RKE Cluster DNS/Network Issue in Air-Gap Environment

[GuillaumeDorschner]

I am encountering a problem with my RKE setup, which I believe is related to DNS or network configurations. Here's an outline of the problem:

RKE version:

rke version v1.4.7

Docker version: (docker version,docker info preferred)

Client: Docker Engine - Community
 Version:           24.0.5
 API version:       1.43
 Go version:        go1.20.6
 Git commit:        ced0996
 Built:             Fri Jul 21 20:36:32 2023
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          24.0.5
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.6
  Git commit:       a61e2b4
  Built:            Fri Jul 21 20:35:32 2023
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.22
  GitCommit:        8165feabfdfe38c65b599c4993d227328c231fca
 runc:
  Version:          1.1.8
  GitCommit:        v1.1.8-0-g82f18fe
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Operating system and kernel: (cat /etc/os-release, uname -r preferred)

NAME="AlmaLinux"
VERSION="8.8 (Sapphire Caracal)"
ID="almalinux"
ID_LIKE="rhel centos fedora"
VERSION_ID="8.8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="AlmaLinux 8.8 (Sapphire Caracal)"
ANSI_COLOR="0;34"
LOGO="fedora-logo-icon"
CPE_NAME="cpe:/o:almalinux:almalinux:8::baseos"
HOME_URL="https://almalinux.org/"
DOCUMENTATION_URL="https://wiki.almalinux.org/"
BUG_REPORT_URL="https://bugs.almalinux.org/"

ALMALINUX_MANTISBT_PROJECT="AlmaLinux-8"
ALMALINUX_MANTISBT_PROJECT_VERSION="8.8"
REDHAT_SUPPORT_PRODUCT="AlmaLinux"
REDHAT_SUPPORT_PRODUCT_VERSION="8.8"

Type/provider of hosts: (VirtualBox/Bare-metal/AWS/GCE/DO) Bare-metal

cluster.yml file:

nodes:
  - address: 192.168.137.65
    hostname_override: master
    user: k8s
    role: [controlplane, etcd]
  - address: 192.168.137.62
    hostname_override: worker1
    user: k8s
    role: [worker]

services:
  etcd:
    snapshot: true
    creation: 6h
    retention: 24h

network:
  plugin: calico

ingress:
  provider: nginx
  network_mode: none

addons: |-
  ---
  apiVersion: v1
  kind: Service
  metadata:
    name: ingress-nginx-external
    namespace: ingress-nginx
  spec:
    ports:
    - name: https
      port: 443
      protocol: TCP
      targetPort: 443
    selector:
      app: ingress-nginx
      app.kubernetes.io/instance: ingress-nginx
    sessionAffinity: None
    type: LoadBalancer

My cluster needs to operate in an Air-Gap environment, so I must resolve this issue. I Air-Gap in a VLAN, maybe that the problem ?

Cluster Creation Output Failed:

# Output when isolated within VLAN
➜  rke-setup ./rke up --config cluster.yml
...
FATA[0117] Failed to get job complete status for job rke-network-plugin-deploy-job in namespace kube-system
➜  rke-setup

I don't know how to fix this. I would appreciate some advice or help in resolving this issue.

[GuillaumeDorschner]

Hello @jiaqiluo, could you help me? I'm currently stuck.

[beanbao22]

I got the same issue. With internet, rke running without error Without internet, I have full list docker images but always stuck at job rke-network-plugin

[jiaqiluo]

Hi @GuillaumeDorschner, if I understand your needs correctly, you need to configure a private registry for RKE to work in air gap env. See RKE docs

Regarding to the rke-network-plugin-deploy-job error. When RKE returns the error, there should already be a kubeconfig.yaml file in your working directory. Can you use it with kubectl to check the error message on the job or the pod? If there is no kubeconfig file or it does not work, can you try to ssh into the control plane node to check the corresponding containers and their status/error? (or it may be on the worker nodes. it will be easier if you can make a new cluster with only one node and all roles) cc @beanbao22

[beanbao22]

@jiaqiluo I run only on one node with all roles. I have private registry defined on cluster.yml. But it alway stuck at job rke-network-plugin

I download list image from command **rke config --system-images**.

If I try with internet, it work with any issue

Update: I check logs from pod rke-network-plugin-deploy-job-xxxx

unable to ensure pod container exists: failed to create container for [kubepods besteffort pod7bda81ff-7df8-4b75-b22c-7cf662c272bd] : unable to start unit "kubepods-besteffort-pod7bda81ff_7df8_4b75_b22c_7cf662c272bd.slice" (properties [{Name:Description Value:"libcontainer container kubepods-besteffort-pod7bda81ff_7df8_4b75_b22c_7cf662c272bd.slice"} {Name:Wants Value:["kubepods-besteffort.slice"]} {Name:MemoryAccounting Value:true} {Name:CPUAccounting Value:true} {Name:IOAccounting Value:true} {Name:TasksAccounting Value:true} {Name:DefaultDependencies Value:false}]): Unit kubepods-besteffort.slice not found.

[jiaqiluo]

@beanbao22, it looks like you ran into https://github.com/rancher/rke/issues/3160 which mentions the Unit kubepods-besteffort.slice not found error.

[beanbao22]

@beanbao22, it looks like you ran into #3160 which mentions the Unit kubepods-besteffort.slice not found error.

I think it's not real issue, cause with internet ready, I install without issue. The same OS, docker, rke version, images....

[GuillaumeDorschner]

@jiaqiluo I have the kube_config_cluster.yml and I looked in the cluster.

Cluster Information

➜  rke-setup kubectl get nodes

NAME      STATUS     ROLES               AGE   VERSION
master    NotReady   controlplane,etcd   18m   v1.26.6
worker1   NotReady   worker              18m   v1.26.6
➜  rke-setup kubectl get componentstatuses

Warning: v1 ComponentStatus is deprecated in v1.19+
NAME                 STATUS    MESSAGE                         ERROR
scheduler            Healthy   ok
controller-manager   Healthy   ok
etcd-0               Healthy   {"health":"true","reason":""}
➜  rke-setup kubectl get pods -n kube-system

NAME                                  READY   STATUS   RESTARTS   AGE
rke-network-plugin-deploy-job-b7f6n   0/1     Error    0          13m
rke-network-plugin-deploy-job-bwcxg   0/1     Error    0          7m49s
rke-network-plugin-deploy-job-gp7vq   0/1     Error    0          105s
rke-network-plugin-deploy-job-htz4h   0/1     Error    0          18m
rke-network-plugin-deploy-job-l4f9b   0/1     Error    0          18m
rke-network-plugin-deploy-job-pc5dj   0/1     Error    0          18m
rke-network-plugin-deploy-job-rtpdp   0/1     Error    0          18m
rke-network-plugin-deploy-job-sxpqj   0/1     Error    0          15m
rke-network-plugin-deploy-job-xx28t   0/1     Error    0          17m

Describe

➜  rke-setup kubectl describe pod rke-network-plugin-deploy-job-b7f6n -n kube-system

Name:             rke-network-plugin-deploy-job-b7f6n
Namespace:        kube-system
Priority:         0
Service Account:  rke-job-deployer
Node:             master/
Start Time:       Wed, 30 Aug 2023 09:54:24 +0200
Labels:           controller-uid=b675948d-42a8-4a29-a838-3055a3b57b63
                  job-name=rke-network-plugin-deploy-job
Annotations:      <none>
Status:           Failed
IP:
IPs:              <none>
Controlled By:    Job/rke-network-plugin-deploy-job
Containers:
  rke-network-plugin-pod:
    Container ID:  docker://3832335a3e9ea74ebe08fce60205fa7e903ef62fec017ae7afd97c3daa4ff5e0
    Image:         repo.labo.bi:8082/rancher/hyperkube:v1.26.6-rancher1
    Image ID:      docker-pullable://rancher/hyperkube@sha256:45e9e5a04b65afa3a291bbc458f0076cfb1d725bd550d7c71b9dbaa25387091e
    Port:          <none>
    Host Port:     <none>
    Command:
      kubectl
      apply
      -f
      /etc/config/rke-network-plugin.yaml
    State:          Terminated
      Reason:       Error
      Exit Code:    1
      Started:      Wed, 30 Aug 2023 09:54:25 +0200
      Finished:     Wed, 30 Aug 2023 09:54:25 +0200
    Ready:          False
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /etc/config from config-volume (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-q9rn7 (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             False
  ContainersReady   False
  PodScheduled      True
Volumes:
  config-volume:
    Type:      ConfigMap (a volume populated by a ConfigMap)
    Name:      rke-network-plugin
    Optional:  false
  kube-api-access-q9rn7:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              <none>
Tolerations:                 op=Exists
Events:
  Type    Reason   Age   From     Message
  ----    ------   ----  ----     -------
  Normal  Pulled   11m   kubelet  Container image "repo.labo.bi:8082/rancher/hyperkube:v1.26.6-rancher1" already present on machine
  Normal  Created  11m   kubelet  Created container rke-network-plugin-pod
  Normal  Started  11m   kubelet  Started container rke-network-plugin-pod

Logs of all the pods

➜  rke-setup kubectl logs rke-network-plugin-deploy-job-b7f6n -n kube-system
kubectl logs rke-network-plugin-deploy-job-bwcxg -n kube-system
kubectl logs rke-network-plugin-deploy-job-gp7vq -n kube-system
kubectl logs rke-network-plugin-deploy-job-htz4h -n kube-system
kubectl logs rke-network-plugin-deploy-job-l4f9b -n kube-system
kubectl logs rke-network-plugin-deploy-job-pc5dj -n kube-system
kubectl logs rke-network-plugin-deploy-job-px6vm -n kube-system
kubectl logs rke-network-plugin-deploy-job-rtpdp -n kube-system
kubectl logs rke-network-plugin-deploy-job-sxpqj -n kube-system
kubectl logs rke-network-plugin-deploy-job-xx28t -n kube-system

Error from server: no preferred addresses found; known addresses: []
Error from server: no preferred addresses found; known addresses: []
Error from server: no preferred addresses found; known addresses: []
Error from server: no preferred addresses found; known addresses: []
Error from server: no preferred addresses found; known addresses: []
Error from server: no preferred addresses found; known addresses: []
Error from server: no preferred addresses found; known addresses: []
Error from server: no preferred addresses found; known addresses: []
Error from server: no preferred addresses found; known addresses: []
Error from server: no preferred addresses found; known addresses: []

[GuillaumeDorschner]

@jiaqiluo, I've tried running RKE again, but this time with the eth interface enabled for internet access. I didn't encounter any errors this time, as you can see from the attached screenshot. However, this setup is only good for testing. My final cluster won't have internet access, so I'm at an impasse.

[jiaqiluo]

@GuillaumeDorschner

The error Error from server: no preferred addresses found; known addresses: [] is returned by K8s when it tries to allocate the pod to the specific node ( master node in your case), but it can't get any adders ( external address in your case).
This can be proved by 1) the master node is NotReady and 2) the value Node: master/ in the output of kubectl describe pod rke-network-plugin-deploy-job-b7f6n -n kube-system, there supposed to be the address after the dash (/).

Now, the problem becomes why nodes are in the NotReady status.

There could be a variety of reasons, and you can try the following to diagnose it:

• the output of k describe node master - look in the Conditions section for any failed k8s components.
• Enable the debug level logging on the rke -d up cluster.yaml - Again, we are looking for any error or warning that might tell us why the node is not ready
• Run k get pods -A - any failed pod besides the rke-network-plugin-xxx one?

[GuillaumeDorschner]

@jiaqiluo

Okay, I don't see anything suspicious in the logs or in the output of describe node master.

Logs:

