FS#73110 - [kube-apiserver] incompatible with kubeadm
Attached to Project:
Community Packages
Opened by ivdok (ivdok) - Tuesday, 21 December 2021, 21:28 GMT
Last edited by David Runge (dvzrv) - Saturday, 19 February 2022, 20:14 GMT
Opened by ivdok (ivdok) - Tuesday, 21 December 2021, 21:28 GMT
Last edited by David Runge (dvzrv) - Saturday, 19 February 2022, 20:14 GMT
|
Details
Description:
Kube-apiserver can't start with default settings due to wrong default configuration, and due to that kubeadm can't proceed with install Additional info: community/crictl 1.22.0-1 community/helm 3.7.2-1 [installed] community/kube-apiserver 1.22.4-1 community/kube-controller-manager 1.22.4-1 community/kube-proxy 1.22.4-1 community/kube-scheduler 1.22.4-1 community/kubeadm 1.22.4-1 community/kubectl 1.22.4-1 community/kubelet 1.22.4-1 aur/etcd 3.5.1-1 community/containerd 1.5.8-1 Log during kube-apiserver startup: Dec 22 00:07:54 rolent systemd[1]: Starting Kubernetes API Server... Dec 22 00:07:54 rolent kube-apiserver[44178]: W1222 00:07:54.907493 44178 services.go:37] No CIDR for service cluster IPs specified. Default value which was 10.0.0.0/24 is deprecated and w> Dec 22 00:07:55 rolent kube-apiserver[44178]: Error: error creating self-signed certificates: open /var/run/kubernetes/apiserver.crt: permission denied Dec 22 00:07:55 rolent systemd[1]: kube-apiserver.service: Main process exited, code=exited, status=1/FAILURE Dec 22 00:07:55 rolent systemd[1]: kube-apiserver.service: Failed with result 'exit-code'. Dec 22 00:07:55 rolent systemd[1]: Failed to start Kubernetes API Server. Dec 22 00:07:55 rolent systemd[1]: kube-apiserver.service: Scheduled restart job, restart counter is at 4. Dec 22 00:07:55 rolent systemd[1]: Stopped Kubernetes API Server. After adding certificates' dir to env file /etc/kubernetes/kube-apiserver.env: KUBE_APISERVER_ARGS="--cert-dir /etc/kubernetes/pki" Results in this error in log: Dec 22 00:14:13 rolent systemd[1]: Starting Kubernetes API Server... Dec 22 00:14:13 rolent kube-apiserver[50301]: W1222 00:14:13.147598 50301 services.go:37] No CIDR for service cluster IPs specified. Default value which was 10.0.0.0/24 is deprecated and will be removed in future releases. Please specify it using --service-cluster-ip-range on kube-apiserver. Dec 22 00:14:13 rolent kube-apiserver[50301]: Error: error creating self-signed certificates: error reading /etc/kubernetes/pki/apiserver.key, certificate and key must be supplied as a pair Dec 22 00:14:13 rolent systemd[1]: kube-apiserver.service: Main process exited, code=exited, status=1/FAILURE Dec 22 00:14:13 rolent systemd[1]: kube-apiserver.service: Failed with result 'exit-code'. Dec 22 00:14:13 rolent systemd[1]: Failed to start Kubernetes API Server. Dec 22 00:14:13 rolent systemd[1]: kube-apiserver.service: Scheduled restart job, restart counter is at 5. Dec 22 00:14:13 rolent systemd[1]: Stopped Kubernetes API Server. Steps to reproduce: 1. pacman -S cni-plugins kubernetes-control-plane kubeadm kubelet kubectl helm containerd 2. pacman -U etcd.x86-64.tar.zst 3. kubeadm init --pod-network-cidr='100.64.0.0/10' --upload-certs --ignore-preflight-errors=NumCPU,Mem --node-name=rolent --cri-socket=/run/containerd/containerd.sock |
This task depends upon
There is a *lot* of details missing. Please provide more :)