Comments (9)
please give us more info.
sudo kubectl get pods --all-namespaces
sudo helm ls
if any pod is failing, run describe
and logs
on that.
from kubeadm-bootstrap.
$ sudo kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
default rook-agent-2prs8 1/1 Running 0 3h
default rook-agent-fctrt 1/1 Running 0 3h
default rook-operator-6886996bcb-bq9nn 1/1 Running 0 3h
kube-system etcd-tg-atm160027-master-node 1/1 Running 0 4h
kube-system kube-apiserver-tg-atm160027-master-node 1/1 Running 0 4h
kube-system kube-controller-manager-tg-atm160027-master-node 1/1 Running 0 4h
kube-system kube-dns-6f4fd4bdf-gbjn7 3/3 Running 0 4h
kube-system kube-flannel-ds-6kclb 1/1 Running 1 4h
kube-system kube-flannel-ds-kgm2f 1/1 Running 0 4h
kube-system kube-proxy-mjn2v 1/1 Running 0 4h
kube-system kube-proxy-mt549 1/1 Running 0 4h
kube-system kube-scheduler-tg-atm160027-master-node 1/1 Running 0 4h
kube-system tiller-deploy-69cb6984f-m6jw7 1/1 Running 0 4h
support support-nginx-ingress-controller-pc5qw 1/1 Running 0 4h
support support-nginx-ingress-controller-v6bg4 1/1 Running 1 4h
support support-nginx-ingress-default-backend-cb84895fb-s6bhs 1/1 Running 0 4h
$ sudo helm ls
sudo: unable to resolve host tg-atm160027-master-node
NAME REVISION UPDATED STATUS CHART NAMESPACE
insipid-sponge 1 Fri Jun 22 18:48:55 2018 DEPLOYED rook-v0.7.1 default
support 1 Fri Jun 22 17:56:54 2018 DEPLOYED support-0.1.0 support
from kubeadm-bootstrap.
check into the logs of the nginx controllers and backend, is this Kubernetes 1.9?
from kubeadm-bootstrap.
I'm going down this road again. I cannot recall why I did not respond to this last comment on June 23. I am seeing the same problem. This is v1.9.2
. Where are the logs in question? master or worker node?
ping @craig-willis
from kubeadm-bootstrap.
This is likely a problem with the security group configuration in OpenStack. You need to enable traffic between nodes in your Kubernetes cluster. The https://github.com/nds-org/kubeadm-terraform/ process creates a security group (which is conveniently already in place on your TACC cluster). Applying that security group to the nodes, you should now see for both hosts:
$ curl localhost
default backend - 404
from kubeadm-bootstrap.
Thanks for your help. I can confirm the security group defined here resolves the issue. Though I cannot figure out exactly what it is about that security group that makes it work. (Not everyone is going to want to use terraform.) It could be the opening up of tcp and udp ports 1
through 65535
to "self", but I don't know what "self" is since it is undocumented in openstack and also here .
from kubeadm-bootstrap.
self is an argument in the Terraform OpenStack provider. According to my colleague @bodom0015, this equates to creating a rule with "Remote" set to "Security Group" and the "Security Group" set to the current group name (test in the attached screenshot):
From my understanding, this says that any node in the security group can communicate with any other node in that group. This is used instead of an explicit CIDR range.
from kubeadm-bootstrap.
That makes sense. I do something similar with my openstack security groups with --remote-ip 10.0.0.0/24
to limit traffic internally, but this may be a better, more "openstack" way.
from kubeadm-bootstrap.
In summary open ports 1
through 65535
, but limit traffic internal to the security group itself. I.e. from openstack,
openstack security group rule create kube --protocol udp --dst-port 1:65535 --remote-group kube
openstack security group rule create kube --protocol tcp --dst-port 1:65535 --remote-group kube
in addition to whatever outward ports you need open i.e., 22
, 80
, 443
, 6443
.
I think we can close this issue.
from kubeadm-bootstrap.
Related Issues (6)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubeadm-bootstrap.