➜  rke-setup ./rke -d up cluster.yml
DEBU[0000] Loglevel set to [debug]
INFO[0000] Running RKE version: v1.4.7
DEBU[0000] audit log policy found in cluster.yml
INFO[0000] Initiating Kubernetes cluster
DEBU[0000] Loading data.json from local source
DEBU[0000] data.json SHA256 checksum: 5f13312d74be24e7121c58dc299f16a728dac04d4635644e7655db30bdc76f68
DEBU[0000] No DNS provider configured, setting default based on cluster version [1.26.6-rancher1-1]
DEBU[0000] DNS provider set to [coredns]
DEBU[0000] Checking if cluster version [1.26.6-rancher1-1] needs to have kube-api audit log enabled
DEBU[0000] Cluster version [1.26.6-rancher1-1] needs to have kube-api audit log enabled
DEBU[0000] Enabling kube-api audit log for cluster version [v1.26.6-rancher1-1]
DEBU[0000] No input provided for maxUnavailableWorker, setting it to default value of 10 percent
DEBU[0000] No input provided for maxUnavailableControlplane, setting it to default value of 1
DEBU[0000] Checking ingress default backend for cluster version [v1.26.6-rancher1-1]
DEBU[0000] Cluster version [v1.26.6-rancher1-1] needs to have ingress default backend disabled
DEBU[0000] Host: 192.168.137.65 has role: controlplane
DEBU[0000] Host: 192.168.137.65 has role: etcd
DEBU[0000] Host: 192.168.137.62 has role: worker
DEBU[0000] Checking cri-dockerd for cluster version [v1.26.6-rancher1-1]
DEBU[0000] cri-dockerd is enabled for cluster version [v1.26.6-rancher1-1]
DEBU[0000] Checking PodSecurityPolicy for cluster version [v1.26.6-rancher1-1]
DEBU[0000] Checking PodSecurity for cluster version [v1.26.6-rancher1-1]
DEBU[0000] [state] previous state not found, possible legacy cluster
INFO[0000] [dialer] Setup tunnel for host [192.168.137.62]
INFO[0000] [dialer] Setup tunnel for host [192.168.137.65]
DEBU[0000] Connecting to Docker API for host [192.168.137.62]
DEBU[0000] Connecting to Docker API for host [192.168.137.65]
DEBU[0000] Docker Info found for host [192.168.137.65]: types.Info{ID:"d03eca6f-6468-4370-9f1b-008bdb123e0a", Containers:19, ContainersRunning:2, ContainersPaused:0, ContainersStopped:17, Images:28, Driver:"overlay2", DriverStatus:[][2]string{[2]string{"Backing Filesystem", "xfs"}, [2]string{"Supports d_type", "true"}, [2]string{"Using metacopy", "false"}, [2]string{"Native Overlay Diff", "true"}, [2]string{"userxattr", "false"}}, SystemStatus:[][2]string(nil), Plugins:types.PluginsInfo{Volume:[]string{"local"}, Network:[]string{"bridge", "host", "ipvlan", "macvlan", "null", "overlay"}, Authorization:[]string(nil), Log:[]string{"awslogs", "fluentd", "gcplogs", "gelf", "journald", "json-file", "local", "logentries", "splunk", "syslog"}}, MemoryLimit:true, SwapLimit:true, KernelMemory:true, KernelMemoryTCP:true, CPUCfsPeriod:true, CPUCfsQuota:true, CPUShares:true, CPUSet:true, PidsLimit:true, IPv4Forwarding:true, BridgeNfIptables:true, BridgeNfIP6tables:true, Debug:false, NFd:37, OomKillDisable:true, NGoroutines:43, SystemTime:"2023-08-30T23:30:12.206004187+02:00", LoggingDriver:"json-file", CgroupDriver:"cgroupfs", CgroupVersion:"1", NEventsListener:0, KernelVersion:"4.18.0-372.9.1.el8.x86_64", OperatingSystem:"AlmaLinux 8.6 (Sky Tiger)", OSVersion:"8.6", OSType:"linux", Architecture:"x86_64", IndexServerAddress:"https://index.docker.io/v1/", RegistryConfig:(*registry.ServiceConfig)(0xc0001b4150), NCPU:32, MemTotal:269458673664, GenericResources:[]swarm.GenericResource(nil), DockerRootDir:"/var/lib/docker", HTTPProxy:"", HTTPSProxy:"", NoProxy:"", Name:"localhost.localdomain", Labels:[]string{}, ExperimentalBuild:false, ServerVersion:"23.0.6", ClusterStore:"", ClusterAdvertise:"", Runtimes:map[string]types.Runtime{"io.containerd.runc.v2":types.Runtime{Path:"runc", Args:[]string(nil), Shim:(*types.ShimConfig)(nil)}, "runc":types.Runtime{Path:"runc", Args:[]string(nil), Shim:(*types.ShimConfig)(nil)}}, DefaultRuntime:"runc", Swarm:swarm.Info{NodeID:"", NodeAddr:"", LocalNodeState:"inactive", ControlAvailable:false, Error:"", RemoteManagers:[]swarm.Peer(nil), Nodes:0, Managers:0, Cluster:(*swarm.ClusterInfo)(nil), Warnings:[]string(nil)}, LiveRestoreEnabled:false, Isolation:"", InitBinary:"docker-init", ContainerdCommit:types.Commit{ID:"8165feabfdfe38c65b599c4993d227328c231fca", Expected:"8165feabfdfe38c65b599c4993d227328c231fca"}, RuncCommit:types.Commit{ID:"v1.1.8-0-g82f18fe", Expected:"v1.1.8-0-g82f18fe"}, InitCommit:types.Commit{ID:"de40ad0", Expected:"de40ad0"}, SecurityOptions:[]string{"name=seccomp,profile=builtin"}, ProductLicense:"", DefaultAddressPools:[]types.NetworkAddressPool(nil), Warnings:[]string(nil)}
DEBU[0000] Docker Info found for host [192.168.137.62]: types.Info{ID:"03725a2b-a240-48ad-9a37-fc4b724cc262", Containers:37, ContainersRunning:20, ContainersPaused:0, ContainersStopped:17, Images:32, Driver:"overlay2", DriverStatus:[][2]string{[2]string{"Backing Filesystem", "xfs"}, [2]string{"Supports d_type", "true"}, [2]string{"Using metacopy", "false"}, [2]string{"Native Overlay Diff", "true"}, [2]string{"userxattr", "false"}}, SystemStatus:[][2]string(nil), Plugins:types.PluginsInfo{Volume:[]string{"local"}, Network:[]string{"bridge", "host", "ipvlan", "macvlan", "null", "overlay"}, Authorization:[]string(nil), Log:[]string{"awslogs", "fluentd", "gcplogs", "gelf", "journald", "json-file", "local", "logentries", "splunk", "syslog"}}, MemoryLimit:true, SwapLimit:true, KernelMemory:true, KernelMemoryTCP:true, CPUCfsPeriod:true, CPUCfsQuota:true, CPUShares:true, CPUSet:true, PidsLimit:true, IPv4Forwarding:true, BridgeNfIptables:true, BridgeNfIP6tables:true, Debug:false, NFd:135, OomKillDisable:true, NGoroutines:115, SystemTime:"2023-08-30T23:30:09.477999904+02:00", LoggingDriver:"json-file", CgroupDriver:"cgroupfs", CgroupVersion:"1", NEventsListener:0, KernelVersion:"4.18.0-372.9.1.el8.x86_64", OperatingSystem:"AlmaLinux 8.6 (Sky Tiger)", OSVersion:"8.6", OSType:"linux", Architecture:"x86_64", IndexServerAddress:"https://index.docker.io/v1/", RegistryConfig:(*registry.ServiceConfig)(0xc0001ac000), NCPU:64, MemTotal:269855334400, GenericResources:[]swarm.GenericResource(nil), DockerRootDir:"/var/lib/docker", HTTPProxy:"", HTTPSProxy:"", NoProxy:"", Name:"localhost.localdomain", Labels:[]string{}, ExperimentalBuild:false, ServerVersion:"23.0.6", ClusterStore:"", ClusterAdvertise:"", Runtimes:map[string]types.Runtime{"io.containerd.runc.v2":types.Runtime{Path:"runc", Args:[]string(nil), Shim:(*types.ShimConfig)(nil)}, "runc":types.Runtime{Path:"runc", Args:[]string(nil), Shim:(*types.ShimConfig)(nil)}}, DefaultRuntime:"runc", Swarm:swarm.Info{NodeID:"", NodeAddr:"", LocalNodeState:"inactive", ControlAvailable:false, Error:"", RemoteManagers:[]swarm.Peer(nil), Nodes:0, Managers:0, Cluster:(*swarm.ClusterInfo)(nil), Warnings:[]string(nil)}, LiveRestoreEnabled:false, Isolation:"", InitBinary:"docker-init", ContainerdCommit:types.Commit{ID:"8165feabfdfe38c65b599c4993d227328c231fca", Expected:"8165feabfdfe38c65b599c4993d227328c231fca"}, RuncCommit:types.Commit{ID:"v1.1.8-0-g82f18fe", Expected:"v1.1.8-0-g82f18fe"}, InitCommit:types.Commit{ID:"de40ad0", Expected:"de40ad0"}, SecurityOptions:[]string{"name=seccomp,profile=builtin"}, ProductLicense:"", DefaultAddressPools:[]types.NetworkAddressPool(nil), Warnings:[]string(nil)}
DEBU[0000] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
INFO[0000] Finding container [cluster-state-deployer] on host [192.168.137.65], try #1
DEBU[0000] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
INFO[0000] Finding container [cluster-state-deployer] on host [192.168.137.62], try #1
INFO[0000] [certificates] Generating CA kubernetes certificates
INFO[0000] [certificates] Generating Kubernetes API server aggregation layer requestheader client CA certificates
INFO[0001] [certificates] GenerateServingCertificate is disabled, checking if there are unused kubelet certificates
INFO[0001] [certificates] Generating Kubernetes API server certificates
INFO[0001] [certificates] Generating Service account token key
INFO[0001] [certificates] Generating Kube Controller certificates
INFO[0001] [certificates] Generating Kube Scheduler certificates
INFO[0002] [certificates] Generating Kube Proxy certificates
INFO[0002] [certificates] Generating Node certificate
INFO[0002] [certificates] Generating admin certificates and kubeconfig
INFO[0003] [certificates] Generating Kubernetes API server proxy client certificates
INFO[0003] [certificates] Generating kube-etcd-192-168-137-65 certificate and key
INFO[0004] Successfully Deployed state file at [./cluster.rkestate]
DEBU[0004] Checking if cluster version [1.26.6-rancher1-1] needs to have kube-api audit log enabled
DEBU[0004] Cluster version [1.26.6-rancher1-1] needs to have kube-api audit log enabled
DEBU[0004] Enabling kube-api audit log for cluster version [v1.26.6-rancher1-1]
DEBU[0004] Host: 192.168.137.65 has role: controlplane
DEBU[0004] Host: 192.168.137.65 has role: etcd
DEBU[0004] Host: 192.168.137.62 has role: worker
DEBU[0004] Checking cri-dockerd for cluster version [v1.26.6-rancher1-1]
DEBU[0004] cri-dockerd is enabled for cluster version [v1.26.6-rancher1-1]
DEBU[0004] Checking PodSecurityPolicy for cluster version [v1.26.6-rancher1-1]
DEBU[0004] Checking PodSecurity for cluster version [v1.26.6-rancher1-1]
INFO[0004] Building Kubernetes cluster
INFO[0004] [dialer] Setup tunnel for host [192.168.137.62]
INFO[0004] [dialer] Setup tunnel for host [192.168.137.65]
DEBU[0004] Connecting to Docker API for host [192.168.137.65]
DEBU[0004] Connecting to Docker API for host [192.168.137.62]
DEBU[0004] Docker Info found for host [192.168.137.65]: types.Info{ID:"d03eca6f-6468-4370-9f1b-008bdb123e0a", Containers:19, ContainersRunning:2, ContainersPaused:0, ContainersStopped:17, Images:28, Driver:"overlay2", DriverStatus:[][2]string{[2]string{"Backing Filesystem", "xfs"}, [2]string{"Supports d_type", "true"}, [2]string{"Using metacopy", "false"}, [2]string{"Native Overlay Diff", "true"}, [2]string{"userxattr", "false"}}, SystemStatus:[][2]string(nil), Plugins:types.PluginsInfo{Volume:[]string{"local"}, Network:[]string{"bridge", "host", "ipvlan", "macvlan", "null", "overlay"}, Authorization:[]string(nil), Log:[]string{"awslogs", "fluentd", "gcplogs", "gelf", "journald", "json-file", "local", "logentries", "splunk", "syslog"}}, MemoryLimit:true, SwapLimit:true, KernelMemory:true, KernelMemoryTCP:true, CPUCfsPeriod:true, CPUCfsQuota:true, CPUShares:true, CPUSet:true, PidsLimit:true, IPv4Forwarding:true, BridgeNfIptables:true, BridgeNfIP6tables:true, Debug:false, NFd:38, OomKillDisable:true, NGoroutines:44, SystemTime:"2023-08-30T23:30:16.056844444+02:00", LoggingDriver:"json-file", CgroupDriver:"cgroupfs", CgroupVersion:"1", NEventsListener:0, KernelVersion:"4.18.0-372.9.1.el8.x86_64", OperatingSystem:"AlmaLinux 8.6 (Sky Tiger)", OSVersion:"8.6", OSType:"linux", Architecture:"x86_64", IndexServerAddress:"https://index.docker.io/v1/", RegistryConfig:(*registry.ServiceConfig)(0xc0001ac000), NCPU:32, MemTotal:269458673664, GenericResources:[]swarm.GenericResource(nil), DockerRootDir:"/var/lib/docker", HTTPProxy:"", HTTPSProxy:"", NoProxy:"", Name:"localhost.localdomain", Labels:[]string{}, ExperimentalBuild:false, ServerVersion:"23.0.6", ClusterStore:"", ClusterAdvertise:"", Runtimes:map[string]types.Runtime{"io.containerd.runc.v2":types.Runtime{Path:"runc", Args:[]string(nil), Shim:(*types.ShimConfig)(nil)}, "runc":types.Runtime{Path:"runc", Args:[]string(nil), Shim:(*types.ShimConfig)(nil)}}, DefaultRuntime:"runc", Swarm:swarm.Info{NodeID:"", NodeAddr:"", LocalNodeState:"inactive", ControlAvailable:false, Error:"", RemoteManagers:[]swarm.Peer(nil), Nodes:0, Managers:0, Cluster:(*swarm.ClusterInfo)(nil), Warnings:[]string(nil)}, LiveRestoreEnabled:false, Isolation:"", InitBinary:"docker-init", ContainerdCommit:types.Commit{ID:"8165feabfdfe38c65b599c4993d227328c231fca", Expected:"8165feabfdfe38c65b599c4993d227328c231fca"}, RuncCommit:types.Commit{ID:"v1.1.8-0-g82f18fe", Expected:"v1.1.8-0-g82f18fe"}, InitCommit:types.Commit{ID:"de40ad0", Expected:"de40ad0"}, SecurityOptions:[]string{"name=seccomp,profile=builtin"}, ProductLicense:"", DefaultAddressPools:[]types.NetworkAddressPool(nil), Warnings:[]string(nil)}
DEBU[0004] Docker Info found for host [192.168.137.62]: types.Info{ID:"03725a2b-a240-48ad-9a37-fc4b724cc262", Containers:37, ContainersRunning:20, ContainersPaused:0, ContainersStopped:17, Images:32, Driver:"overlay2", DriverStatus:[][2]string{[2]string{"Backing Filesystem", "xfs"}, [2]string{"Supports d_type", "true"}, [2]string{"Using metacopy", "false"}, [2]string{"Native Overlay Diff", "true"}, [2]string{"userxattr", "false"}}, SystemStatus:[][2]string(nil), Plugins:types.PluginsInfo{Volume:[]string{"local"}, Network:[]string{"bridge", "host", "ipvlan", "macvlan", "null", "overlay"}, Authorization:[]string(nil), Log:[]string{"awslogs", "fluentd", "gcplogs", "gelf", "journald", "json-file", "local", "logentries", "splunk", "syslog"}}, MemoryLimit:true, SwapLimit:true, KernelMemory:true, KernelMemoryTCP:true, CPUCfsPeriod:true, CPUCfsQuota:true, CPUShares:true, CPUSet:true, PidsLimit:true, IPv4Forwarding:true, BridgeNfIptables:true, BridgeNfIP6tables:true, Debug:false, NFd:136, OomKillDisable:true, NGoroutines:116, SystemTime:"2023-08-30T23:30:13.267904342+02:00", LoggingDriver:"json-file", CgroupDriver:"cgroupfs", CgroupVersion:"1", NEventsListener:0, KernelVersion:"4.18.0-372.9.1.el8.x86_64", OperatingSystem:"AlmaLinux 8.6 (Sky Tiger)", OSVersion:"8.6", OSType:"linux", Architecture:"x86_64", IndexServerAddress:"https://index.docker.io/v1/", RegistryConfig:(*registry.ServiceConfig)(0xc0001ac1c0), NCPU:64, MemTotal:269855334400, GenericResources:[]swarm.GenericResource(nil), DockerRootDir:"/var/lib/docker", HTTPProxy:"", HTTPSProxy:"", NoProxy:"", Name:"localhost.localdomain", Labels:[]string{}, ExperimentalBuild:false, ServerVersion:"23.0.6", ClusterStore:"", ClusterAdvertise:"", Runtimes:map[string]types.Runtime{"io.containerd.runc.v2":types.Runtime{Path:"runc", Args:[]string(nil), Shim:(*types.ShimConfig)(nil)}, "runc":types.Runtime{Path:"runc", Args:[]string(nil), Shim:(*types.ShimConfig)(nil)}}, DefaultRuntime:"runc", Swarm:swarm.Info{NodeID:"", NodeAddr:"", LocalNodeState:"inactive", ControlAvailable:false, Error:"", RemoteManagers:[]swarm.Peer(nil), Nodes:0, Managers:0, Cluster:(*swarm.ClusterInfo)(nil), Warnings:[]string(nil)}, LiveRestoreEnabled:false, Isolation:"", InitBinary:"docker-init", ContainerdCommit:types.Commit{ID:"8165feabfdfe38c65b599c4993d227328c231fca", Expected:"8165feabfdfe38c65b599c4993d227328c231fca"}, RuncCommit:types.Commit{ID:"v1.1.8-0-g82f18fe", Expected:"v1.1.8-0-g82f18fe"}, InitCommit:types.Commit{ID:"de40ad0", Expected:"de40ad0"}, SecurityOptions:[]string{"name=seccomp,profile=builtin"}, ProductLicense:"", DefaultAddressPools:[]types.NetworkAddressPool(nil), Warnings:[]string(nil)}
INFO[0004] [network] Deploying port listener containers
DEBU[0004] [network] Starting deployListener [rke-etcd-port-listener] on host [192.168.137.65]
DEBU[0004] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0004] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0004] Starting container [rke-etcd-port-listener] on host [192.168.137.65], try #1
INFO[0004] [network] Successfully started [rke-etcd-port-listener] container on host [192.168.137.65]
DEBU[0004] [network] Starting deployListener [rke-cp-port-listener] on host [192.168.137.65]
DEBU[0004] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0004] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0004] Starting container [rke-cp-port-listener] on host [192.168.137.65], try #1
INFO[0005] [network] Successfully started [rke-cp-port-listener] container on host [192.168.137.65]
DEBU[0005] [network] Starting deployListener [rke-worker-port-listener] on host [192.168.137.62]
DEBU[0005] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62], try #1
INFO[0005] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62]
INFO[0005] Starting container [rke-worker-port-listener] on host [192.168.137.62], try #1
INFO[0005] [network] Successfully started [rke-worker-port-listener] container on host [192.168.137.62]
INFO[0005] [network] Port listener containers deployed successfully
INFO[0005] [network] Running control plane -> etcd port checks
INFO[0005] [network] Checking if host [192.168.137.65] can connect to host(s) [192.168.137.65] on port(s) [2379], try #1
DEBU[0005] [remove/rke-port-checker] Checking if container is running on host [192.168.137.65]
DEBU[0005] [remove/rke-port-checker] Container doesn't exist on host [192.168.137.65]
DEBU[0005] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0005] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0006] Starting container [rke-port-checker] on host [192.168.137.65], try #1
INFO[0006] [network] Successfully started [rke-port-checker] container on host [192.168.137.65]
DEBU[0006] [network] containerLog [] on host: 192.168.137.65
INFO[0006] Removing container [rke-port-checker] on host [192.168.137.65], try #1
DEBU[0006] [network] Length of containerLog is [0] on host: 192.168.137.65
INFO[0006] [network] Running control plane -> worker port checks
INFO[0006] [network] Checking if host [192.168.137.65] can connect to host(s) [192.168.137.62] on port(s) [10250], try #1
DEBU[0006] [remove/rke-port-checker] Checking if container is running on host [192.168.137.65]
DEBU[0006] [remove/rke-port-checker] Container doesn't exist on host [192.168.137.65]
DEBU[0006] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0006] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0006] Starting container [rke-port-checker] on host [192.168.137.65], try #1
INFO[0006] [network] Successfully started [rke-port-checker] container on host [192.168.137.65]
DEBU[0006] [network] containerLog [] on host: 192.168.137.65
INFO[0006] Removing container [rke-port-checker] on host [192.168.137.65], try #1
DEBU[0006] [network] Length of containerLog is [0] on host: 192.168.137.65
INFO[0006] [network] Running workers -> control plane port checks
INFO[0006] [network] Checking if host [192.168.137.62] can connect to host(s) [192.168.137.65] on port(s) [6443], try #1
DEBU[0006] [remove/rke-port-checker] Checking if container is running on host [192.168.137.62]
DEBU[0006] [remove/rke-port-checker] Container doesn't exist on host [192.168.137.62]
DEBU[0006] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62], try #1
INFO[0006] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62]
INFO[0006] Starting container [rke-port-checker] on host [192.168.137.62], try #1
INFO[0007] [network] Successfully started [rke-port-checker] container on host [192.168.137.62]
DEBU[0007] [network] containerLog [] on host: 192.168.137.62
INFO[0007] Removing container [rke-port-checker] on host [192.168.137.62], try #1
DEBU[0007] [network] Length of containerLog is [0] on host: 192.168.137.62
INFO[0007] [network] Checking KubeAPI port Control Plane hosts
DEBU[0007] [network] Checking KubeAPI port [6443] on host: 192.168.137.65
INFO[0007] [network] Removing port listener containers
DEBU[0007] [remove/rke-etcd-port-listener] Checking if container is running on host [192.168.137.65]
DEBU[0007] [remove/rke-etcd-port-listener] Removing container on host [192.168.137.65]
INFO[0007] Removing container [rke-etcd-port-listener] on host [192.168.137.65], try #1
INFO[0007] [remove/rke-etcd-port-listener] Successfully removed container on host [192.168.137.65]
DEBU[0007] [remove/rke-cp-port-listener] Checking if container is running on host [192.168.137.65]
DEBU[0007] [remove/rke-cp-port-listener] Removing container on host [192.168.137.65]
INFO[0007] Removing container [rke-cp-port-listener] on host [192.168.137.65], try #1
INFO[0007] [remove/rke-cp-port-listener] Successfully removed container on host [192.168.137.65]
DEBU[0007] [remove/rke-worker-port-listener] Checking if container is running on host [192.168.137.62]
DEBU[0007] [remove/rke-worker-port-listener] Removing container on host [192.168.137.62]
INFO[0007] Removing container [rke-worker-port-listener] on host [192.168.137.62], try #1
INFO[0008] [remove/rke-worker-port-listener] Successfully removed container on host [192.168.137.62]
INFO[0008] [network] Port listener containers removed successfully
DEBU[0008] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
INFO[0008] [certificates] Deploying kubernetes certificates to Cluster nodes
INFO[0008] Finding container [cert-deployer] on host [192.168.137.62], try #1
INFO[0008] Finding container [cert-deployer] on host [192.168.137.65], try #1
DEBU[0008] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0008] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
DEBU[0008] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0008] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62], try #1
INFO[0008] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62]
DEBU[0008] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
INFO[0008] Starting container [cert-deployer] on host [192.168.137.65], try #1
INFO[0008] Starting container [cert-deployer] on host [192.168.137.62], try #1
DEBU[0008] [certificates] Successfully started Certificate deployer container: cert-deployer
INFO[0008] Finding container [cert-deployer] on host [192.168.137.65], try #1
DEBU[0008] [certificates] Successfully started Certificate deployer container: cert-deployer
INFO[0008] Finding container [cert-deployer] on host [192.168.137.62], try #1
INFO[0013] Finding container [cert-deployer] on host [192.168.137.65], try #1
INFO[0013] Removing container [cert-deployer] on host [192.168.137.65], try #1
INFO[0013] Finding container [cert-deployer] on host [192.168.137.62], try #1
INFO[0013] Removing container [cert-deployer] on host [192.168.137.62], try #1
INFO[0013] [reconcile] Rebuilding and updating local kube config
DEBU[0013] [reconcile] Rebuilding and updating local kube config, creating new kubeconfig
DEBU[0013] Deploying admin Kubeconfig locally at [./kube_config_cluster.yml]
INFO[0013] Successfully Deployed local admin kubeconfig at [./kube_config_cluster.yml]
DEBU[0013] [version] Using ./kube_config_cluster.yml to connect to Kubernetes cluster..
DEBU[0013] [version] Getting Kubernetes server version..
WARN[0013] [reconcile] host [192.168.137.65] is a control plane node without reachable Kubernetes API endpoint in the cluster
WARN[0013] [reconcile] no control plane node with reachable Kubernetes API endpoint in the cluster found
INFO[0013] [certificates] Successfully deployed kubernetes certificates to Cluster nodes
DEBU[0013] using the default EventRateLimit configuration
DEBU[0013] using the PodSecurity configuration [privileged]
INFO[0013] [file-deploy] Deploying file [/etc/kubernetes/admission.yaml] to node [192.168.137.65]
DEBU[0013] [remove/file-deployer] Checking if container is running on host [192.168.137.65]
DEBU[0013] [remove/file-deployer] Container doesn't exist on host [192.168.137.65]
DEBU[0013] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0013] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0013] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0013] Starting container [file-deployer] on host [192.168.137.65], try #1
INFO[0014] Successfully started [file-deployer] container on host [192.168.137.65]
INFO[0014] Waiting for [file-deployer] container to exit on host [192.168.137.65]
INFO[0014] Waiting for [file-deployer] container to exit on host [192.168.137.65]
INFO[0014] Container [file-deployer] is still running on host [192.168.137.65]: stderr: [], stdout: []
DEBU[0015] Exit code for [file-deployer] container on host [192.168.137.65] is [0]
DEBU[0015] [remove/file-deployer] Checking if container is running on host [192.168.137.65]
DEBU[0015] [remove/file-deployer] Removing container on host [192.168.137.65]
INFO[0015] Removing container [file-deployer] on host [192.168.137.65], try #1
INFO[0015] [remove/file-deployer] Successfully removed container on host [192.168.137.65]
DEBU[0015] [file-deploy] Successfully deployed file [/etc/kubernetes/admission.yaml] on node [192.168.137.65]
INFO[0015] [/etc/kubernetes/admission.yaml] Successfully deployed admission control config to Cluster control nodes
INFO[0015] [file-deploy] Deploying file [/etc/kubernetes/audit-policy.yaml] to node [192.168.137.65]
DEBU[0015] [remove/file-deployer] Checking if container is running on host [192.168.137.65]
DEBU[0015] [remove/file-deployer] Container doesn't exist on host [192.168.137.65]
DEBU[0015] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0015] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0015] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0015] Starting container [file-deployer] on host [192.168.137.65], try #1
INFO[0015] Successfully started [file-deployer] container on host [192.168.137.65]
INFO[0015] Waiting for [file-deployer] container to exit on host [192.168.137.65]
INFO[0015] Waiting for [file-deployer] container to exit on host [192.168.137.65]
INFO[0015] Container [file-deployer] is still running on host [192.168.137.65]: stderr: [], stdout: []
DEBU[0016] Exit code for [file-deployer] container on host [192.168.137.65] is [0]
DEBU[0016] [remove/file-deployer] Checking if container is running on host [192.168.137.65]
DEBU[0016] [remove/file-deployer] Removing container on host [192.168.137.65]
INFO[0016] Removing container [file-deployer] on host [192.168.137.65], try #1
INFO[0016] [remove/file-deployer] Successfully removed container on host [192.168.137.65]
DEBU[0016] [file-deploy] Successfully deployed file [/etc/kubernetes/audit-policy.yaml] on node [192.168.137.65]
INFO[0016] [/etc/kubernetes/audit-policy.yaml] Successfully deployed audit policy file to Cluster control nodes
INFO[0016] [reconcile] Reconciling cluster state
INFO[0016] [reconcile] This is newly generated cluster
DEBU[0016] Encryption is disabled in both current and new spec; no action is required
INFO[0016] Pre-pulling kubernetes images
DEBU[0016] Checking if image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65], try #1
DEBU[0016] Checking if image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.62], try #1
INFO[0016] Image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65]
INFO[0016] Image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.62]
INFO[0016] Kubernetes images pulled successfully
DEBU[0016] getDefaultKubernetesServicesOptions: getting serviceOptions for cluster version [v1.26.6-rancher1-1]
DEBU[0016] Extracted version [v1.26.6-rancher1] from image [rancher/hyperkube:v1.26.6-rancher1]
DEBU[0016] getDefaultKubernetesServicesOptions: serviceOptions found for cluster major version [v1.26]
DEBU[0016] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0016] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0016] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0016] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0016] Extracted version [v1.26.6-rancher1] from image [rancher/hyperkube:v1.26.6-rancher1]
DEBU[0016] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0016] Extracted version [v1.26.6-rancher1] from image [rancher/hyperkube:v1.26.6-rancher1]
DEBU[0016] Extracted version [v3.5.6] from image [rancher/mirrored-coreos-etcd:v3.5.6]
DEBU[0016] etcd version [3.5.6] is higher than max version [3.4.3-rancher99] for advertising port 4001, not going to advertise port 4001
DEBU[0016] etcd version [3.5.6] is higher than max version [3.4.14-rancher99] for adding stricter TLS cipher suites, going to add stricter TLS cipher suites arguments to etcd
DEBU[0016] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0016] Version [3.5.6] is equal or higher than version [3.2.99]
INFO[0016] [etcd] Building up etcd plane..
DEBU[0016] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0016] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0016] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0016] Starting container [etcd-fix-perm] on host [192.168.137.65], try #1
INFO[0016] Successfully started [etcd-fix-perm] container on host [192.168.137.65]
INFO[0016] Waiting for [etcd-fix-perm] container to exit on host [192.168.137.65]
INFO[0016] Waiting for [etcd-fix-perm] container to exit on host [192.168.137.65]
INFO[0016] Container [etcd-fix-perm] is still running on host [192.168.137.65]: stderr: [], stdout: []
DEBU[0017] Exit code for [etcd-fix-perm] container on host [192.168.137.65] is [0]
DEBU[0017] [remove/etcd-fix-perm] Checking if container is running on host [192.168.137.65]
DEBU[0017] [remove/etcd-fix-perm] Removing container on host [192.168.137.65]
INFO[0017] Removing container [etcd-fix-perm] on host [192.168.137.65], try #1
INFO[0017] [remove/etcd-fix-perm] Successfully removed container on host [192.168.137.65]
DEBU[0017] Checking if image [rancher/mirrored-coreos-etcd:v3.5.6] exists on host [192.168.137.65], try #1
INFO[0017] Image [rancher/mirrored-coreos-etcd:v3.5.6] exists on host [192.168.137.65]
INFO[0018] Starting container [etcd] on host [192.168.137.65], try #1
INFO[0018] [etcd] Successfully started [etcd] container on host [192.168.137.65]
DEBU[0018] Extracted version [v0.1.89] from image [rancher/rke-tools:v0.1.89]
DEBU[0018] Extracted version [v0.1.89] from image [rancher/rke-tools:v0.1.89]
DEBU[0018] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
INFO[0018] [etcd] Running rolling snapshot container [etcd-snapshot-once] on host [192.168.137.65]
DEBU[0018] [etcd] Using command [/opt/rke-tools/rke-etcd-backup etcd-backup save --cacert /etc/kubernetes/ssl/kube-ca.pem --cert /etc/kubernetes/ssl/kube-node.pem --key /etc/kubernetes/ssl/kube-node-key.pem --name etcd-rolling-snapshots --endpoints=192.168.137.65:2379 --retention=24h --creation=6h] for rolling snapshot container [etcd-rolling-snapshots] on host [192.168.137.65]
DEBU[0018] [remove/etcd-rolling-snapshots] Checking if container is running on host [192.168.137.65]
DEBU[0018] [remove/etcd-rolling-snapshots] Container doesn't exist on host [192.168.137.65]
DEBU[0018] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0018] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0018] Starting container [etcd-rolling-snapshots] on host [192.168.137.65], try #1
INFO[0018] [etcd] Successfully started [etcd-rolling-snapshots] container on host [192.168.137.65]
DEBU[0023] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0023] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0023] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0023] Starting container [rke-bundle-cert] on host [192.168.137.65], try #1
INFO[0023] [certificates] Successfully started [rke-bundle-cert] container on host [192.168.137.65]
INFO[0023] Waiting for [rke-bundle-cert] container to exit on host [192.168.137.65]
INFO[0023] Container [rke-bundle-cert] is still running on host [192.168.137.65]: stderr: [], stdout: []
DEBU[0024] Exit code for [rke-bundle-cert] container on host [192.168.137.65] is [0]
INFO[0024] [certificates] successfully saved certificate bundle [/opt/rke/etcd-snapshots//pki.bundle.tar.gz] on host [192.168.137.65]
INFO[0024] Removing container [rke-bundle-cert] on host [192.168.137.65], try #1
DEBU[0024] [etcd] Creating log link for Container [etcd-rolling-snapshots] on host [192.168.137.65]
DEBU[0024] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0024] [remove/rke-log-linker] Container doesn't exist on host [192.168.137.65]
DEBU[0024] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0024] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0025] Starting container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0025] [etcd] Successfully started [rke-log-linker] container on host [192.168.137.65]
DEBU[0025] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0025] [remove/rke-log-linker] Removing container on host [192.168.137.65]
INFO[0025] Removing container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0025] [remove/rke-log-linker] Successfully removed container on host [192.168.137.65]
DEBU[0025] [etcd] Successfully created log link for Container [etcd-rolling-snapshots] on host [192.168.137.65]
DEBU[0025] [etcd] Creating log link for Container [etcd] on host [192.168.137.65]
DEBU[0025] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0025] [remove/rke-log-linker] Container doesn't exist on host [192.168.137.65]
DEBU[0025] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0025] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0025] Starting container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0025] [etcd] Successfully started [rke-log-linker] container on host [192.168.137.65]
DEBU[0025] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0025] [remove/rke-log-linker] Removing container on host [192.168.137.65]
INFO[0025] Removing container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0026] [remove/rke-log-linker] Successfully removed container on host [192.168.137.65]
DEBU[0026] [etcd] Successfully created log link for Container [etcd] on host [192.168.137.65]
INFO[0026] [etcd] Successfully started etcd plane.. Checking etcd cluster health
DEBU[0026] [etcd] check etcd cluster health on host [192.168.137.65]
INFO[0026] [etcd] etcd host [192.168.137.65] reported healthy=true
DEBU[0026] getDefaultKubernetesServicesOptions: getting serviceOptions for cluster version [v1.26.6-rancher1-1]
DEBU[0026] Extracted version [v1.26.6-rancher1] from image [rancher/hyperkube:v1.26.6-rancher1]
DEBU[0026] getDefaultKubernetesServicesOptions: serviceOptions found for cluster major version [v1.26]
DEBU[0026] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0026] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0026] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0026] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0026] Extracted version [v1.26.6-rancher1] from image [rancher/hyperkube:v1.26.6-rancher1]
DEBU[0026] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0026] Extracted version [v1.26.6-rancher1] from image [rancher/hyperkube:v1.26.6-rancher1]
DEBU[0026] Extracted version [v3.5.6] from image [rancher/mirrored-coreos-etcd:v3.5.6]
DEBU[0026] etcd version [3.5.6] is higher than max version [3.4.3-rancher99] for advertising port 4001, not going to advertise port 4001
DEBU[0026] etcd version [3.5.6] is higher than max version [3.4.14-rancher99] for adding stricter TLS cipher suites, going to add stricter TLS cipher suites arguments to etcd
DEBU[0026] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0026] Version [3.5.6] is equal or higher than version [3.2.99]
INFO[0026] [controlplane] Building up Controller Plane..
INFO[0026] Finding container [service-sidekick] on host [192.168.137.65], try #1
DEBU[0026] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0026] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
DEBU[0026] Checking if image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65], try #1
INFO[0026] Image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65]
INFO[0026] Starting container [kube-apiserver] on host [192.168.137.65], try #1
INFO[0026] [controlplane] Successfully started [kube-apiserver] container on host [192.168.137.65]
INFO[0026] [healthcheck] Start Healthcheck on service [kube-apiserver] on host [192.168.137.65]
DEBU[0028] [healthcheck] Service [kube-apiserver] is not healthy on host [192.168.137.65]. Response code: [403], response body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"forbidden: User \"kube-apiserver\" cannot get path \"/healthz\"","reason":"Forbidden","details":{},"code":403}
, try #1
INFO[0033] [healthcheck] service [kube-apiserver] on host [192.168.137.65] is healthy
DEBU[0033] [controlplane] Creating log link for Container [kube-apiserver] on host [192.168.137.65]
DEBU[0033] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0033] [remove/rke-log-linker] Container doesn't exist on host [192.168.137.65]
DEBU[0033] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0033] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0033] Starting container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0034] [controlplane] Successfully started [rke-log-linker] container on host [192.168.137.65]
DEBU[0034] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0034] [remove/rke-log-linker] Removing container on host [192.168.137.65]
INFO[0034] Removing container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0034] [remove/rke-log-linker] Successfully removed container on host [192.168.137.65]
DEBU[0034] [controlplane] Successfully created log link for Container [kube-apiserver] on host [192.168.137.65]
DEBU[0034] Checking if image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65], try #1
INFO[0034] Image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65]
INFO[0034] Starting container [kube-controller-manager] on host [192.168.137.65], try #1
INFO[0034] [controlplane] Successfully started [kube-controller-manager] container on host [192.168.137.65]
INFO[0034] [healthcheck] Start Healthcheck on service [kube-controller-manager] on host [192.168.137.65]
DEBU[0034] [healthcheck] Failed to check https://localhost:10257/healthz for service [kube-controller-manager] on host [192.168.137.65]: Get "https://localhost:10257/healthz": Unable to access the service on localhost:10257. The service might be still starting up. Error: ssh: rejected: connect failed (Connection refused), try #1
INFO[0039] [healthcheck] service [kube-controller-manager] on host [192.168.137.65] is healthy
DEBU[0039] [controlplane] Creating log link for Container [kube-controller-manager] on host [192.168.137.65]
DEBU[0039] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0039] [remove/rke-log-linker] Container doesn't exist on host [192.168.137.65]
DEBU[0039] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0039] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0039] Starting container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0040] [controlplane] Successfully started [rke-log-linker] container on host [192.168.137.65]
DEBU[0040] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0040] [remove/rke-log-linker] Removing container on host [192.168.137.65]
INFO[0040] Removing container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0040] [remove/rke-log-linker] Successfully removed container on host [192.168.137.65]
DEBU[0040] [controlplane] Successfully created log link for Container [kube-controller-manager] on host [192.168.137.65]
DEBU[0040] Checking if image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65], try #1
INFO[0040] Image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65]
INFO[0040] Starting container [kube-scheduler] on host [192.168.137.65], try #1
INFO[0040] [controlplane] Successfully started [kube-scheduler] container on host [192.168.137.65]
INFO[0040] [healthcheck] Start Healthcheck on service [kube-scheduler] on host [192.168.137.65]
DEBU[0040] [healthcheck] Failed to check https://localhost:10259/healthz for service [kube-scheduler] on host [192.168.137.65]: Get "https://localhost:10259/healthz": Unable to access the service on localhost:10259. The service might be still starting up. Error: ssh: rejected: connect failed (Connection refused), try #1
INFO[0045] [healthcheck] service [kube-scheduler] on host [192.168.137.65] is healthy
DEBU[0045] [controlplane] Creating log link for Container [kube-scheduler] on host [192.168.137.65]
DEBU[0045] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0045] [remove/rke-log-linker] Container doesn't exist on host [192.168.137.65]
DEBU[0045] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0045] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0045] Starting container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0046] [controlplane] Successfully started [rke-log-linker] container on host [192.168.137.65]
DEBU[0046] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0046] [remove/rke-log-linker] Removing container on host [192.168.137.65]
INFO[0046] Removing container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0046] [remove/rke-log-linker] Successfully removed container on host [192.168.137.65]
DEBU[0046] [controlplane] Successfully created log link for Container [kube-scheduler] on host [192.168.137.65]
INFO[0046] [controlplane] Successfully started Controller Plane..
DEBU[0046] Checking if cluster version [1.26.6-rancher1-1] needs to have kube-api audit log enabled
DEBU[0046] Cluster version [1.26.6-rancher1-1] needs to have kube-api audit log enabled
DEBU[0046] Enabling kube-api audit log for cluster version [v1.26.6-rancher1-1]
DEBU[0046] Host: 192.168.137.65 has role: controlplane
DEBU[0046] Host: 192.168.137.65 has role: etcd
DEBU[0046] Host: 192.168.137.62 has role: worker
DEBU[0046] Checking cri-dockerd for cluster version [v1.26.6-rancher1-1]
DEBU[0046] cri-dockerd is enabled for cluster version [v1.26.6-rancher1-1]
DEBU[0046] Checking PodSecurityPolicy for cluster version [v1.26.6-rancher1-1]
DEBU[0046] Checking PodSecurity for cluster version [v1.26.6-rancher1-1]
INFO[0046] [authz] Creating rke-job-deployer ServiceAccount
INFO[0046] [authz] rke-job-deployer ServiceAccount created successfully
INFO[0046] [authz] Creating system:node ClusterRoleBinding
INFO[0046] [authz] system:node ClusterRoleBinding created successfully
INFO[0046] [authz] Creating kube-apiserver proxy ClusterRole and ClusterRoleBinding
INFO[0046] [authz] kube-apiserver proxy ClusterRole and ClusterRoleBinding created successfully
INFO[0046] Successfully Deployed state file at [./cluster.rkestate]
INFO[0046] [state] Saving full cluster state to Kubernetes
INFO[0046] [state] Successfully Saved full cluster state to Kubernetes ConfigMap: full-cluster-state
DEBU[0046] getDefaultKubernetesServicesOptions: getting serviceOptions for cluster version [v1.26.6-rancher1-1]
DEBU[0046] Extracted version [v1.26.6-rancher1] from image [rancher/hyperkube:v1.26.6-rancher1]
DEBU[0046] getDefaultKubernetesServicesOptions: serviceOptions found for cluster major version [v1.26]
DEBU[0046] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0046] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0046] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0046] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0046] Extracted version [v1.26.6-rancher1] from image [rancher/hyperkube:v1.26.6-rancher1]
DEBU[0046] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0046] Extracted version [v1.26.6-rancher1] from image [rancher/hyperkube:v1.26.6-rancher1]
DEBU[0046] Extracted version [v3.5.6] from image [rancher/mirrored-coreos-etcd:v3.5.6]
DEBU[0046] etcd version [3.5.6] is higher than max version [3.4.3-rancher99] for advertising port 4001, not going to advertise port 4001
DEBU[0046] etcd version [3.5.6] is higher than max version [3.4.14-rancher99] for adding stricter TLS cipher suites, going to add stricter TLS cipher suites arguments to etcd
DEBU[0046] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0046] Version [3.5.6] is equal or higher than version [3.2.99]
DEBU[0046] getDefaultKubernetesServicesOptions: getting serviceOptions for cluster version [v1.26.6-rancher1-1]
DEBU[0046] Extracted version [v1.26.6-rancher1] from image [rancher/hyperkube:v1.26.6-rancher1]
DEBU[0046] getDefaultKubernetesServicesOptions: serviceOptions found for cluster major version [v1.26]
DEBU[0046] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
DEBU[0046] SemVerMatchRange: Cluster version [v1.26.6-rancher1-1] matches range [>=1.22.0-rancher0]
INFO[0046] [worker] Building up Worker Plane..
INFO[0046] Finding container [service-sidekick] on host [192.168.137.65], try #1
DEBU[0046] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62], try #1
INFO[0046] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62]
DEBU[0046] [sidekick] Checking if container [service-sidekick] is eligible for upgrade on host [192.168.137.65]
DEBU[0046] [sidekick] Container [service-sidekick] is not eligible for upgrade on host [192.168.137.65]
INFO[0046] [sidekick] Sidekick container already created on host [192.168.137.65]
DEBU[0046] Checking if image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65], try #1
INFO[0046] Image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65]
INFO[0046] Starting container [kubelet] on host [192.168.137.65], try #1
INFO[0046] Starting container [nginx-proxy] on host [192.168.137.62], try #1
INFO[0046] [worker] Successfully started [kubelet] container on host [192.168.137.65]
INFO[0046] [healthcheck] Start Healthcheck on service [kubelet] on host [192.168.137.65]
DEBU[0046] [healthcheck] Failed to check http://localhost:10248/healthz for service [kubelet] on host [192.168.137.65]: Get "http://localhost:10248/healthz": Unable to access the service on localhost:10248. The service might be still starting up. Error: ssh: rejected: connect failed (Connection refused), try #1
INFO[0046] [worker] Successfully started [nginx-proxy] container on host [192.168.137.62]
DEBU[0046] [worker] Creating log link for Container [nginx-proxy] on host [192.168.137.62]
DEBU[0046] [remove/rke-log-linker] Checking if container is running on host [192.168.137.62]
DEBU[0046] [remove/rke-log-linker] Container doesn't exist on host [192.168.137.62]
DEBU[0046] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62], try #1
INFO[0046] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62]
INFO[0046] Starting container [rke-log-linker] on host [192.168.137.62], try #1
INFO[0047] [worker] Successfully started [rke-log-linker] container on host [192.168.137.62]
DEBU[0047] [remove/rke-log-linker] Checking if container is running on host [192.168.137.62]
DEBU[0047] [remove/rke-log-linker] Removing container on host [192.168.137.62]
INFO[0047] Removing container [rke-log-linker] on host [192.168.137.62], try #1
INFO[0047] [remove/rke-log-linker] Successfully removed container on host [192.168.137.62]
DEBU[0047] [worker] Successfully created log link for Container [nginx-proxy] on host [192.168.137.62]
INFO[0047] Finding container [service-sidekick] on host [192.168.137.62], try #1
DEBU[0047] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62], try #1
INFO[0047] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62]
DEBU[0047] Checking if image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.62], try #1
INFO[0047] Image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.62]
INFO[0047] Starting container [kubelet] on host [192.168.137.62], try #1
INFO[0047] [worker] Successfully started [kubelet] container on host [192.168.137.62]
INFO[0047] [healthcheck] Start Healthcheck on service [kubelet] on host [192.168.137.62]
DEBU[0048] [healthcheck] Failed to check http://localhost:10248/healthz for service [kubelet] on host [192.168.137.62]: Get "http://localhost:10248/healthz": Unable to access the service on localhost:10248. The service might be still starting up. Error: ssh: rejected: connect failed (Connection refused), try #1
DEBU[0051] [healthcheck] Failed to check http://localhost:10248/healthz for service [kubelet] on host [192.168.137.65]: Get "http://localhost:10248/healthz": Unable to access the service on localhost:10248. The service might be still starting up. Error: ssh: rejected: connect failed (Connection refused), try #2
DEBU[0053] [healthcheck] Failed to check http://localhost:10248/healthz for service [kubelet] on host [192.168.137.62]: Get "http://localhost:10248/healthz": Unable to access the service on localhost:10248. The service might be still starting up. Error: ssh: rejected: connect failed (Connection refused), try #2
DEBU[0056] [healthcheck] Failed to check http://localhost:10248/healthz for service [kubelet] on host [192.168.137.65]: Get "http://localhost:10248/healthz": Unable to access the service on localhost:10248. The service might be still starting up. Error: ssh: rejected: connect failed (Connection refused), try #3
DEBU[0058] [healthcheck] Failed to check http://localhost:10248/healthz for service [kubelet] on host [192.168.137.62]: Get "http://localhost:10248/healthz": Unable to access the service on localhost:10248. The service might be still starting up. Error: ssh: rejected: connect failed (Connection refused), try #3
INFO[0062] [healthcheck] service [kubelet] on host [192.168.137.65] is healthy
DEBU[0062] [worker] Creating log link for Container [kubelet] on host [192.168.137.65]
DEBU[0062] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0062] [remove/rke-log-linker] Container doesn't exist on host [192.168.137.65]
DEBU[0062] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0062] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0062] Starting container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0062] [worker] Successfully started [rke-log-linker] container on host [192.168.137.65]
DEBU[0062] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0062] [remove/rke-log-linker] Removing container on host [192.168.137.65]
INFO[0062] Removing container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0062] [remove/rke-log-linker] Successfully removed container on host [192.168.137.65]
DEBU[0062] [worker] Successfully created log link for Container [kubelet] on host [192.168.137.65]
DEBU[0062] Checking if image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65], try #1
INFO[0062] Image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.65]
INFO[0062] Starting container [kube-proxy] on host [192.168.137.65], try #1
INFO[0062] [worker] Successfully started [kube-proxy] container on host [192.168.137.65]
INFO[0062] [healthcheck] Start Healthcheck on service [kube-proxy] on host [192.168.137.65]
DEBU[0062] [healthcheck] Failed to check http://localhost:10256/healthz for service [kube-proxy] on host [192.168.137.65]: Get "http://localhost:10256/healthz": Unable to access the service on localhost:10256. The service might be still starting up. Error: ssh: rejected: connect failed (Connection refused), try #1
INFO[0063] [healthcheck] service [kubelet] on host [192.168.137.62] is healthy
DEBU[0063] [worker] Creating log link for Container [kubelet] on host [192.168.137.62]
DEBU[0063] [remove/rke-log-linker] Checking if container is running on host [192.168.137.62]
DEBU[0063] [remove/rke-log-linker] Container doesn't exist on host [192.168.137.62]
DEBU[0063] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62], try #1
INFO[0063] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62]
INFO[0063] Starting container [rke-log-linker] on host [192.168.137.62], try #1
INFO[0064] [worker] Successfully started [rke-log-linker] container on host [192.168.137.62]
DEBU[0064] [remove/rke-log-linker] Checking if container is running on host [192.168.137.62]
DEBU[0064] [remove/rke-log-linker] Removing container on host [192.168.137.62]
INFO[0064] Removing container [rke-log-linker] on host [192.168.137.62], try #1
INFO[0064] [remove/rke-log-linker] Successfully removed container on host [192.168.137.62]
DEBU[0064] [worker] Successfully created log link for Container [kubelet] on host [192.168.137.62]
DEBU[0064] Checking if image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.62], try #1
INFO[0064] Image [rancher/hyperkube:v1.26.6-rancher1] exists on host [192.168.137.62]
INFO[0064] Starting container [kube-proxy] on host [192.168.137.62], try #1
INFO[0064] [worker] Successfully started [kube-proxy] container on host [192.168.137.62]
INFO[0064] [healthcheck] Start Healthcheck on service [kube-proxy] on host [192.168.137.62]
INFO[0064] [healthcheck] service [kube-proxy] on host [192.168.137.62] is healthy
DEBU[0064] [worker] Creating log link for Container [kube-proxy] on host [192.168.137.62]
DEBU[0064] [remove/rke-log-linker] Checking if container is running on host [192.168.137.62]
DEBU[0064] [remove/rke-log-linker] Container doesn't exist on host [192.168.137.62]
DEBU[0064] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62], try #1
INFO[0064] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62]
INFO[0064] Starting container [rke-log-linker] on host [192.168.137.62], try #1
INFO[0065] [worker] Successfully started [rke-log-linker] container on host [192.168.137.62]
DEBU[0065] [remove/rke-log-linker] Checking if container is running on host [192.168.137.62]
DEBU[0065] [remove/rke-log-linker] Removing container on host [192.168.137.62]
INFO[0065] Removing container [rke-log-linker] on host [192.168.137.62], try #1
INFO[0065] [remove/rke-log-linker] Successfully removed container on host [192.168.137.62]
DEBU[0065] [worker] Successfully created log link for Container [kube-proxy] on host [192.168.137.62]
INFO[0068] [healthcheck] service [kube-proxy] on host [192.168.137.65] is healthy
DEBU[0068] [worker] Creating log link for Container [kube-proxy] on host [192.168.137.65]
DEBU[0068] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0068] [remove/rke-log-linker] Container doesn't exist on host [192.168.137.65]
DEBU[0068] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
INFO[0068] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0068] Starting container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0068] [worker] Successfully started [rke-log-linker] container on host [192.168.137.65]
DEBU[0068] [remove/rke-log-linker] Checking if container is running on host [192.168.137.65]
DEBU[0068] [remove/rke-log-linker] Removing container on host [192.168.137.65]
INFO[0068] Removing container [rke-log-linker] on host [192.168.137.65], try #1
INFO[0068] [remove/rke-log-linker] Successfully removed container on host [192.168.137.65]
DEBU[0068] [worker] Successfully created log link for Container [kube-proxy] on host [192.168.137.65]
INFO[0068] [worker] Successfully started Worker Plane..
DEBU[0068] [cleanup] Starting log link cleanup on host [192.168.137.62]
DEBU[0068] [remove/rke-log-cleaner] Checking if container is running on host [192.168.137.62]
DEBU[0068] [cleanup] Starting log link cleanup on host [192.168.137.65]
DEBU[0068] [remove/rke-log-cleaner] Checking if container is running on host [192.168.137.65]
DEBU[0068] [remove/rke-log-cleaner] Container doesn't exist on host [192.168.137.62]
DEBU[0068] [remove/rke-log-cleaner] Container doesn't exist on host [192.168.137.65]
DEBU[0068] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65], try #1
DEBU[0068] Checking if image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62], try #1
INFO[0068] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.65]
INFO[0068] Image [rancher/rke-tools:v0.1.89] exists on host [192.168.137.62]
INFO[0068] Starting container [rke-log-cleaner] on host [192.168.137.65], try #1
INFO[0068] Starting container [rke-log-cleaner] on host [192.168.137.62], try #1
INFO[0069] [cleanup] Successfully started [rke-log-cleaner] container on host [192.168.137.65]
DEBU[0069] [remove/rke-log-cleaner] Checking if container is running on host [192.168.137.65]
DEBU[0069] [remove/rke-log-cleaner] Removing container on host [192.168.137.65]
INFO[0069] Removing container [rke-log-cleaner] on host [192.168.137.65], try #1
INFO[0069] [cleanup] Successfully started [rke-log-cleaner] container on host [192.168.137.62]
DEBU[0069] [remove/rke-log-cleaner] Checking if container is running on host [192.168.137.62]
DEBU[0069] [remove/rke-log-cleaner] Removing container on host [192.168.137.62]
INFO[0069] Removing container [rke-log-cleaner] on host [192.168.137.62], try #1
INFO[0069] [remove/rke-log-cleaner] Successfully removed container on host [192.168.137.65]
DEBU[0069] [cleanup] Successfully cleaned up log links on host [192.168.137.65]
INFO[0069] [remove/rke-log-cleaner] Successfully removed container on host [192.168.137.62]
DEBU[0069] [cleanup] Successfully cleaned up log links on host [192.168.137.62]
INFO[0069] [sync] Syncing nodes Labels and Taints
DEBU[0069] worker [9] starting sync for node [master]
DEBU[0069] Checking node list for node [master], try #1
DEBU[0069] worker [4] starting sync for node [worker1]
DEBU[0069] Checking node list for node [worker1], try #1
INFO[0069] [sync] Successfully synced nodes Labels and Taints
DEBU[0069] Checking if cluster version [1.26.6-rancher1-1] needs to have kube-api audit log enabled
DEBU[0069] Cluster version [1.26.6-rancher1-1] needs to have kube-api audit log enabled
DEBU[0069] Enabling kube-api audit log for cluster version [v1.26.6-rancher1-1]
DEBU[0069] Host: 192.168.137.65 has role: controlplane
DEBU[0069] Host: 192.168.137.65 has role: etcd
DEBU[0069] Host: 192.168.137.62 has role: worker
DEBU[0069] Checking cri-dockerd for cluster version [v1.26.6-rancher1-1]
DEBU[0069] cri-dockerd is enabled for cluster version [v1.26.6-rancher1-1]
DEBU[0069] Checking PodSecurityPolicy for cluster version [v1.26.6-rancher1-1]
DEBU[0069] Checking PodSecurity for cluster version [v1.26.6-rancher1-1]
INFO[0069] [network] Setting up network plugin: calico
INFO[0069] [addons] Saving ConfigMap for addon rke-network-plugin to Kubernetes
INFO[0069] [addons] Successfully saved ConfigMap for addon rke-network-plugin to Kubernetes
INFO[0069] [addons] Executing deploy job rke-network-plugin
DEBU[0069] Checking node list for node [master], try #1
DEBU[0069] Checking addon job OS label for cluster version [v1.26.6-rancher1-1]
DEBU[0069] Cluster version [v1.26.6-rancher1-1] needs to use new OS label
DEBU[0069] [k8s] waiting for job rke-network-plugin-deploy-job to complete..
FATA[0114] Failed to get job complete status for job rke-network-plugin-deploy-job in namespace kube-system

Describe Master:

➜  rke-setup kubectl describe node master
Name:               master
Roles:              controlplane,etcd
Labels:             beta.kubernetes.io/arch=amd64
                    beta.kubernetes.io/os=linux
                    kubernetes.io/arch=amd64
                    kubernetes.io/hostname=master
                    kubernetes.io/os=linux
                    node-role.kubernetes.io/controlplane=true
                    node-role.kubernetes.io/etcd=true
Annotations:        node.alpha.kubernetes.io/ttl: 0
                    rke.cattle.io/external-ip: 192.168.137.65
                    rke.cattle.io/internal-ip: 192.168.137.65
                    volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp:  Wed, 30 Aug 2023 23:31:10 +0200
Taints:             node-role.kubernetes.io/etcd=true:NoExecute
                    node-role.kubernetes.io/controlplane=true:NoSchedule
                    node.kubernetes.io/not-ready:NoSchedule
Unschedulable:      false
Lease:
  HolderIdentity:  master
  AcquireTime:     <unset>
  RenewTime:       Wed, 30 Aug 2023 23:34:13 +0200
Conditions:
  Type             Status  LastHeartbeatTime                 LastTransitionTime                Reason                       Message
  ----             ------  -----------------                 ------------------                ------                       -------
  MemoryPressure   False   Wed, 30 Aug 2023 23:31:20 +0200   Wed, 30 Aug 2023 23:31:10 +0200   KubeletHasSufficientMemory   kubelet has sufficient memory available
  DiskPressure     False   Wed, 30 Aug 2023 23:31:20 +0200   Wed, 30 Aug 2023 23:31:10 +0200   KubeletHasNoDiskPressure     kubelet has no disk pressure
  PIDPressure      False   Wed, 30 Aug 2023 23:31:20 +0200   Wed, 30 Aug 2023 23:31:10 +0200   KubeletHasSufficientPID      kubelet has sufficient PID available
  Ready            False   Wed, 30 Aug 2023 23:31:20 +0200   Wed, 30 Aug 2023 23:31:10 +0200   KubeletNotReady              container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized
Addresses:
Capacity:
  cpu:                32
  ephemeral-storage:  71645Mi
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             263143236Ki
  pods:               110
Allocatable:
  cpu:                32
  ephemeral-storage:  71645Mi
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             263143236Ki
  pods:               110
System Info:
  Machine ID:                 50ca20960ea94552bd5ef84a20ce7e47
  System UUID:                a1c62d2a-ceb1-11e6-b9b8-0894ef355672
  Boot ID:                    a6ee322d-f8cf-478d-a150-f001906aabc4
  Kernel Version:             4.18.0-372.9.1.el8.x86_64
  OS Image:                   AlmaLinux 8.6 (Sky Tiger)
  Operating System:           linux
  Architecture:               amd64
  Container Runtime Version:  docker://23.0.6
  Kubelet Version:            v1.26.6
  Kube-Proxy Version:         v1.26.6
PodCIDR:                      10.42.0.0/24
PodCIDRs:                     10.42.0.0/24
Non-terminated Pods:          (0 in total)
  Namespace                   Name    CPU Requests  CPU Limits  Memory Requests  Memory Limits  Age
  ---------                   ----    ------------  ----------  ---------------  -------------  ---
Allocated resources:
  (Total limits may be over 100 percent, i.e., overcommitted.)
  Resource           Requests  Limits
  --------           --------  ------
  cpu                0 (0%)    0 (0%)
  memory             0 (0%)    0 (0%)
  ephemeral-storage  0 (0%)    0 (0%)
  hugepages-1Gi      0 (0%)    0 (0%)
  hugepages-2Mi      0 (0%)    0 (0%)
Events:
  Type    Reason                   Age                From             Message
  ----    ------                   ----               ----             -------
  Normal  Starting                 81s                kube-proxy
  Normal  Starting                 85s                kubelet          Starting kubelet.
  Normal  NodeHasSufficientMemory  85s (x2 over 85s)  kubelet          Node master status is now: NodeHasSufficientMemory
  Normal  NodeHasNoDiskPressure    85s (x2 over 85s)  kubelet          Node master status is now: NodeHasNoDiskPressure
  Normal  NodeHasSufficientPID     85s (x2 over 85s)  kubelet          Node master status is now: NodeHasSufficientPID
  Normal  NodeAllocatableEnforced  85s                kubelet          Updated Node Allocatable limit across pods
  Normal  RegisteredNode           81s                node-controller  Node master event: Registered Node master in Controller

And finally:

➜  rke-setup kubectl get pods -A
NAMESPACE     NAME                                  READY   STATUS   RESTARTS   AGE
kube-system   rke-network-plugin-deploy-job-d2fmz   0/1     Error    0          3m6s
kube-system   rke-network-plugin-deploy-job-klfxp   0/1     Error    0          3m29s
kube-system   rke-network-plugin-deploy-job-lbzwm   0/1     Error    0          2m23s
kube-system   rke-network-plugin-deploy-job-ltnrk   0/1     Error    0          60s
kube-system   rke-network-plugin-deploy-job-rsj56   0/1     Error    0          3m47s
kube-system   rke-network-plugin-deploy-job-v2fpm   0/1     Error    0          3m42s

[jiaqiluo]

@GuillaumeDorschner, I also can not find any suspicious message that can explain the issue from the information you collected.

let's try this:

• ssh into the master node
• do docker ps - check if any container is in error state or keeps restarting
• use docker logs to check the logs of k8s core containers, like kube-proxy , kubelet,kube-scheduler, kube-controller-manager, kube-apiserver - any suspicious message relevant to node not ready?

[GuillaumeDorschner]

@jiaqiluo

I have restarted the cluster but For the pass 5 min I don't see the pod restarting,

ps

[root@localhost ~]# docker ps
CONTAINER ID   IMAGE                                 COMMAND                  CREATED         STATUS         PORTS     NAMES
5eff84fb67a0   rancher/hyperkube:v1.26.6-rancher1    "/opt/rke-tools/entr…"   5 minutes ago   Up 5 minutes             kube-proxy
0b17ad56e242   rancher/hyperkube:v1.26.6-rancher1    "/opt/rke-tools/entr…"   5 minutes ago   Up 5 minutes             kubelet
178289f286e0   rancher/hyperkube:v1.26.6-rancher1    "/opt/rke-tools/entr…"   5 minutes ago   Up 5 minutes             kube-scheduler
47a6939b9da7   rancher/hyperkube:v1.26.6-rancher1    "/opt/rke-tools/entr…"   6 minutes ago   Up 6 minutes             kube-controller-manager
154e2eb107be   rancher/hyperkube:v1.26.6-rancher1    "/opt/rke-tools/entr…"   6 minutes ago   Up 6 minutes             kube-apiserver
1d911d9a6739   rancher/rke-tools:v0.1.89             "/docker-entrypoint.…"   6 minutes ago   Up 6 minutes             etcd-rolling-snapshots
1a202b775ea1   rancher/mirrored-coreos-etcd:v3.5.6   "/usr/local/bin/etcd…"   6 minutes ago   Up 6 minutes             etcd

the logs:

• kube-proxy

• echo kube-proxy --cluster-cidr=10.42.0.0/16 --hostname-override=master --kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-proxy.yaml --healthz-bind-address=127.0.0.1 --v=2
• grep -q cloud-provider=azure
• '[' kube-proxy = kube-proxy ']'
• echo kube-proxy --cluster-cidr=10.42.0.0/16 --hostname-override=master --kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-proxy.yaml --healthz-bind-address=127.0.0.1 --v=2
• grep -v hostname-override
• '[' kube-proxy = kubelet ']'
• exec kube-proxy --cluster-cidr=10.42.0.0/16 --hostname-override=master --kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-proxy.yaml --healthz-bind-address=127.0.0.1 --v=2 I0830 22:08:35.440985 847568 flags.go:64] FLAG: --bind-address="0.0.0.0" I0830 22:08:35.441026 847568 flags.go:64] FLAG: --bind-address-hard-fail="false" I0830 22:08:35.441044 847568 flags.go:64] FLAG: --boot-id-file="/proc/sys/kernel/random/boot_id" I0830 22:08:35.441061 847568 flags.go:64] FLAG: --cleanup="false" I0830 22:08:35.441064 847568 flags.go:64] FLAG: --cluster-cidr="10.42.0.0/16" I0830 22:08:35.441069 847568 flags.go:64] FLAG: --config="" I0830 22:08:35.441072 847568 flags.go:64] FLAG: --config-sync-period="15m0s" I0830 22:08:35.441079 847568 flags.go:64] FLAG: --conntrack-max-per-core="32768" I0830 22:08:35.441086 847568 flags.go:64] FLAG: --conntrack-min="131072" I0830 22:08:35.441105 847568 flags.go:64] FLAG: --conntrack-tcp-timeout-close-wait="1h0m0s" I0830 22:08:35.441111 847568 flags.go:64] FLAG: --conntrack-tcp-timeout-established="24h0m0s" I0830 22:08:35.441117 847568 flags.go:64] FLAG: --detect-local-mode="" I0830 22:08:35.441142 847568 flags.go:64] FLAG: --feature-gates="" I0830 22:08:35.441147 847568 flags.go:64] FLAG: --healthz-bind-address="127.0.0.1" I0830 22:08:35.441158 847568 flags.go:64] FLAG: --healthz-port="10256" I0830 22:08:35.441164 847568 flags.go:64] FLAG: --help="false" I0830 22:08:35.441170 847568 flags.go:64] FLAG: --hostname-override="master" I0830 22:08:35.441193 847568 flags.go:64] FLAG: --iptables-localhost-nodeports="true" I0830 22:08:35.441197 847568 flags.go:64] FLAG: --iptables-masquerade-bit="14" I0830 22:08:35.441200 847568 flags.go:64] FLAG: --iptables-min-sync-period="1s" I0830 22:08:35.441204 847568 flags.go:64] FLAG: --iptables-sync-period="30s" I0830 22:08:35.441207 847568 flags.go:64] FLAG: --ipvs-exclude-cidrs="[]" I0830 22:08:35.441217 847568 flags.go:64] FLAG: --ipvs-min-sync-period="0s" I0830 22:08:35.441220 847568 flags.go:64] FLAG: --ipvs-scheduler="" I0830 22:08:35.441224 847568 flags.go:64] FLAG: --ipvs-strict-arp="false" I0830 22:08:35.441227 847568 flags.go:64] FLAG: --ipvs-sync-period="30s" I0830 22:08:35.441234 847568 flags.go:64] FLAG: --ipvs-tcp-timeout="0s" I0830 22:08:35.441237 847568 flags.go:64] FLAG: --ipvs-tcpfin-timeout="0s" I0830 22:08:35.441242 847568 flags.go:64] FLAG: --ipvs-udp-timeout="0s" I0830 22:08:35.441249 847568 flags.go:64] FLAG: --kube-api-burst="10" I0830 22:08:35.441254 847568 flags.go:64] FLAG: --kube-api-content-type="application/vnd.kubernetes.protobuf" I0830 22:08:35.441258 847568 flags.go:64] FLAG: --kube-api-qps="5" I0830 22:08:35.441264 847568 flags.go:64] FLAG: --kubeconfig="/etc/kubernetes/ssl/kubecfg-kube-proxy.yaml" I0830 22:08:35.441268 847568 flags.go:64] FLAG: --log-flush-frequency="5s" I0830 22:08:35.441271 847568 flags.go:64] FLAG: --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id" I0830 22:08:35.441276 847568 flags.go:64] FLAG: --masquerade-all="false" I0830 22:08:35.441279 847568 flags.go:64] FLAG: --master="" I0830 22:08:35.441283 847568 flags.go:64] FLAG: --metrics-bind-address="127.0.0.1:10249" I0830 22:08:35.441287 847568 flags.go:64] FLAG: --metrics-port="10249" I0830 22:08:35.441290 847568 flags.go:64] FLAG: --nodeport-addresses="[]" I0830 22:08:35.441295 847568 flags.go:64] FLAG: --oom-score-adj="-999" I0830 22:08:35.441299 847568 flags.go:64] FLAG: --pod-bridge-interface="" I0830 22:08:35.441302 847568 flags.go:64] FLAG: --pod-interface-name-prefix="" I0830 22:08:35.441305 847568 flags.go:64] FLAG: --profiling="false" I0830 22:08:35.441309 847568 flags.go:64] FLAG: --proxy-mode="" I0830 22:08:35.441313 847568 flags.go:64] FLAG: --proxy-port-range="" I0830 22:08:35.441317 847568 flags.go:64] FLAG: --show-hidden-metrics-for-version="" I0830 22:08:35.441322 847568 flags.go:64] FLAG: --v="2" I0830 22:08:35.441328 847568 flags.go:64] FLAG: --version="false" I0830 22:08:35.441340 847568 flags.go:64] FLAG: --vmodule="" I0830 22:08:35.441344 847568 flags.go:64] FLAG: --write-config-to="" I0830 22:08:35.441379 847568 server.go:224] "Warning, all flags other than --config, --write-config-to, and --cleanup are deprecated, please begin using a config file ASAP" I0830 22:08:35.441461 847568 feature_gate.go:249] feature gates: &{map[]} I0830 22:08:35.441570 847568 feature_gate.go:249] feature gates: &{map[]} E0830 22:08:35.453618 847568 node.go:157] Failed to retrieve node IP: host IP unknown; known addresses: [] I0830 22:08:35.453647 847568 server.go:821] "Can't determine this node's IP, assuming 127.0.0.1; if this is incorrect, please set the --bind-address flag" I0830 22:08:35.453670 847568 server_others.go:109] "Detected node IP" address="127.0.0.1" I0830 22:08:35.453724 847568 server_others.go:538] "Using iptables proxy" I0830 22:08:35.453741 847568 server_others.go:148] "DetectLocalMode" localMode="ClusterCIDR" I0830 22:08:35.478302 847568 server_others.go:178] "Using iptables Proxier" I0830 22:08:35.478345 847568 server_others.go:185] "kube-proxy running in dual-stack mode" ipFamily=IPv4 I0830 22:08:35.478355 847568 server_others.go:186] "Creating dualStackProxier for iptables" I0830 22:08:35.478392 847568 server_others.go:468] "Detect-local-mode set to ClusterCIDR, but no IPv6 cluster CIDR defined, , defaulting to no-op detect-local for IPv6" I0830 22:08:35.478468 847568 proxier.go:242] "Setting route_localnet=1 to allow node-ports on localhost; to change this either disable iptables.localhostNodePorts (--iptables-localhost-nodeports) or set nodePortAddresses (--nodeport-addresses) to filter loopback addresses" I0830 22:08:35.478645 847568 proxier.go:258] "Using iptables mark for masquerade" ipFamily=IPv4 mark="0x00004000" I0830 22:08:35.478678 847568 proxier.go:303] "Iptables sync params" ipFamily=IPv4 minSyncPeriod="1s" syncPeriod="30s" burstSyncs=2 I0830 22:08:35.478730 847568 proxier.go:313] "Iptables supports --random-fully" ipFamily=IPv4 I0830 22:08:35.478770 847568 proxier.go:258] "Using iptables mark for masquerade" ipFamily=IPv6 mark="0x00004000" I0830 22:08:35.478806 847568 proxier.go:303] "Iptables sync params" ipFamily=IPv6 minSyncPeriod="1s" syncPeriod="30s" burstSyncs=2 I0830 22:08:35.478829 847568 proxier.go:313] "Iptables supports --random-fully" ipFamily=IPv6 I0830 22:08:35.479039 847568 server.go:656] "Version info" version="v1.26.6" I0830 22:08:35.479050 847568 server.go:658] "Golang settings" GOGC="" GOMAXPROCS="" GOTRACEBACK="" I0830 22:08:35.492995 847568 conntrack.go:52] "Setting nf_conntrack_max" nf_conntrack_max=1048576 I0830 22:08:35.493278 847568 config.go:226] "Starting endpoint slice config controller" I0830 22:08:35.493317 847568 shared_informer.go:270] Waiting for caches to sync for endpoint slice config I0830 22:08:35.493312 847568 config.go:317] "Starting service config controller" I0830 22:08:35.493397 847568 shared_informer.go:270] Waiting for caches to sync for service config I0830 22:08:35.493422 847568 config.go:444] "Starting node config controller" I0830 22:08:35.493484 847568 shared_informer.go:270] Waiting for caches to sync for node config I0830 22:08:35.496264 847568 proxier.go:805] "Not syncing iptables until Services and Endpoints have been received from master" I0830 22:08:35.496279 847568 proxier.go:805] "Not syncing iptables until Services and Endpoints have been received from master" I0830 22:08:35.593916 847568 shared_informer.go:277] Caches are synced for node config I0830 22:08:35.594061 847568 shared_informer.go:277] Caches are synced for endpoint slice config I0830 22:08:35.594102 847568 shared_informer.go:277] Caches are synced for service config I0830 22:08:35.594114 847568 proxier.go:805] "Not syncing iptables until Services and Endpoints have been received from master" I0830 22:08:35.594127 847568 proxier.go:805] "Not syncing iptables until Services and Endpoints have been received from master" I0830 22:08:35.594219 847568 proxier.go:849] "Syncing iptables rules" I0830 22:08:35.634417 847568 proxier.go:1529] "Reloading service iptables data" numServices=1 numEndpoints=1 numFilterChains=5 numFilterRules=3 numNATChains=6 numNATRules=10 I0830 22:08:35.655167 847568 proxier.go:813] "SyncProxyRules complete" elapsed="60.991028ms" I0830 22:08:35.655206 847568 proxier.go:849] "Syncing iptables rules" I0830 22:08:35.691503 847568 proxier.go:1529] "Reloading service iptables data" numServices=0 numEndpoints=0 numFilterChains=5 numFilterRules=3 numNATChains=4 numNATRules=5 I0830 22:08:35.706910 847568 proxier.go:813] "SyncProxyRules complete" elapsed="51.704664ms" I0830 22:08:43.941555 847568 proxier.go:849] "Syncing iptables rules" I0830 22:08:43.941553 847568 proxier.go:849] "Syncing iptables rules" I0830 22:08:43.983523 847568 proxier.go:1529] "Reloading service iptables data" numServices=0 numEndpoints=0 numFilterChains=5 numFilterRules=3 numNATChains=4 numNATRules=5 I0830 22:08:43.987213 847568 proxier.go:1529] "Reloading service iptables data" numServices=1 numEndpoints=1 numFilterChains=5 numFilterRules=3 numNATChains=6 numNATRules=10 I0830 22:08:43.997057 847568 proxier.go:813] "SyncProxyRules complete" elapsed="55.520147ms" I0830 22:08:44.033985 847568 proxier.go:813] "SyncProxyRules complete" elapsed="92.443909ms"

