search

kubernetes / kops

Kubernetes Operations (kOps) - Production Grade k8s Installation, Upgrades and Management
https://kops.sigs.k8s.io/
Apache License 2.0
15.94k stars 4.65k forks source link

Kubernetes certification invalid - x509: certificate is valid for kubernetes, kubernetes.default #10343

Closed djha736 closed 3 years ago

djha736 commented 3 years ago

1. What kops version are you running? The command kops version, will display this information.

Version 1.19.0-beta.2 (git-c006d97e5596024f9b9a5681c97300165156319e)

2. What Kubernetes version are you running? kubectl version will print the version if a cluster is running or provide the Kubernetes version specified as a kops flag.

Client Version: version.Info{Major:"1", Minor:"19", GitVersion:"v1.19.3", GitCommit:"1e11e4a2108024935ecfcb2912226cedeafd99df", GitTreeState:"clean", BuildDate:"2020-10-14T12:50:19Z", GoVersion:"go1.15.2", Compiler:"gc", Platform:"linux/amd64"}

3. What cloud provider are you using?

AWS

4. What commands did you run? What is the simplest way to reproduce this issue?

kops validate cluster

5. What happened after the commands executed?

Validation failed: unexpected error during validation: error listing nodes: Get "https://api-xx-k8s-local-302fp3-1771311087.xxx.amazonaws.com/api/v1/nodes": x509: certificate is valid for kubernetes, kubernetes.default, kubernetes.default.svc, kubernetes.default.svc.cluster.local, api.xx.k8s.local, api.internal.xx.k8s.local, not api-xx-k8s-local-302fp3-1771311087xxx.amazonaws.com

6. What did you expect to happen?

it should validate cluster

7. Please provide your cluster manifest. Execute kops get --name my.example.com -o yaml to display your cluster manifest. You may want to remove your cluster name and other sensitive information.


apiVersion: kops.k8s.io/v1alpha2
kind: Cluster
metadata:
  creationTimestamp: "2020-12-02T08:34:35Z"
  name: xxx.local
spec:
  api:
    loadBalancer:
      class: Classic
      type: Public
  authorization:
    rbac: {}
  channel: stable
  cloudProvider: aws
  configBase: s3://xx.local
  containerRuntime: docker

8. Please run the commands with most verbose logging by adding the -v 10 flag. Paste the logs into this report, or in a gist and provide the gist link here.

I1202 09:41:25.359079 5439 validate_cluster.go:130] instance group: kops.InstanceGroupSpec{Role:"Master", Image:"099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20201026", MinSize:(int32)(0xc000831c88), MaxSize:(int32)(0xc000831c78), MachineType:"t3a.medium", RootVolumeSize:(int32)(0xc000831ca8), RootVolumeType:(string)(nil), RootVolumeIops:(int32)(nil), RootVolumeOptimization:(bool)(nil), RootVolumeDeleteOnTermination:(bool)(nil), RootVolumeEncryption:(bool)(nil), Volumes:[]kops.VolumeSpec(nil), VolumeMounts:[]kops.VolumeMountSpec(nil), Subnets:[]string{"us-east-2a"}, Zones:[]string(nil), Hooks:[]kops.HookSpec(nil), MaxPrice:(string)(nil), SpotDurationInMinutes:(int64)(nil), AssociatePublicIP:(bool)(nil), AdditionalSecurityGroups:[]string(nil), CloudLabels:map[string]string(nil), NodeLabels:map[string]string{"kops.k8s.io/instancegroup":"master-us-east-2a"}, FileAssets:[]kops.FileAssetSpec(nil), Tenancy:"", Kubelet:(kops.KubeletConfigSpec)(nil), Taints:[]string(nil), MixedInstancesPolicy:(kops.MixedInstancesPolicySpec)(nil), AdditionalUserData:[]kops.UserData(nil), SuspendProcesses:[]string(nil), ExternalLoadBalancers:[]kops.LoadBalancer(nil), DetailedInstanceMonitoring:(bool)(nil), IAM:(kops.IAMProfileSpec)(nil), SecurityGroupOverride:(string)(nil), InstanceProtection:(bool)(nil), SysctlParameters:[]string(nil), RollingUpdate:(kops.RollingUpdate)(nil), InstanceInterruptionBehavior:(*string)(nil)}

I1202 09:41:25.359294 5439 validate_cluster.go:130] instance group: kops.InstanceGroupSpec{Role:"Node", Image:"099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20201026", MinSize:(int32)(0xc00061a82c), MaxSize:(int32)(0xc00061a820), MachineType:"t3a.medium", RootVolumeSize:(int32)(0xc00061a864), RootVolumeType:(string)(nil), RootVolumeIops:(int32)(nil), RootVolumeOptimization:(bool)(nil), RootVolumeDeleteOnTermination:(bool)(nil), RootVolumeEncryption:(bool)(nil), Volumes:[]kops.VolumeSpec(nil), VolumeMounts:[]kops.VolumeMountSpec(nil), Subnets:[]string{"us-east-2a"}, Zones:[]string(nil), Hooks:[]kops.HookSpec(nil), MaxPrice:(string)(nil), SpotDurationInMinutes:(int64)(nil), AssociatePublicIP:(bool)(nil), AdditionalSecurityGroups:[]string(nil), CloudLabels:map[string]string(nil), NodeLabels:map[string]string{"kops.k8s.io/instancegroup":"nodes-us-east-2a"}, FileAssets:[]kops.FileAssetSpec(nil), Tenancy:"", Kubelet:(kops.KubeletConfigSpec)(nil), Taints:[]string(nil), MixedInstancesPolicy:(kops.MixedInstancesPolicySpec)(nil), AdditionalUserData:[]kops.UserData(nil), SuspendProcesses:[]string(nil), ExternalLoadBalancers:[]kops.LoadBalancer(nil), DetailedInstanceMonitoring:(bool)(nil), IAM:(kops.IAMProfileSpec)(nil), SecurityGroupOverride:(string)(nil), InstanceProtection:(bool)(nil), SysctlParameters:[]string(nil), RollingUpdate:(kops.RollingUpdate)(nil), InstanceInterruptionBehavior:(*string)(nil)}

