search

slime-io / slime

An intelligent ServiceMesh manager based on Istio
https://slime-io.github.io/
Other
424 stars 78 forks source link

启用lazyload,有时候global sidecar不能正常启动 #112

Closed xiangtianyu closed 2 years ago

xiangtianyu commented 2 years ago

在业务namespace下启用lazyload有时候会出现namespace下的global-sidecar起不起来的情况,global-sidecar日志如下:

2021-11-11T02:01:28.857389Z     info    FLAG: --concurrency="0"
2021-11-11T02:01:28.857446Z     info    FLAG: --disableInternalTelemetry="false"
2021-11-11T02:01:28.857485Z     info    FLAG: --domain="istio-public.svc.cluster.local"
2021-11-11T02:01:28.857493Z     info    FLAG: --help="false"
2021-11-11T02:01:28.857498Z     info    FLAG: --id=""
2021-11-11T02:01:28.857504Z     info    FLAG: --ip=""
2021-11-11T02:01:28.857510Z     info    FLAG: --log_as_json="false"
2021-11-11T02:01:28.857515Z     info    FLAG: --log_caller=""
2021-11-11T02:01:28.857521Z     info    FLAG: --log_output_level="default:info"
2021-11-11T02:01:28.857527Z     info    FLAG: --log_rotate=""
2021-11-11T02:01:28.857533Z     info    FLAG: --log_rotate_max_age="30"
2021-11-11T02:01:28.857538Z     info    FLAG: --log_rotate_max_backups="1000"
2021-11-11T02:01:28.857544Z     info    FLAG: --log_rotate_max_size="104857600"
2021-11-11T02:01:28.857550Z     info    FLAG: --log_stacktrace_level="default:none"
2021-11-11T02:01:28.857559Z     info    FLAG: --log_target="[stdout]"
2021-11-11T02:01:28.857565Z     info    FLAG: --meshConfig="./etc/istio/config/mesh"
2021-11-11T02:01:28.857571Z     info    FLAG: --mixerIdentity=""
2021-11-11T02:01:28.857577Z     info    FLAG: --outlierLogPath=""
2021-11-11T02:01:28.857582Z     info    FLAG: --proxyComponentLogLevel="misc:error"
2021-11-11T02:01:28.857588Z     info    FLAG: --proxyLogLevel="warning"
2021-11-11T02:01:28.857593Z     info    FLAG: --serviceCluster="qz-ingress"
2021-11-11T02:01:28.857599Z     info    FLAG: --serviceregistry="Kubernetes"
2021-11-11T02:01:28.857604Z     info    FLAG: --stsPort="0"
2021-11-11T02:01:28.857610Z     info    FLAG: --templateFile=""
2021-11-11T02:01:28.857615Z     info    FLAG: --tokenManagerPlugin="GoogleTokenExchange"
2021-11-11T02:01:28.857620Z     info    FLAG: --trust-domain=""
2021-11-11T02:01:28.857660Z     info    Version 1.7.0-2022348138e47498c4b54995b4cb5a1656817c4e-Clean
2021-11-11T02:01:28.857863Z     info    Obtained private IP [172.160.0.58]
2021-11-11T02:01:28.857937Z     warn    failed to read pod annotations: open ./etc/istio/pod/annotations: no such file or directory
2021-11-11T02:01:28.857992Z     info    Apply proxy config from env {"discoveryAddress":"istio-pilot.mesh-operator:15010","proxyMetadata":{"DNS_AGENT":""},"controlPlaneAuthPolicy":"NONE"}

2021-11-11T02:01:28.859381Z     info    Effective config: binaryPath: /usr/local/bin/envoy
concurrency: 0
configPath: ./etc/istio/proxy
discoveryAddress: istio-pilot.mesh-operator:15010
drainDuration: 45s
envoyAccessLogService: {}
envoyMetricsService: {}
parentShutdownDuration: 60s
proxyAdminPort: 15000
proxyMetadata:
  DNS_AGENT: ""
serviceCluster: qz-ingress
statNameLength: 189
statusPort: 15020
terminationDrainDuration: 5s
tracing:
  zipkin:
    address: zipkin.istio-system:9411