• kubelet

• echo kubelet --kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-node.yaml --authorization-mode=Webhook --v=2 --make-iptables-util-chains=true --cluster-dns=10.43.0.10 --cloud-provider= --pod-infra-container-image=rancher/mirrored-pause:3.7 --root-dir=/var/lib/kubelet --register-with-taints=node-role.kubernetes.io/controlplane=true:NoSchedule --volume-plugin-dir=/var/lib/kubelet/volumeplugins --cgroups-per-qos=True --streaming-connection-idle-timeout=30m --client-ca-file=/etc/kubernetes/ssl/kube-ca.pem --fail-swap-on=false --container-runtime=remote --anonymous-auth=false --tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 --read-only-port=0 --resolv-conf=/etc/resolv.conf --cluster-domain=cluster.local --container-runtime-endpoint=unix:///var/run/cri-dockerd.sock --authentication-token-webhook=true --address=0.0.0.0 --event-qps=0 --hostname-override=master
• grep -q cloud-provider=azure
• '[' kubelet = kube-proxy ']'
• '[' kubelet = kubelet ']' ++ DOCKER_API_VERSION=1.24 ++ /opt/rke-tools/bin/docker info ++ grep -i 'docker root dir' ++ cut -f2 -d:
• DOCKER_ROOT=' /var/lib/docker' ++ find -O1 /var/lib/docker -maxdepth 1
• DOCKER_DIRS='/var/lib/docker /var/lib/docker/containers /var/lib/docker/plugins /var/lib/docker/overlay2 /var/lib/docker/image /var/lib/docker/volumes /var/lib/docker/engine-id /var/lib/docker/network /var/lib/docker/swarm /var/lib/docker/buildkit /var/lib/docker/tmp /var/lib/docker/runtimes'
• for i in $DOCKER_ROOT /var/lib/docker /run /var/run ++ tac /proc/mounts ++ awk '{print $2}' ++ grep '^/var/lib/docker/'
• for m in $(tac /proc/mounts | awk '{print $2}' | grep ^${i}/)
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/rancher '!=' /var/run/nscd ']'
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/rancher '!=' /run/nscd ']'
• echo /var/lib/docker /var/lib/docker/containers /var/lib/docker/plugins /var/lib/docker/overlay2 /var/lib/docker/image /var/lib/docker/volumes /var/lib/docker/engine-id /var/lib/docker/network /var/lib/docker/swarm /var/lib/docker/buildkit /var/lib/docker/tmp /var/lib/docker/runtimes
• grep -qF /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/rancher
• umount /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/rancher
• for m in $(tac /proc/mounts | awk '{print $2}' | grep ^${i}/)
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/cri-dockerd '!=' /var/run/nscd ']'
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/cri-dockerd '!=' /run/nscd ']'
• echo /var/lib/docker /var/lib/docker/containers /var/lib/docker/plugins /var/lib/docker/overlay2 /var/lib/docker/image /var/lib/docker/volumes /var/lib/docker/engine-id /var/lib/docker/network /var/lib/docker/swarm /var/lib/docker/buildkit /var/lib/docker/tmp /var/lib/docker/runtimes
• grep -qF /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/cri-dockerd
• umount /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/cri-dockerd
• for m in $(tac /proc/mounts | awk '{print $2}' | grep ^${i}/)
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/calico '!=' /var/run/nscd ']'
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/calico '!=' /run/nscd ']'
• echo /var/lib/docker /var/lib/docker/containers /var/lib/docker/plugins /var/lib/docker/overlay2 /var/lib/docker/image /var/lib/docker/volumes /var/lib/docker/engine-id /var/lib/docker/network /var/lib/docker/swarm /var/lib/docker/buildkit /var/lib/docker/tmp /var/lib/docker/runtimes
• grep -qF /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/calico
• umount /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/lib/calico
• for m in $(tac /proc/mounts | awk '{print $2}' | grep ^${i}/)
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/log/containers '!=' /var/run/nscd ']'
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/log/containers '!=' /run/nscd ']'
• echo /var/lib/docker /var/lib/docker/containers /var/lib/docker/plugins /var/lib/docker/overlay2 /var/lib/docker/image /var/lib/docker/volumes /var/lib/docker/engine-id /var/lib/docker/network /var/lib/docker/swarm /var/lib/docker/buildkit /var/lib/docker/tmp /var/lib/docker/runtimes
• grep -qF /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/log/containers
• umount /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/log/containers
• for m in $(tac /proc/mounts | awk '{print $2}' | grep ^${i}/)
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/log/pods '!=' /var/run/nscd ']'
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/log/pods '!=' /run/nscd ']'
• echo /var/lib/docker /var/lib/docker/containers /var/lib/docker/plugins /var/lib/docker/overlay2 /var/lib/docker/image /var/lib/docker/volumes /var/lib/docker/engine-id /var/lib/docker/network /var/lib/docker/swarm /var/lib/docker/buildkit /var/lib/docker/tmp /var/lib/docker/runtimes
• grep -qF /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/log/pods
• umount /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/var/log/pods
• for m in $(tac /proc/mounts | awk '{print $2}' | grep ^${i}/)
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/etc/hostname '!=' /var/run/nscd ']'
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/etc/hostname '!=' /run/nscd ']'
• echo /var/lib/docker /var/lib/docker/containers /var/lib/docker/plugins /var/lib/docker/overlay2 /var/lib/docker/image /var/lib/docker/volumes /var/lib/docker/engine-id /var/lib/docker/network /var/lib/docker/swarm /var/lib/docker/buildkit /var/lib/docker/tmp /var/lib/docker/runtimes
• grep -qF /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/etc/hostname
• umount /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/etc/hostname
• for m in $(tac /proc/mounts | awk '{print $2}' | grep ^${i}/)
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/etc/hosts '!=' /var/run/nscd ']'
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/etc/hosts '!=' /run/nscd ']'
• echo /var/lib/docker /var/lib/docker/containers /var/lib/docker/plugins /var/lib/docker/overlay2 /var/lib/docker/image /var/lib/docker/volumes /var/lib/docker/engine-id /var/lib/docker/network /var/lib/docker/swarm /var/lib/docker/buildkit /var/lib/docker/tmp /var/lib/docker/runtimes
• grep -qF /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/etc/hosts
• umount /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/etc/hosts
• for m in $(tac /proc/mounts | awk '{print $2}' | grep ^${i}/)
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/host/usr '!=' /var/run/nscd ']'
• '[' /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/host/usr '!=' /run/nscd ']'
• echo /var/lib/docker /var/lib/docker/containers /var/lib/docker/plugins /var/lib/docker/overlay2 /var/lib/docker/image /var/lib/docker/volumes /var/lib/docker/engine-id /var/lib/docker/network /var/lib/docker/swarm /var/lib/docker/buildkit /var/lib/docker/tmp /var/lib/docker/runtimes
• grep -qF /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/host/usr
• umount /var/lib/docker/overlay2/7a9ac4765e6d00d3fb1ee8e61c4e3a8d2569313cbb98ded24d45e706f37037ad/merged/host/usr
• for m in $(tac /proc/mounts | awk '{print $2}' | grep ^${i}/) ... ... ... I0830 22:08:30.838034 846612 server.go:198] "--pod-infra-container-image will not be pruned by the image garbage collector in kubelet and should also be set in the remote runtime" I0830 22:08:30.838158 846612 flags.go:64] FLAG: --address="0.0.0.0" I0830 22:08:30.838178 846612 flags.go:64] FLAG: --allowed-unsafe-sysctls="[]" I0830 22:08:30.838190 846612 flags.go:64] FLAG: --anonymous-auth="false" I0830 22:08:30.838200 846612 flags.go:64] FLAG: --application-metrics-count-limit="100" I0830 22:08:30.838221 846612 flags.go:64] FLAG: --authentication-token-webhook="true" I0830 22:08:30.838225 846612 flags.go:64] FLAG: --authentication-token-webhook-cache-ttl="2m0s" I0830 22:08:30.838231 846612 flags.go:64] FLAG: --authorization-mode="Webhook" I0830 22:08:30.838237 846612 flags.go:64] FLAG: --authorization-webhook-cache-authorized-ttl="5m0s" I0830 22:08:30.838241 846612 flags.go:64] FLAG: --authorization-webhook-cache-unauthorized-ttl="30s" I0830 22:08:30.838245 846612 flags.go:64] FLAG: --azure-container-registry-config="" I0830 22:08:30.838249 846612 flags.go:64] FLAG: --boot-id-file="/proc/sys/kernel/random/boot_id" I0830 22:08:30.838254 846612 flags.go:64] FLAG: --bootstrap-kubeconfig="" I0830 22:08:30.838258 846612 flags.go:64] FLAG: --cert-dir="/var/lib/kubelet/pki" I0830 22:08:30.838261 846612 flags.go:64] FLAG: --cgroup-driver="cgroupfs" I0830 22:08:30.838265 846612 flags.go:64] FLAG: --cgroup-root="" I0830 22:08:30.838275 846612 flags.go:64] FLAG: --cgroups-per-qos="true" I0830 22:08:30.838281 846612 flags.go:64] FLAG: --client-ca-file="/etc/kubernetes/ssl/kube-ca.pem" I0830 22:08:30.838286 846612 flags.go:64] FLAG: --cloud-config="" I0830 22:08:30.838289 846612 flags.go:64] FLAG: --cloud-provider="" I0830 22:08:30.838293 846612 flags.go:64] FLAG: --cluster-dns="[10.43.0.10]" I0830 22:08:30.838298 846612 flags.go:64] FLAG: --cluster-domain="cluster.local" I0830 22:08:30.838303 846612 flags.go:64] FLAG: --config="" I0830 22:08:30.838307 846612 flags.go:64] FLAG: --container-hints="/etc/cadvisor/container_hints.json" I0830 22:08:30.838312 846612 flags.go:64] FLAG: --container-log-max-files="5" I0830 22:08:30.838317 846612 flags.go:64] FLAG: --container-log-max-size="10Mi" I0830 22:08:30.838321 846612 flags.go:64] FLAG: --container-runtime="remote" I0830 22:08:30.838325 846612 flags.go:64] FLAG: --container-runtime-endpoint="unix:///var/run/cri-dockerd.sock" I0830 22:08:30.838329 846612 flags.go:64] FLAG: --containerd="/run/containerd/containerd.sock" I0830 22:08:30.838333 846612 flags.go:64] FLAG: --containerd-namespace="k8s.io" I0830 22:08:30.838337 846612 flags.go:64] FLAG: --contention-profiling="false" I0830 22:08:30.838342 846612 flags.go:64] FLAG: --cpu-cfs-quota="true" I0830 22:08:30.838346 846612 flags.go:64] FLAG: --cpu-cfs-quota-period="100ms" I0830 22:08:30.838350 846612 flags.go:64] FLAG: --cpu-manager-policy="none" I0830 22:08:30.838354 846612 flags.go:64] FLAG: --cpu-manager-policy-options="" I0830 22:08:30.838360 846612 flags.go:64] FLAG: --cpu-manager-reconcile-period="10s" I0830 22:08:30.838365 846612 flags.go:64] FLAG: --enable-controller-attach-detach="true" I0830 22:08:30.838370 846612 flags.go:64] FLAG: --enable-debugging-handlers="true" I0830 22:08:30.838374 846612 flags.go:64] FLAG: --enable-load-reader="false" I0830 22:08:30.838378 846612 flags.go:64] FLAG: --enable-server="true" I0830 22:08:30.838382 846612 flags.go:64] FLAG: --enforce-node-allocatable="[pods]" I0830 22:08:30.838402 846612 flags.go:64] FLAG: --event-burst="10" I0830 22:08:30.838407 846612 flags.go:64] FLAG: --event-qps="0" I0830 22:08:30.838411 846612 flags.go:64] FLAG: --event-storage-age-limit="default=0" I0830 22:08:30.838416 846612 flags.go:64] FLAG: --event-storage-event-limit="default=0" I0830 22:08:30.838420 846612 flags.go:64] FLAG: --eviction-hard="" I0830 22:08:30.838435 846612 flags.go:64] FLAG: --eviction-max-pod-grace-period="0" I0830 22:08:30.838442 846612 flags.go:64] FLAG: --eviction-minimum-reclaim="" I0830 22:08:30.838447 846612 flags.go:64] FLAG: --eviction-pressure-transition-period="5m0s" I0830 22:08:30.838451 846612 flags.go:64] FLAG: --eviction-soft="" I0830 22:08:30.838456 846612 flags.go:64] FLAG: --eviction-soft-grace-period="" I0830 22:08:30.838467 846612 flags.go:64] FLAG: --exit-on-lock-contention="false" I0830 22:08:30.838472 846612 flags.go:64] FLAG: --experimental-allocatable-ignore-eviction="false" I0830 22:08:30.838476 846612 flags.go:64] FLAG: --experimental-mounter-path="" I0830 22:08:30.838480 846612 flags.go:64] FLAG: --fail-swap-on="false" I0830 22:08:30.838484 846612 flags.go:64] FLAG: --feature-gates="" I0830 22:08:30.838489 846612 flags.go:64] FLAG: --file-check-frequency="20s" I0830 22:08:30.838493 846612 flags.go:64] FLAG: --global-housekeeping-interval="1m0s" I0830 22:08:30.838497 846612 flags.go:64] FLAG: --hairpin-mode="promiscuous-bridge" I0830 22:08:30.838502 846612 flags.go:64] FLAG: --healthz-bind-address="127.0.0.1" I0830 22:08:30.838506 846612 flags.go:64] FLAG: --healthz-port="10248" I0830 22:08:30.838511 846612 flags.go:64] FLAG: --help="false" I0830 22:08:30.838514 846612 flags.go:64] FLAG: --hostname-override="master" I0830 22:08:30.838518 846612 flags.go:64] FLAG: --housekeeping-interval="10s" I0830 22:08:30.838522 846612 flags.go:64] FLAG: --http-check-frequency="20s" I0830 22:08:30.838526 846612 flags.go:64] FLAG: --image-credential-provider-bin-dir="" I0830 22:08:30.838530 846612 flags.go:64] FLAG: --image-credential-provider-config="" I0830 22:08:30.838534 846612 flags.go:64] FLAG: --image-gc-high-threshold="85" I0830 22:08:30.838538 846612 flags.go:64] FLAG: --image-gc-low-threshold="80" I0830 22:08:30.838542 846612 flags.go:64] FLAG: --image-service-endpoint="" I0830 22:08:30.838546 846612 flags.go:64] FLAG: --iptables-drop-bit="15" I0830 22:08:30.838549 846612 flags.go:64] FLAG: --iptables-masquerade-bit="14" I0830 22:08:30.838553 846612 flags.go:64] FLAG: --keep-terminated-pod-volumes="false" I0830 22:08:30.838557 846612 flags.go:64] FLAG: --kernel-memcg-notification="false" I0830 22:08:30.838561 846612 flags.go:64] FLAG: --kube-api-burst="10" I0830 22:08:30.838565 846612 flags.go:64] FLAG: --kube-api-content-type="application/vnd.kubernetes.protobuf" I0830 22:08:30.838570 846612 flags.go:64] FLAG: --kube-api-qps="5" I0830 22:08:30.838574 846612 flags.go:64] FLAG: --kube-reserved="" I0830 22:08:30.838578 846612 flags.go:64] FLAG: --kube-reserved-cgroup="" I0830 22:08:30.838581 846612 flags.go:64] FLAG: --kubeconfig="/etc/kubernetes/ssl/kubecfg-kube-node.yaml" I0830 22:08:30.838586 846612 flags.go:64] FLAG: --kubelet-cgroups="" I0830 22:08:30.838589 846612 flags.go:64] FLAG: --local-storage-capacity-isolation="true" I0830 22:08:30.838593 846612 flags.go:64] FLAG: --lock-file="" I0830 22:08:30.838597 846612 flags.go:64] FLAG: --log-cadvisor-usage="false" I0830 22:08:30.838601 846612 flags.go:64] FLAG: --log-flush-frequency="5s" I0830 22:08:30.838605 846612 flags.go:64] FLAG: --log-json-info-buffer-size="0" I0830 22:08:30.838612 846612 flags.go:64] FLAG: --log-json-split-stream="false" I0830 22:08:30.838617 846612 flags.go:64] FLAG: --logging-format="text" I0830 22:08:30.838621 846612 flags.go:64] FLAG: --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id" I0830 22:08:30.838625 846612 flags.go:64] FLAG: --make-iptables-util-chains="true" I0830 22:08:30.838637 846612 flags.go:64] FLAG: --manifest-url="" I0830 22:08:30.838641 846612 flags.go:64] FLAG: --manifest-url-header="" I0830 22:08:30.838647 846612 flags.go:64] FLAG: --master-service-namespace="default" I0830 22:08:30.838651 846612 flags.go:64] FLAG: --max-open-files="1000000" I0830 22:08:30.838656 846612 flags.go:64] FLAG: --max-pods="110" I0830 22:08:30.838660 846612 flags.go:64] FLAG: --maximum-dead-containers="-1" I0830 22:08:30.838664 846612 flags.go:64] FLAG: --maximum-dead-containers-per-container="1" I0830 22:08:30.838669 846612 flags.go:64] FLAG: --memory-manager-policy="None" I0830 22:08:30.838673 846612 flags.go:64] FLAG: --minimum-container-ttl-duration="0s" I0830 22:08:30.838677 846612 flags.go:64] FLAG: --minimum-image-ttl-duration="2m0s" I0830 22:08:30.838681 846612 flags.go:64] FLAG: --node-ip="" I0830 22:08:30.838684 846612 flags.go:64] FLAG: --node-labels="" I0830 22:08:30.838690 846612 flags.go:64] FLAG: --node-status-max-images="50" I0830 22:08:30.838694 846612 flags.go:64] FLAG: --node-status-update-frequency="10s" I0830 22:08:30.838698 846612 flags.go:64] FLAG: --oom-score-adj="-999" I0830 22:08:30.838702 846612 flags.go:64] FLAG: --pod-cidr="" I0830 22:08:30.838706 846612 flags.go:64] FLAG: --pod-infra-container-image="rancher/mirrored-pause:3.7" I0830 22:08:30.838710 846612 flags.go:64] FLAG: --pod-manifest-path="" I0830 22:08:30.838714 846612 flags.go:64] FLAG: --pod-max-pids="-1" I0830 22:08:30.838717 846612 flags.go:64] FLAG: --pods-per-core="0" I0830 22:08:30.838721 846612 flags.go:64] FLAG: --port="10250" I0830 22:08:30.838725 846612 flags.go:64] FLAG: --protect-kernel-defaults="false" I0830 22:08:30.838729 846612 flags.go:64] FLAG: --provider-id="" I0830 22:08:30.838733 846612 flags.go:64] FLAG: --qos-reserved="" I0830 22:08:30.838736 846612 flags.go:64] FLAG: --read-only-port="0" I0830 22:08:30.838740 846612 flags.go:64] FLAG: --register-node="true" I0830 22:08:30.838744 846612 flags.go:64] FLAG: --register-schedulable="true" I0830 22:08:30.838748 846612 flags.go:64] FLAG: --register-with-taints="node-role.kubernetes.io/controlplane=true:NoSchedule" I0830 22:08:30.838763 846612 flags.go:64] FLAG: --registry-burst="10" I0830 22:08:30.838767 846612 flags.go:64] FLAG: --registry-qps="5" I0830 22:08:30.838771 846612 flags.go:64] FLAG: --reserved-cpus="" I0830 22:08:30.838775 846612 flags.go:64] FLAG: --reserved-memory="" I0830 22:08:30.838780 846612 flags.go:64] FLAG: --resolv-conf="/etc/resolv.conf" I0830 22:08:30.838784 846612 flags.go:64] FLAG: --root-dir="/var/lib/kubelet" I0830 22:08:30.838788 846612 flags.go:64] FLAG: --rotate-certificates="false" I0830 22:08:30.838792 846612 flags.go:64] FLAG: --rotate-server-certificates="false" I0830 22:08:30.838796 846612 flags.go:64] FLAG: --runonce="false" I0830 22:08:30.838800 846612 flags.go:64] FLAG: --runtime-cgroups="" I0830 22:08:30.838804 846612 flags.go:64] FLAG: --runtime-request-timeout="2m0s" I0830 22:08:30.838808 846612 flags.go:64] FLAG: --seccomp-default="false" I0830 22:08:30.838812 846612 flags.go:64] FLAG: --serialize-image-pulls="true" I0830 22:08:30.838815 846612 flags.go:64] FLAG: --storage-driver-buffer-duration="1m0s" I0830 22:08:30.838819 846612 flags.go:64] FLAG: --storage-driver-db="cadvisor" I0830 22:08:30.838823 846612 flags.go:64] FLAG: --storage-driver-host="localhost:8086" I0830 22:08:30.838827 846612 flags.go:64] FLAG: --storage-driver-password="root" I0830 22:08:30.838831 846612 flags.go:64] FLAG: --storage-driver-secure="false" I0830 22:08:30.838835 846612 flags.go:64] FLAG: --storage-driver-table="stats" I0830 22:08:30.838838 846612 flags.go:64] FLAG: --storage-driver-user="root" I0830 22:08:30.838842 846612 flags.go:64] FLAG: --streaming-connection-idle-timeout="30m0s" I0830 22:08:30.838846 846612 flags.go:64] FLAG: --sync-frequency="1m0s" I0830 22:08:30.838850 846612 flags.go:64] FLAG: --system-cgroups="" I0830 22:08:30.838854 846612 flags.go:64] FLAG: --system-reserved="" I0830 22:08:30.838858 846612 flags.go:64] FLAG: --system-reserved-cgroup="" I0830 22:08:30.838861 846612 flags.go:64] FLAG: --tls-cert-file="" I0830 22:08:30.838865 846612 flags.go:64] FLAG: --tls-cipher-suites="[TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305]" I0830 22:08:30.838878 846612 flags.go:64] FLAG: --tls-min-version="" I0830 22:08:30.838882 846612 flags.go:64] FLAG: --tls-private-key-file="" I0830 22:08:30.838885 846612 flags.go:64] FLAG: --topology-manager-policy="none" I0830 22:08:30.838889 846612 flags.go:64] FLAG: --topology-manager-policy-options="" I0830 22:08:30.838893 846612 flags.go:64] FLAG: --topology-manager-scope="container" I0830 22:08:30.838897 846612 flags.go:64] FLAG: --v="2" I0830 22:08:30.838908 846612 flags.go:64] FLAG: --version="false" I0830 22:08:30.838915 846612 flags.go:64] FLAG: --vmodule="" I0830 22:08:30.838920 846612 flags.go:64] FLAG: --volume-plugin-dir="/var/lib/kubelet/volumeplugins" I0830 22:08:30.838925 846612 flags.go:64] FLAG: --volume-stats-agg-period="1m0s" I0830 22:08:30.839028 846612 feature_gate.go:249] feature gates: &{map[]} I0830 22:08:30.843094 846612 server.go:412] "Kubelet version" kubeletVersion="v1.26.6" I0830 22:08:30.843122 846612 server.go:414] "Golang settings" GOGC="" GOMAXPROCS="" GOTRACEBACK="" I0830 22:08:30.843189 846612 feature_gate.go:249] feature gates: &{map[]} I0830 22:08:30.843303 846612 feature_gate.go:249] feature gates: &{map[]} I0830 22:08:30.847196 846612 dynamic_cafile_content.go:119] "Loaded a new CA Bundle and Verifier" name="client-ca-bundle::/etc/kubernetes/ssl/kube-ca.pem" I0830 22:08:30.847756 846612 manager.go:163] cAdvisor running in container: "/docker/0b17ad56e24213ad8072ca1fb4a29666231d1f0bdb8dba103f4c638679a81a7d" I0830 22:08:30.848551 846612 dynamic_cafile_content.go:157] "Starting controller" name="client-ca-bundle::/etc/kubernetes/ssl/kube-ca.pem" I0830 22:08:30.896215 846612 fs.go:133] Filesystem UUIDs: map[4ae0e24f-f248-473b-a83a-f101b4b53c80:/dev/sda2 62D2-B384:/dev/sda1 6733b2cb-5746-4197-84ee-77a1928a5d82:/dev/dm-2 c45eb4a0-b19a-4769-a17f-36a5e935f8a6:/dev/dm-0 eb8c9eb4-1725-4a46-87eb-8eea53e1a879:/dev/dm-1] I0830 22:08:30.896631 846612 fs.go:134] Filesystem partitions: map[/dev:{mountpoint:/dev major:0 minor:108 fsType:tmpfs blockSize:0} /dev/mapper/almalinux-root:{mountpoint:/var/lib/docker major:253 minor:0 fsType:xfs blockSize:0} /dev/shm:{mountpoint:/dev/shm major:0 minor:22 fsType:tmpfs blockSize:0} /host/dev/shm:{mountpoint:/host/dev/shm major:0 minor:22 fsType:tmpfs blockSize:0} /run:{mountpoint:/run major:0 minor:24 fsType:tmpfs blockSize:0} /run/user/0:{mountpoint:/run/user/0 major:0 minor:47 fsType:tmpfs blockSize:0} /run/user/1001:{mountpoint:/run/user/1001 major:0 minor:49 fsType:tmpfs blockSize:0} /run/user/42:{mountpoint:/run/user/42 major:0 minor:48 fsType:tmpfs blockSize:0} /sys/fs/cgroup:{mountpoint:/sys/fs/cgroup major:0 minor:25 fsType:tmpfs blockSize:0} overlay_0-105:{mountpoint:/ major:0 minor:105 fsType:overlay blockSize:0}] I0830 22:08:30.896761 846612 nvidia.go:55] NVIDIA GPU metrics disabled I0830 22:08:30.925975 846612 manager.go:212] Machine: {Timestamp:2023-08-30 22:08:30.923624257 +0000 UTC m=+0.144521304 CPUVendorID:GenuineIntel NumCores:32 NumPhysicalCores:8 NumSockets:2 CpuFrequency:2900000 MemoryCapacity:269458673664 MemoryByType:map[Registered-DDR4:0xc0005216c0] NVMInfo:{MemoryModeCapacity:0 AppDirectModeCapacity:0 AvgPowerBudget:0} HugePages:[{PageSize:1048576 NumPages:0} {PageSize:2048 NumPages:0}] MachineID:50ca20960ea94552bd5ef84a20ce7e47 SystemUUID:a1c62d2a-ceb1-11e6-b9b8-0894ef355672 BootID:a6ee322d-f8cf-478d-a150-f001906aabc4 Filesystems:[{Device:overlay_0-105 DeviceMajor:0 DeviceMinor:105 Capacity:75125227520 Type:vfs Inodes:36700160 HasInodes:true} {Device:/dev DeviceMajor:0 DeviceMinor:108 Capacity:134698209280 Type:vfs Inodes:32885305 HasInodes:true} {Device:/run/user/42 DeviceMajor:0 DeviceMinor:48 Capacity:134729334784 Type:vfs Inodes:32892904 HasInodes:true} {Device:/run/user/0 DeviceMajor:0 DeviceMinor:47 Capacity:134729334784 Type:vfs Inodes:32892904 HasInodes:true} {Device:/dev/mapper/almalinux-root DeviceMajor:253 DeviceMinor:0 Capacity:75125227520 Type:vfs Inodes:36700160 HasInodes:true} {Device:/sys/fs/cgroup DeviceMajor:0 DeviceMinor:25 Capacity:134729334784 Type:vfs Inodes:32892904 HasInodes:true} {Device:/dev/shm DeviceMajor:0 DeviceMinor:22 Capacity:134729334784 Type:vfs Inodes:32892904 HasInodes:true} {Device:/run DeviceMajor:0 DeviceMinor:24 Capacity:134729334784 Type:vfs Inodes:32892904 HasInodes:true} {Device:/run/user/1001 DeviceMajor:0 DeviceMinor:49 Capacity:134729334784 Type:vfs Inodes:32892904 HasInodes:true} {Device:/host/dev/shm DeviceMajor:0 DeviceMinor:22 Capacity:134729334784 Type:vfs Inodes:32892904 HasInodes:true}] DiskMap:map[253:0:{Name:dm-0 Major:253 Minor:0 Size:75161927680 Scheduler:none} 253:1:{Name:dm-1 Major:253 Minor:1 Size:4294967296 Scheduler:none} 253:2:{Name:dm-2 Major:253 Minor:2 Size:4710828343296 Scheduler:none} 8:0:{Name:sda Major:8 Minor:0 Size:4791992320000 Scheduler:mq-deadline}] NetworkDevices:[{Name:eno1 MacAddress:08:94:ef:35:56:72 Speed:100 Mtu:1500} {Name:eno2 MacAddress:08:94:ef:35:56:73 Speed:100 Mtu:1500} {Name:eno3 MacAddress:08:94:ef:35:56:74 Speed:-1 Mtu:1500} {Name:eno4 MacAddress:08:94:ef:35:56:75 Speed:-1 Mtu:1500} {Name:enp0s20u1u5 MacAddress:0a:94:ef:35:56:79 Speed:0 Mtu:1500} {Name:ens3f0 MacAddress:40:f2:e9:1e:55:f9 Speed:-1 Mtu:1500} {Name:ens3f1 MacAddress:40:f2:e9:1e:55:f8 Speed:-1 Mtu:1500} {Name:tunl0 MacAddress:00:00:00:00 Speed:0 Mtu:1440} {Name:virbr0 MacAddress:52:54:00:51:c2:c0 Speed:-1 Mtu:1500}] Topology:[{Id:0 Memory:134215655424 HugePages:[{PageSize:1048576 NumPages:0} {PageSize:2048 NumPages:0}] Cores:[{Id:0 Threads:[0 16] Caches:[{Id:0 Size:32768 Type:Data Level:1} {Id:0 Size:32768 Type:Instruction Level:1} {Id:0 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:0} {Id:1 Threads:[1 17] Caches:[{Id:1 Size:32768 Type:Data Level:1} {Id:1 Size:32768 Type:Instruction Level:1} {Id:1 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:0} {Id:2 Threads:[18 2] Caches:[{Id:2 Size:32768 Type:Data Level:1} {Id:2 Size:32768 Type:Instruction Level:1} {Id:2 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:0} {Id:3 Threads:[19 3] Caches:[{Id:3 Size:32768 Type:Data Level:1} {Id:3 Size:32768 Type:Instruction Level:1} {Id:3 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:0} {Id:4 Threads:[20 4] Caches:[{Id:4 Size:32768 Type:Data Level:1} {Id:4 Size:32768 Type:Instruction Level:1} {Id:4 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:0} {Id:5 Threads:[21 5] Caches:[{Id:5 Size:32768 Type:Data Level:1} {Id:5 Size:32768 Type:Instruction Level:1} {Id:5 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:0} {Id:6 Threads:[22 6] Caches:[{Id:6 Size:32768 Type:Data Level:1} {Id:6 Size:32768 Type:Instruction Level:1} {Id:6 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:0} {Id:7 Threads:[23 7] Caches:[{Id:7 Size:32768 Type:Data Level:1} {Id:7 Size:32768 Type:Instruction Level:1} {Id:7 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:0}] Caches:[{Id:0 Size:20971520 Type:Unified Level:3}] Distances:[10 21]} {Id:1 Memory:135243018240 HugePages:[{PageSize:1048576 NumPages:0} {PageSize:2048 NumPages:0}] Cores:[{Id:2 Threads:[10 26] Caches:[{Id:10 Size:32768 Type:Data Level:1} {Id:10 Size:32768 Type:Instruction Level:1} {Id:10 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:1} {Id:3 Threads:[11 27] Caches:[{Id:11 Size:32768 Type:Data Level:1} {Id:11 Size:32768 Type:Instruction Level:1} {Id:11 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:1} {Id:4 Threads:[12 28] Caches:[{Id:12 Size:32768 Type:Data Level:1} {Id:12 Size:32768 Type:Instruction Level:1} {Id:12 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:1} {Id:5 Threads:[13 29] Caches:[{Id:13 Size:32768 Type:Data Level:1} {Id:13 Size:32768 Type:Instruction Level:1} {Id:13 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:1} {Id:6 Threads:[14 30] Caches:[{Id:14 Size:32768 Type:Data Level:1} {Id:14 Size:32768 Type:Instruction Level:1} {Id:14 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:1} {Id:7 Threads:[15 31] Caches:[{Id:15 Size:32768 Type:Data Level:1} {Id:15 Size:32768 Type:Instruction Level:1} {Id:15 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:1} {Id:0 Threads:[24 8] Caches:[{Id:8 Size:32768 Type:Data Level:1} {Id:8 Size:32768 Type:Instruction Level:1} {Id:8 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:1} {Id:1 Threads:[25 9] Caches:[{Id:9 Size:32768 Type:Data Level:1} {Id:9 Size:32768 Type:Instruction Level:1} {Id:9 Size:262144 Type:Unified Level:2}] UncoreCaches:[] SocketID:1}] Caches:[{Id:1 Size:20971520 Type:Unified Level:3}] Distances:[21 10]}] CloudProvider:Unknown InstanceType:Unknown InstanceID:None} I0830 22:08:30.926204 846612 manager_no_libpfm.go:29] cAdvisor is build without cgo and/or libpfm support. Perf event counters are not available. I0830 22:08:30.926614 846612 manager.go:228] Version: {KernelVersion:4.18.0-372.9.1.el8.x86_64 ContainerOsVersion:AlmaLinux 8.6 (Sky Tiger) DockerVersion: DockerAPIVersion: CadvisorVersion: CadvisorRevision:} I0830 22:08:30.926791 846612 server.go:659] "--cgroups-per-qos enabled, but --cgroup-root was not specified. defaulting to /" I0830 22:08:30.927289 846612 container_manager_linux.go:267] "Container manager verified user specified cgroup-root exists" cgroupRoot=[] I0830 22:08:30.927360 846612 container_manager_linux.go:272] "Creating Container Manager object based on Node Config" nodeConfig={RuntimeCgroupsName: SystemCgroupsName: KubeletCgroupsName: KubeletOOMScoreAdj:-999 ContainerRuntime: CgroupsPerQOS:true CgroupRoot:/ CgroupDriver:cgroupfs KubeletRootDir:/var/lib/kubelet ProtectKernelDefaults:false NodeAllocatableConfig:{KubeReservedCgroupName: SystemReservedCgroupName: ReservedSystemCPUs: EnforceNodeAllocatable:map[pods:{}] KubeReserved:map[] SystemReserved:map[] HardEvictionThresholds:[]} QOSReserved:map[] CPUManagerPolicy:none CPUManagerPolicyOptions:map[] ExperimentalTopologyManagerScope:container CPUManagerReconcilePeriod:10s ExperimentalMemoryManagerPolicy:None ExperimentalMemoryManagerReservedMemory:[] ExperimentalPodPidsLimit:-1 EnforceCPULimits:true CPUCFSQuotaPeriod:100ms ExperimentalTopologyManagerPolicy:none ExperimentalTopologyManagerPolicyOptions:map[]} I0830 22:08:30.927396 846612 topology_manager.go:134] "Creating topology manager with policy per scope" topologyPolicyName="none" topologyScopeName="container" I0830 22:08:30.927418 846612 container_manager_linux.go:308] "Creating device plugin manager" I0830 22:08:30.927467 846612 manager.go:125] "Creating Device Plugin manager" path="/var/lib/kubelet/device-plugins/kubelet.sock" I0830 22:08:30.927503 846612 server.go:66] "Creating device plugin registration server" version="v1beta1" socket="/var/lib/kubelet/device-plugins/kubelet.sock" I0830 22:08:30.927539 846612 state_mem.go:36] "Initialized new in-memory state store" I0830 22:08:30.937760 846612 remote_runtime.go:121] "Validated CRI v1 runtime API" I0830 22:08:30.959225 846612 remote_image.go:97] "Validated CRI v1 image API" I0830 22:08:30.959262 846612 server.go:1147] "Using root directory" path="/var/lib/kubelet" I0830 22:08:30.959370 846612 kubelet.go:397] "Attempting to sync node with API server" I0830 22:08:30.959386 846612 kubelet.go:297] "Adding apiserver pod source" I0830 22:08:30.959405 846612 apiserver.go:42] "Waiting for node sync before watching apiserver pods" I0830 22:08:30.967811 846612 kuberuntime_manager.go:244] "Container runtime initialized" containerRuntime="docker" version="23.0.6" apiVersion="v1" I0830 22:08:30.968176 846612 kubelet.go:696] "stats provider: " useLegacyCadvisorStats=true I0830 22:08:30.968404 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/azure-disk" I0830 22:08:30.968422 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/azure-file" I0830 22:08:30.968464 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/vsphere-volume" I0830 22:08:30.968486 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/portworx-volume" I0830 22:08:30.968498 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/rbd" I0830 22:08:30.968515 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/aws-ebs" I0830 22:08:30.968525 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/gce-pd" I0830 22:08:30.968541 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/empty-dir" I0830 22:08:30.968554 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/git-repo" I0830 22:08:30.968592 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/host-path" I0830 22:08:30.968610 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/nfs" I0830 22:08:30.968620 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/secret" I0830 22:08:30.968631 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/iscsi" I0830 22:08:30.968643 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/cephfs" I0830 22:08:30.968653 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/downward-api" I0830 22:08:30.968667 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/fc" I0830 22:08:30.968677 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/configmap" I0830 22:08:30.968687 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/projected" I0830 22:08:30.968698 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/local-volume" I0830 22:08:30.968754 846612 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/csi" I0830 22:08:30.968959 846612 server.go:1186] "Started kubelet" E0830 22:08:30.969074 846612 kubelet.go:1386] "Image garbage collection failed once. Stats initialization may not have completed yet" err="failed to get imageFs info: unable to find data in memory cache" I0830 22:08:30.969213 846612 server.go:161] "Starting to listen" address="0.0.0.0" port=10250 I0830 22:08:30.972135 846612 server.go:451] "Adding debug handlers to kubelet server" I0830 22:08:30.972300 846612 fs_resource_analyzer.go:67] "Starting FS ResourceAnalyzer" I0830 22:08:30.974073 846612 desired_state_of_world_populator.go:151] "Desired state populator starts to run" I0830 22:08:30.974016 846612 volume_manager.go:291] "The desired_state_of_world populator starts" I0830 22:08:30.974164 846612 volume_manager.go:293] "Starting Kubelet Volume Manager" I0830 22:08:30.977563 846612 nodeinfomanager.go:401] Failed to publish CSINode: nodes "master" not found E0830 22:08:30.977833 846612 nodelease.go:49] "Failed to get node when trying to set owner ref to the node lease" err="nodes \"master\" not found" node="master" I0830 22:08:30.982248 846612 factory.go:145] Registering containerd factory I0830 22:08:30.992041 846612 nodeinfomanager.go:401] Failed to publish CSINode: nodes "master" not found I0830 22:08:30.997352 846612 factory.go:378] Registering Docker factory I0830 22:08:30.997395 846612 factory.go:55] Registering systemd factory I0830 22:08:30.997535 846612 factory.go:103] Registering Raw factory I0830 22:08:30.997639 846612 manager.go:1201] Started watching for new ooms in manager I0830 22:08:30.998411 846612 manager.go:302] Starting recovery of all containers I0830 22:08:31.004228 846612 kubelet_network_linux.go:63] "Initialized iptables rules." protocol=IPv4 I0830 22:08:31.022927 846612 kubelet_network_linux.go:63] "Initialized iptables rules." protocol=IPv6 I0830 22:08:31.022955 846612 status_manager.go:176] "Starting to sync pod status with apiserver" I0830 22:08:31.022994 846612 kubelet.go:2113] "Starting kubelet main sync loop" E0830 22:08:31.023138 846612 kubelet.go:2137] "Skipping pod synchronization" err="[container runtime status check may not have completed yet, PLEG is not healthy: pleg has yet to be successful]" I0830 22:08:31.037733 846612 manager.go:307] Recovery completed I0830 22:08:31.038892 846612 generic.go:332] "Generic (PLEG): container finished" podID=ede9f284-3f42-45cd-aac5-5780df9c9a3f containerID="d0d6b9356ded6f556c08e9cfc9b7e2b295de843a79abc9402190521591f66f94" exitCode=1 I0830 22:08:31.044397 846612 generic.go:332] "Generic (PLEG): container finished" podID=45cf6f3a-139c-4264-9ab2-178069db94b9 containerID="c9efc224321e63be8d459b69d65eb3aeadd052e2f793ab797c7d0f630e067de7" exitCode=1 I0830 22:08:31.049499 846612 generic.go:332] "Generic (PLEG): container finished" podID=7bbe36c8-cfda-49fc-89a8-fa026c28ad16 containerID="a9144e1b81525e2c4c17133cb59a1bd586ca1cc71178e71c87178ddebfb154df" exitCode=1 time="2023-08-30T22:08:31Z" level=info msg="Failed to read pod IP from plugin/docker: networkPlugin cni failed on the status hook for pod \"ingress-nginx-admission-create-tsf7z_ingress-nginx\": CNI failed to retrieve network namespace path: cannot find network namespace for the terminated container \"fb2f04fffac23aeacd8e0408aae1c2b869d4528860603481a3aabf25930b181e\"" I0830 22:08:31.058044 846612 generic.go:332] "Generic (PLEG): container finished" podID=e3a5f42a-455a-439e-9e4f-367d52f10681 containerID="ba179d4d41341105344731cb684260310e80c8f4b54fa7e9f651d5b51b27d50b" exitCode=1 I0830 22:08:31.063001 846612 generic.go:332] "Generic (PLEG): container finished" podID=cfede44c-e2b3-4eb2-89dd-02ad907efb07 containerID="f99546d6eb391fdf675fb049405705e49356997fad101f85ab05ac07a48f9bf1" exitCode=1 I0830 22:08:31.067853 846612 generic.go:332] "Generic (PLEG): container finished" podID=1bdc03ce-b250-4f2b-9baa-bcd08ecbc958 containerID="bc5517e2855b9ba4d4bfc41578a131f1dead80dcb42bc3f9eaa63e7cabfb9883" exitCode=1 I0830 22:08:31.072942 846612 kubelet_node_status.go:352] "Setting node annotation to enable volume controller attach/detach" I0830 22:08:31.073543 846612 generic.go:332] "Generic (PLEG): container finished" podID=9fe21ade-4f4a-4c6f-ae60-1b25385b8d63 containerID="c4be98daaa1fab2828e5ed266acf4565114b9a930f5b9ae85e3d349be4902507" exitCode=1 E0830 22:08:31.075325 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" I0830 22:08:31.078409 846612 generic.go:332] "Generic (PLEG): container finished" podID=41927408-6175-4e28-bb47-ec8ad26eadec containerID="04576981f97708e5fdfdecdd00f34df58c6693ec18577594b7e9d71989cc3e0b" exitCode=1 I0830 22:08:31.084454 846612 generic.go:332] "Generic (PLEG): container finished" podID=bfeaf3bd-2625-4d15-a964-c470cd024d42 containerID="273c3a0bb62456eb9ba4297355c22a9e2389144dadc7d47ccb0cd94b40d45186" exitCode=1 I0830 22:08:31.084501 846612 kubelet_node_status.go:669] "Recording event message for node" node="master" event="NodeHasSufficientMemory" I0830 22:08:31.084534 846612 kubelet_node_status.go:669] "Recording event message for node" node="master" event="NodeHasNoDiskPressure" I0830 22:08:31.084550 846612 kubelet_node_status.go:669] "Recording event message for node" node="master" event="NodeHasSufficientPID" I0830 22:08:31.084581 846612 kubelet_node_status.go:70] "Attempting to register node" node="master" I0830 22:08:31.089626 846612 generic.go:332] "Generic (PLEG): container finished" podID=d9d2021b-1e46-4407-9175-f8b4548116fd containerID="22acfa09cb13eb392a09b3babfee9e3c57534a5b0f4f72b5edca19bddad4d5ee" exitCode=1 I0830 22:08:31.094735 846612 generic.go:332] "Generic (PLEG): container finished" podID=c0eccfdf-5050-40f4-b551-400047318c0c containerID="ce588c7b413e2dd70ef98cef99e780a85edbf4d1df4bcc512397dd81176741cf" exitCode=1 E0830 22:08:31.123912 846612 kubelet.go:2137] "Skipping pod synchronization" err="container runtime status check may not have completed yet" I0830 22:08:31.140567 846612 kubelet_node_status.go:352] "Setting node annotation to enable volume controller attach/detach" E0830 22:08:31.142440 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" I0830 22:08:31.149206 846612 kubelet_node_status.go:669] "Recording event message for node" node="master" event="NodeHasSufficientMemory" I0830 22:08:31.149245 846612 kubelet_node_status.go:669] "Recording event message for node" node="master" event="NodeHasNoDiskPressure" I0830 22:08:31.149257 846612 kubelet_node_status.go:669] "Recording event message for node" node="master" event="NodeHasSufficientPID" I0830 22:08:31.154806 846612 cpu_manager.go:214] "Starting CPU manager" policy="none" I0830 22:08:31.154823 846612 cpu_manager.go:215] "Reconciling" reconcilePeriod="10s" I0830 22:08:31.154855 846612 state_mem.go:36] "Initialized new in-memory state store" I0830 22:08:31.155054 846612 state_mem.go:88] "Updated default CPUSet" cpuSet="" I0830 22:08:31.155071 846612 state_mem.go:96] "Updated CPUSet assignments" assignments=map[] I0830 22:08:31.155079 846612 state_checkpoint.go:136] "State checkpoint: restored state from checkpoint" I0830 22:08:31.155087 846612 state_checkpoint.go:137] "State checkpoint: defaultCPUSet" defaultCpuSet="" I0830 22:08:31.155094 846612 policy_none.go:49] "None policy: Start" I0830 22:08:31.161331 846612 memory_manager.go:169] "Starting memorymanager" policy="None" I0830 22:08:31.161363 846612 state_mem.go:35] "Initializing new in-memory state store" I0830 22:08:31.161592 846612 state_mem.go:75] "Updated machine memory state" I0830 22:08:31.161608 846612 state_checkpoint.go:82] "State checkpoint: restored state from checkpoint" I0830 22:08:31.162189 846612 nodeinfomanager.go:401] Failed to publish CSINode: nodes "master" not found I0830 22:08:31.163640 846612 manager.go:281] "Starting Device Plugin manager" I0830 22:08:31.163684 846612 manager.go:455] "Failed to read data from checkpoint" checkpoint="kubelet_internal_checkpoint" err="checkpoint is not found" I0830 22:08:31.163705 846612 server.go:79] "Starting device plugin registration server" I0830 22:08:31.163975 846612 plugin_watcher.go:52] "Plugin Watcher Start" path="/var/lib/kubelet/plugins_registry" I0830 22:08:31.164065 846612 plugin_manager.go:116] "The desired_state_of_world populator (plugin watcher) starts" I0830 22:08:31.164075 846612 plugin_manager.go:118] "Starting Kubelet Plugin Manager" E0830 22:08:31.164064 846612 eviction_manager.go:261] "Eviction manager: failed to get summary stats" err="failed to get node info: node \"master\" not found" I0830 22:08:31.324987 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="4abbae7c65106763e74df8a912bb315de3d64f246af7e586595f9bd972689cad" I0830 22:08:31.325018 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="08ea12fc297f0f31c9cb87bffb42c048d30294420824fb735774aac2ed4c58f9" I0830 22:08:31.325029 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="3291f27ce02738cc4703113e1a10b6b32429b0ddff2c0267ec8b9cb5d29bdd32" I0830 22:08:31.325038 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="fb2f04fffac23aeacd8e0408aae1c2b869d4528860603481a3aabf25930b181e" I0830 22:08:31.325051 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="6dadb66fbb63c3dec7c165367c4e4f2010fa8030973363f3dd946718bbce0b5d" I0830 22:08:31.325065 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="f19a6d4c8b496830d9f6da0a5493fb6e1e464a49b0efa4d4c19431bb04cba738" I0830 22:08:31.325080 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="1821688e17dbc4d114018d33d7c90697b64e866d89c660676cb4b0b42cebf468" I0830 22:08:31.325090 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="0f7fd373bc752c208c05ce3970a637fd6e58dd15c5636f99e3d8ddf5e41a80f6" I0830 22:08:31.325101 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="235be232014e0bd15fc3fb81dab465e12c1577adc5ee57aaf7d54880f3b20c10" I0830 22:08:31.325112 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="50f99d0991384ccf146a8ef3633073dd4d7d00ef74d80e9106fc05ec427a0492" I0830 22:08:31.325123 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="563a6d9f3c6a064028a4b5ff3d20b7dbba6726bf4bcb1ab6959a64a25aabcbfd" I0830 22:08:31.325140 846612 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="73e2c13be0e71f1382bd7a89110b1b225766759e349af5fa81faabafa6890cfc" I0830 22:08:31.363726 846612 kubelet_node_status.go:73] "Successfully registered node" node="master" E0830 22:08:31.367193 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" I0830 22:08:31.390591 846612 kuberuntime_manager.go:1114] "Updating runtime config through cri with podcidr" CIDR="10.42.0.0/24" time="2023-08-30T22:08:31Z" level=info msg="Docker cri received runtime config &RuntimeConfig{NetworkConfig:&NetworkConfig{PodCidr:10.42.0.0/24,},}" I0830 22:08:31.391210 846612 kubelet_network.go:61] "Updating Pod CIDR" originalPodCIDR="" newPodCIDR="10.42.0.0/24" E0830 22:08:31.393101 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:31.508771 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:31.629368 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:31.744488 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:31.862518 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" I0830 22:08:31.959921 846612 apiserver.go:52] "Watching apiserver" E0830 22:08:31.982549 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:32.101027 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" I0830 22:08:32.162251 846612 kubelet.go:2199] "SyncLoop ADD" source="api" pods="[]" I0830 22:08:32.176162 846612 desired_state_of_world_populator.go:159] "Finished populating initial desired state of world" I0830 22:08:32.181378 846612 reconciler.go:41] "Reconciler: start to sync state" E0830 22:08:32.217173 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:32.336798 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:32.455303 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:32.573079 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:32.691923 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:32.809676 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:32.927898 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" I0830 22:08:33.029372 846612 kubelet_volumes.go:160] "Cleaned up orphaned pod volumes dir" podUID=1bdc03ce-b250-4f2b-9baa-bcd08ecbc958 path="/var/lib/kubelet/pods/1bdc03ce-b250-4f2b-9baa-bcd08ecbc958/volumes" I0830 22:08:33.029914 846612 kubelet_volumes.go:160] "Cleaned up orphaned pod volumes dir" podUID=41927408-6175-4e28-bb47-ec8ad26eadec path="/var/lib/kubelet/pods/41927408-6175-4e28-bb47-ec8ad26eadec/volumes" I0830 22:08:33.030341 846612 kubelet_volumes.go:160] "Cleaned up orphaned pod volumes dir" podUID=45cf6f3a-139c-4264-9ab2-178069db94b9 path="/var/lib/kubelet/pods/45cf6f3a-139c-4264-9ab2-178069db94b9/volumes" I0830 22:08:33.030791 846612 kubelet_volumes.go:160] "Cleaned up orphaned pod volumes dir" podUID=7bbe36c8-cfda-49fc-89a8-fa026c28ad16 path="/var/lib/kubelet/pods/7bbe36c8-cfda-49fc-89a8-fa026c28ad16/volumes" I0830 22:08:33.031202 846612 kubelet_volumes.go:160] "Cleaned up orphaned pod volumes dir" podUID=9fe21ade-4f4a-4c6f-ae60-1b25385b8d63 path="/var/lib/kubelet/pods/9fe21ade-4f4a-4c6f-ae60-1b25385b8d63/volumes" I0830 22:08:33.031733 846612 kubelet_volumes.go:160] "Cleaned up orphaned pod volumes dir" podUID=bfeaf3bd-2625-4d15-a964-c470cd024d42 path="/var/lib/kubelet/pods/bfeaf3bd-2625-4d15-a964-c470cd024d42/volumes" I0830 22:08:33.032190 846612 kubelet_volumes.go:160] "Cleaned up orphaned pod volumes dir" podUID=c0eccfdf-5050-40f4-b551-400047318c0c path="/var/lib/kubelet/pods/c0eccfdf-5050-40f4-b551-400047318c0c/volumes" I0830 22:08:33.032640 846612 kubelet_volumes.go:160] "Cleaned up orphaned pod volumes dir" podUID=cfede44c-e2b3-4eb2-89dd-02ad907efb07 path="/var/lib/kubelet/pods/cfede44c-e2b3-4eb2-89dd-02ad907efb07/volumes" I0830 22:08:33.033072 846612 kubelet_volumes.go:160] "Cleaned up orphaned pod volumes dir" podUID=d9d2021b-1e46-4407-9175-f8b4548116fd path="/var/lib/kubelet/pods/d9d2021b-1e46-4407-9175-f8b4548116fd/volumes" I0830 22:08:33.033506 846612 kubelet_volumes.go:160] "Cleaned up orphaned pod volumes dir" podUID=e3a5f42a-455a-439e-9e4f-367d52f10681 path="/var/lib/kubelet/pods/e3a5f42a-455a-439e-9e4f-367d52f10681/volumes" I0830 22:08:33.033965 846612 kubelet_volumes.go:160] "Cleaned up orphaned pod volumes dir" podUID=ede9f284-3f42-45cd-aac5-5780df9c9a3f path="/var/lib/kubelet/pods/ede9f284-3f42-45cd-aac5-5780df9c9a3f/volumes" E0830 22:08:33.046106 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master" E0830 22:08:33.162971 846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master"

