Kritis installation on Kubernetes
101 views
Skip to first unread message
Anirudh Kanth
Dec 14, 2020, 2:31:47 PM12/14/20
to Kritis users
Hi,
I am facing issue while installing Kritis on Kubernetes which is installed via kubeadm.
$ kubectl logs -f kritis-validation-hook-69c7c998f8-fqzts
I1214 19:29:59.135905 1 main.go:90] No KritisConfigs found in any namespace, will assume the defaults
F1214 19:29:59.136816 1 main.go:132] starting background job: google: error getting credentials using GOOGLE_APPLICATION_CREDENTIALS environment variable: open /secret/gac.json: no such file or directory
failed to watch file "/var/lib/docker/containers/b6b63d9eee319f1ee8fc63adfafb2c0d56b89d091a198fd66ffe47f7f00e6ade/b6b63d9eee319f1ee8fc63adfafb2c0d56b89d091a198fd66ffe47f7f00e6ade-json.log": no space left on device
Is it supported for on-premise Kubernetes?
Thanks,
Anirudh Kanth
Eduardo Munari
Dec 14, 2020, 2:42:19 PM12/14/20
to Anirudh Kanth, Kritis users
Hey Anirudh!
You gotta remove GAC related info from your kritis chart, if you are not using it :)
e.g.: There's a gacSecret section on values.yaml and some gac related variables on the kritis-server-deployment.yaml (I can't remember if there are more gac variables/info on the other files, remember to check them!)
Regards!
You gotta remove GAC related info from your kritis chart, if you are not using it :)
e.g.: There's a gacSecret section on values.yaml and some gac related variables on the kritis-server-deployment.yaml (I can't remember if there are more gac variables/info on the other files, remember to check them!)
Regards!
--
You received this message because you are subscribed to the Google Groups "Kritis users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kritis-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kritis-users/fdedb369-b06f-4dbf-ac67-9fb2d7bdcd86n%40googlegroups.com.
Eduardo Munari
Bacharel em Ciência da Computação
UNESP - IBILCE - São José do Rio Preto
Anirudh Kanth
Dec 14, 2020, 3:11:14 PM12/14/20
to Kritis users
Hey Eduardo,
Thank you for your valuable suggestion. I did that and the issue is not present. However, I still see that the validation webhook has failed.
$ kubectl logs -f kritis-validation-hook-f44d9d6b9-b6pwk
F1214 19:57:56.208265 1 main.go:132] starting background job: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.
failed to watch file "/var/lib/docker/containers/a64f01aba77882893b460b566f487a877468504b41f8b372ddd6c26252a97395/a64f01aba77882893b460b566f487a877468504b41f8b372ddd6c26252a97395-json.log": no space left on device
Also, I found above issue on v1.17.
On v1.19, I got 'no kind \"CertificateSigningRequest\" is registered for version \"certificates.k8s.io/v1\" in scheme \"k8s.io/kubectl/pkg/scheme/scheme.go:28\"\n'. Looks like this is related to CSR API Version. However, I tried updating the existing CSR with apiVersion and reinstalling the helm chart but issue still persists as it recreates CSR.
Can you please help.
(PS: I am following standalone tutorial on github.)
Dan Chernoff
Mar 4, 2021, 5:53:41 PM3/4/21
to Kritis users
Not sure if this was answered. I ran into the same issue. I found I had to downgrade to 1.18 for the helm chart to work, well work ish. There may have been a change to the certificatesiginingrequest API in 1.19
Anirudh Kanth
Mar 4, 2021, 11:08:23 PM3/4/21
to Dan Chernoff, Kritis users
Hey Dan,
This was unanswered.
Could you please share the changes you made for 1.18
You received this message because you are subscribed to a topic in the Google Groups "Kritis users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/kritis-users/IlwcZFhhkqQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to kritis-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kritis-users/bb9918a6-9689-4c03-8f99-facb7db69821n%40googlegroups.com.
Dan Chernoff
Mar 5, 2021, 8:38:55 AM3/5/21
to Kritis users
For context, I am experimenting with using Kritis in an on-premise lab. I deployed k3s using Kubernetes version 1.18 and the most recent kritis helm chart (kritis-charts-0.2.2.tgz ). I made no changes to Kubernetes to make the creation of the objects work.
Unfortunately, the standalone directions create a secret that is specific to working with GCP and the deployment doesn't complete. I am considering update the chart to not use the secret and trying again. Even if the above works, it looks like I will still need to invest time in determining why the pre-install container is failing in detail on Kubernetes 1.19+
Dan
On Monday, December 14, 2020 at 1:11:14 PM UTC-7 anirud...@gmail.com wrote:
Reply all
Reply to author
Forward
0 new messages