2021-11-11T02:01:28.859491Z     info    Proxy role: &model.Proxy{Type:"sidecar", IPAddresses:[]string{"172.160.0.58"}, ID:"global-sidecar-9bc5bf795-rz5n8.istio-public", Locality:(*envoy_config_core_v3.Locality)(nil), DNSDomain:"istio-public.svc.cluster.local", ConfigNamespace:"", Metadata:(*model.NodeMetadata)(nil), SidecarScope:(*model.SidecarScope)(nil), PrevSidecarScope:(*model.SidecarScope)(nil), MergedGateway:(*model.MergedGateway)(nil), ServiceInstances:[]*model.ServiceInstance(nil), IstioVersion:(*model.IstioVersion)(nil), ipv6Support:false, ipv4Support:false, GlobalUnicastIP:"", XdsResourceGenerator:model.XdsResourceGenerator(nil), Active:map[string]*model.WatchedResource(nil), ActiveExperimental:map[string]*model.WatchedResource(nil), RequestedTypes:struct { CDS string; EDS string; RDS string; LDS string }{CDS:"", EDS:"", RDS:"", LDS:""}}
2021-11-11T02:01:28.859510Z     info    JWT policy is third-party-jwt
2021-11-11T02:01:28.859553Z     info    PilotSAN []string(nil)
2021-11-11T02:01:28.859567Z     info    MixerSAN []string(nil)
2021-11-11T02:01:28.859610Z     info    sa.serverOptions.CAEndpoint == istio-pilot.mesh-operator:15010
2021-11-11T02:01:28.859619Z     info    Using user-configured CA istio-pilot.mesh-operator:15010
2021-11-11T02:01:28.859626Z     warn    Debug mode or IP-secure network
2021-11-11T02:01:29.249786Z     info    sds     SDS gRPC server for workload UDS starts, listening on "./etc/istio/proxy/SDS"

2021-11-11T02:01:29.249901Z     info    Starting proxy agent
2021-11-11T02:01:29.249889Z     info    sds     Start SDS grpc server
2021-11-11T02:01:29.250157Z     info    Opening status port 15020

2021-11-11T02:01:29.250167Z     info    Received new config, creating new Envoy epoch 0
2021-11-11T02:01:29.250292Z     info    Epoch 0 starting
2021-11-11T02:01:29.260419Z     warn    failed to read pod labels: open ./etc/istio/pod/labels: no such file or directory
2021-11-11T02:01:29.261959Z     info    Envoy command: [-c etc/istio/proxy/envoy-rev0.json --restart-epoch 0 --drain-time-s 45 --parent-shutdown-time-s 60 --service-cluster qz-ingress --service-node sidecar~172.160.0.58~global-sidecar-9bc5bf795-rz5n8.istio-public~istio-public.svc.cluster.local --local-address-ip-version v4 --log-format-prefix-with-location 0 --log-format %Y-%m-%dT%T.%fZ    %l      envoy %n        %v -l warning --component-log-level misc:error]
2021-11-11T02:01:29.552538Z     warning envoy runtime   Unable to use runtime singleton for feature envoy.reloadable_features.activate_fds_next_event_loop
2021-11-11T02:01:29.681016Z     warning envoy config    StreamAggregatedResources gRPC config stream closed: 14, no healthy upstream
2021-11-11T02:01:29.681055Z     warning envoy config    Unable to establish new stream
2021-11-11T02:01:29.758672Z     warning envoy main      there is no configured limit to the number of allowed active connections. Set a limit via the runtime key overload.global_downstream_max_connections
2021-11-11T02:01:30.283226Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:31.449264Z     warning envoy config    StreamAggregatedResources gRPC config stream closed: 14, upstream connect error or disconnect/reset before headers. reset reason: local reset
2021-11-11T02:01:32.282636Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:34.126765Z     warning envoy config    StreamAggregatedResources gRPC config stream closed: 14, upstream connect error or disconnect/reset before headers. reset reason: local reset
2021-11-11T02:01:34.282794Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:36.282526Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:38.282738Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:38.614255Z     warning envoy config    StreamAggregatedResources gRPC config stream closed: 14, upstream connect error or disconnect/reset before headers. reset reason: local reset
2021-11-11T02:01:39.810136Z     warning envoy config    StreamAggregatedResources gRPC config stream closed: 14, upstream connect error or disconnect/reset before headers. reset reason: local reset
2021-11-11T02:01:40.282411Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:42.282974Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:44.282428Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:46.282382Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:48.282649Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:50.282537Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:52.282405Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:53.558236Z     warning envoy config    StreamAggregatedResources gRPC config stream closed: 14, upstream connect error or disconnect/reset before headers. reset reason: local reset
2021-11-11T02:01:54.282504Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:56.282371Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:01:58.282451Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:00.283012Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:02.282636Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:04.282453Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:06.282433Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:08.282735Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:10.282405Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:12.282455Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:14.282394Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:16.282374Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:18.282402Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:20.282417Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 0 successful, 0 rejected; lds updates: 0 successful, 0 rejected
2021-11-11T02:02:23.281952Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:25.282111Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:27.348865Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:29.282042Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:31.282413Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:33.282664Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:35.348647Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:37.281836Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:39.348673Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:41.281996Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:41.566249Z     warning envoy config    adding listener '0.0.0.0:15006': filter chain match rules require TLS Inspector listener filter, but it isn't configured, trying to inject it (this might fail if Envoy is compiled without it)
2021-11-11T02:02:41.566953Z     warning envoy config    gRPC config for type.googleapis.com/envoy.config.listener.v3.Listener rejected: Error adding/updating listener(s) 0.0.0.0_15021: cannot bind '0.0.0.0:15021': Address already in use

