search

sassoftware / viya4-deployment

This project contains Ansible code that creates a baseline in an existing Kubernetes environment for use with the SAS Viya Platform, generates the manifest for an order, and then can also deploy that order into the Kubernetes environment specified.
Apache License 2.0
71 stars 64 forks source link

nfs-subdir-external-provisioner Failure when executing Helm Command #416

Closed jawilk23 closed 1 year ago

jawilk23 commented 1 year ago

Deploying LTS 2022.09 with a customer provisioned infrastructure. Each attempt at deploying we receive the following error:

TASK [baseline : Deploy nfs-subdir-external-provisioner] **** fatal: [localhost]: FAILED! => {"changed": false, "command": "/usr/local/bin/helm --version=4.0.8 --repo=https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/ upgrade -i --reset-values --wait --create-namespace -f=/tmp/tmp2oeuqk6i.yml nfs-subdir-external-provisioner nfs-subdir-external-provisioner", "msg": "Failure when executing Helm command. Exited 1.\nstdout: Release \"nfs-subdir-external-provisioner\" does not exist. Installing it now.\n\nstderr: WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /viya-install/viya4-deployment/kube-system.conf\nWARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /viya-install/viya4-deployment/kube-system.conf\nError: timed out waiting for the condition\n", "stderr": "WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /viya-install/viya4-deployment/kube-system.conf\nWARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /viya-install/viya4-deployment/kube-system.conf\nError: timed out waiting for the condition\n", "stderr_lines": ["WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /viya-install/viya4-deployment/kube-system.conf", "WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /viya-install/viya4-deployment/kube-system.conf", "Error: timed out waiting for the condition"], "stdout": "Release \"nfs-subdir-external-provisioner\" does not exist. Installing it now.\n", "stdout_lines": ["Release \"nfs-subdir-external-provisioner\" does not exist. Installing it now."]}

We can see that it is creating the nfs-client namespace as well as the sas storage class, however when running a describe on the nfs-subdir-external-provisioner pod, we see the following events:

Normal Pulling 48m (x214 over 18h) kubelet Pulling image "k8s.gcr.io/sig-storage/nfs-subdir-external-provisioner:v4.0.2" Normal BackOff 3m43s (x4935 over 18h) kubelet Back-off pulling image "k8s.gcr.io/sig-storage/nfs-subdir-external-provisioner:v4.0.2"

Any help with this issue would be much appreciated.

dhoucgitter commented 1 year ago

Hi @jawilk23, the error you saw could be related to upcoming changes to deprecate the k8s.gcr.io container registry. Are you still hitting this issue? If so, could you try adding these lines to your ansible-vars file and re-run your deployment?

NFS_CLIENT_CHART_VERSION: 4.0.18
PG_NFS_CLIENT_CHART_VERSION: 4.0.18
jawilk23 commented 1 year ago

Hello @dhoucgitter, we were able to determine the customers organization was blocking us from reaching out and grabbing the third party images. They were also blocking any sort of redirect when reaching out for the images themselves. Once we provided their security team with the list of URLs, we were able to successfully install baseline.

dhoucgitter commented 1 year ago

Thanks for the update @jawilk23, closing this issue as resolved based on your comment.