- kube-scheduler

• echo kube-scheduler --kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-scheduler.yaml --leader-elect=true --profiling=false --v=2 --authentication-kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-scheduler.yaml --authorization-kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-scheduler.yaml
• grep -q cloud-provider=azure
• '[' kube-scheduler = kube-proxy ']'
• '[' kube-scheduler = kubelet ']'
• exec kube-scheduler --kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-scheduler.yaml --leader-elect=true --profiling=false --v=2 --authentication-kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-scheduler.yaml --authorization-kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-scheduler.yaml I0830 22:08:13.101796 1 flags.go:64] FLAG: --allow-metric-labels="[]" I0830 22:08:13.101841 1 flags.go:64] FLAG: --authentication-kubeconfig="/etc/kubernetes/ssl/kubecfg-kube-scheduler.yaml" I0830 22:08:13.101859 1 flags.go:64] FLAG: --authentication-skip-lookup="false" I0830 22:08:13.101864 1 flags.go:64] FLAG: --authentication-token-webhook-cache-ttl="10s" I0830 22:08:13.101869 1 flags.go:64] FLAG: --authentication-tolerate-lookup-failure="true" I0830 22:08:13.101872 1 flags.go:64] FLAG: --authorization-always-allow-paths="[/healthz,/readyz,/livez]" I0830 22:08:13.101878 1 flags.go:64] FLAG: --authorization-kubeconfig="/etc/kubernetes/ssl/kubecfg-kube-scheduler.yaml" I0830 22:08:13.101883 1 flags.go:64] FLAG: --authorization-webhook-cache-authorized-ttl="10s" I0830 22:08:13.101899 1 flags.go:64] FLAG: --authorization-webhook-cache-unauthorized-ttl="10s" I0830 22:08:13.101903 1 flags.go:64] FLAG: --bind-address="0.0.0.0" I0830 22:08:13.101920 1 flags.go:64] FLAG: --cert-dir="" I0830 22:08:13.101924 1 flags.go:64] FLAG: --client-ca-file="" I0830 22:08:13.101928 1 flags.go:64] FLAG: --config="" I0830 22:08:13.101932 1 flags.go:64] FLAG: --contention-profiling="true" I0830 22:08:13.101936 1 flags.go:64] FLAG: --disabled-metrics="[]" I0830 22:08:13.101941 1 flags.go:64] FLAG: --feature-gates="" I0830 22:08:13.101946 1 flags.go:64] FLAG: --help="false" I0830 22:08:13.101951 1 flags.go:64] FLAG: --http2-max-streams-per-connection="0" I0830 22:08:13.101956 1 flags.go:64] FLAG: --kube-api-burst="100" I0830 22:08:13.101960 1 flags.go:64] FLAG: --kube-api-content-type="application/vnd.kubernetes.protobuf" I0830 22:08:13.101965 1 flags.go:64] FLAG: --kube-api-qps="50" I0830 22:08:13.101972 1 flags.go:64] FLAG: --kubeconfig="/etc/kubernetes/ssl/kubecfg-kube-scheduler.yaml" I0830 22:08:13.102000 1 flags.go:64] FLAG: --leader-elect="true" I0830 22:08:13.102010 1 flags.go:64] FLAG: --leader-elect-lease-duration="15s" I0830 22:08:13.102018 1 flags.go:64] FLAG: --leader-elect-renew-deadline="10s" I0830 22:08:13.102025 1 flags.go:64] FLAG: --leader-elect-resource-lock="leases" I0830 22:08:13.102032 1 flags.go:64] FLAG: --leader-elect-resource-name="kube-scheduler" I0830 22:08:13.102039 1 flags.go:64] FLAG: --leader-elect-resource-namespace="kube-system" I0830 22:08:13.102043 1 flags.go:64] FLAG: --leader-elect-retry-period="2s" I0830 22:08:13.102065 1 flags.go:64] FLAG: --lock-object-name="kube-scheduler" I0830 22:08:13.102071 1 flags.go:64] FLAG: --lock-object-namespace="kube-system" I0830 22:08:13.102076 1 flags.go:64] FLAG: --log-flush-frequency="5s" I0830 22:08:13.102080 1 flags.go:64] FLAG: --log-json-info-buffer-size="0" I0830 22:08:13.102089 1 flags.go:64] FLAG: --log-json-split-stream="false" I0830 22:08:13.102093 1 flags.go:64] FLAG: --logging-format="text" I0830 22:08:13.102097 1 flags.go:64] FLAG: --master="" I0830 22:08:13.102101 1 flags.go:64] FLAG: --permit-address-sharing="false" I0830 22:08:13.102105 1 flags.go:64] FLAG: --permit-port-sharing="false" I0830 22:08:13.102109 1 flags.go:64] FLAG: --pod-max-in-unschedulable-pods-duration="5m0s" I0830 22:08:13.102113 1 flags.go:64] FLAG: --profiling="false" I0830 22:08:13.102117 1 flags.go:64] FLAG: --requestheader-allowed-names="[]" I0830 22:08:13.102123 1 flags.go:64] FLAG: --requestheader-client-ca-file="" I0830 22:08:13.102126 1 flags.go:64] FLAG: --requestheader-extra-headers-prefix="[x-remote-extra-]" I0830 22:08:13.102134 1 flags.go:64] FLAG: --requestheader-group-headers="[x-remote-group]" I0830 22:08:13.102139 1 flags.go:64] FLAG: --requestheader-username-headers="[x-remote-user]" I0830 22:08:13.102144 1 flags.go:64] FLAG: --secure-port="10259" I0830 22:08:13.102149 1 flags.go:64] FLAG: --show-hidden-metrics-for-version="" I0830 22:08:13.102153 1 flags.go:64] FLAG: --tls-cert-file="" I0830 22:08:13.102157 1 flags.go:64] FLAG: --tls-cipher-suites="[]" I0830 22:08:13.102162 1 flags.go:64] FLAG: --tls-min-version="" I0830 22:08:13.102166 1 flags.go:64] FLAG: --tls-private-key-file="" I0830 22:08:13.102170 1 flags.go:64] FLAG: --tls-sni-cert-key="[]" I0830 22:08:13.102176 1 flags.go:64] FLAG: --v="2" I0830 22:08:13.102181 1 flags.go:64] FLAG: --version="false" I0830 22:08:13.102192 1 flags.go:64] FLAG: --vmodule="" I0830 22:08:13.102198 1 flags.go:64] FLAG: --write-config-to="" I0830 22:08:13.743253 1 serving.go:348] Generated self-signed cert in-memory I0830 22:08:14.189497 1 requestheader_controller.go:244] Loaded a new request header values for RequestHeaderAuthRequestController I0830 22:08:14.205704 1 configfile.go:105] "Using component config" config=< apiVersion: kubescheduler.config.k8s.io/v1 clientConnection: acceptContentTypes: "" burst: 100 contentType: application/vnd.kubernetes.protobuf kubeconfig: /etc/kubernetes/ssl/kubecfg-kube-scheduler.yaml qps: 50 enableContentionProfiling: true enableProfiling: false kind: KubeSchedulerConfiguration leaderElection: leaderElect: true leaseDuration: 15s renewDeadline: 10s resourceLock: leases resourceName: kube-scheduler resourceNamespace: kube-system retryPeriod: 2s parallelism: 16 percentageOfNodesToScore: 0 podInitialBackoffSeconds: 1 podMaxBackoffSeconds: 10 profiles:
  • pluginConfig:
    • args: apiVersion: kubescheduler.config.k8s.io/v1 kind: DefaultPreemptionArgs minCandidateNodesAbsolute: 100 minCandidateNodesPercentage: 10 name: DefaultPreemption
    • args: apiVersion: kubescheduler.config.k8s.io/v1 hardPodAffinityWeight: 1 kind: InterPodAffinityArgs name: InterPodAffinity
    • args: apiVersion: kubescheduler.config.k8s.io/v1 kind: NodeAffinityArgs name: NodeAffinity
    • args: apiVersion: kubescheduler.config.k8s.io/v1 kind: NodeResourcesBalancedAllocationArgs resources:
      • name: cpu weight: 1
      • name: memory weight: 1 name: NodeResourcesBalancedAllocation
    • args: apiVersion: kubescheduler.config.k8s.io/v1 kind: NodeResourcesFitArgs scoringStrategy: resources:
      • name: cpu weight: 1
      • name: memory weight: 1 type: LeastAllocated name: NodeResourcesFit
    • args: apiVersion: kubescheduler.config.k8s.io/v1 defaultingType: System kind: PodTopologySpreadArgs name: PodTopologySpread
    • args: apiVersion: kubescheduler.config.k8s.io/v1 bindTimeoutSeconds: 600 kind: VolumeBindingArgs name: VolumeBinding plugins: bind: {} filter: {} multiPoint: enabled:
      • name: PrioritySort weight: 0
      • name: NodeUnschedulable weight: 0
      • name: NodeName weight: 0
      • name: TaintToleration weight: 3
      • name: NodeAffinity weight: 2
      • name: NodePorts weight: 0
      • name: NodeResourcesFit weight: 1
      • name: VolumeRestrictions weight: 0
      • name: EBSLimits weight: 0
      • name: GCEPDLimits weight: 0
      • name: NodeVolumeLimits weight: 0
      • name: AzureDiskLimits weight: 0
      • name: VolumeBinding weight: 0
      • name: VolumeZone weight: 0
      • name: PodTopologySpread weight: 2
      • name: InterPodAffinity weight: 2
      • name: DefaultPreemption weight: 0
      • name: NodeResourcesBalancedAllocation weight: 1
      • name: ImageLocality weight: 1
      • name: DefaultBinder weight: 0 permit: {} postBind: {} postFilter: {} preBind: {} preEnqueue: {} preFilter: {} preScore: {} queueSort: {} reserve: {} score: {} schedulerName: default-scheduler

        I0830 22:08:14.206075 1 server.go:152] "Starting Kubernetes Scheduler" version="v1.26.6" I0830 22:08:14.206089 1 server.go:154] "Golang settings" GOGC="" GOMAXPROCS="" GOTRACEBACK="" I0830 22:08:14.209292 1 requestheader_controller.go:169] Starting RequestHeaderAuthRequestController I0830 22:08:14.209325 1 tlsconfig.go:200] "Loaded serving cert" certName="Generated self signed cert" certDetail="\"localhost@1693433293\" [serving] validServingFor=[127.0.0.1,localhost,localhost] issuer=\"localhost-ca@1693433293\" (2023-08-30 21:08:13 +0000 UTC to 2024-08-29 21:08:13 +0000 UTC (now=2023-08-30 22:08:14.209282731 +0000 UTC))" I0830 22:08:14.209332 1 configmap_cafile_content.go:202] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::client-ca-file" I0830 22:08:14.209378 1 shared_informer.go:270] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::client-ca-file I0830 22:08:14.209378 1 configmap_cafile_content.go:202] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file" I0830 22:08:14.209421 1 shared_informer.go:270] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file I0830 22:08:14.209330 1 shared_informer.go:270] Waiting for caches to sync for RequestHeaderAuthRequestController I0830 22:08:14.209583 1 named_certificates.go:53] "Loaded SNI cert" index=0 certName="self-signed loopback" certDetail="\"apiserver-loopback-client@1693433294\" [serving] validServingFor=[apiserver-loopback-client] issuer=\"apiserver-loopback-client-ca@1693433294\" (2023-08-30 21:08:13 +0000 UTC to 2024-08-29 21:08:13 +0000 UTC (now=2023-08-30 22:08:14.209540415 +0000 UTC))" I0830 22:08:14.209618 1 secure_serving.go:210] Serving securely on [::]:10259 I0830 22:08:14.209685 1 tlsconfig.go:240] "Starting DynamicServingCertificateController" I0830 22:08:14.310276 1 shared_informer.go:277] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::client-ca-file I0830 22:08:14.310337 1 leaderelection.go:248] attempting to acquire leader lease kube-system/kube-scheduler... I0830 22:08:14.310383 1 shared_informer.go:277] Caches are synced for RequestHeaderAuthRequestController I0830 22:08:14.310492 1 shared_informer.go:277] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file I0830 22:08:14.310718 1 tlsconfig.go:178] "Loaded client CA" index=0 certName="client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file" certDetail="\"kube-ca\" [] issuer=\"\" (2023-08-30 22:05:52 +0000 UTC to 2033-08-27 22:05:52 +0000 UTC (now=2023-08-30 22:08:14.310662214 +0000 UTC))" I0830 22:08:14.310922 1 tlsconfig.go:200] "Loaded serving cert" certName="Generated self signed cert" certDetail="\"localhost@1693433293\" [serving] validServingFor=[127.0.0.1,localhost,localhost] issuer=\"localhost-ca@1693433293\" (2023-08-30 21:08:13 +0000 UTC to 2024-08-29 21:08:13 +0000 UTC (now=2023-08-30 22:08:14.310897152 +0000 UTC))" I0830 22:08:14.311079 1 named_certificates.go:53] "Loaded SNI cert" index=0 certName="self-signed loopback" certDetail="\"apiserver-loopback-client@1693433294\" [serving] validServingFor=[apiserver-loopback-client] issuer=\"apiserver-loopback-client-ca@1693433294\" (2023-08-30 21:08:13 +0000 UTC to 2024-08-29 21:08:13 +0000 UTC (now=2023-08-30 22:08:14.311061128 +0000 UTC))" I0830 22:08:14.311152 1 tlsconfig.go:178] "Loaded client CA" index=0 certName="client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file" certDetail="\"kube-ca\" [] issuer=\"\" (2023-08-30 22:05:52 +0000 UTC to 2033-08-27 22:05:52 +0000 UTC (now=2023-08-30 22:08:14.311132642 +0000 UTC))" I0830 22:08:14.311191 1 tlsconfig.go:178] "Loaded client CA" index=1 certName="client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file" certDetail="\"kube-apiserver-requestheader-ca\" [] issuer=\"\" (2023-08-30 22:05:52 +0000 UTC to 2033-08-27 22:05:52 +0000 UTC (now=2023-08-30 22:08:14.311164164 +0000 UTC))" I0830 22:08:14.311338 1 tlsconfig.go:200] "Loaded serving cert" certName="Generated self signed cert" certDetail="\"localhost@1693433293\" [serving] validServingFor=[127.0.0.1,localhost,localhost] issuer=\"localhost-ca@1693433293\" (2023-08-30 21:08:13 +0000 UTC to 2024-08-29 21:08:13 +0000 UTC (now=2023-08-30 22:08:14.311319494 +0000 UTC))" I0830 22:08:14.311524 1 named_certificates.go:53] "Loaded SNI cert" index=0 certName="self-signed loopback" certDetail="\"apiserver-loopback-client@1693433294\" [serving] validServingFor=[apiserver-loopback-client] issuer=\"apiserver-loopback-client-ca@1693433294\" (2023-08-30 21:08:13 +0000 UTC to 2024-08-29 21:08:13 +0000 UTC (now=2023-08-30 22:08:14.311503663 +0000 UTC))" I0830 22:08:14.315539 1 leaderelection.go:258] successfully acquired lease kube-system/kube-scheduler I0830 22:08:31.363852 1 node_tree.go:65] "Added node in listed group to NodeTree" node="master" zone="" I0830 22:08:32.869630 1 node_tree.go:65] "Added node in listed group to NodeTree" node="worker1" zone=""