2021-11-11T02:02:43.282027Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:45.296520Z     warn    Envoy proxy is NOT ready: Get "http://127.0.0.1:15000/stats?usedonly&filter=^(cluster_manager.cds|listener_manager.lds).(update_success|update_rejected)$": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2021-11-11T02:02:46.291426Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:02:48.291839Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:02:50.291015Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:02:52.291868Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:02:54.290833Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:02:56.290780Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:02:58.291218Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:00.290677Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:02.290899Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:04.290852Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:06.291804Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:08.292900Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:10.290803Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:12.291312Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:14.290965Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:16.290908Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:18.290842Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:20.291106Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:22.290945Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:24.290813Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:26.292146Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:28.292138Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:30.449592Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:32.291228Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:34.297531Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:36.292872Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:38.291188Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:40.290983Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:42.290847Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:44.290841Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:46.290679Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:48.291155Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:50.290899Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:52.290877Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:54.290895Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:56.290942Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:03:58.290662Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:00.290845Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:02.291379Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:04.290963Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:06.291491Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:08.291155Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:10.291025Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:12.290961Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:14.290709Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:16.290959Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:18.291125Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:20.290779Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:22.291145Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:24.294516Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:26.290751Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:28.290975Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:30.290759Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:32.290910Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:34.290981Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:36.291551Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:38.292366Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:40.290699Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:42.291135Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:44.290640Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:46.291836Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:48.290768Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:50.290781Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:52.290959Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:54.290896Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:56.290839Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:04:58.291036Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected
2021-11-11T02:05:00.291059Z     warn    Envoy proxy is NOT ready: config not received from Pilot (is Pilot running?): cds updates: 1 successful, 0 rejected; lds updates: 0 successful, 1 rejected

[X] Configuration Lazy Loading [ ] Http Plugin Management [ ] Adaptive Ratelimit [ ] Slime Boot

YonkaFang commented 2 years ago

这种情况下,对应的global pilot里有什么异常日志吗? 我看到有cds reject的情况,pilot侧应该也会记录这种。

此外,你用的global sidecar和global pilot的版本是?(镜像)。

xiangtianyu commented 2 years ago

之前的太久远找不到了,刚才复现,global sidecar日志如下:

2021-11-12T09:08:41.250010Z     info    ads     Push debounce stable[2] 373: 100.582673ms since last change, 200.551406ms since last push, full=true
2021-11-12T09:08:41.252162Z     info    ads     XDS: Pushing:2021-11-12T09:08:41Z/1 Services:93 ConnectedEndpoints:0
2021-11-12T09:08:41.536428Z     info    ads     Push debounce stable[3] 2: 100.764849ms since last change, 187.251158ms since last push, full=true
2021-11-12T09:08:41.538054Z     info    ads     XDS: Pushing:2021-11-12T09:08:41Z/2 Services:93 ConnectedEndpoints:0
2021-11-12T09:08:42.995208Z     info    ads     Full push, new service lazyload.mesh-operator.svc.cluster.local
2021-11-12T09:08:43.095877Z     info    ads     Push debounce stable[4] 1: 100.606332ms since last change, 100.606249ms since last push, full=true
2021-11-12T09:08:43.097997Z     info    ads     XDS: Pushing:2021-11-12T09:08:43Z/3 Services:93 ConnectedEndpoints:0
gc 10 @10.232s 1%: 0.26+72+0.005 ms clock, 8.3+0.62/154/207+0.17 ms cpu, 46->47->24 MB, 51 MB goal, 32 P
2021-11-12T09:08:50.052387Z     info    ads     Push Status: {}
2021-11-12T09:09:05.818578Z     info    ads     Full push, new service istio-pilot.mesh-operator.svc.cluster.local
2021-11-12T09:09:05.918895Z     info    ads     Push debounce stable[5] 1: 100.22323ms since last change, 100.223072ms since last push, full=true
2021-11-12T09:09:05.920843Z     info    ads     XDS: Pushing:2021-11-12T09:09:05Z/4 Services:93 ConnectedEndpoints:0
2021-11-12T09:09:10.052619Z     info    ads     Push Status: {}
2021-11-12T09:09:17.336865Z     info    ads     ADS:CDS: REQ sidecar~172.160.0.99~global-sidecar-9bc5bf795-8psv6.istio-public~istio-public.svc.cluster.local-1 version:
2021-11-12T09:09:17.339615Z     info    ads     CDS: PUSH for node:global-sidecar-9bc5bf795-8psv6.istio-public clusters:138 services:93 version:2021-11-12T09:09:05Z/4
2021-11-12T09:09:17.345863Z     info    ads     LDS: PUSH for node:global-sidecar-9bc5bf795-8psv6.istio-public listeners:35
2021-11-12T09:09:36.959672Z     info    ads     EDS: PUSH for node:global-sidecar-9bc5bf795-8psv6.istio-public clusters:117 endpoints:81 empty:48
gc 11 @62.013s 0%: 0.38+94+0.006 ms clock, 12+0.24/540/85+0.22 ms cpu, 46->46->25 MB, 48 MB goal, 32 P
2021-11-12T09:09:40.157462Z     info    ads     RDS: PUSH for node:global-sidecar-9bc5bf795-8psv6.istio-public routes:25
2021-11-12T09:09:40.157561Z     warn    ads     ADS:LDS: ACK ERROR sidecar~172.160.0.99~global-sidecar-9bc5bf795-8psv6.istio-public~istio-public.svc.cluster.local-1 Internal:Error adding/updating listener(s) 0.0.0.0_15021: cannot bind '0.0.0.0:15021': Address already in use

2021-11-12T09:09:41.337129Z     info    ads     Push debounce stable[6] 1: 100.228588ms since last change, 100.228505ms since last push, full=true
2021-11-12T09:09:41.338343Z     info    ads     XDS: Pushing:2021-11-12T09:09:41Z/5 Services:93 ConnectedEndpoints:1
2021-11-12T09:09:50.052350Z     info    ads     Push Status: {}
gc 12 @130.682s 0%: 0.76+121+0.009 ms clock, 24+0.55/723/0.65+0.28 ms cpu, 49->50->26 MB, 51 MB goal, 32 P
2021-11-12T09:12:11.341747Z     info    ads     Push debounce stable[7] 1: 100.567735ms since last change, 100.567662ms since last push, full=true
2021-11-12T09:12:11.343380Z     info    ads     XDS: Pushing:2021-11-12T09:12:11Z/6 Services:93 ConnectedEndpoints:1
gc 13 @214.623s 0%: 0.46+184+0.006 ms clock, 14+0.50/479/154+0.22 ms cpu, 50->51->25 MB, 52 MB goal, 32 P
2021-11-12T09:12:20.052805Z     info    ads     Push Status: {}
2021-11-12T09:12:41.334600Z     info    ads     Push debounce stable[8] 1: 100.233482ms since last change, 100.233388ms since last push, full=true
2021-11-12T09:12:41.336088Z     info    ads     XDS: Pushing:2021-11-12T09:12:41Z/7 Services:93 ConnectedEndpoints:1
2021-11-12T09:12:50.052739Z     info    ads     Push Status: {}

