
IPs:            <none>
Controlled By:  ReplicaSet/kstone-dashboard-api-5bc95bd54f
Containers:
  dashboard-api:
    Container ID:
    Image:          tkestack/kstone-api-amd64:v0.1.0-alpha.2
    Image ID:
    Port:           8080/TCP
    Host Port:      0/TCP
    State:          Waiting
      Reason:       ContainerCreating
    Ready:          False
    Restart Count:  0
    Limits:
      cpu:     1
      memory:  2G
    Requests:
      cpu:     100m
      memory:  50Mi
    Environment:
      KUBE_TARGET:  kubernetes.default.svc.cluster.local:443
      KUBE_TOKEN:   eyJhbGciOiJSUzI1NiIsImtpZCI6IkVYZW5MWEozV0VITW90b3FrdTI5NmtHQkxRREM1bGJHcm9yb0dTNXdnLXMifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlLWFkbWluLXRva2VuLXJ2eGw5Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6Imt1YmUtYWRtaW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI3OGNiZDJmYS1iZmEyLTRlMDQtYjNjYi1jY2IzNzg1MDIxNzMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06a3ViZS1hZG1pbiJ9.eeY_yyqzyB6xA3sbNT81Im1lwp4U0qtUlXI4Ngw1wqqa29z9W4KKKkHmoM8vRy2lLAnWkCSIyD9IASTX_Hhgy9DEsu5orJzjRYkBYbN7HwCXMFvmomzw_KqsPCesNSFyj03iVDJklqf4fIIaI71IRtBDPgB1WlfPAUxxXEOBjfGr2E2xFvDyEAKZmV9ysopoJ0dM5XAhqPzmntvwwoeXsnbjCoFTkTOXWXg9jhc14dsSn5WchDrHFXDi9-eW6g9Ku3M9Ojbn7xwNJ_CRBgDXpPqafkndHU0_R9sBYmdLO98Ngdnp36tNg7sYYQgE4l4ASk3SCowQoSQpDcP3Yr6AoQ
    Mounts:
      /app/certs/ from certs (ro)
      /var/run/secrets/kubernetes.io/serviceaccount from kstone-token-r8jqm (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             False
  ContainersReady   False
  PodScheduled      True
Volumes:
  certs:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  kstone-api-key
    Optional:    false
  kstone-token-r8jqm:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  kstone-token-r8jqm
    Optional:    false
QoS Class:       Burstable
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type     Reason       Age                   From               Message
  ----     ------       ----                  ----               -------
  Normal   Scheduled    10m                   default-scheduler  Successfully assigned kstone/kstone-dashboard-api-5bc95bd54f-t6vwd to gyj-dev
  Warning  FailedMount  3m58s                 kubelet            Unable to attach or mount volumes: unmounted volumes=[certs], unattached volumes=[kstone-token-r8jqm certs]: timed out waiting for the condition
  Warning  FailedMount  104s (x3 over 8m30s)  kubelet            Unable to attach or mount volumes: unmounted volumes=[certs], unattached volumes=[certs kstone-token-r8jqm]: timed out waiting for the condition
  Warning  FailedMount  17s (x13 over 10m)    kubelet            MountVolume.SetUp failed for volume "certs" : secret "kstone-api-key" not found

# kubectl -n kstone get secrets
NAME                                                 TYPE                                  DATA   AGE
default-token-fs2hc                                  kubernetes.io/service-account-token   3      96m
grafana                                              Opaque                                3      85m
kstone-dashboard-api-key                             Opaque                                1      85m
kstone-prometheus-admission                          Opaque                                3      93m
kstone-prometheus-operator-token-sbxwx               kubernetes.io/service-account-token   3      85m
kstone-prometheus-prometheus-token-s9c7x             kubernetes.io/service-account-token   3      85m
kstone-token-r8jqm                                   kubernetes.io/service-account-token   3      85m
prometheus-kstone-prometheus-prometheus              Opaque                                1      85m
prometheus-kstone-prometheus-prometheus-tls-assets   Opaque                                1      85m
prometheus-kstone-prometheus-prometheus-web-config   Opaque                                1      85m
sh.helm.release.v1.kstone.v1                         helm.sh/release.v1                    1      85m

And from code https://github.com/tkestack/kstone/blob/9f868a2ab3298aafd84d0f8f38e772bfa4d74d55/pkg/authentication/helper.go#L37

I think we should add this kstone-api-key secret during helm installation or guide user to specify some private key in values.yaml.

tangcong commented 2 years ago

Thanks for the feedback. @lianghao208 Have we fixed this issue? we released v0.2.0-beta.1, you can take a try. @jerry-jibu

lianghao208 commented 2 years ago

This issue has been fixed in #111 , you can upgrade to our new release v0.2.0-beta.1.

lianghao208 commented 2 years ago

This issue has been fixed in #111 , you can upgrade to our new release v0.2.0-beta.1.

Or you can rename the secret name from kstone-api-key to kstone-dashboard-api-key.