- kube-controller-manager

• echo kube-controller-manager --configure-cloud-routes=false --enable-hostpath-provisioner=false --node-monitor-grace-period=40s --authorization-kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-controller-manager.yaml --kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-controller-manager.yaml --terminated-pod-gc-threshold=1000 --allow-untagged-cloud=true --v=2 --service-account-private-key-file=/etc/kubernetes/ssl/kube-service-account-token-key.pem --profiling=false --pod-eviction-timeout=5m0s --root-ca-file=/etc/kubernetes/ssl/kube-ca.pem --allocate-node-cidrs=true --leader-elect=true --authentication-kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-controller-manager.yaml --cloud-provider= --cluster-cidr=10.42.0.0/16 --service-cluster-ip-range=10.43.0.0/16 --use-service-account-credentials=true
• grep -q cloud-provider=azure
• '[' kube-controller-manager = kube-proxy ']'
• '[' kube-controller-manager = kubelet ']'
• exec kube-controller-manager --configure-cloud-routes=false --enable-hostpath-provisioner=false --node-monitor-grace-period=40s --authorization-kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-controller-manager.yaml --kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-controller-manager.yaml --terminated-pod-gc-threshold=1000 --allow-untagged-cloud=true --v=2 --service-account-private-key-file=/etc/kubernetes/ssl/kube-service-account-token-key.pem --profiling=false --pod-eviction-timeout=5m0s --root-ca-file=/etc/kubernetes/ssl/kube-ca.pem --allocate-node-cidrs=true --leader-elect=true --authentication-kubeconfig=/etc/kubernetes/ssl/kubecfg-kube-controller-manager.yaml --cloud-provider= --cluster-cidr=10.42.0.0/16 --service-cluster-ip-range=10.43.0.0/16 --use-service-account-credentials=true Flag --allow-untagged-cloud has been deprecated, This flag is deprecated and will be removed in a future release. A cluster-id will be required on cloud instances. Flag --pod-eviction-timeout has been deprecated, This flag is deprecated and it will be removed in 1.27. Once taint manager is enabled, this flag has no effect. I0830 22:08:07.105118 1 flags.go:64] FLAG: --allocate-node-cidrs="true" I0830 22:08:07.105278 1 flags.go:64] FLAG: --allow-metric-labels="[]" I0830 22:08:07.105287 1 flags.go:64] FLAG: --allow-untagged-cloud="true" I0830 22:08:07.105291 1 flags.go:64] FLAG: --attach-detach-reconcile-sync-period="1m0s" I0830 22:08:07.105296 1 flags.go:64] FLAG: --authentication-kubeconfig="/etc/kubernetes/ssl/kubecfg-kube-controller-manager.yaml" I0830 22:08:07.105303 1 flags.go:64] FLAG: --authentication-skip-lookup="false" I0830 22:08:07.105307 1 flags.go:64] FLAG: --authentication-token-webhook-cache-ttl="10s" I0830 22:08:07.105311 1 flags.go:64] FLAG: --authentication-tolerate-lookup-failure="false" I0830 22:08:07.105315 1 flags.go:64] FLAG: --authorization-always-allow-paths="[/healthz,/readyz,/livez]" I0830 22:08:07.105323 1 flags.go:64] FLAG: --authorization-kubeconfig="/etc/kubernetes/ssl/kubecfg-kube-controller-manager.yaml" I0830 22:08:07.105328 1 flags.go:64] FLAG: --authorization-webhook-cache-authorized-ttl="10s" I0830 22:08:07.105332 1 flags.go:64] FLAG: --authorization-webhook-cache-unauthorized-ttl="10s" I0830 22:08:07.105336 1 flags.go:64] FLAG: --bind-address="0.0.0.0" I0830 22:08:07.105341 1 flags.go:64] FLAG: --cert-dir="" I0830 22:08:07.105345 1 flags.go:64] FLAG: --cidr-allocator-type="RangeAllocator" I0830 22:08:07.105349 1 flags.go:64] FLAG: --client-ca-file="" I0830 22:08:07.105353 1 flags.go:64] FLAG: --cloud-config="" I0830 22:08:07.105356 1 flags.go:64] FLAG: --cloud-provider="" I0830 22:08:07.105360 1 flags.go:64] FLAG: --cloud-provider-gce-lb-src-cidrs="130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16" I0830 22:08:07.105368 1 flags.go:64] FLAG: --cluster-cidr="10.42.0.0/16" I0830 22:08:07.105372 1 flags.go:64] FLAG: --cluster-name="kubernetes" I0830 22:08:07.105376 1 flags.go:64] FLAG: --cluster-signing-cert-file="" I0830 22:08:07.105379 1 flags.go:64] FLAG: --cluster-signing-duration="8760h0m0s" I0830 22:08:07.105384 1 flags.go:64] FLAG: --cluster-signing-key-file="" I0830 22:08:07.105387 1 flags.go:64] FLAG: --cluster-signing-kube-apiserver-client-cert-file="" I0830 22:08:07.105391 1 flags.go:64] FLAG: --cluster-signing-kube-apiserver-client-key-file="" I0830 22:08:07.105394 1 flags.go:64] FLAG: --cluster-signing-kubelet-client-cert-file="" I0830 22:08:07.105398 1 flags.go:64] FLAG: --cluster-signing-kubelet-client-key-file="" I0830 22:08:07.105401 1 flags.go:64] FLAG: --cluster-signing-kubelet-serving-cert-file="" I0830 22:08:07.105405 1 flags.go:64] FLAG: --cluster-signing-kubelet-serving-key-file="" I0830 22:08:07.105408 1 flags.go:64] FLAG: --cluster-signing-legacy-unknown-cert-file="" I0830 22:08:07.105412 1 flags.go:64] FLAG: --cluster-signing-legacy-unknown-key-file="" I0830 22:08:07.105415 1 flags.go:64] FLAG: --concurrent-deployment-syncs="5" I0830 22:08:07.105422 1 flags.go:64] FLAG: --concurrent-endpoint-syncs="5" I0830 22:08:07.105447 1 flags.go:64] FLAG: --concurrent-ephemeralvolume-syncs="5" I0830 22:08:07.105452 1 flags.go:64] FLAG: --concurrent-gc-syncs="20" I0830 22:08:07.105456 1 flags.go:64] FLAG: --concurrent-horizontal-pod-autoscaler-syncs="5" I0830 22:08:07.105460 1 flags.go:64] FLAG: --concurrent-namespace-syncs="10" I0830 22:08:07.105464 1 flags.go:64] FLAG: --concurrent-rc-syncs="5" I0830 22:08:07.105468 1 flags.go:64] FLAG: --concurrent-replicaset-syncs="5" I0830 22:08:07.105472 1 flags.go:64] FLAG: --concurrent-resource-quota-syncs="5" I0830 22:08:07.105476 1 flags.go:64] FLAG: --concurrent-service-endpoint-syncs="5" I0830 22:08:07.105480 1 flags.go:64] FLAG: --concurrent-service-syncs="1" I0830 22:08:07.105484 1 flags.go:64] FLAG: --concurrent-serviceaccount-token-syncs="5" I0830 22:08:07.105488 1 flags.go:64] FLAG: --concurrent-statefulset-syncs="5" I0830 22:08:07.105491 1 flags.go:64] FLAG: --concurrent-ttl-after-finished-syncs="5" I0830 22:08:07.105495 1 flags.go:64] FLAG: --configure-cloud-routes="false" I0830 22:08:07.105499 1 flags.go:64] FLAG: --contention-profiling="false" I0830 22:08:07.105504 1 flags.go:64] FLAG: --controller-start-interval="0s" I0830 22:08:07.105508 1 flags.go:64] FLAG: --controllers="[*]" I0830 22:08:07.105515 1 flags.go:64] FLAG: --disable-attach-detach-reconcile-sync="false" I0830 22:08:07.105519 1 flags.go:64] FLAG: --disabled-metrics="[]" I0830 22:08:07.105524 1 flags.go:64] FLAG: --enable-dynamic-provisioning="true" I0830 22:08:07.105528 1 flags.go:64] FLAG: --enable-garbage-collector="true" I0830 22:08:07.105532 1 flags.go:64] FLAG: --enable-hostpath-provisioner="false" I0830 22:08:07.105536 1 flags.go:64] FLAG: --enable-leader-migration="false" I0830 22:08:07.105540 1 flags.go:64] FLAG: --enable-taint-manager="true" I0830 22:08:07.105543 1 flags.go:64] FLAG: --endpoint-updates-batch-period="0s" I0830 22:08:07.105547 1 flags.go:64] FLAG: --endpointslice-updates-batch-period="0s" I0830 22:08:07.105551 1 flags.go:64] FLAG: --external-cloud-volume-plugin="" I0830 22:08:07.105555 1 flags.go:64] FLAG: --feature-gates="" I0830 22:08:07.105570 1 flags.go:64] FLAG: --flex-volume-plugin-dir="/usr/libexec/kubernetes/kubelet-plugins/volume/exec/" I0830 22:08:07.105575 1 flags.go:64] FLAG: --help="false" I0830 22:08:07.105579 1 flags.go:64] FLAG: --horizontal-pod-autoscaler-cpu-initialization-period="5m0s" I0830 22:08:07.105583 1 flags.go:64] FLAG: --horizontal-pod-autoscaler-downscale-delay="5m0s" I0830 22:08:07.105587 1 flags.go:64] FLAG: --horizontal-pod-autoscaler-downscale-stabilization="5m0s" I0830 22:08:07.105591 1 flags.go:64] FLAG: --horizontal-pod-autoscaler-initial-readiness-delay="30s" I0830 22:08:07.105594 1 flags.go:64] FLAG: --horizontal-pod-autoscaler-sync-period="15s" I0830 22:08:07.105598 1 flags.go:64] FLAG: --horizontal-pod-autoscaler-tolerance="0.1" I0830 22:08:07.105605 1 flags.go:64] FLAG: --horizontal-pod-autoscaler-upscale-delay="3m0s" I0830 22:08:07.105609 1 flags.go:64] FLAG: --http2-max-streams-per-connection="0" I0830 22:08:07.105614 1 flags.go:64] FLAG: --kube-api-burst="30" I0830 22:08:07.105618 1 flags.go:64] FLAG: --kube-api-content-type="application/vnd.kubernetes.protobuf" I0830 22:08:07.105623 1 flags.go:64] FLAG: --kube-api-qps="20" I0830 22:08:07.105628 1 flags.go:64] FLAG: --kubeconfig="/etc/kubernetes/ssl/kubecfg-kube-controller-manager.yaml" I0830 22:08:07.105633 1 flags.go:64] FLAG: --large-cluster-size-threshold="50" I0830 22:08:07.105637 1 flags.go:64] FLAG: --leader-elect="true" I0830 22:08:07.105641 1 flags.go:64] FLAG: --leader-elect-lease-duration="15s" I0830 22:08:07.105645 1 flags.go:64] FLAG: --leader-elect-renew-deadline="10s" I0830 22:08:07.105649 1 flags.go:64] FLAG: --leader-elect-resource-lock="leases" I0830 22:08:07.105653 1 flags.go:64] FLAG: --leader-elect-resource-name="kube-controller-manager" I0830 22:08:07.105657 1 flags.go:64] FLAG: --leader-elect-resource-namespace="kube-system" I0830 22:08:07.105661 1 flags.go:64] FLAG: --leader-elect-retry-period="2s" I0830 22:08:07.105665 1 flags.go:64] FLAG: --leader-migration-config="" I0830 22:08:07.105668 1 flags.go:64] FLAG: --log-flush-frequency="5s" I0830 22:08:07.105672 1 flags.go:64] FLAG: --log-json-info-buffer-size="0" I0830 22:08:07.105680 1 flags.go:64] FLAG: --log-json-split-stream="false" I0830 22:08:07.105684 1 flags.go:64] FLAG: --logging-format="text" I0830 22:08:07.105688 1 flags.go:64] FLAG: --master="" I0830 22:08:07.105691 1 flags.go:64] FLAG: --max-endpoints-per-slice="100" I0830 22:08:07.105696 1 flags.go:64] FLAG: --min-resync-period="12h0m0s" I0830 22:08:07.105700 1 flags.go:64] FLAG: --mirroring-concurrent-service-endpoint-syncs="5" I0830 22:08:07.105704 1 flags.go:64] FLAG: --mirroring-endpointslice-updates-batch-period="0s" I0830 22:08:07.105708 1 flags.go:64] FLAG: --mirroring-max-endpoints-per-subset="1000" I0830 22:08:07.105712 1 flags.go:64] FLAG: --namespace-sync-period="5m0s" I0830 22:08:07.105715 1 flags.go:64] FLAG: --node-cidr-mask-size="0" I0830 22:08:07.105730 1 flags.go:64] FLAG: --node-cidr-mask-size-ipv4="0" I0830 22:08:07.105734 1 flags.go:64] FLAG: --node-cidr-mask-size-ipv6="0" I0830 22:08:07.105737 1 flags.go:64] FLAG: --node-eviction-rate="0.1" I0830 22:08:07.105741 1 flags.go:64] FLAG: --node-monitor-grace-period="40s" I0830 22:08:07.105745 1 flags.go:64] FLAG: --node-monitor-period="5s" I0830 22:08:07.105749 1 flags.go:64] FLAG: --node-startup-grace-period="1m0s" I0830 22:08:07.105753 1 flags.go:64] FLAG: --node-sync-period="0s" I0830 22:08:07.105757 1 flags.go:64] FLAG: --permit-address-sharing="false" I0830 22:08:07.105761 1 flags.go:64] FLAG: --permit-port-sharing="false" I0830 22:08:07.105765 1 flags.go:64] FLAG: --pod-eviction-timeout="5m0s" I0830 22:08:07.105768 1 flags.go:64] FLAG: --profiling="false" I0830 22:08:07.105772 1 flags.go:64] FLAG: --pv-recycler-increment-timeout-nfs="30" I0830 22:08:07.105775 1 flags.go:64] FLAG: --pv-recycler-minimum-timeout-hostpath="60" I0830 22:08:07.105779 1 flags.go:64] FLAG: --pv-recycler-minimum-timeout-nfs="300" I0830 22:08:07.105783 1 flags.go:64] FLAG: --pv-recycler-pod-template-filepath-hostpath="" I0830 22:08:07.105787 1 flags.go:64] FLAG: --pv-recycler-pod-template-filepath-nfs="" I0830 22:08:07.105791 1 flags.go:64] FLAG: --pv-recycler-timeout-increment-hostpath="30" I0830 22:08:07.105794 1 flags.go:64] FLAG: --pvclaimbinder-sync-period="15s" I0830 22:08:07.105798 1 flags.go:64] FLAG: --requestheader-allowed-names="[]" I0830 22:08:07.105803 1 flags.go:64] FLAG: --requestheader-client-ca-file="" I0830 22:08:07.105812 1 flags.go:64] FLAG: --requestheader-extra-headers-prefix="[x-remote-extra-]" I0830 22:08:07.105818 1 flags.go:64] FLAG: --requestheader-group-headers="[x-remote-group]" I0830 22:08:07.105824 1 flags.go:64] FLAG: --requestheader-username-headers="[x-remote-user]" I0830 22:08:07.105829 1 flags.go:64] FLAG: --resource-quota-sync-period="5m0s" I0830 22:08:07.105833 1 flags.go:64] FLAG: --root-ca-file="/etc/kubernetes/ssl/kube-ca.pem" I0830 22:08:07.105837 1 flags.go:64] FLAG: --route-reconciliation-period="10s" I0830 22:08:07.105841 1 flags.go:64] FLAG: --secondary-node-eviction-rate="0.01" I0830 22:08:07.105845 1 flags.go:64] FLAG: --secure-port="10257" I0830 22:08:07.105849 1 flags.go:64] FLAG: --service-account-private-key-file="/etc/kubernetes/ssl/kube-service-account-token-key.pem" I0830 22:08:07.105854 1 flags.go:64] FLAG: --service-cluster-ip-range="10.43.0.0/16" I0830 22:08:07.105869 1 flags.go:64] FLAG: --show-hidden-metrics-for-version="" I0830 22:08:07.105872 1 flags.go:64] FLAG: --terminated-pod-gc-threshold="1000" I0830 22:08:07.105876 1 flags.go:64] FLAG: --tls-cert-file="" I0830 22:08:07.105880 1 flags.go:64] FLAG: --tls-cipher-suites="[]" I0830 22:08:07.105885 1 flags.go:64] FLAG: --tls-min-version="" I0830 22:08:07.105888 1 flags.go:64] FLAG: --tls-private-key-file="" I0830 22:08:07.105892 1 flags.go:64] FLAG: --tls-sni-cert-key="[]" I0830 22:08:07.105897 1 flags.go:64] FLAG: --unhealthy-zone-threshold="0.55" I0830 22:08:07.105901 1 flags.go:64] FLAG: --use-service-account-credentials="true" I0830 22:08:07.105905 1 flags.go:64] FLAG: --v="2" I0830 22:08:07.105910 1 flags.go:64] FLAG: --version="false" I0830 22:08:07.105930 1 flags.go:64] FLAG: --vmodule="" I0830 22:08:07.105935 1 flags.go:64] FLAG: --volume-host-allow-local-loopback="true" I0830 22:08:07.105939 1 flags.go:64] FLAG: --volume-host-cidr-denylist="[]" I0830 22:08:07.405398 1 serving.go:348] Generated self-signed cert in-memory I0830 22:08:07.785813 1 requestheader_controller.go:244] Loaded a new request header values for RequestHeaderAuthRequestController I0830 22:08:07.786841 1 controllermanager.go:182] Version: v1.26.6 I0830 22:08:07.786862 1 controllermanager.go:184] "Golang settings" GOGC="" GOMAXPROCS="" GOTRACEBACK="" I0830 22:08:07.789512 1 requestheader_controller.go:169] Starting RequestHeaderAuthRequestController I0830 22:08:07.789544 1 shared_informer.go:270] Waiting for caches to sync for RequestHeaderAuthRequestController I0830 22:08:07.789572 1 configmap_cafile_content.go:202] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::client-ca-file" I0830 22:08:07.789570 1 configmap_cafile_content.go:202] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file" I0830 22:08:07.789638 1 tlsconfig.go:200] "Loaded serving cert" certName="Generated self signed cert" certDetail="\"localhost@1693433287\" [serving] validServingFor=[127.0.0.1,localhost,localhost] issuer=\"localhost-ca@1693433287\" (2023-08-30 21:08:07 +0000 UTC to 2024-08-29 21:08:07 +0000 UTC (now=2023-08-30 22:08:07.78956296 +0000 UTC))" I0830 22:08:07.789649 1 shared_informer.go:270] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file I0830 22:08:07.789859 1 named_certificates.go:53] "Loaded SNI cert" index=0 certName="self-signed loopback" certDetail="\"apiserver-loopback-client@1693433287\" [serving] validServingFor=[apiserver-loopback-client] issuer=\"apiserver-loopback-client-ca@1693433287\" (2023-08-30 21:08:07 +0000 UTC to 2024-08-29 21:08:07 +0000 UTC (now=2023-08-30 22:08:07.789815309 +0000 UTC))" I0830 22:08:07.789893 1 secure_serving.go:210] Serving securely on [::]:10257 I0830 22:08:07.789631 1 shared_informer.go:270] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::client-ca-file I0830 22:08:07.790092 1 tlsconfig.go:240] "Starting DynamicServingCertificateController" I0830 22:08:07.790217 1 leaderelection.go:248] attempting to acquire leader lease kube-system/kube-controller-manager... I0830 22:08:07.803050 1 leaderelection.go:258] successfully acquired lease kube-system/kube-controller-manager I0830 22:08:07.803266 1 event.go:294] "Event occurred" object="kube-system/kube-controller-manager" fieldPath="" kind="Lease" apiVersion="coordination.k8s.io/v1" type="Normal" reason="LeaderElection" message="localhost.localdomain_42bf8d78-b7f3-4f5d-b1bb-3847e666474f became leader" I0830 22:08:07.815562 1 controllermanager.go:593] Starting "csrapproving" I0830 22:08:07.815594 1 shared_informer.go:270] Waiting for caches to sync for tokens I0830 22:08:07.824821 1 controllermanager.go:622] Started "csrapproving" I0830 22:08:07.824836 1 controllermanager.go:593] Starting "persistentvolume-binder" I0830 22:08:07.824953 1 certificate_controller.go:112] Starting certificate controller "csrapproving" I0830 22:08:07.824971 1 shared_informer.go:270] Waiting for caches to sync for certificate-csrapproving I0830 22:08:07.831468 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/host-path" I0830 22:08:07.831487 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/nfs" I0830 22:08:07.831505 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/rbd" I0830 22:08:07.831515 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/aws-ebs" I0830 22:08:07.831525 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/gce-pd" I0830 22:08:07.831534 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/azure-disk" I0830 22:08:07.831556 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/vsphere-volume" I0830 22:08:07.831576 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/portworx-volume" I0830 22:08:07.831589 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/azure-file" I0830 22:08:07.831602 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/local-volume" I0830 22:08:07.831631 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/csi" I0830 22:08:07.831721 1 controllermanager.go:622] Started "persistentvolume-binder" I0830 22:08:07.831732 1 controllermanager.go:593] Starting "resourcequota" I0830 22:08:07.831909 1 pv_controller_base.go:318] Starting persistent volume controller I0830 22:08:07.831926 1 shared_informer.go:270] Waiting for caches to sync for persistent volume I0830 22:08:07.857603 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for statefulsets.apps I0830 22:08:07.857675 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for cronjobs.batch I0830 22:08:07.857733 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for poddisruptionbudgets.policy I0830 22:08:07.857762 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for leases.coordination.k8s.io I0830 22:08:07.857798 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for deployments.apps I0830 22:08:07.857824 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for daemonsets.apps I0830 22:08:07.857856 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for horizontalpodautoscalers.autoscaling I0830 22:08:07.857892 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for networkpolicies.networking.k8s.io I0830 22:08:07.857966 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for csistoragecapacities.storage.k8s.io I0830 22:08:07.857999 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for endpoints W0830 22:08:07.858012 1 shared_informer.go:548] resyncPeriod 14h29m16.470695061s is smaller than resyncCheckPeriod 16h38m26.712979715s and the informer has already started. Changing it to 16h38m26.712979715s I0830 22:08:07.858058 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for serviceaccounts I0830 22:08:07.858146 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for controllerrevisions.apps I0830 22:08:07.858177 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for jobs.batch W0830 22:08:07.858190 1 shared_informer.go:548] resyncPeriod 15h5m8.184864148s is smaller than resyncCheckPeriod 16h38m26.712979715s and the informer has already started. Changing it to 16h38m26.712979715s I0830 22:08:07.858233 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for endpointslices.discovery.k8s.io I0830 22:08:07.858260 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for ingresses.networking.k8s.io I0830 22:08:07.858307 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for limitranges I0830 22:08:07.858346 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for roles.rbac.authorization.k8s.io I0830 22:08:07.858374 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for rolebindings.rbac.authorization.k8s.io I0830 22:08:07.858398 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for podtemplates I0830 22:08:07.858478 1 resource_quota_monitor.go:218] QuotaMonitor created object count evaluator for replicasets.apps I0830 22:08:07.858525 1 controllermanager.go:622] Started "resourcequota" I0830 22:08:07.858537 1 controllermanager.go:593] Starting "serviceaccount" I0830 22:08:07.858545 1 resource_quota_controller.go:277] Starting resource quota controller I0830 22:08:07.858561 1 shared_informer.go:270] Waiting for caches to sync for resource quota I0830 22:08:07.858586 1 resource_quota_monitor.go:295] QuotaMonitor running I0830 22:08:07.864186 1 resource_quota_controller.go:443] syncing resource quota controller with updated resources from discovery: added: [/v1, Resource=configmaps /v1, Resource=endpoints /v1, Resource=events /v1, Resource=limitranges /v1, Resource=persistentvolumeclaims /v1, Resource=pods /v1, Resource=podtemplates /v1, Resource=replicationcontrollers /v1, Resource=resourcequotas /v1, Resource=secrets /v1, Resource=serviceaccounts /v1, Resource=services apps/v1, Resource=controllerrevisions apps/v1, Resource=daemonsets apps/v1, Resource=deployments apps/v1, Resource=replicasets apps/v1, Resource=statefulsets autoscaling/v2, Resource=horizontalpodautoscalers batch/v1, Resource=cronjobs batch/v1, Resource=jobs coordination.k8s.io/v1, Resource=leases discovery.k8s.io/v1, Resource=endpointslices events.k8s.io/v1, Resource=events networking.k8s.io/v1, Resource=ingresses networking.k8s.io/v1, Resource=networkpolicies policy/v1, Resource=poddisruptionbudgets rbac.authorization.k8s.io/v1, Resource=rolebindings rbac.authorization.k8s.io/v1, Resource=roles storage.k8s.io/v1, Resource=csistoragecapacities], removed: [] I0830 22:08:07.865390 1 controllermanager.go:622] Started "serviceaccount" I0830 22:08:07.865419 1 controllermanager.go:593] Starting "job" I0830 22:08:07.865474 1 serviceaccounts_controller.go:111] Starting service account controller I0830 22:08:07.865487 1 shared_informer.go:270] Waiting for caches to sync for service account I0830 22:08:07.871589 1 controllermanager.go:622] Started "job" I0830 22:08:07.871605 1 controllermanager.go:593] Starting "pv-protection" I0830 22:08:07.871782 1 job_controller.go:191] Starting job controller I0830 22:08:07.871794 1 shared_informer.go:270] Waiting for caches to sync for job I0830 22:08:07.877500 1 controllermanager.go:622] Started "pv-protection" I0830 22:08:07.877515 1 controllermanager.go:593] Starting "ttl-after-finished" I0830 22:08:07.877587 1 pv_protection_controller.go:75] Starting PV protection controller I0830 22:08:07.877602 1 shared_informer.go:270] Waiting for caches to sync for PV protection I0830 22:08:07.883512 1 controllermanager.go:622] Started "ttl-after-finished" I0830 22:08:07.883532 1 controllermanager.go:593] Starting "deployment" I0830 22:08:07.883633 1 ttlafterfinished_controller.go:104] Starting TTL after finished controller I0830 22:08:07.883648 1 shared_informer.go:270] Waiting for caches to sync for TTL after finished I0830 22:08:07.889382 1 controllermanager.go:622] Started "deployment" I0830 22:08:07.889399 1 controllermanager.go:593] Starting "replicaset" I0830 22:08:07.889561 1 deployment_controller.go:154] "Starting controller" controller="deployment" I0830 22:08:07.889586 1 shared_informer.go:270] Waiting for caches to sync for deployment I0830 22:08:07.889591 1 shared_informer.go:277] Caches are synced for RequestHeaderAuthRequestController I0830 22:08:07.889703 1 shared_informer.go:277] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file I0830 22:08:07.889916 1 tlsconfig.go:178] "Loaded client CA" index=0 certName="client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file" certDetail="\"kube-apiserver-requestheader-ca\" [] issuer=\"\" (2023-08-30 22:05:52 +0000 UTC to 2033-08-27 22:05:52 +0000 UTC (now=2023-08-30 22:08:07.889888636 +0000 UTC))" I0830 22:08:07.890111 1 tlsconfig.go:200] "Loaded serving cert" certName="Generated self signed cert" certDetail="\"localhost@1693433287\" [serving] validServingFor=[127.0.0.1,localhost,localhost] issuer=\"localhost-ca@1693433287\" (2023-08-30 21:08:07 +0000 UTC to 2024-08-29 21:08:07 +0000 UTC (now=2023-08-30 22:08:07.890089496 +0000 UTC))" I0830 22:08:07.890238 1 shared_informer.go:277] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::client-ca-file I0830 22:08:07.890256 1 named_certificates.go:53] "Loaded SNI cert" index=0 certName="self-signed loopback" certDetail="\"apiserver-loopback-client@1693433287\" [serving] validServingFor=[apiserver-loopback-client] issuer=\"apiserver-loopback-client-ca@1693433287\" (2023-08-30 21:08:07 +0000 UTC to 2024-08-29 21:08:07 +0000 UTC (now=2023-08-30 22:08:07.890232477 +0000 UTC))" I0830 22:08:07.890475 1 tlsconfig.go:178] "Loaded client CA" index=0 certName="client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file" certDetail="\"kube-ca\" [] issuer=\"\" (2023-08-30 22:05:52 +0000 UTC to 2033-08-27 22:05:52 +0000 UTC (now=2023-08-30 22:08:07.89042403 +0000 UTC))" I0830 22:08:07.890514 1 tlsconfig.go:178] "Loaded client CA" index=1 certName="client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file" certDetail="\"kube-apiserver-requestheader-ca\" [] issuer=\"\" (2023-08-30 22:05:52 +0000 UTC to 2033-08-27 22:05:52 +0000 UTC (now=2023-08-30 22:08:07.890493207 +0000 UTC))" I0830 22:08:07.890716 1 tlsconfig.go:200] "Loaded serving cert" certName="Generated self signed cert" certDetail="\"localhost@1693433287\" [serving] validServingFor=[127.0.0.1,localhost,localhost] issuer=\"localhost-ca@1693433287\" (2023-08-30 21:08:07 +0000 UTC to 2024-08-29 21:08:07 +0000 UTC (now=2023-08-30 22:08:07.890695866 +0000 UTC))" I0830 22:08:07.890874 1 named_certificates.go:53] "Loaded SNI cert" index=0 certName="self-signed loopback" certDetail="\"apiserver-loopback-client@1693433287\" [serving] validServingFor=[apiserver-loopback-client] issuer=\"apiserver-loopback-client-ca@1693433287\" (2023-08-30 21:08:07 +0000 UTC to 2024-08-29 21:08:07 +0000 UTC (now=2023-08-30 22:08:07.890851664 +0000 UTC))" I0830 22:08:07.895333 1 controllermanager.go:622] Started "replicaset" I0830 22:08:07.895348 1 controllermanager.go:593] Starting "persistentvolume-expander" I0830 22:08:07.895495 1 replica_set.go:201] Starting replicaset controller I0830 22:08:07.895505 1 shared_informer.go:270] Waiting for caches to sync for ReplicaSet I0830 22:08:07.916677 1 shared_informer.go:277] Caches are synced for tokens I0830 22:08:08.006803 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/vsphere-volume" I0830 22:08:08.006850 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/portworx-volume" I0830 22:08:08.006861 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/rbd" I0830 