Kubernetes-control-plane status stuck waiting
Bug #1986704 reported by
David Gomez
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| AWS IAM Subordinate Charm |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
When deploying the charmed kubernetes bundle, kubernetes-
Deployed with "juju deploy charmed-kubernetes --overlay ./openstack-
openstack-
description: Charmed Kubernetes overlay to add native OpenStack support.
applications:
openstack-
annotations:
gui-x: "600"
gui-y: "300"
charm: openstack-
num_units: 1
trust: true
relations:
- ['openstack-
- ['openstack-
See juju-crashdump tarball attached
Workaround:
Switching from calico to flannel in the deployment seems to get around this issue
Revision history for this message
| David Gomez (dvgomez) wrote | #1 |
Revision history for this message
| George Kraft (cynerva) wrote | #2 |
| Changed in charm-aws-iam: | |
| status: | New → Incomplete |
Revision history for this message
| David Gomez (dvgomez) wrote | #3 |
| Changed in charm-aws-iam: | |
| status: | Incomplete → Invalid |
To post a comment you must log in.
From the crashdump, Calico CNI is getting a Forbidden response trying to talk to the Kubernetes API. From kubelet:
Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "e61f7be828eb2f
592311becf8a8eb
It looks like your containerd charm is configured with:
http_proxy: http://
https_proxy: http://
no_proxy: <blank>
The Calico CNI plugin inherits HTTP proxy variables from containerd. When it tries to reach the Kubernetes API at 10.5.0.157, the request gets sent to the HTTP proxy, which refuses to proxy the request and replies with 403 Forbidden.
I recommend setting the containerd charm's no_proxy config to:
127.0.0.
to ensure that traffic to the 10.5.0.0/16 network does not go through the HTTP proxy. Can you give that a try and let us know if it works?