Closed danthegoodman1 closed 3 years ago
I find these logs in k9s:
│ time="2021-09-21T20:43:31Z" level=info msg="config: {APIServerURL: KubeConfig: RequestTimeout:30s DefaultTargets:[] ContourLoadBalancerService:heptio-contour/contour GlooNamespace:gloo-system SkipperRouteGroupVersion:z │
│ alando.org/v1 Sources:[service istio-gateway] Namespace: AnnotationFilter: LabelFilter: FQDNTemplate: CombineFQDNAndAnnotation:false IgnoreHostnameAnnotation:false IgnoreIngressTLSSpec:false IgnoreIngressRulesSpec:fals │
│ e Compatibility: PublishInternal:false PublishHostIP:false AlwaysPublishNotReadyAddresses:false ConnectorSourceServer:localhost:8080 Provider:digitalocean GoogleProject: GoogleBatchChangeSize:1000 GoogleBatchChangeInte │
│ rval:1s GoogleZoneVisibility: DomainFilter:[] ExcludeDomains:[] RegexDomainFilter: RegexDomainExclusion: ZoneNameFilter:[] ZoneIDFilter:[] AlibabaCloudConfigFile:/etc/kubernetes/alibaba-cloud.json AlibabaCloudZoneType: │
│ AWSZoneType: AWSZoneTagFilter:[] AWSAssumeRole: AWSBatchChangeSize:1000 AWSBatchChangeInterval:1s AWSEvaluateTargetHealth:true AWSAPIRetries:3 AWSPreferCNAME:false AWSZoneCacheDuration:0s AzureConfigFile:/etc/kubernet │
│ es/azure.json AzureResourceGroup: AzureSubscriptionID: AzureUserAssignedIdentityClientID: BluecatConfigFile:/etc/kubernetes/bluecat.json CloudflareProxied:false CloudflareZonesPerPage:50 CoreDNSPrefix:/skydns/ Rcodezer │
│ oTXTEncrypt:false AkamaiServiceConsumerDomain: AkamaiClientToken: AkamaiClientSecret: AkamaiAccessToken: AkamaiEdgercPath: AkamaiEdgercSection: InfobloxGridHost: InfobloxWapiPort:443 InfobloxWapiUsername:admin Infoblox │
│ WapiPassword: InfobloxWapiVersion:2.3.1 InfobloxSSLVerify:true InfobloxView: InfobloxMaxResults:0 InfobloxFQDNRegEx: DynCustomerName: DynUsername: DynPassword: DynMinTTLSeconds:0 OCIConfigFile:/etc/kubernetes/oci.yaml │
│ InMemoryZones:[] OVHEndpoint:ovh-eu OVHApiRateLimit:20 PDNSServer:http://localhost:8081 PDNSAPIKey: PDNSTLSEnabled:false TLSCA: TLSClientCert: TLSClientCertKey: Policy:sync Registry:txt TXTOwnerID:default TXTPrefix: TX │
│ TSuffix: Interval:1m0s MinEventSyncInterval:5s Once:false DryRun:false UpdateEvents:false LogFormat:text MetricsAddress::7979 LogLevel:debug TXTCacheInterval:0s TXTWildcardReplacement: ExoscaleEndpoint:https://api.exos │
│ cale.ch/dns ExoscaleAPIKey: ExoscaleAPISecret: CRDSourceAPIVersion:externaldns.k8s.io/v1alpha1 CRDSourceKind:DNSEndpoint ServiceTypeFilter:[] CFAPIEndpoint: CFUsername: CFPassword: RFC2136Host: RFC2136Port:0 RFC2136Zon │
│ e: RFC2136Insecure:false RFC2136GSSTSIG:false RFC2136KerberosRealm: RFC2136KerberosUsername: RFC2136KerberosPassword: RFC2136TSIGKeyName: RFC2136TSIGSecret: RFC2136TSIGSecretAlg: RFC2136TAXFR:false RFC2136MinTTL:0s RFC │
│ 2136BatchChangeSize:50 NS1Endpoint: NS1IgnoreSSL:false NS1MinTTLSeconds:0 TransIPAccountName: TransIPPrivateKeyFile: DigitalOceanAPIPageSize:50 ManagedDNSRecordTypes:[A CNAME] GoDaddyAPIKey: GoDaddySecretKey: GoDaddyTT │
│ L:0 GoDaddyOTE:false}" │
│ time="2021-09-21T20:43:31Z" level=info msg="Instantiating new Kubernetes client" │
│ time="2021-09-21T20:43:31Z" level=debug msg="apiServerURL: " │
│ time="2021-09-21T20:43:31Z" level=debug msg="kubeConfig: " │
│ time="2021-09-21T20:43:31Z" level=info msg="Using inCluster-config based on serviceaccount-token" │
│ time="2021-09-21T20:43:31Z" level=info msg="Created Kubernetes client https://10.245.0.1:443" │
│ time="2021-09-21T20:43:32Z" level=debug msg="service added" │
│ time="2021-09-21T20:43:32Z" level=debug msg="service added" │
│ time="2021-09-21T20:43:32Z" level=debug msg="service added" │
│ time="2021-09-21T20:43:32Z" level=debug msg="service added" │
│ time="2021-09-21T20:43:32Z" level=debug msg="service added" │
│ time="2021-09-21T20:43:32Z" level=debug msg="service added" │
│ time="2021-09-21T20:43:32Z" level=debug msg="service added" │
│ time="2021-09-21T20:44:33Z" level=fatal msg="failed to sync cache: timed out waiting for the condition" │
│ stream closed
However if I use service
instead of istio-gateway
as the source, I see the following:
│ time="2021-09-21T20:45:37Z" level=info msg="config: {APIServerURL: KubeConfig: RequestTimeout:30s DefaultTargets:[] ContourLoadBalancerService:heptio-contour/contour GlooNamespace:gloo-system SkipperRouteGroupVersion:z │
│ time="2021-09-21T20:45:37Z" level=info msg="Instantiating new Kubernetes client" │
│ time="2021-09-21T20:45:37Z" level=debug msg="apiServerURL: " │
│ time="2021-09-21T20:45:37Z" level=debug msg="kubeConfig: " │
│ time="2021-09-21T20:45:37Z" level=info msg="Using inCluster-config based on serviceaccount-token" │
│ time="2021-09-21T20:45:37Z" level=info msg="Created Kubernetes client https://10.245.0.1:443" │
│ time="2021-09-21T20:45:44Z" level=debug msg="Endpoints generated from DigitalOcean DNS" endpoints="[do-nyc-1.clusterspace.io 0 IN NS ns1.digitalocean.com;ns2.digitalocean.com;ns3.digitalocean.com [] api.do-nyc-1.clust │
│ time="2021-09-21T20:45:44Z" level=debug msg="No endpoints could be generated from service default/kubernetes" │
│ time="2021-09-21T20:45:44Z" level=debug msg="No endpoints could be generated from service kube-system/kube-dns" │
│ time="2021-09-21T20:45:44Z" level=debug msg="No endpoints could be generated from service istio-system/istiod" │
│ time="2021-09-21T20:45:44Z" level=debug msg="No endpoints could be generated from service istio-system/istio-ingressgateway" │
│ time="2021-09-21T20:45:44Z" level=debug msg="No endpoints could be generated from service cert-manager/cert-manager" │
│ time="2021-09-21T20:45:44Z" level=debug msg="No endpoints could be generated from service cert-manager/cert-manager-webhook" │
│ time="2021-09-21T20:45:44Z" level=debug msg="Endpoints generated from service: default/api-lb: [api.do-nyc-1.clusterspace.io 0 IN A 143.244.202.37 []]" │
│ time="2021-09-21T20:45:44Z" level=debug msg="Skipping endpoint promrelay.com 0 IN A 157.230.201.73 [] because owner id does not match, found: \"\", required: \"default\""
Solved, had to add:
- apiGroups: ["", "extensions", "apps", "networking.k8s.io", "networking.istio.io", "authentication.istio.io", "rbac.istio.io", "config.istio.io", "security.istio.io"]
resources: ["*"]
verbs: ["*"]
to my ClusterRole
What happened: When using external dns v0.9.0, After 20-60 seconds the deployment crashes with
failed to sync cache: timed out waiting for the condition
.How to reproduce it (as minimally and precisely as possible):
(version 1.11.2)
istioctl install
Anything else we need to know?:
Environment:
external-dns --version
): 0.9.0 (als tried with 0.7.3 and 0.7.6)