22:08:08.006884 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/aws-ebs" I0830 22:08:08.006895 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/gce-pd" I0830 22:08:08.006906 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/azure-disk" I0830 22:08:08.006926 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/azure-file" I0830 22:08:08.006945 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/fc" I0830 22:08:08.007063 1 controllermanager.go:622] Started "persistentvolume-expander" I0830 22:08:08.007077 1 controllermanager.go:593] Starting "csrsigning" I0830 22:08:08.007088 1 certificates.go:38] skipping CSR signer controller because no csr cert/key was specified W0830 22:08:08.007100 1 controllermanager.go:600] Skipping "csrsigning" W0830 22:08:08.007106 1 controllermanager.go:587] "bootstrapsigner" is disabled I0830 22:08:08.007112 1 controllermanager.go:593] Starting "clusterrole-aggregation" I0830 22:08:08.007152 1 expand_controller.go:340] Starting expand controller I0830 22:08:08.007161 1 shared_informer.go:270] Waiting for caches to sync for expand I0830 22:08:08.157088 1 controllermanager.go:622] Started "clusterrole-aggregation" I0830 22:08:08.157122 1 controllermanager.go:593] Starting "root-ca-cert-publisher" I0830 22:08:08.157194 1 clusterroleaggregation_controller.go:188] Starting ClusterRoleAggregator I0830 22:08:08.157212 1 shared_informer.go:270] Waiting for caches to sync for ClusterRoleAggregator I0830 22:08:08.307286 1 controllermanager.go:622] Started "root-ca-cert-publisher" I0830 22:08:08.307306 1 controllermanager.go:593] Starting "endpointslice" I0830 22:08:08.307350 1 publisher.go:101] Starting root CA certificate configmap publisher I0830 22:08:08.307358 1 shared_informer.go:270] Waiting for caches to sync for crt configmap I0830 22:08:08.457496 1 controllermanager.go:622] Started "endpointslice" I0830 22:08:08.457517 1 controllermanager.go:593] Starting "podgc" I0830 22:08:08.457621 1 endpointslice_controller.go:257] Starting endpoint slice controller I0830 22:08:08.457632 1 shared_informer.go:270] Waiting for caches to sync for endpoint_slice I0830 22:08:08.606660 1 controllermanager.go:622] Started "podgc" I0830 22:08:08.606708 1 controllermanager.go:593] Starting "statefulset" I0830 22:08:08.606789 1 gc_controller.go:102] Starting GC controller I0830 22:08:08.606808 1 shared_informer.go:270] Waiting for caches to sync for GC I0830 22:08:08.757259 1 controllermanager.go:622] Started "statefulset" W0830 22:08:08.757279 1 controllermanager.go:587] "tokencleaner" is disabled I0830 22:08:08.757301 1 controllermanager.go:593] Starting "attachdetach" I0830 22:08:08.757989 1 stateful_set.go:152] Starting stateful set controller I0830 22:08:08.758041 1 shared_informer.go:270] Waiting for caches to sync for stateful set W0830 22:08:08.907456 1 probe.go:268] Flexvolume plugin directory at /usr/libexec/kubernetes/kubelet-plugins/volume/exec/ does not exist. Recreating. I0830 22:08:08.908354 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/aws-ebs" I0830 22:08:08.908375 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/gce-pd" I0830 22:08:08.908412 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/azure-disk" I0830 22:08:08.908436 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/vsphere-volume" I0830 22:08:08.908467 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/portworx-volume" I0830 22:08:08.908492 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/rbd" I0830 22:08:08.908503 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/fc" I0830 22:08:08.908517 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/iscsi" I0830 22:08:08.908551 1 plugins.go:646] "Loaded volume plugin" pluginName="kubernetes.io/csi" I0830 22:08:08.908642 1 controllermanager.go:622] Started "attachdetach" I0830 22:08:08.908656 1 controllermanager.go:593] Starting "endpoint" I0830 22:08:08.908743 1 attach_detach_controller.go:328] Starting attach detach controller I0830 22:08:08.908768 1 shared_informer.go:270] Waiting for caches to sync for attach detach I0830 22:08:09.057108 1 controllermanager.go:622] Started "endpoint" I0830 22:08:09.057130 1 controllermanager.go:593] Starting "replicationcontroller" I0830 22:08:09.057229 1 endpoints_controller.go:178] Starting endpoint controller I0830 22:08:09.057245 1 shared_informer.go:270] Waiting for caches to sync for endpoint I0830 22:08:09.206974 1 controllermanager.go:622] Started "replicationcontroller" I0830 22:08:09.207010 1 controllermanager.go:593] Starting "daemonset" I0830 22:08:09.207130 1 replica_set.go:201] Starting replicationcontroller controller I0830 22:08:09.207142 1 shared_informer.go:270] Waiting for caches to sync for ReplicationController I0830 22:08:09.357065 1 controllermanager.go:622] Started "daemonset" I0830 22:08:09.357084 1 controllermanager.go:593] Starting "ttl" I0830 22:08:09.357237 1 daemon_controller.go:267] Starting daemon sets controller I0830 22:08:09.357249 1 shared_informer.go:270] Waiting for caches to sync for daemon sets I0830 22:08:09.507160 1 controllermanager.go:622] Started "ttl" I0830 22:08:09.507183 1 controllermanager.go:593] Starting "nodeipam" I0830 22:08:09.507257 1 ttl_controller.go:120] Starting TTL controller I0830 22:08:09.507269 1 shared_informer.go:270] Waiting for caches to sync for TTL I0830 22:08:19.669291 1 range_allocator.go:109] No Secondary Service CIDR provided. Skipping filtering out secondary service addresses. I0830 22:08:19.669352 1 controllermanager.go:622] Started "nodeipam" I0830 22:08:19.669372 1 controllermanager.go:593] Starting "cloud-node-lifecycle" I0830 22:08:19.669536 1 node_ipam_controller.go:155] Starting ipam controller I0830 22:08:19.669552 1 shared_informer.go:270] Waiting for caches to sync for node E0830 22:08:19.672219 1 core.go:207] failed to start cloud node lifecycle controller: no cloud provider provided W0830 22:08:19.672234 1 controllermanager.go:600] Skipping "cloud-node-lifecycle" I0830 22:08:19.672244 1 controllermanager.go:593] Starting "pvc-protection" I0830 22:08:19.679091 1 controllermanager.go:622] Started "pvc-protection" I0830 22:08:19.679109 1 controllermanager.go:593] Starting "endpointslicemirroring" I0830 22:08:19.679157 1 pvc_protection_controller.go:99] "Starting PVC protection controller" I0830 22:08:19.679176 1 shared_informer.go:270] Waiting for caches to sync for PVC protection I0830 22:08:19.685680 1 controllermanager.go:622] Started "endpointslicemirroring" I0830 22:08:19.685709 1 controllermanager.go:593] Starting "namespace" I0830 22:08:19.685868 1 endpointslicemirroring_controller.go:211] Starting EndpointSliceMirroring controller I0830 22:08:19.685896 1 shared_informer.go:270] Waiting for caches to sync for endpoint_slice_mirroring I0830 22:08:19.705563 1 controllermanager.go:622] Started "namespace" I0830 22:08:19.705590 1 controllermanager.go:593] Starting "cronjob" I0830 22:08:19.705638 1 namespace_controller.go:195] Starting namespace controller I0830 22:08:19.705652 1 shared_informer.go:270] Waiting for caches to sync for namespace I0830 22:08:19.712119 1 controllermanager.go:622] Started "cronjob" I0830 22:08:19.712153 1 controllermanager.go:593] Starting "service" I0830 22:08:19.712244 1 cronjob_controllerv2.go:137] "Starting cronjob controller v2" I0830 22:08:19.712265 1 shared_informer.go:270] Waiting for caches to sync for cronjob E0830 22:08:19.718318 1 core.go:92] Failed to start service controller: WARNING: no cloud provider provided, services of type LoadBalancer will fail W0830 22:08:19.718338 1 controllermanager.go:600] Skipping "service" I0830 22:08:19.718347 1 controllermanager.go:593] Starting "route" I0830 22:08:19.718354 1 core.go:217] Will not configure cloud provider routes for allocate-node-cidrs: true, configure-cloud-routes: false. W0830 22:08:19.718363 1 controllermanager.go:600] Skipping "route" I0830 22:08:19.718370 1 controllermanager.go:593] Starting "horizontalpodautoscaling" I0830 22:08:19.730250 1 controllermanager.go:622] Started "horizontalpodautoscaling" I0830 22:08:19.730268 1 controllermanager.go:593] Starting "disruption" I0830 22:08:19.730367 1 horizontal.go:181] Starting HPA controller I0830 22:08:19.730380 1 shared_informer.go:270] Waiting for caches to sync for HPA I0830 22:08:19.737903 1 controllermanager.go:622] Started "disruption" I0830 22:08:19.737921 1 controllermanager.go:593] Starting "csrcleaner" I0830 22:08:19.738000 1 disruption.go:424] Sending events to api server. I0830 22:08:19.738048 1 disruption.go:435] Starting disruption controller I0830 22:08:19.738056 1 shared_informer.go:270] Waiting for caches to sync for disruption I0830 22:08:19.739881 1 controllermanager.go:622] Started "csrcleaner" I0830 22:08:19.739902 1 controllermanager.go:593] Starting "garbagecollector" I0830 22:08:19.739966 1 cleaner.go:82] Starting CSR cleaner controller I0830 22:08:19.960276 1 garbagecollector.go:154] Starting garbage collector controller I0830 22:08:19.960294 1 shared_informer.go:270] Waiting for caches to sync for garbage collector I0830 22:08:19.960277 1 controllermanager.go:622] Started "garbagecollector" I0830 22:08:19.960320 1 graph_builder.go:291] GraphBuilder running I0830 22:08:19.960320 1 controllermanager.go:593] Starting "nodelifecycle" I0830 22:08:20.010325 1 node_lifecycle_controller.go:492] Controller will reconcile labels. I0830 22:08:20.010362 1 controllermanager.go:622] Started "nodelifecycle" I0830 22:08:20.010373 1 controllermanager.go:593] Starting "ephemeral-volume" I0830 22:08:20.010506 1 node_lifecycle_controller.go:527] Sending events to api server. I0830 22:08:20.010540 1 node_lifecycle_controller.go:538] Starting node controller I0830 22:08:20.010547 1 shared_informer.go:270] Waiting for caches to sync for taint I0830 22:08:20.169584 1 garbagecollector.go:220] syncing garbage collector with updated resources from discovery (attempt 1): added: [/v1, Resource=configmaps /v1, Resource=endpoints /v1, Resource=events /v1, Resource=limitranges /v1, Resource=namespaces /v1, Resource=nodes /v1, Resource=persistentvolumeclaims /v1, Resource=persistentvolumes /v1, Resource=pods /v1, Resource=podtemplates /v1, Resource=replicationcontrollers /v1, Resource=resourcequotas /v1, Resource=secrets /v1, Resource=serviceaccounts /v1, Resource=services admissionregistration.k8s.io/v1, Resource=mutatingwebhookconfigurations admissionregistration.k8s.io/v1, Resource=validatingwebhookconfigurations apiextensions.k8s.io/v1, Resource=customresourcedefinitions apiregistration.k8s.io/v1, Resource=apiservices apps/v1, Resource=controllerrevisions apps/v1, Resource=daemonsets apps/v1, Resource=deployments apps/v1, Resource=replicasets apps/v1, Resource=statefulsets autoscaling/v2, Resource=horizontalpodautoscalers batch/v1, Resource=cronjobs batch/v1, Resource=jobs certificates.k8s.io/v1, Resource=certificatesigningrequests coordination.k8s.io/v1, Resource=leases discovery.k8s.io/v1, Resource=endpointslices events.k8s.io/v1, Resource=events flowcontrol.apiserver.k8s.io/v1beta3, Resource=flowschemas flowcontrol.apiserver.k8s.io/v1beta3, Resource=prioritylevelconfigurations networking.k8s.io/v1, Resource=ingressclasses networking.k8s.io/v1, Resource=ingresses networking.k8s.io/v1, Resource=networkpolicies node.k8s.io/v1, Resource=runtimeclasses policy/v1, Resource=poddisruptionbudgets rbac.authorization.k8s.io/v1, Resource=clusterrolebindings rbac.authorization.k8s.io/v1, Resource=clusterroles rbac.authorization.k8s.io/v1, Resource=rolebindings rbac.authorization.k8s.io/v1, Resource=roles scheduling.k8s.io/v1, Resource=priorityclasses storage.k8s.io/v1, Resource=csidrivers storage.k8s.io/v1, Resource=csinodes storage.k8s.io/v1, Resource=csistoragecapacities storage.k8s.io/v1, Resource=storageclasses storage.k8s.io/v1, Resource=volumeattachments], removed: [] I0830 22:08:20.260747 1 controllermanager.go:622] Started "ephemeral-volume" I0830 22:08:20.260859 1 controller.go:169] Starting ephemeral volume controller I0830 22:08:20.260885 1 shared_informer.go:270] Waiting for caches to sync for ephemeral I0830 22:08:20.266143 1 shared_informer.go:270] Waiting for caches to sync for resource quota I0830 22:08:20.277676 1 shared_informer.go:277] Caches are synced for PV protection I0830 22:08:20.279684 1 shared_informer.go:277] Caches are synced for PVC protection I0830 22:08:20.281612 1 shared_informer.go:270] Waiting for caches to sync for garbage collector I0830 22:08:20.284038 1 shared_informer.go:277] Caches are synced for TTL after finished I0830 22:08:20.286626 1 shared_informer.go:277] Caches are synced for endpoint_slice_mirroring I0830 22:08:20.286642 1 endpointslicemirroring_controller.go:218] Starting 5 worker threads I0830 22:08:20.290150 1 shared_informer.go:277] Caches are synced for deployment I0830 22:08:20.296523 1 shared_informer.go:277] Caches are synced for ReplicaSet I0830 22:08:20.306758 1 shared_informer.go:277] Caches are synced for namespace I0830 22:08:20.306873 1 shared_informer.go:277] Caches are synced for GC I0830 22:08:20.308009 1 shared_informer.go:277] Caches are synced for expand I0830 22:08:20.308105 1 shared_informer.go:277] Caches are synced for crt configmap I0830 22:08:20.308138 1 shared_informer.go:277] Caches are synced for ReplicationController I0830 22:08:20.308180 1 shared_informer.go:277] Caches are synced for TTL I0830 22:08:20.310661 1 shared_informer.go:277] Caches are synced for taint I0830 22:08:20.310752 1 taint_manager.go:206] "Starting NoExecuteTaintManager" I0830 22:08:20.310811 1 taint_manager.go:211] "Sending events to api server" I0830 22:08:20.313048 1 shared_informer.go:277] Caches are synced for cronjob I0830 22:08:20.325533 1 shared_informer.go:277] Caches are synced for certificate-csrapproving I0830 22:08:20.332047 1 shared_informer.go:277] Caches are synced for persistent volume I0830 22:08:20.338169 1 shared_informer.go:277] Caches are synced for disruption I0830 22:08:20.357761 1 shared_informer.go:277] Caches are synced for endpoint_slice I0830 22:08:20.357856 1 shared_informer.go:277] Caches are synced for ClusterRoleAggregator I0830 22:08:20.357893 1 shared_informer.go:277] Caches are synced for endpoint I0830 22:08:20.361499 1 shared_informer.go:277] Caches are synced for ephemeral I0830 22:08:20.365541 1 shared_informer.go:277] Caches are synced for service account I0830 22:08:20.369691 1 shared_informer.go:277] Caches are synced for node I0830 22:08:20.369814 1 range_allocator.go:167] Sending events to api server. I0830 22:08:20.369845 1 range_allocator.go:171] Starting range CIDR allocator I0830 22:08:20.369856 1 shared_informer.go:270] Waiting for caches to sync for cidrallocator I0830 22:08:20.369867 1 shared_informer.go:277] Caches are synced for cidrallocator I0830 22:08:20.371842 1 shared_informer.go:277] Caches are synced for job I0830 22:08:20.408862 1 shared_informer.go:277] Caches are synced for attach detach I0830 22:08:20.431295 1 shared_informer.go:277] Caches are synced for HPA I0830 22:08:20.457611 1 shared_informer.go:277] Caches are synced for daemon sets I0830 22:08:20.458795 1 shared_informer.go:277] Caches are synced for stateful set I0830 22:08:20.466336 1 shared_informer.go:277] Caches are synced for resource quota I0830 22:08:20.466363 1 resource_quota_controller.go:462] synced quota controller I0830 22:08:20.559219 1 shared_informer.go:277] Caches are synced for resource quota I0830 22:08:20.882223 1 shared_informer.go:277] Caches are synced for garbage collector I0830 22:08:20.882259 1 garbagecollector.go:263] synced garbage collector I0830 22:08:20.961301 1 shared_informer.go:277] Caches are synced for garbage collector I0830 22:08:20.961325 1 garbagecollector.go:163] Garbage collector: all resource monitors have synced. Proceeding to collect garbage W0830 22:08:31.363977 1 actual_state_of_world.go:541] Failed to update statusUpdateNeeded field in actual state of world: Failed to set statusUpdateNeeded to needed true, because nodeName="master" does not exist I0830 22:08:31.363929 1 topologycache.go:216] Ignoring node master because it is not ready: [{MemoryPressure False 2023-08-30 22:08:31 +0000 UTC 2023-08-30 22:08:31 +0000 UTC KubeletHasSufficientMemory kubelet has sufficient memory available} {DiskPressure False 2023-08-30 22:08:31 +0000 UTC 2023-08-30 22:08:31 +0000 UTC KubeletHasNoDiskPressure kubelet has no disk pressure} {PIDPressure False 2023-08-30 22:08:31 +0000 UTC 2023-08-30 22:08:31 +0000 UTC KubeletHasSufficientPID kubelet has sufficient PID available} {Ready False 2023-08-30 22:08:31 +0000 UTC 2023-08-30 22:08:31 +0000 UTC KubeletNotReady [container runtime status check may not have completed yet, container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized, CSINode is not yet initialized]}] I0830 22:08:31.364033 1 topologycache.go:248] Insufficient node info for topology hints (0 zones, 0 CPU, true) I0830 22:08:31.371850 1 range_allocator.go:372] Set node master PodCIDR to [10.42.0.0/24] I0830 22:08:31.378675 1 ttl_controller.go:275] "Changed ttl annotation" node="master" new_ttl="0s" W0830 22:08:32.869597 1 actual_state_of_world.go:541] Failed to update statusUpdateNeeded field in actual state of world: Failed to set statusUpdateNeeded to needed true, because nodeName="worker1" does not exist I0830 22:08:32.869618 1 topologycache.go:216] Ignoring node worker1 because it is not ready: [{MemoryPressure False 2023-08-30 22:08:29 +0000 UTC 2023-08-30 22:08:29 +0000 UTC KubeletHasSufficientMemory kubelet has sufficient memory available} {DiskPressure False 2023-08-30 22:08:29 +0000 UTC 2023-08-30 22:08:29 +0000 UTC KubeletHasNoDiskPressure kubelet has no disk pressure} {PIDPressure False 2023-08-30 22:08:29 +0000 UTC 2023-08-30 22:08:29 +0000 UTC KubeletHasSufficientPID kubelet has sufficient PID available} {Ready False 2023-08-30 22:08:29 +0000 UTC 2023-08-30 22:08:29 +0000 UTC KubeletNotReady [container runtime status check may not have completed yet, container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized, CSINode is not yet initialized]}] I0830 22:08:32.869679 1 topologycache.go:216] Ignoring node master because it is not ready: [{MemoryPressure False 2023-08-30 22:08:31 +0000 UTC 2023-08-30 22:08:31 +0000 UTC KubeletHasSufficientMemory kubelet has sufficient memory available} {DiskPressure False 2023-08-30 22:08:31 +0000 UTC 2023-08-30 22:08:31 +0000 UTC KubeletHasNoDiskPressure kubelet has no disk pressure} {PIDPressure False 2023-08-30 22:08:31 +0000 UTC 2023-08-30 22:08:31 +0000 UTC KubeletHasSufficientPID kubelet has sufficient PID available} {Ready False 2023-08-30 22:08:31 +0000 UTC 2023-08-30 22:08:31 +0000 UTC KubeletNotReady [container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized, CSINode is not yet initialized]}] I0830 22:08:32.869709 1 topologycache.go:248] Insufficient node info for topology hints (0 zones, 0 CPU, true) I0830 22:08:32.876115 1 range_allocator.go:372] Set node worker1 PodCIDR to [10.42.1.0/24] I0830 22:08:32.881387 1 ttl_controller.go:275] "Changed ttl annotation" node="worker1" new_ttl="0s" I0830 22:08:35.311935 1 node_lifecycle_controller.go:810] Controller observed a new Node: "master" I0830 22:08:35.312008 1 controller_utils.go:168] "Recording event message for node" event="Registered Node master in Controller" node="master" I0830 22:08:35.312047 1 node_lifecycle_controller.go:1438] Initializing eviction metric for zone: I0830 22:08:35.312071 1 node_lifecycle_controller.go:810] Controller observed a new Node: "worker1" I0830 22:08:35.312084 1 controller_utils.go:168] "Recording event message for node" event="Registered Node worker1 in Controller" node="worker1" W0830 22:08:35.312123 1 node_lifecycle_controller.go:1053] Missing timestamp for Node master. Assuming now as a timestamp. I0830 22:08:35.312165 1 node_lifecycle_controller.go:909] Node master is NotReady as of 2023-08-30 22:08:35.312140286 +0000 UTC m=+28.273374840. Adding it to the Taint queue. W0830 22:08:35.312226 1 node_lifecycle_controller.go:1053] Missing timestamp for Node worker1. Assuming now as a timestamp. I0830 22:08:35.312238 1 event.go:294] "Event occurred" object="master" fieldPath="" kind="Node" apiVersion="v1" type="Normal" reason="RegisteredNode" message="Node master event: Registered Node master in Controller" I0830 22:08:35.312251 1 node_lifecycle_controller.go:909] Node worker1 is NotReady as of 2023-08-30 22:08:35.312242737 +0000 UTC m=+28.273477297. Adding it to the Taint queue. I0830 22:08:35.312257 1 event.go:294] "Event occurred" object="worker1" fieldPath="" kind="Node" apiVersion="v1" type="Normal" reason="RegisteredNode" message="Node worker1 event: Registered Node worker1 in Controller" I0830 22:08:35.312270 1 node_lifecycle_controller.go:1204] Controller detected that all Nodes are not-Ready. Entering master disruption mode. I0830 22:08:40.312715 1 node_lifecycle_controller.go:909] Node master is NotReady as of 2023-08-30 22:08:40.312691571 +0000 UTC m=+33.273926123. Adding it to the Taint queue. I0830 22:08:40.312789 1 node_lifecycle_controller.go:909] Node worker1 is NotReady as of 2023-08-30 22:08:40.312782403 +0000 UTC m=+33.274016954. Adding it to the Taint queue. I0830 22:08:44.021018 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:44.033558 1 event.go:294] "Event occurred" object="kube-system/rke-network-plugin-deploy-job" fieldPath="" kind="Job" apiVersion="batch/v1" type="Normal" reason="SuccessfulCreate" message="Created pod: rke-network-plugin-deploy-job-mhdvh" I0830 22:08:44.033589 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:44.033674 1 controller_utils.go:120] "Update ready status of pods on node" node="master" I0830 22:08:44.037671 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:44.060346 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:45.212826 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:45.313979 1 node_lifecycle_controller.go:909] Node master is NotReady as of 2023-08-30 22:08:45.313950958 +0000 UTC m=+38.275185536. Adding it to the Taint queue. I0830 22:08:45.314081 1 node_lifecycle_controller.go:909] Node worker1 is NotReady as of 2023-08-30 22:08:45.314067302 +0000 UTC m=+38.275301877. Adding it to the Taint queue. I0830 22:08:47.233850 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:48.239393 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:48.239628 1 controller_utils.go:120] "Update ready status of pods on node" node="master" I0830 22:08:48.239840 1 event.go:294] "Event occurred" object="kube-system/rke-network-plugin-deploy-job" fieldPath="" kind="Job" apiVersion="batch/v1" type="Normal" reason="SuccessfulCreate" message="Created pod: rke-network-plugin-deploy-job-wfggk" I0830 22:08:48.244658 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:48.249040 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:48.251505 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:48.255614 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job E0830 22:08:48.255982 1 job_controller.go:549] syncing job: failed pod(s) detected for job key "kube-system/rke-network-plugin-deploy-job" I0830 22:08:49.253669 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:50.315188 1 node_lifecycle_controller.go:909] Node worker1 is NotReady as of 2023-08-30 22:08:50.315154962 +0000 UTC m=+43.276389543. Adding it to the Taint queue. I0830 22:08:50.315312 1 node_lifecycle_controller.go:909] Node master is NotReady as of 2023-08-30 22:08:50.315297799 +0000 UTC m=+43.276532377. Adding it to the Taint queue. I0830 22:08:51.036214 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:08:55.316217 1 node_lifecycle_controller.go:909] Node master is NotReady as of 2023-08-30 22:08:55.316181652 +0000 UTC m=+48.277416233. Adding it to the Taint queue. I0830 22:08:55.316370 1 node_lifecycle_controller.go:909] Node worker1 is NotReady as of 2023-08-30 22:08:55.316360382 +0000 UTC m=+48.277594937. Adding it to the Taint queue. I0830 22:09:00.317554 1 node_lifecycle_controller.go:909] Node master is NotReady as of 2023-08-30 22:09:00.317516109 +0000 UTC m=+53.278750691. Adding it to the Taint queue. I0830 22:09:00.317674 1 node_lifecycle_controller.go:909] Node worker1 is NotReady as of 2023-08-30 22:09:00.317659639 +0000 UTC m=+53.278894214. Adding it to the Taint queue. I0830 22:09:01.042597 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:09:01.042739 1 controller_utils.go:120] "Update ready status of pods on node" node="master" I0830 22:09:01.043308 1 event.go:294] "Event occurred" object="kube-system/rke-network-plugin-deploy-job" fieldPath="" kind="Job" apiVersion="batch/v1" type="Normal" reason="SuccessfulCreate" message="Created pod: rke-network-plugin-deploy-job-69nwh" I0830 22:09:01.048711 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:09:01.053954 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:09:01.056547 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:09:01.060889 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job E0830 22:09:01.061029 1 job_controller.go:549] syncing job: failed pod(s) detected for job key "kube-system/rke-network-plugin-deploy-job" I0830 22:09:02.370960 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:09:04.402275 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job I0830 22:09:05.317947 1 node_lifecycle_controller.go:909] Node master is NotReady as of 2023-08-30 22:09:05.317911035 +0000 UTC m=+58.279145616. Adding it to the Taint queue. I0830 22:09:05.318073 1 node_lifecycle_controller.go:909] Node worker1 is NotReady as of 2023-08-30 22:09:05.318058432 +0000 UTC m=+58.279293010. Adding it to the Taint queue. I0830 22:09:10.318275 1 node_lifecycle_controller.go:909] Node master is NotReady as of 2023-08-30 22:09:10.318248226 +0000 UTC m=+63.279482775. Adding it to the Taint queue. I0830 22:09:10.318396 1 node_lifecycle_controller.go:909] Node worker1 is NotReady as of 2023-08-30 22:09:10.318386739 +0000 UTC m=+63.279621291. Adding it to the Taint queue. I0830 22:09:15.318963 1 node_lifecycle_controller.go:909] Node master is NotReady as of 2023-08-30 22:09:15.318938135 +0000 UTC m=+68.280172689. Adding it to the Taint queue. I0830 22:09:15.319066 1 node_lifecycle_controller.go:909] Node worker1 is NotReady as of 2023-08-30 22:09:15.319057794 +0000 UTC m=+68.280292343. Adding it to the Taint queue. I0830 22:09:20.319858 1 node_lifecycle_controller.go:909] Node worker1 is NotReady as of 2023-08-30 22:09:20.319826023 +0000 UTC m=+73.281060598. Adding it to the Taint queue. I0830 22:09:20.319982 1 node_lifecycle_controller.go:909] Node master is NotReady as of 2023-08-30 22:09:20.31996606 +0000 UTC m=+73.281200638. Adding it to the Taint queue. I0830 22:09:24.413187 1 job_controller.go:514] enqueueing job kube-system/rke-network-plugin-deploy-job

