RBAC: K8S Master charm hangs trying to deploy kube-system pods
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Calico Charm |
Fix Released
|
Critical
|
Joseph Borg | ||
Canal Charm |
Fix Released
|
Critical
|
Joseph Borg | ||
Kubernetes Control Plane Charm |
Won't Fix
|
Critical
|
Joseph Borg | ||
Tigera Secure EE Charm |
Fix Released
|
Critical
|
Joseph Borg |
Bug Description
Running:
k8s-master version 700
k8s-worker version 552
calico version 641
Bundle: https:/
If I start deployment with authorization-mode set to "AlwaysAllow" and then move to "RBAC,Node" later, it works. Although there will probably consequences later, such as when we try to add new workers. Setting authorization-
RBAC enabled with:
$ juju config kubernetes-master authorization-mode
RBAC,Node
I am seeing something similar to: https:/
Nodes are hanging with: Warning FailedCreatePod
More complete log: https:/
I've tried to run:
kubectl apply -f https:/
As instructed on https:/
Which essentially creates kube-calico-
I can see some RBAC / Calico related issues, but I see no particular relation to these bugs:
https:/
https:/
tags: | added: cpe-onsite |
information type: | Public → Private |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
Changed in charm-kubernetes-master: | |
status: | New → Triaged |
importance: | Undecided → Critical |
Changed in charm-kubernetes-master: | |
assignee: | nobody → Joseph Borg (joeborg) |
Changed in charm-kubernetes-master: | |
status: | Triaged → In Progress |
Changed in charm-canal: | |
assignee: | nobody → Joseph Borg (joeborg) |
Changed in charm-calico: | |
assignee: | nobody → Joseph Borg (joeborg) |
Changed in charm-calico: | |
status: | New → In Progress |
Changed in charm-canal: | |
status: | New → In Progress |
Changed in charm-calico: | |
importance: | Undecided → Critical |
Changed in charm-canal: | |
importance: | Undecided → Critical |
Changed in charm-canal: | |
status: | In Progress → Fix Committed |
Changed in charm-calico: | |
milestone: | none → 1.15+ck1 |
Changed in charm-canal: | |
milestone: | none → 1.15+ck1 |
Changed in charm-tigera-secure-ee: | |
milestone: | none → 1.15+ck1 |
Changed in charm-tigera-secure-ee: | |
status: | In Progress → Fix Committed |
Changed in charm-calico: | |
status: | Fix Committed → Fix Released |
Changed in charm-canal: | |
status: | Fix Committed → Fix Released |
Changed in charm-tigera-secure-ee: | |
status: | Fix Committed → Fix Released |
Logs from collect.py on: https:/ /drive. google. com/open? id=18sOa4qR569_ QArOC2IikkX6UjR n6M3vV