I1202 09:41:25.359456 5439 validate_cluster.go:130] instance group: kops.InstanceGroupSpec{Role:"Node", Image:"099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20201026", MinSize:(int32)(0xc00061b30c), MaxSize:(int32)(0xc00061b300), MachineType:"t3a.medium", RootVolumeSize:(int32)(0xc00061b334), RootVolumeType:(string)(nil), RootVolumeIops:(int32)(nil), RootVolumeOptimization:(bool)(nil), RootVolumeDeleteOnTermination:(bool)(nil), RootVolumeEncryption:(bool)(nil), Volumes:[]kops.VolumeSpec(nil), VolumeMounts:[]kops.VolumeMountSpec(nil), Subnets:[]string{"us-east-2b"}, Zones:[]string(nil), Hooks:[]kops.HookSpec(nil), MaxPrice:(string)(nil), SpotDurationInMinutes:(int64)(nil), AssociatePublicIP:(bool)(nil), AdditionalSecurityGroups:[]string(nil), CloudLabels:map[string]string(nil), NodeLabels:map[string]string{"kops.k8s.io/instancegroup":"nodes-us-east-2b"}, FileAssets:[]kops.FileAssetSpec(nil), Tenancy:"", Kubelet:(kops.KubeletConfigSpec)(nil), Taints:[]string(nil), MixedInstancesPolicy:(kops.MixedInstancesPolicySpec)(nil), AdditionalUserData:[]kops.UserData(nil), SuspendProcesses:[]string(nil), ExternalLoadBalancers:[]kops.LoadBalancer(nil), DetailedInstanceMonitoring:(bool)(nil), IAM:(kops.IAMProfileSpec)(nil), SecurityGroupOverride:(string)(nil), InstanceProtection:(bool)(nil), SysctlParameters:[]string(nil), RollingUpdate:(kops.RollingUpdate)(nil), InstanceInterruptionBehavior:(*string)(nil)}

I1202 09:41:25.359596 5439 validate_cluster.go:130] instance group: kops.InstanceGroupSpec{Role:"Node", Image:"099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20201026", MinSize:(int32)(0xc00061be1c), MaxSize:(int32)(0xc00061be10), MachineType:"t3a.medium", RootVolumeSize:(int32)(0xc00061be54), RootVolumeType:(string)(nil), RootVolumeIops:(int32)(nil), RootVolumeOptimization:(bool)(nil), RootVolumeDeleteOnTermination:(bool)(nil), RootVolumeEncryption:(bool)(nil), Volumes:[]kops.VolumeSpec(nil), VolumeMounts:[]kops.VolumeMountSpec(nil), Subnets:[]string{"us-east-2c"}, Zones:[]string(nil), Hooks:[]kops.HookSpec(nil), MaxPrice:(string)(nil), SpotDurationInMinutes:(int64)(nil), AssociatePublicIP:(bool)(nil), AdditionalSecurityGroups:[]string(nil), CloudLabels:map[string]string(nil), NodeLabels:map[string]string{"kops.k8s.io/instancegroup":"nodes-us-east-2c"}, FileAssets:[]kops.FileAssetSpec(nil), Tenancy:"", Kubelet:(kops.KubeletConfigSpec)(nil), Taints:[]string(nil), MixedInstancesPolicy:(kops.MixedInstancesPolicySpec)(nil), AdditionalUserData:[]kops.UserData(nil), SuspendProcesses:[]string(nil), ExternalLoadBalancers:[]kops.LoadBalancer(nil), DetailedInstanceMonitoring:(bool)(nil), IAM:(kops.IAMProfileSpec)(nil), SecurityGroupOverride:(string)(nil), InstanceProtection:(bool)(nil), SysctlParameters:[]string(nil), RollingUpdate:(kops.RollingUpdate)(nil), InstanceInterruptionBehavior:(*string)(nil)}

9. Anything else do we need to know?

I created cluster using Kops and terraform.

I follow below github solution as well.

https://github.com/kubernetes/kops/issues/2990

still not able to fix the issue.

fejta-bot commented 3 years ago

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale

fejta-bot commented 3 years ago

Stale issues rot after 30d of inactivity. Mark the issue as fresh with /remove-lifecycle rotten. Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten

fejta-bot commented 3 years ago

Rotten issues close after 30d of inactivity. Reopen the issue with /reopen. Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-contributor-experience at kubernetes/community. /close

k8s-ci-robot commented 3 years ago

@fejta-bot: Closing this issue.

In response to [this](https://github.com/kubernetes/kops/issues/10343#issuecomment-830623917): >Rotten issues close after 30d of inactivity. >Reopen the issue with `/reopen`. >Mark the issue as fresh with `/remove-lifecycle rotten`. > >Send feedback to sig-contributor-experience at [kubernetes/community](https://github.com/kubernetes/community). >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.