slime-boot日志

{"level":"info","ts":1636708117.1667693,"logger":"helm.controller","msg":"Reconciled release","namespace":"mesh-operator","name":"lazyload","apiVersion":"config.netease.com/v1alpha1","kind":"SlimeBoot","release":"lazyload"}
{"level":"error","ts":1636708117.516414,"logger":"controller-runtime.manager.controller.slimeboot-controller","msg":"Reconciler error","name":"lazyload","namespace":"mesh-operator","error":"Operation cannot be fulfilled on slimeboots.config.netease.com \"lazyload\": the object has been modified; please apply your changes to the latest version and try again","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.9.2/pkg/internal/controller/controller.go:253\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.9.2/pkg/internal/controller/controller.go:214"}
{"level":"info","ts":1636708118.6415234,"logger":"helm.controller","msg":"Reconciled release","namespace":"mesh-operator","name":"lazyload","apiVersion":"config.netease.com/v1alpha1","kind":"SlimeBoot","release":"lazyload"}
{"level":"info","ts":1636708119.7781372,"logger":"helm.controller","msg":"Reconciled release","namespace":"mesh-operator","name":"lazyload","apiVersion":"config.netease.com/v1alpha1","kind":"SlimeBoot","release":"lazyload"}
{"level":"info","ts":1636708179.7753153,"logger":"helm.controller","msg":"Reconciled release","namespace":"mesh-operator","name":"lazyload","apiVersion":"config.netease.com/v1alpha1","kind":"SlimeBoot","release":"lazyload"}
{"level":"info","ts":1636708240.9074373,"logger":"helm.controller","msg":"Reconciled release","namespace":"mesh-operator","name":"lazyload","apiVersion":"config.netease.com/v1alpha1","kind":"SlimeBoot","release":"lazyload"}
{"level":"info","ts":1636708302.0466037,"logger":"helm.controller","msg":"Reconciled release","namespace":"mesh-operator","name":"lazyload","apiVersion":"config.netease.com/v1alpha1","kind":"SlimeBoot","release":"lazyload"}

lazyload日志:

time="2021-11-12T09:08:41Z" level=info msg="get virtualService, bookinfo" virtualService=istio-public/bookinfo
time="2021-11-12T09:08:41Z" level=info msg="get destination after parse, map[bookinfo.test.za.net:[productpage]]" virtualService=istio-public/bookinfo
time="2021-11-12T09:08:41Z" level=info msg="get serviceFence, reviews" serviceFence=istio-public/reviews
time="2021-11-12T09:08:41Z" level=info msg="get virtualService, grafana-vs" virtualService=istio-system/grafana-vs
time="2021-11-12T09:08:41Z" level=info msg="get destination after parse, map[grafana.test.za.net:[grafana]]" virtualService=istio-system/grafana-vs
time="2021-11-12T09:08:41Z" level=info msg="get virtualService, kiali-vs" virtualService=istio-system/kiali-vs
time="2021-11-12T09:08:41Z" level=info msg="get destination after parse, map[kiali.test.za.net:[kiali]]" virtualService=istio-system/kiali-vs
time="2021-11-12T09:08:41Z" level=info msg="get virtualService, prometheus-vs" virtualService=istio-system/prometheus-vs
time="2021-11-12T09:08:41Z" level=info msg="get destination after parse, map[prometheus.test.za.net:[prometheus]]" virtualService=istio-system/prometheus-vs
time="2021-11-12T09:08:41Z" level=info msg="get virtualService, tracing-vs" virtualService=istio-system/tracing-vs
time="2021-11-12T09:08:41Z" level=info msg="get destination after parse, map[tracing.test.za.net:[tracing]]" virtualService=istio-system/tracing-vs
time="2021-11-12T09:08:41Z" level=info msg="get serviceFence, productpage" serviceFence=istio-public/productpage
I1112 09:08:41.329437       1 reflector.go:150] Starting reflector *v1alpha3.Sidecar (9h11m38.180536184s) from pkg/mod/k8s.io/client-go@v0.17.2/tools/cache/reflector.go:105
I1112 09:08:41.329456       1 reflector.go:185] Listing and watching *v1alpha3.Sidecar from pkg/mod/k8s.io/client-go@v0.17.2/tools/cache/reflector.go:105
time="2021-11-12T09:08:41Z" level=info msg="Update a Sidecarin istio-public:productpage"
I1112 09:08:41.429535       1 shared_informer.go:227] caches populated
time="2021-11-12T09:08:41Z" level=info msg="Update a Sidecarin istio-public:productpage"
time="2021-11-12T09:08:41Z" level=info msg="get serviceFence, details" serviceFence=istio-public/details
time="2021-11-12T09:09:41Z" level=info msg="Update a Sidecarin istio-public:productpage"
time="2021-11-12T09:12:11Z" level=info msg="Update a Sidecarin istio-public:productpage"
time="2021-11-12T09:12:41Z" level=info msg="Update a Sidecarin istio-public:productpage"
time="2021-11-12T09:13:41Z" level=info msg="Update a Sidecarin istio-public:productpage"
I1112 09:14:00.226741       1 reflector.go:418] pkg/mod/k8s.io/client-go@v0.17.2/tools/cache/reflector.go:105: Watch close - *v1.Namespace total 0 items received
time="2021-11-12T09:14:11Z" level=info msg="Update a Sidecarin istio-public:productpage"
I1112 09:14:27.233785       1 reflector.go:418] pkg/mod/k8s.io/client-go@v0.17.2/tools/cache/reflector.go:105: Watch close - *v1.Service total 0 items received