-kube-apiserver

• grep -q cloud-provider=azure
• echo kube-apiserver --tls-private-key-file=/etc/kubernetes/ssl/kube-apiserver-key.pem --service-account-lookup=true --authorization-mode=Node,RBAC --audit-log-maxbackup=10 --service-cluster-ip-range=10.43.0.0/16 --service-node-port-range=30000-32767 --runtime-config=authorization.k8s.io/v1beta1=true --enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota,NodeRestriction,Priority,TaintNodesByCondition,PersistentVolumeClaimResize --allow-privileged=true --service-account-signing-key-file=/etc/kubernetes/ssl/kube-service-account-token-key.pem --tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 --audit-log-maxage=30 --cloud-provider= --etcd-certfile=/etc/kubernetes/ssl/kube-node.pem --kubelet-client-key=/etc/kubernetes/ssl/kube-apiserver-key.pem --secure-port=6443 --audit-log-format=json --requestheader-allowed-names=kube-apiserver-proxy-client --anonymous-auth=false --bind-address=0.0.0.0 --requestheader-group-headers=X-Remote-Group --admission-control-config-file=/etc/kubernetes/admission.yaml --etcd-servers=https://192.168.137.65:2379 --tls-cert-file=/etc/kubernetes/ssl/kube-apiserver.pem --requestheader-username-headers=X-Remote-User --advertise-address=192.168.137.65 --client-ca-file=/etc/kubernetes/ssl/kube-ca.pem --etcd-cafile=/etc/kubernetes/ssl/kube-ca.pem --requestheader-client-ca-file=/etc/kubernetes/ssl/kube-apiserver-requestheader-ca.pem --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname --audit-log-path=/var/log/kube-audit/audit-log.json --proxy-client-key-file=/etc/kubernetes/ssl/kube-apiserver-proxy-client-key.pem --api-audiences=unknown --profiling=false --requestheader-extra-headers-prefix=X-Remote-Extra- --service-account-key-file=/etc/kubernetes/ssl/kube-service-account-token-key.pem --service-account-issuer=rke --storage-backend=etcd3 --audit-log-maxsize=100 --etcd-keyfile=/etc/kubernetes/ssl/kube-node-key.pem --etcd-prefix=/registry --kubelet-client-certificate=/etc/kubernetes/ssl/kube-apiserver.pem --proxy-client-cert-file=/etc/kubernetes/ssl/kube-apiserver-proxy-client.pem --audit-policy-file=/etc/kubernetes/audit-policy.yaml
• '[' kube-apiserver = kube-proxy ']'
• '[' kube-apiserver = kubelet ']'
• exec kube-apiserver --tls-private-key-file=/etc/kubernetes/ssl/kube-apiserver-key.pem --service-account-lookup=true --authorization-mode=Node,RBAC --audit-log-maxbackup=10 --service-cluster-ip-range=10.43.0.0/16 --service-node-port-range=30000-32767 --runtime-config=authorization.k8s.io/v1beta1=true --enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota,NodeRestriction,Priority,TaintNodesByCondition,PersistentVolumeClaimResize --allow-privileged=true --service-account-signing-key-file=/etc/kubernetes/ssl/kube-service-account-token-key.pem --tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 --audit-log-maxage=30 --cloud-provider= --etcd-certfile=/etc/kubernetes/ssl/kube-node.pem --kubelet-client-key=/etc/kubernetes/ssl/kube-apiserver-key.pem --secure-port=6443 --audit-log-format=json --requestheader-allowed-names=kube-apiserver-proxy-client --anonymous-auth=false --bind-address=0.0.0.0 --requestheader-group-headers=X-Remote-Group --admission-control-config-file=/etc/kubernetes/admission.yaml --etcd-servers=https://192.168.137.65:2379 --tls-cert-file=/etc/kubernetes/ssl/kube-apiserver.pem --requestheader-username-headers=X-Remote-User --advertise-address=192.168.137.65 --client-ca-file=/etc/kubernetes/ssl/kube-ca.pem --etcd-cafile=/etc/kubernetes/ssl/kube-ca.pem --requestheader-client-ca-file=/etc/kubernetes/ssl/kube-apiserver-requestheader-ca.pem --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname --audit-log-path=/var/log/kube-audit/audit-log.json --proxy-client-key-file=/etc/kubernetes/ssl/kube-apiserver-proxy-client-key.pem --api-audiences=unknown --profiling=false --requestheader-extra-headers-prefix=X-Remote-Extra- --service-account-key-file=/etc/kubernetes/ssl/kube-service-account-token-key.pem --service-account-issuer=rke --storage-backend=etcd3 --audit-log-maxsize=100 --etcd-keyfile=/etc/kubernetes/ssl/kube-node-key.pem --etcd-prefix=/registry --kubelet-client-certificate=/etc/kubernetes/ssl/kube-apiserver.pem --proxy-client-cert-file=/etc/kubernetes/ssl/kube-apiserver-proxy-client.pem --audit-policy-file=/etc/kubernetes/audit-policy.yaml I0830 22:08:00.975015 1 server.go:557] external host was not specified, using 192.168.137.65 I0830 22:08:00.975960 1 server.go:164] Version: v1.26.6 I0830 22:08:00.976002 1 server.go:166] "Golang settings" GOGC="" GOMAXPROCS="" GOTRACEBACK="" I0830 22:08:01.426976 1 shared_informer.go:270] Waiting for caches to sync for node_authorizer I0830 22:08:01.429175 1 plugins.go:158] Loaded 12 mutating admission controller(s) successfully in the following order: NamespaceLifecycle,LimitRanger,ServiceAccount,NodeRestriction,TaintNodesByCondition,Priority,DefaultTolerationSeconds,DefaultStorageClass,StorageObjectInUseProtection,RuntimeClass,DefaultIngressClass,MutatingAdmissionWebhook. I0830 22:08:01.429214 1 plugins.go:161] Loaded 12 validating admission controller(s) successfully in the following order: LimitRanger,ServiceAccount,PodSecurity,Priority,PersistentVolumeClaimResize,RuntimeClass,CertificateApproval,CertificateSigning,CertificateSubjectRestriction,ValidatingAdmissionPolicy,ValidatingAdmissionWebhook,ResourceQuota. W0830 22:08:01.476096 1 genericapiserver.go:660] Skipping API apiextensions.k8s.io/v1beta1 because it has no resources. I0830 22:08:01.477075 1 instance.go:277] Using reconciler: lease E0830 22:08:01.486777 1 instance.go:384] Could not construct pre-rendered responses for ServiceAccountIssuerDiscovery endpoints. Endpoints will not be enabled. Error: issuer URL must use https scheme, got: rke I0830 22:08:01.714227 1 instance.go:621] API group "internal.apiserver.k8s.io" is not enabled, skipping. I0830 22:08:02.056534 1 instance.go:621] API group "resource.k8s.io" is not enabled, skipping. W0830 22:08:02.147181 1 genericapiserver.go:660] Skipping API authentication.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.147207 1 genericapiserver.go:660] Skipping API authentication.k8s.io/v1alpha1 because it has no resources. W0830 22:08:02.149288 1 genericapiserver.go:660] Skipping API authorization.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.153794 1 genericapiserver.go:660] Skipping API autoscaling/v2beta1 because it has no resources. W0830 22:08:02.153809 1 genericapiserver.go:660] Skipping API autoscaling/v2beta2 because it has no resources. W0830 22:08:02.156538 1 genericapiserver.go:660] Skipping API batch/v1beta1 because it has no resources. W0830 22:08:02.158682 1 genericapiserver.go:660] Skipping API certificates.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.160540 1 genericapiserver.go:660] Skipping API coordination.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.160629 1 genericapiserver.go:660] Skipping API discovery.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.165433 1 genericapiserver.go:660] Skipping API networking.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.165445 1 genericapiserver.go:660] Skipping API networking.k8s.io/v1alpha1 because it has no resources. W0830 22:08:02.167245 1 genericapiserver.go:660] Skipping API node.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.167257 1 genericapiserver.go:660] Skipping API node.k8s.io/v1alpha1 because it has no resources. W0830 22:08:02.167309 1 genericapiserver.go:660] Skipping API policy/v1beta1 because it has no resources. W0830 22:08:02.172576 1 genericapiserver.go:660] Skipping API rbac.authorization.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.172588 1 genericapiserver.go:660] Skipping API rbac.authorization.k8s.io/v1alpha1 because it has no resources. W0830 22:08:02.174482 1 genericapiserver.go:660] Skipping API scheduling.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.174494 1 genericapiserver.go:660] Skipping API scheduling.k8s.io/v1alpha1 because it has no resources. W0830 22:08:02.180106 1 genericapiserver.go:660] Skipping API storage.k8s.io/v1alpha1 because it has no resources. W0830 22:08:02.185267 1 genericapiserver.go:660] Skipping API flowcontrol.apiserver.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.185280 1 genericapiserver.go:660] Skipping API flowcontrol.apiserver.k8s.io/v1alpha1 because it has no resources. W0830 22:08:02.190511 1 genericapiserver.go:660] Skipping API apps/v1beta2 because it has no resources. W0830 22:08:02.190526 1 genericapiserver.go:660] Skipping API apps/v1beta1 because it has no resources. W0830 22:08:02.193307 1 genericapiserver.go:660] Skipping API admissionregistration.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.193319 1 genericapiserver.go:660] Skipping API admissionregistration.k8s.io/v1alpha1 because it has no resources. W0830 22:08:02.194913 1 genericapiserver.go:660] Skipping API events.k8s.io/v1beta1 because it has no resources. W0830 22:08:02.218406 1 genericapiserver.go:660] Skipping API apiregistration.k8s.io/v1beta1 because it has no resources. I0830 22:08:02.975366 1 dynamic_cafile_content.go:157] "Starting controller" name="client-ca-bundle::/etc/kubernetes/ssl/kube-ca.pem" I0830 22:08:02.975361 1 dynamic_cafile_content.go:157] "Starting controller" name="request-header::/etc/kubernetes/ssl/kube-apiserver-requestheader-ca.pem" I0830 22:08:02.975596 1 dynamic_serving_content.go:132] "Starting controller" name="serving-cert::/etc/kubernetes/ssl/kube-apiserver.pem::/etc/kubernetes/ssl/kube-apiserver-key.pem" I0830 22:08:02.975802 1 secure_serving.go:210] Serving securely on [::]:6443 I0830 22:08:02.975941 1 controller.go:83] Starting OpenAPI AggregationController I0830 22:08:02.975951 1 apiservice_controller.go:97] Starting APIServiceRegistrationController I0830 22:08:02.975963 1 controller.go:80] Starting OpenAPI V3 AggregationController I0830 22:08:02.975992 1 available_controller.go:423] Starting AvailableConditionController I0830 22:08:02.975993 1 apf_controller.go:361] Starting API Priority and Fairness config controller I0830 22:08:02.976026 1 aggregator.go:150] waiting for initial CRD sync... I0830 22:08:02.976044 1 dynamic_serving_content.go:132] "Starting controller" name="aggregator-proxy-cert::/etc/kubernetes/ssl/kube-apiserver-proxy-client.pem::/etc/kubernetes/ssl/kube-apiserver-proxy-client-key.pem" I0830 22:08:02.976059 1 tlsconfig.go:240] "Starting DynamicServingCertificateController" I0830 22:08:02.976094 1 crdregistration_controller.go:111] Starting crd-autoregister controller I0830 22:08:02.976123 1 shared_informer.go:270] Waiting for caches to sync for crd-autoregister I0830 22:08:02.975999 1 cache.go:32] Waiting for caches to sync for AvailableConditionController controller I0830 22:08:02.975980 1 cache.go:32] Waiting for caches to sync for APIServiceRegistrationController controller I0830 22:08:02.976311 1 gc_controller.go:78] Starting apiserver lease garbage collector I0830 22:08:02.976439 1 controller.go:85] Starting OpenAPI controller I0830 22:08:02.977725 1 customresource_discovery_controller.go:288] Starting DiscoveryController I0830 22:08:02.977882 1 controller.go:85] Starting OpenAPI V3 controller I0830 22:08:02.977948 1 crd_finalizer.go:266] Starting CRDFinalizer I0830 22:08:02.977976 1 naming_controller.go:291] Starting NamingConditionController I0830 22:08:02.977940 1 apiapproval_controller.go:186] Starting KubernetesAPIApprovalPolicyConformantConditionController I0830 22:08:02.978169 1 controller.go:121] Starting legacy_token_tracking_controller I0830 22:08:02.978505 1 establishing_controller.go:76] Starting EstablishingController I0830 22:08:02.978940 1 shared_informer.go:270] Waiting for caches to sync for configmaps I0830 22:08:02.980300 1 cluster_authentication_trust_controller.go:440] Starting cluster_authentication_trust_controller controller I0830 22:08:02.980355 1 shared_informer.go:270] Waiting for caches to sync for cluster_authentication_trust_controller I0830 22:08:02.980582 1 dynamic_cafile_content.go:157] "Starting controller" name="client-ca-bundle::/etc/kubernetes/ssl/kube-ca.pem" I0830 22:08:02.980631 1 dynamic_cafile_content.go:157] "Starting controller" name="request-header::/etc/kubernetes/ssl/kube-apiserver-requestheader-ca.pem" I0830 22:08:02.981316 1 nonstructuralschema_controller.go:192] Starting NonStructuralSchemaConditionController I0830 22:08:03.000798 1 controller.go:615] quota admission added evaluator for: namespaces I0830 22:08:03.027393 1 shared_informer.go:277] Caches are synced for node_authorizer I0830 22:08:03.051774 1 controller.go:615] quota admission added evaluator for: leases.coordination.k8s.io I0830 22:08:03.076357 1 apf_controller.go:366] Running API Priority and Fairness config worker I0830 22:08:03.076374 1 apf_controller.go:369] Running API Priority and Fairness periodic rebalancing process I0830 22:08:03.076460 1 shared_informer.go:277] Caches are synced for crd-autoregister I0830 22:08:03.076507 1 aggregator.go:152] initial CRD sync complete... I0830 22:08:03.076531 1 autoregister_controller.go:141] Starting autoregister controller I0830 22:08:03.076540 1 cache.go:32] Waiting for caches to sync for autoregister controller I0830 22:08:03.076548 1 cache.go:39] Caches are synced for AvailableConditionController controller I0830 22:08:03.076552 1 cache.go:39] Caches are synced for autoregister controller I0830 22:08:03.078311 1 cache.go:39] Caches are synced for APIServiceRegistrationController controller I0830 22:08:03.079065 1 shared_informer.go:277] Caches are synced for configmaps I0830 22:08:03.081133 1 shared_informer.go:277] Caches are synced for cluster_authentication_trust_controller I0830 22:08:03.694865 1 controller.go:132] OpenAPI AggregationController: action for item k8s_internal_local_delegation_chain_0000000000: Nothing (removed from the queue). I0830 22:08:03.980892 1 storage_scheduling.go:95] created PriorityClass system-node-critical with value 2000001000 I0830 22:08:03.984881 1 storage_scheduling.go:95] created PriorityClass system-cluster-critical with value 2000000000 I0830 22:08:03.984905 1 storage_scheduling.go:111] all system priority classes are created successfully or already exist. I0830 22:08:04.344184 1 controller.go:615] quota admission added evaluator for: roles.rbac.authorization.k8s.io I0830 22:08:04.374708 1 controller.go:615] quota admission added evaluator for: rolebindings.rbac.authorization.k8s.io I0830 22:08:04.509596 1 alloc.go:327] "allocated clusterIPs" service="default/kubernetes" clusterIPs=map[IPv4:10.43.0.1] W0830 22:08:04.514538 1 lease.go:251] Resetting endpoints for master service "kubernetes" to [192.168.137.65] I0830 22:08:04.515390 1 controller.go:615] quota admission added evaluator for: endpoints I0830 22:08:04.519070 1 controller.go:615] quota admission added evaluator for: endpointslices.discovery.k8s.io I0830 22:08:07.822552 1 controller.go:615] quota admission added evaluator for: serviceaccounts I0830 22:08:44.019326 1 controller.go:615] quota admission added evaluator for: jobs.batch

[jiaqiluo]

@GuillaumeDorschner ,

The following line from the kubelet logs could indicate the reason for failure: the default router on the host is missing.

E0830 22:08:33.046106  846612 kubelet_node_status.go:701] "Failed to set some node status fields" err="can't get ip address of node master. error: no default routes found in \"/proc/net/route\" or \"/proc/net/ipv6_route\"" node="master"

Yoy can try the following:

• ssh into the nodes
• run ip route to check if there is a line starting with default via ... - I expect to see it does not exist
• run sudo ip route add default via 192.168.100.1 to add the missing rule

Once you finish the above, you may need to run rke up again to trigger a reconciliation, and I expect the cluster to work now.

ref:

• https://www.gosysops.com/2021/kubernetes-node-no-internal-ip-problem.html
• https://github.com/k3s-io/k3s/issues/1144#issuecomment-1005028699 - this is for K3s, but it is actually a k8s upstream issue

[GuillaumeDorschner]

As you suggested, I checked my internet connection and noticed a default IP route was already in place.

[root@localhost ~]# ip route
default via 192.168.1.1 dev eno1 proto dhcp metric 101

However, the default IP route was not present for the on-premise network, I did : sudo ip route add default via 192.168.137.1

This successfully resolved the issue, allowing me to build my Kubernetes cluster without any problems:

INFO[0086] [addons] Executing deploy job rke-network-plugin
INFO[0096] [addons] Setting up coredns
...
INFO[0126] [addons] User addons deployed successfully
INFO[0126] Finished building Kubernetes cluster successfully

Thank you, @jiaqiluo !