search

kubesphere / ks-installer

Install KubeSphere on existing Kubernetes cluster
https://kubesphere.io
Apache License 2.0
516 stars 740 forks source link

etcd monitor fail #1243

Open guoh1988 opened 3 years ago

guoh1988 commented 3 years ago
  1. ks-3.0 Minimal Installation ,The page is normal
  2. create a secret for etcd 
    $ kubectl create ns kubesphere-monitoring-system
$ kubectl -n kubesphere-monitoring-system create secret generic kube-etcd-client-certs  \
--from-file=etcd-client-ca.crt=/etc/kubernetes/pki/etcd/ca.crt  \
--from-file=etcd-client.crt=/etc/kubernetes/pki/etcd/healthcheck-client.crt  \
--from-file=etcd-client.key=/etc/kubernetes/pki/etcd/healthcheck-client.key
  3. enable etcd monitoring dashboard installation 
    kubectl edit cc ks-installer -n kubesphere-system
etcd:
monitoring: true       # Whether to enable etcd monitoring dashboard installation. You have to create a secret for etcd before you enable it.
endpointIps: 192.168.208.31,192.168.208.32,192.168.208.33 # etcd cluster EndpointIps, it can be a bunch of IPs here.
port: 2379              # etcd port
tlsEnable: true

    4.Unable to get the etcd node information. Check the Prometheus log and find that the etcd certificate cannot be found. After manually mounting the certificate, the etcd node information can be viewed normally /etc/prometheus/secrets/kube-etcd-client-certs/etcd-client-ca.crt 5.Uninstall KS-3.0 page ./kubesphere-delete.sh 6.In cluster- configuration.yaml Modify configuration,Etcd can be monitored after deployment

vim cluster-configuration.yaml
    etcd:
    monitoring: true       # Whether to enable etcd monitoring dashboard installation. You have to create a secret for etcd before you enable it.
    endpointIps: 192.168.208.31,192.168.208.32,192.168.208.33 # etcd cluster EndpointIps, it can be a bunch of IPs here.
    port: 2379              # etcd port
    tlsEnable: true
  1. status.monitoring is enabled,As a result, the deployment of Prometheus was not updated roles/ks-monitor/tasks/main.yaml 
    - import_tasks: prometheus.yaml
when:
- "status.monitoring is not defined or status.monitoring.status is not defined or status.monitoring.status != 'enabled'"
yunkunrao commented 3 years ago

/kind bug

KeithTt commented 3 years ago

Same problem here:

image

penpen-dongE commented 1 year ago

same problem, too.

Evsio0n commented 10 months ago

Hi all, for who come to this as the same issue here with crt problem. https://kubesphere.io/zh/blogs/kubesphere-etcd/

The solution for me is that need manually add a secret for this prometheus to mounting cert.

kubectl edit prometheuses -n kubesphere-monitoring-system

...
spec:
  secrets:
  - kube-etcd-client-certs

Has sovled my issue.

For contributors,

https://github.com/kubesphere/ks-installer/blob/d6a5e8da6b204ec72429f6f3857ad743e77b41d4/roles/ks-monitor/templates/prometheus-prometheus.yaml.j2#L105

Somehow may not work.