版本配置如下:

---
apiVersion: config.netease.com/v1alpha1
kind: SlimeBoot
metadata:
  name: lazyload
  namespace: mesh-operator
spec:
  image:
    pullPolicy: Always
    repository: docker.io/slimeio/slime-lazyload
    tag: v0.2.6-d808438
  module:
    - name: lazyload
      enable: true
      fence:
        wormholePort: # replace to your application svc ports
          - "9080"
      metric:
        prometheus:
          address: http://prometheus.istio-system:9090
          handlers:
            destination:
              query: |
                sum(istio_requests_total{source_app="$source_app",reporter="destination"})by(destination_service)
              type: Group
  component:
    globalSidecar:
      enable: true
      type: namespaced
      namespace:
        - istio-public # 替换为bookinfo安装的ns
      resources:
        requests:
          cpu: 200m
          memory: 200Mi
        limits:
          cpu: 200m
          memory: 200Mi
      image:
        repository: istio/proxyv2
        tag: 1.7.0
    pilot:
      enable: true
      resources:
        requests:
          cpu: 200m
          memory: 200Mi
        limits:
          cpu: 200m
          memory: 200Mi
      image:
        repository: docker.io/slimeio/pilot
        tag: globalPilot-7.0-v0.0.3-713c611962
cywang1905 commented 2 years ago

ADS:LDS: ACK ERROR sidecar~172.160.0.99~global-sidecar-9bc5bf795-8psv6.istio-public~istio-public.svc.cluster.local-1 Internal:Error adding/updating listener(s) 0.0.0.0_15021: cannot bind '0.0.0.0:15021': Address already in use 在我的环境中,这个错误是service istio-ingressgateway -n istio-system 使用了15021端口,导致envoy lds失败,修改ingress的15021端口为其他值可解决,你可以试下

xiangtianyu commented 2 years ago

这个错误不影响启动,事实上正常启动的时候也有报这个错。但是就是有时候偶尔会起不来。

cywang1905 commented 2 years ago

ingress gateway的service port 15021 我们的模块暂时没用,这个动态配置和global-sidecar的静态配置端口冲突了,所以可以把它改成其他值 ` ports:

我找到了一篇文章说明此问题 https://imroc.cc/post/202105/using-istio-reserved-port-causes-pod-start-failed/ 建议改掉ingress svc的15021,作为临时修复方法,后续我们会考虑出一个版本解决这个问题

xiangtianyu commented 2 years ago

所以起不来和端口占用有关系吗?大部分时候端口占用一样报错,但是也能很快起起来

cywang1905 commented 2 years ago

不改的话,端口存在竞争关系,一定报错,修改端口可以彻底解决问题。 不改但global-sidecar成功启动的情况,怀疑是full push没有包含ingress 15021信息,所以成功起来了,后续推送的服务包含了ingress 端口冲突,所以后续有报错,但这是个概率问题,改下端口把问题解决掉吧

xiangtianyu commented 2 years ago

好的,我实验下

xiangtianyu commented 2 years ago

改了端口,确实是没在出现这种情况了

YonkaFang commented 2 years ago

目前可以通过端口规划来workaround,稍后的版本里会摆脱这个局限