-
Notifications
You must be signed in to change notification settings - Fork 387
Catalog APIService Object Failed #2646
Comments
The detailed discussion was on our Service Catalog channel on k8s slack workspace, see: https://kubernetes.slack.com/archives/C232SF3TK/p1559642796001100 TL;DR; The problem is the same as already reported some time on the k8s repo: kubernetes/kubernetes#66231 This issue is not related directly to the Service Catalog, as you also confirmed that with the k8s metrics-server you also ran in that issue. The root cause could be a misconfigured network layer. |
this issues is fixed now. issue was with the kube-apiserver was running with http proxies. removing http proxies and no proxy from env of kube-apiserver fixed this issue. where 10.233.0.1 is the CLUSTERIP of the kubernetes service. also vm running with these pods gone too slow. is there any performance impact with service catalog with existing K8S cluster ?? These are the logs of kube-apiserver: but catalog apiserver is running fine. Any thoughts and suggestions on this would be much appreciated. |
but catalog apiserver pod is running fine only controller manager is failing. I'm not able to understand why kube-api server is not accessible from catalog controller manager pod. is there any way to debug this issue ?? also master node became too slow. is it impacting performance somewhere ?? |
In Kyma we are doing Service Management using the Service Catalog. We do not encounter any performance issue with it. In our case, we just create clusters using the GKE or AKS. In such setup, everything is working. Previously we also used the acs-enging to create clusters that were managed by us. And in such scenario, it also worked. IMO it's still sth with the network between master and worker nodes. And about the performence, it could be because you still have some errors with registering the service catalog api-server into k8s. You can check if you are able to deploy the sample-api-server and use registered kind by generated client set. |
can you please suggest is there any way that i can make sure catalog apiserver is registered with kube-apiserver ?? |
This issue is fixed now by enabling hostNetwork to true in apiserver-deployment.yaml and controller-manager-deployment.yaml i.e. by adding hostNetwork: true on containers level and adding insecureSkipTLSVerify: true in APIService Object i.e. apiregistration.yaml and removing caBundle. after this kube apiserver lagging and catalog controller manager pod crashing both are resolved. also for successful catalog api server registration with kube-apiserver, i suspect that kube-apiserver must be run without any http proxies set as env on container level. Thanks @mszostok for all suggestions and advises. |
Bug Report
What happened:
Catalog APIService object failed (FailedDiscoveryCheck)
What you expected to happen:
Catalog APIService object should not fail.
How to reproduce it (as minimally and precisely as possible):
cd charts/catalog
helm install . --name catalog --namespace catalog
kubectl describe apiservice v1beta1.servicecatalog.k8s.io
Anything else we need to know?:
Name: v1beta1.servicecatalog.k8s.io
Namespace:
Labels:
Annotations:
API Version: apiregistration.k8s.io/v1
Kind: APIService
Metadata:
Creation Timestamp: 2019-06-03T09:51:47Z
Resource Version: 354707
Self Link: /apis/apiregistration.k8s.io/v1/apiservices/v1beta1.servicecatalog.k8s.io
UID: 33aa59bb-85e5-11e9-8570-005056a591de
Spec:
Ca Bundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM5akNDQWQ2Z0F3SUJBZ0lRWnVOejlKSDV2SWxuVC9rNm9wT1JWVEFOQmdrcWhraUc5dzBCQVFzRkFEQVYKTVJNd0VRWURWUVFERXdwemRtTXRZMkYwTFdOaE1CNFhEVEU1TURZd016QTVOVE0wTkZvWERUSTVNRFV6TVRBNQpOVE0wTkZvd0ZURVRNQkVHQTFVRUF4TUtjM1pqTFdOaGRDMWpZVENDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFECmdnRVBBRENDQVFvQ2dnRUJBTEJ0MXZCWkxxaE1aYWFMRWRZNmVjWGpwY2JXVmNOOWduZEc5L1FwZFVGVXM1eUEKR0lrbi95MTcvaWRmbHBqS2pYZDkrYzI2NmVmTTN1R0ZnNVRjczVETXFvWi81S3NLNVorVHVFd1cxeWdxWW1oagplRGV1WlhZWWxSNEFjbkpkQnpFV3RwcnY0eHI1V1hrNUdWTHMvVXRaOWpNSUFoY09uVU1aVnNEa0crUFk1ZU9hCmsydTdIYUs4clBKRldOYTYxemd3YS94c3N0S0xSbkFENlRFbnJWOEVuT3czMUFhWFZqaWN3WS95VGJqUzNyQUQKdy8vM096VG5scEhlaUFLYnM4MUZKdjRvbHdTM2Mrb1l5bkNpQm1DNmZzQmV0aHVHYkRzaDhqa2s0MXhJeUhNMwptNkVDanpxNmJXZFFqb3owaGh3WU5IZmtCbXAvTFVaRER3RkJYUE1DQXdFQUFhTkNNRUF3RGdZRFZSMFBBUUgvCkJBUURBZ0trTUIwR0ExVWRKUVFXTUJRR0NDc0dBUVVGQndNQkJnZ3JCZ0VGQlFjREFqQVBCZ05WSFJNQkFmOEUKQlRBREFRSC9NQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUIzMHhBbjdrQ25ydE52T0xDV0J4MS9YRkN3NFF5UgplWGxQc3BDSzY0Q3Uyd1RtYzhMc29vMVFoNXVMb3VFamcyRnhBc0NTSzdZTnJjckJ3QzhhQkVIdXkxUE5qT081CmVVRHBaUzNrNXNCZUxCQ0Q3WnBHWjRhb3owc3BqdWVPR2pqcFlIa1R4clNMK3FMTXNLTGY3UncwcnRVeEwyc1UKZjFhdzlFY3BldnJsUS9xVUkvSC9VMVNRN1FSaDMwV3NMQzdxYU83ZEhIdDF2ZHZsVDVoYXVtYzloZUZSdXV1UgpwS25BeGo3VUIwaFl2Y2NYcnR2eHVJT1VTN04wWS9XV0pWSmpPL2RhNk5tQnlIZzlDdkljcFR4VEs1NktUaU5XCi9WK3ZrSW5qVWdyZnUwVFU2WDZpbktjRzk5VGRiVnBldzQyTUc4Z0RpU0s3WFVmLy82MDYxUGl2Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
Group: servicecatalog.k8s.io
Group Priority Minimum: 10000
Service:
Name: catalog-catalog-apiserver
Namespace: catalog
Version: v1beta1
Version Priority: 20
Status:
Conditions:
Last Transition Time: 2019-06-03T09:51:47Z
Message: no response from https://10.233.11.240:443: Get https://10.233.11.240:443: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
Reason: FailedDiscoveryCheck
Status: False
Type: Available
Events:
Note:- I alreay have setup http_proxy and https_proxy in /etc/environment. also catalog-catalog-apiserver service and relater pods with this service are running fine.
Environment:
kubectl version
):Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.5", GitCommit:"2166946f41b36dea2c4626f90a77706f426cdea2", GitTreeState:"clean", BuildDate:"2019-03-25T15:19:22Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.5", GitCommit:"2166946f41b36dea2c4626f90a77706f426cdea2", GitTreeState:"clean", BuildDate:"2019-03-25T15:19:22Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}
kubectl get cm -n kube-system extension-apiserver-authentication -o yaml
and look forrequestheader-XXX
fieldsWhat were the helm arguments? Did you
--set
any extra values? NoThe text was updated successfully, but these errors were encountered: