Closed hgomez closed 1 week ago
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle rotten
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten
/remove-lifecycle rotten
No promises here. I’ll take a look at it when I can.
/assign
Thanks a lot Nicolas
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
/remove-lifecycle stale
I have the same problem and i fail at every cluster deploing.
fatal: [kubespray-control-0]: FAILED! => {"msg": "The conditional check 'kubeadm_certificate_key is not defined' failed. The error was: An unhandled exception occurred while templating '{{ lookup('password', credentials_dir + '/kubeadm_certificate_key.creds length=64 chars=hexdigits') | lower }}'. Error was a <class 'ansible.errors.AnsibleError'>, original message: An unhandled exception occurred while running the lookup plugin 'password'. Error was a <class 'FileExistsError'>, original message: [Errno 17] Файл существует: b'/home/lenow/actual_project/pgpool_deploy_yandex/kubespray/inventory/sample/credentials/4ed7348d1ba2c34c44925ec3609e16f62b8e8526.ansible_lockfile'. [Errno 17] Файл существует: b'/home/lenow/actual_project/pgpool_deploy_yandex/kubespray/inventory/sample/credentials/4ed7348d1ba2c34c44925ec3609e16f62b8e8526.ansible_lockfile'\n\nThe error appears to be in '/home/lenow/actual_project/pgpool_deploy_yandex/kubespray/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml': line 210, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Set kubeadm certificate key\n ^ here\n"}
I have the same problem and i fail at every cluster deploing.
fatal: [kubespray-control-0]: FAILED! => {"msg": "The conditional check 'kubeadm_certificate_key is not defined' failed. The error was: An unhandled exception occurred while templating '{{ lookup('password', credentials_dir + '/kubeadm_certificate_key.creds length=64 chars=hexdigits') | lower }}'. Error was a <class 'ansible.errors.AnsibleError'>, original message: An unhandled exception occurred while running the lookup plugin 'password'. Error was a <class 'FileExistsError'>, original message: [Errno 17] Файл существует: b'/home/lenow/actual_project/pgpool_deploy_yandex/kubespray/inventory/sample/credentials/4ed7348d1ba2c34c44925ec3609e16f62b8e8526.ansible_lockfile'. [Errno 17] Файл существует: b'/home/lenow/actual_project/pgpool_deploy_yandex/kubespray/inventory/sample/credentials/4ed7348d1ba2c34c44925ec3609e16f62b8e8526.ansible_lockfile'\n\nThe error appears to be in '/home/lenow/actual_project/pgpool_deploy_yandex/kubespray/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml': line 210, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Set kubeadm certificate key\n ^ here\n"}
@lenow55 Could you please provide the steps to reproduce the issue? (details about your variables, the command you use to run the cluster.yml
playbook, etc…)
I wasn’t yet able to reproduce this issue, that would help me to dig deeper. Thanks
@nicolas-goudry I'm sorry for a long answer.
Environment:
(printf "$(uname -srm)\n$(cat /etc/os-release)\n"
Linux 6.8.1-arch1-1 x86_64
NAME="Arch Linux"
BUILD_ID=rollingansible --version
ansible [core 2.16.5]
config file = /home/lenow/actual_project/pgpool_deploy_yandex/kubespray/ansible.cfg
configured module search path = ['/home/lenow/actual_project/pgpool_deploy_yandex/kubespray/library']
ansible python module location = /home/lenow/actual_project/pgpool_deploy_yandex/kubespray/venv/lib/python3.11/site-packages/ansible
ansible collection location = /home/lenow/.ansible/collections:/usr/share/ansible/collections
executable location = /home/lenow/actual_project/pgpool_deploy_yandex/kubespray/venv/bin/ansible
python version = 3.11.8 (main, Feb 12 2024, 14:50:05) [GCC 13.2.1 20230801] (/home/lenow/actual_project/pgpool_deploy_yandex/kubespray/venv/bin/python)
jinja version = 3.1.2
libyaml = True
python version = 3.11.8 (main, Feb 12 2024, 14:50:05) [GCC 13.2.1 20230801]
source venv/bin/activate
ansible-playbook -i inventory/sample/host.ini --become cluster.yml
[all]
kubespray-control-bastion ansible_host=158.***.114.205 ip=10.141.0.15
kubespray-control-0 ansible_host=10.141.0.23 ip=10.141.0.23
kubespray-control-1 ansible_host=10.141.0.24 ip=10.141.0.24
kubespray-postgres-0 ansible_host=10.141.0.9 ip=10.141.0.9
kubespray-postgres-1 ansible_host=10.141.0.20 ip=10.141.0.20
kubespray-pgpool-0 ansible_host=10.141.0.26 ip=10.141.0.26
kubespray-pgbench-0 ansible_host=10.141.0.22 ip=10.141.0.22
[kube_control_plane] kubespray-control-bastion kubespray-control-0 kubespray-control-1
[etcd] kubespray-control-bastion kubespray-control-0 kubespray-control-1
[kube_node] kubespray-control-bastion kubespray-control-0 kubespray-control-1 kubespray-postgres-0 kubespray-postgres-1 kubespray-pgpool-0 kubespray-pgbench-0
[k8s_cluster:children] kube_control_plane kube_node
[bastion] kubespray-control-bastion ansible_host=158.***.114.205
[postgres_cluster] kubespray-postgres-0 kubespray-postgres-1
[pgpool] kubespray-pgpool-0
[pgbench] kubespray-pgbench-0
[all:vars] ansible_user=ubuntu ansible_ssh_private_key_file=~/.ssh/yandex_test_cluster ansible_ssh_common_args="-o ProxyCommand='ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -W %h:%p -q {{ ansible_user }}@158.***.114.205 {% if ansible_ssh_private_key_file is defined %}-i {{ ansible_ssh_private_key_file }}{% endif %}'"
[k8s_cluster:vars]
kubeconfig_localhost=True kubectl_localhost=True docker_rpm_keepcache=1 download_run_once=True
**To avoid this issue i use patch from [there](https://github.com/kubernetes-sigs/kubespray/pull/10523/files)** and it works fine
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle rotten
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten
/close
Duplicate of #10321 (there is far more details there, with a fix proposal)
@nicolas-goudry: Closing this issue.
Environment:
Cloud provider or hardware configuration: Proxmox 7.3-3, Dell R620
OS (
printf "$(uname -srm)\n$(cat /etc/os-release)\n"
): workstation (ansible run on) : Fedora release 37 (Thirty Seven) VMs : Rocky Linux 9.1Version of Ansible (
ansible --version
): Virtual Env 2.12.5python --version
): python version = 3.11.2 (main, Feb 8 2023, 00:00:00) [GCC 12.2.1 20221121 (Red Hat 12.2.1-4)]Kubespray version (commit) (
git rev-parse --short HEAD
): 2.21.0Network plugin used: default
Output of ansible run:
Anything else do we need to know:
inventory/group_vars/k8s-cluster.yml contains
ie: https://github.com/kubernetes-sigs/kubespray/blob/master/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml#L234-L235
It seems there is a lock when determining kubeadm_certificate_key for many simulatenous master (3 in my case) when templating in https://github.com/kubernetes-sigs/kubespray/blob/master/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml#L81-L85
Template file https://github.com/kubernetes-sigs/kubespray/blob/master/roles/kubernetes/control-plane/templates/kubeadm-controlplane.v1beta3.yaml.j2#L18-L19
If I force kubeadm_certificate_key inside inventory/group_vars/k8s-cluster.yml, installation goes flawlessly