search

kubernetes / kops

Kubernetes Operations (kOps) - Production Grade k8s Installation, Upgrades and Management
https://kops.sigs.k8s.io/
Apache License 2.0
15.66k stars 4.61k forks source link

Hetzner: error running task "ServerGroup/bastions": Field is required: UserData #16599

Open skuethe opened 3 weeks ago

skuethe commented 3 weeks ago

/kind bug

1. What kops version are you running? The command kops version, will display this information.

Client version: 1.29.0 (git-v1.29.0)

2. What Kubernetes version are you running? kubectl version will print the version if a cluster is running or provide the Kubernetes version specified as a kops flag.

v1.29.3

3. What cloud provider are you using?

Hetzner

4. What commands did you run? What is the simplest way to reproduce this issue?

5. What happened after the commands executed?

Error while setting up the bastion host:

W0604 10:18:59.832186   23422 executor.go:141] error running task "ServerGroup/bastions" (9m59s remaining to succeed): Field is required: UserData

6. What did you expect to happen?

A bastion host is being created

7. Please provide your cluster manifest. Execute kops get --name my.example.com -o yaml to display your cluster manifest. You may want to remove your cluster name and other sensitive information.

kops.yaml used with the kops create -f command:

apiVersion: kops.k8s.io/v1alpha2
kind: Cluster
metadata:
  creationTimestamp: null
  name: kops.hetznerpoc.mydomain.net
spec:
  api:
    loadBalancer:
      type: Public
  authorization:
    rbac: {}
  channel: stable
  cloudProvider: hetzner
  configBase: s3://kops/kops.hetznerpoc.mydomain.net
  etcdClusters:
  - cpuRequest: 200m
    etcdMembers:
    - instanceGroup: control-plane-nbg1
      name: etcd-1
    manager:
      backupRetentionDays: 90
    memoryRequest: 100Mi
    name: main
  - cpuRequest: 100m
    etcdMembers:
    - instanceGroup: control-plane-nbg1
      name: etcd-1
    manager:
      backupRetentionDays: 90
    memoryRequest: 100Mi
    name: events
  iam:
    allowContainerRegistry: true
    legacy: false
  kubelet:
    anonymousAuth: false
  kubernetesApiAccess:
  - 0.0.0.0/0
  - ::/0
  kubernetesVersion: v1.29.3
  networkCIDR: 10.2.0.0/24
  networking:
    calico: {}
  nonMasqueradeCIDR: 100.64.0.0/10
  sshAccess:
  - 0.0.0.0/0
  - ::/0
  subnets:
  - name: nbg1
    type: Private
    zone: nbg1
  - name: utility-nbg1
    type: Utility
    zone: nbg1
  topology:
    dns:
      type: None

---

apiVersion: kops.k8s.io/v1alpha2
kind: InstanceGroup
metadata:
  creationTimestamp: null
  labels:
    kops.k8s.io/cluster: kops.hetznerpoc.mydomain.net
  name: control-plane-nbg1
spec:
  image: ubuntu-22.04
  machineType: cx31
  maxSize: 0
  minSize: 0
  role: Master
  subnets:
  - nbg1

---

apiVersion: kops.k8s.io/v1alpha2
kind: InstanceGroup
metadata:
  creationTimestamp: null
  labels:
    kops.k8s.io/cluster: kops.hetznerpoc.mydomain.net
  name: bastions
spec:
  image: ubuntu-22.04
  machineType: cx11
  maxSize: 1
  minSize: 1
  role: Bastion
  subnets:
  - nbg1

---

apiVersion: kops.k8s.io/v1alpha2
kind: SSHCredential
metadata:
  creationTimestamp: null
  labels:
    kops.k8s.io/cluster: kops.hetznerpoc.mydomain.net
  name: admin
spec:
  publicKey: ssh-ed25519 ...

8. Please run the commands with most verbose logging by adding the -v 10 flag. Paste the logs into this report, or in a gist and provide the gist link here.

I pasted only the (hopefully) relevant log section where the "UserData" is set to null. If other log output is required I would need to remove sensitive information first.

I0604 10:28:06.720121   23985 executor.go:113] Tasks: 44 done / 45 total; 1 can run
I0604 10:28:06.720279   23985 executor.go:214] Executing task "ServerGroup/bastions": *hetznertasks.ServerGroup {"Name":"bastions","Lifecycle":"Sync","SSHKeys":[{"Name":"kops.hetznerpoc.mydomain.net-...","Lifecycle":"Sync","ID":21122430,"PublicKey":"ssh-ed25519 ...","Labels":{"kops.k8s.io/cluster":"kops.hetznerpoc.mydomain.net"}}],"Network":{"Name":"kops.hetznerpoc.mydomain.net","Lifecycle":"Sync","ID":"4301340","Region":"eu-central","IPRange":"10.2.0.0/24","Subnets":["10.2.0.0/24"],"Labels":{"kops.k8s.io/cluster":"kops.hetznerpoc.mydomain.net"}},"Count":1,"NeedUpdate":null,"Location":"nbg1","Size":"cx11","Image":"ubuntu-22.04","EnableIPv4":true,"EnableIPv6":false,"UserData":null,"Labels":{"kops.k8s.io/cluster":"kops.hetznerpoc.mydomain.net","kops.k8s.io/instance-group":"bastions","kops.k8s.io/instance-role":"Bastion"}}
W0604 10:28:07.063966   23985 executor.go:141] error running task "ServerGroup/bastions" (9m45s remaining to succeed): Field is required: UserData
I0604 10:28:07.064088   23985 executor.go:171] Continuing to run 1 task(s)

9. Anything else do we need to know?

Trying to setup a cluster with private topology and bastion host on Hetzner. I specifically set the control plane size to 0 to focus on the Bastion deployment. That being said, I of course also tried the deployment with an existing control plane InstanceGroup. The behaviour is the same.

By reading the documentation I was under the impression that the bastion feature should already work with Hetzner. So creating this as a kind: bug.