Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

multus kubeconfig file not populated correctly after node reboot #1283

Open
geeky-akshay opened this issue May 20, 2024 · 1 comment
Open

multus kubeconfig file not populated correctly after node reboot #1283

geeky-akshay opened this issue May 20, 2024 · 1 comment

Comments

@geeky-akshay
Copy link

geeky-akshay commented May 20, 2024
edited by dougbtv

What happend: Apiserver IP address was empty in multus kubeconfig file

/etc/cni/net.d/multus.d/multus.kubeconfig (server: https://[])
`apiVersion: v1
kind: Config
clusters:
- name: local
  cluster:
    server: https://[]:
    certificate-authority-data: [snipped]==
users:
- name: multus
  user:
    token: "[snipped]=="
contexts:
- name: multus-context
  context:
    cluster: local
    user: multus
current-context: multus-context`

Pods
What you expected to happen: Pods were not scheduled and the below errors were appearing in /var/log/messages

May 20 14:13:20 ace-func1-3n1 kubelet[1683]: E0520 14:13:20.399208 1683 pod_workers.go:1298] "Error syncing pod, skipping" err="failed to \"KillPodSandbox\" for \"d4fd3ede-c09e-4a3f-abd2-8eeb6ba0b3da\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"d02259dca386dfd70b0d6433452e99a880b57e849f79f74993ace14d90e55fb9\\\": plugin type=\\\"multus\\\" name=\\\"multus-cni-network\\\" failed (delete): Multus: error getting k8s client: GetK8sClient: failed to get context for the kubeconfig /etc/cni/net.d/multus.d/multus.kubeconfig: error loading config file \\\"/etc/cni/net.d/multus.d/multus.kubeconfig\\\": yaml: line 7: mapping values are not allowed in this context\"" pod="kube-system/coredns-58f4964b57-f8wkh" podUID="d4fd3ede-c09e-4a3f-abd2-8eeb6ba0b3da"

How to reproduce it (as minimally and precisely as possible): Reboot a node in multi-node Kubernetes cluster

Anything else we need to know?:

Environment:

  • Multus version : ghcr.io/k8snetworkplumbingwg/multus-cni:v4.0.2
  • Kubernetes version (use kubectl version):
    Client Version: v1.29.1 Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3 Server Version: v1.29.1
  • Primary CNI for Kubernetes cluster: Calico
  • OS (e.g. from /etc/os-release):
    `
    NAME="Red Hat Enterprise Linux"
    VERSION="9.3 (Plow)"
    ID="rhel"
    ID_LIKE="fedora"
    VERSION_ID="9.3"
    PLATFORM_ID="platform:el9"
    PRETTY_NAME="Red Hat Enterprise Linux 9.3 (Plow)"
    ANSI_COLOR="0;31"
    LOGO="fedora-logo-icon"
    CPE_NAME="cpe:/o:redhat:enterprise_linux:9::baseos"
    HOME_URL="https://www.redhat.com/"
    DOCUMENTATION_URL="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9"
    BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 9"
REDHAT_BUGZILLA_PRODUCT_VERSION=9.3
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="9.3"
`

  • File of '/etc/cni/net.d/'
  • File of '/etc/cni/multus/net.d'
  • NetworkAttachment info (use kubectl get net-attach-def -o yaml)
  • Target pod yaml info (with annotation, use kubectl get pod <podname> -o yaml)
    `
    apiVersion: v1
    kind: Pod
    metadata:
    creationTimestamp: "2024-05-20T09:02:12Z"
    generateName: kube-multus-ds-
    labels:
    app: multus
    controller-revision-hash: 789c4467b8
    name: multus
    pod-template-generation: "1"
    tier: node
    name: kube-multus-ds-hxtkt
    namespace: kube-system
    ownerReferences:
    • apiVersion: apps/v1
      blockOwnerDeletion: true
      controller: true
      kind: DaemonSet
      name: kube-multus-ds
      uid: cc6cd4f8-540a-4593-b099-4be99d0088bd
      resourceVersion: "2107922"
      uid: 308c615b-8284-4c79-91f5-9c3ec976e0e6
      spec:
      affinity:
      nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
      nodeSelectorTerms:
      - matchFields:
      - key: metadata.name
      operator: In
      values:
      - ace-func1-3n1
      containers:
    • args:
      • --cni-version=0.3.1
      • --cni-conf-dir=/host/etc/cni/net.d
      • --multus-autoconfig-dir=/host/etc/cni/net.d
      • --multus-log-to-stderr=true
      • --multus-log-level=verbose
        command:
      • /thin_entrypoint
        image: registry.rbbn.com/thirdparty/ghcr.io/k8snetworkplumbingwg/multus-cni:v4.0.2
        imagePullPolicy: IfNotPresent
        name: kube-multus
        resources:
        limits:
        cpu: 100m
        memory: 50Mi
        requests:
        cpu: 100m
        memory: 50Mi
        securityContext:
        privileged: true
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
      • mountPath: /host/etc/cni/net.d
        name: cni
      • mountPath: /host/opt/cni/bin
        name: cnibin
      • mountPath: /var/run/secrets/kubernetes.io/serviceaccount
        name: kube-api-access-5wxv9
        readOnly: true
        dnsPolicy: ClusterFirst
        enableServiceLinks: true
        hostNetwork: true
        initContainers:
    • args:
      • --type
      • thin
        command:
      • /install_multus
        image: registry.rbbn.com/thirdparty/ghcr.io/k8snetworkplumbingwg/multus-cni:v4.0.2
        imagePullPolicy: IfNotPresent
        name: install-multus-binary
        resources:
        requests:
        cpu: 10m
        memory: 15Mi
        securityContext:
        privileged: true
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
      • mountPath: /host/opt/cni/bin
        mountPropagation: Bidirectional
        name: cnibin
      • mountPath: /var/run/secrets/kubernetes.io/serviceaccount
        name: kube-api-access-5wxv9
        readOnly: true
        nodeName: ace-func1-3n1
        preemptionPolicy: PreemptLowerPriority
        priority: 2000001000
        priorityClassName: system-node-critical
        restartPolicy: Always
        schedulerName: default-scheduler
        securityContext: {}
        serviceAccount: multus
        serviceAccountName: multus
        terminationGracePeriodSeconds: 10
        tolerations:
    • effect: NoSchedule
      operator: Exists
    • effect: NoExecute
      operator: Exists
    • effect: NoExecute
      key: node.kubernetes.io/not-ready
      operator: Exists
    • effect: NoExecute
      key: node.kubernetes.io/unreachable
      operator: Exists
    • effect: NoSchedule
      key: node.kubernetes.io/disk-pressure
      operator: Exists
    • effect: NoSchedule
      key: node.kubernetes.io/memory-pressure
      operator: Exists
    • effect: NoSchedule
      key: node.kubernetes.io/pid-pressure
      operator: Exists
    • effect: NoSchedule
      key: node.kubernetes.io/unschedulable
      operator: Exists
    • effect: NoSchedule
      key: node.kubernetes.io/network-unavailable
      operator: Exists
      volumes:
    • hostPath:
      path: /etc/cni/net.d
      type: ""
      name: cni
    • hostPath:
      path: /opt/cni/bin
      type: ""
      name: cnibin
    • name: kube-api-access-5wxv9
      projected:
      defaultMode: 420
      sources:
      • serviceAccountToken:
        expirationSeconds: 3607
        path: token
      • configMap:
        items:
        • key: ca.crt
          path: ca.crt
          name: kube-root-ca.crt
      • downwardAPI:
        items:
        • fieldRef:
          apiVersion: v1
          fieldPath: metadata.namespace
          path: namespace
          status:
          conditions:
    • lastProbeTime: null
      lastTransitionTime: "2024-05-20T09:02:13Z"
      status: "True"
      type: PodReadyToStartContainers
    • lastProbeTime: null
      lastTransitionTime: "2024-05-20T09:02:14Z"
      status: "True"
      type: Initialized
    • lastProbeTime: null
      lastTransitionTime: "2024-05-20T09:02:15Z"
      status: "True"
      type: Ready
    • lastProbeTime: null
      lastTransitionTime: "2024-05-20T09:02:15Z"
      status: "True"
      type: ContainersReady
    • lastProbeTime: null
      lastTransitionTime: "2024-05-20T09:02:12Z"
      status: "True"
      type: PodScheduled
      containerStatuses:
    • containerID: containerd://fe1413443a789d09e25900c72cd3cfc2d33a6ccd5308bf75741284952ed58d18
      image: registry.rbbn.com/thirdparty/ghcr.io/k8snetworkplumbingwg/multus-cni:v4.0.2
      imageID: sha256:2ce3492d2e6f598566f6ec26d08c39ca8c43df5beeefbb7ce38a1a4ef3809760
      lastState: {}
      name: kube-multus
      ready: true
      restartCount: 0
      started: true
      state:
      running:
      startedAt: "2024-05-20T09:02:14Z"
      hostIP: 10.52.214.11
      hostIPs:
    • ip: 10.52.214.11
      initContainerStatuses:
    • containerID: containerd://9e4195df464d4d98784b1d7521d5d71a775a34f334e0dc889e7f366171f8a0e3
      image: registry.rbbn.com/thirdparty/ghcr.io/k8snetworkplumbingwg/multus-cni:v4.0.2
      imageID: sha256:2ce3492d2e6f598566f6ec26d08c39ca8c43df5beeefbb7ce38a1a4ef3809760
      lastState: {}
      name: install-multus-binary
      ready: true
      restartCount: 0
      started: false
      state:
      terminated:
      containerID: containerd://9e4195df464d4d98784b1d7521d5d71a775a34f334e0dc889e7f366171f8a0e3
      exitCode: 0
      finishedAt: "2024-05-20T09:02:13Z"
      reason: Completed
      startedAt: "2024-05-20T09:02:13Z"
      phase: Running
      podIP: 10.52.214.11
      podIPs:
    • ip: 10.52.214.11
      qosClass: Burstable
      startTime: "2024-05-20T09:02:12Z"
      `
  • Other log outputs (if you use multus logging)
@dougbtv
Copy link
Member

dougbtv commented Jun 6, 2024

Do you have a reproducer for this? thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dougbtv @geeky-akshay