Skip to content
This repository has been archived by the owner on Apr 21, 2019. It is now read-only.

federation: Known issues #88

Closed
3 of 8 tasks
irfanurrehman opened this issue Oct 31, 2017 · 26 comments
Closed
3 of 8 tasks

federation: Known issues #88

irfanurrehman opened this issue Oct 31, 2017 · 26 comments
Labels
area/federation lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/multicluster Categorizes an issue or PR as relevant to sig-multicluster.

Comments

@irfanurrehman
Copy link
Contributor

Issue by nikhiljindal
Friday Dec 16, 2016 at 19:52 GMT
Originally opened as kubernetes/kubernetes#38893

Compiling a list of high level known issues that customers should be aware of while deciding to use federation:

cc @kubernetes/sig-federation-misc
@irfanurrehman irfanurrehman added area/federation priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/multicluster Categorizes an issue or PR as relevant to sig-multicluster. labels Oct 31, 2017
@irfanurrehman
Copy link
Contributor Author

Comment by nikhiljindal
Friday Dec 16, 2016 at 19:52 GMT

cc @madhusudancs

Please feel free to add anything that I missed.
I plan to keep this as a running list. Will keep adding/removing stuff as we discover/fix issues

@irfanurrehman
Copy link
Contributor Author

Comment by valichek
Monday Dec 19, 2016 at 10:22 GMT

I tried to run federation control plane on aws but got many issues recently.

  1. script https://github.com/kubernetes/kubernetes/blob/v1.5.1/federation/deploy/deploy.sh doesn't support aws provider
  2. Tried to use old way (deploying manifests one by one), got federation-apiserverand federation-controller-manager running, but then it resulted to error in fetching secret: secrets "federation-apiserver-kubeconfig" not found at federation-controller-manager container, no description for this secret found.
  3. Couldn't find sources of gcr.io/madhusudancs-containers/federation-charts image

@irfanurrehman
Copy link
Contributor Author

Comment by madhusudancs
Tuesday Dec 20, 2016 at 04:34 GMT

@valichek Could you try using kubefed - http://kubernetes.io/docs/admin/federation/kubefed/?

@irfanurrehman
Copy link
Contributor Author

Comment by valichek
Thursday Dec 22, 2016 at 12:52 GMT

@madhusudancs getting following errors when starting federation services with kubefed

Failed to attach volume "pvc-xxxx" on node "xxxx.us-west-2.compute.internal" with: Error attaching EBS volume: IncorrectState: vol-xxxx is not 'available'

First time there was a message for ec-2 instance: "One or more volumes attached to this instance is impaired". And volume stuck in attaching.
When tried again got the same error, but volume have been attached.

@irfanurrehman
Copy link
Contributor Author

Comment by valichek
Thursday Dec 22, 2016 at 14:38 GMT

well, after some time, apiserver turned to be running, but not controller-manager,

Cloud provider could not be initialized: could not init DNS provider "google-clouddns": 
google: could not find default credentials. 
See https://developers.google.com/accounts/docs/application-default-credentials for more information.

I have check kubefed sources and found that --dns-provider and many other things are hardcoded and not configurable
https://github.com/kubernetes/kubernetes/blob/04a74570323eae3fc843ca7a6c34c28ada2847a9/federation/pkg/kubefed/init/init.go#L477

@irfanurrehman
Copy link
Contributor Author

Comment by madhusudancs
Thursday Dec 22, 2016 at 16:51 GMT

@valichek

I have check kubefed sources and found that --dns-provider and many other things are hardcoded and not configurable
https://github.com/kubernetes/kubernetes/blob/04a74570323eae3fc843ca7a6c34c28ada2847a9/federation/pkg/kubefed/init/init.go#L477

That's an old commit.

If you want to use AWS Route53 instead of Google Cloud DNS, pass --dns-provider=aws-route53 to kubefed init.

For now, you can configure everything you want by just editing the deployments directly after running kubefed init: kubectl --context=<host-cluster> --namespace=federation-system edit deployment federation-apiserver or kubectl --context=<host-cluster> --namespace=federation-system edit deployment federation-controller-manager.

We are collecting a list of things we need to make configurable. What else would you like to configure?

@irfanurrehman
Copy link
Contributor Author

Comment by valichek
Thursday Dec 22, 2016 at 17:29 GMT

@madhusudancs well, for now it looks that I need to configure CIDR, I used kube-aws tool to run the cluster, and have following options:
instanceCIDR: "10.0.16.0/20"
serviceCIDR: "10.128.0.0/20"
podCIDR: "10.128.16.0/20"
dnsServiceIP: 10.128.0.10

If I understand the config properly, I have to change from --service-cluster-ip-range=10.0.0.0/16"
to --service-cluster-ip-range=10.128.112.0/20", or should I leave it same as for cluster - serviceCIDR: "10.128.0.0/20" ?

And thank you.

@irfanurrehman
Copy link
Contributor Author

Comment by valichek
Thursday Dec 22, 2016 at 17:44 GMT

And --dns-zone-id too

@irfanurrehman
Copy link
Contributor Author

Comment by rbtcollins
Tuesday Jan 24, 2017 at 20:08 GMT

@madhusudancs Is there a means to move the federation control plane to another cluster? We're trying to avoid in-place upgrades of k8s clusters - should I file a separate bug on kubefed?

@irfanurrehman
Copy link
Contributor Author

Comment by madhusudancs
Wednesday Jan 25, 2017 at 20:31 GMT

@valichek --service-cluster-ip-range in federation API server does nothing. So just leave the defaults as is. In the next release (v1.6), we are removing that flag from federation.

@irfanurrehman
Copy link
Contributor Author

Comment by madhusudancs
Wednesday Jan 25, 2017 at 20:34 GMT

@rbtcollins It is possible, but you have to orchestrate that manually. You just need to start the federation API server and controller manager pods in the new cluster and attach the etcd volume from the old cluster to those pods.

Please feel free to file an issue for kubefed. We will look into it when we design/implement HA support for federation control plane via kubefed.

@irfanurrehman
Copy link
Contributor Author

Comment by quinton-hoole
Friday Sep 08, 2017 at 02:32 GMT

We can update this issue to track all of the remaining GA items.

@irfanurrehman
Copy link
Contributor Author

Comment by xtophs
Tuesday Oct 24, 2017 at 12:25 GMT

Because deploy.sh is specific to gce and gke, federation e2e tests cannot run as documented on Azure (or aws).

Other documentation on how to run federation tests manually is not available

@irfanurrehman
Copy link
Contributor Author

cc @nikhiljindal

@irfanurrehman irfanurrehman mentioned this issue Oct 31, 2017
Closed
8 tasks
@masnider masnider mentioned this issue Jan 5, 2018
Closed
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label May 24, 2018
@fejta-bot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten
/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Jun 23, 2018
@fejta-bot
Copy link

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close

@luceos
Copy link

luceos commented Jul 25, 2018

/reopen
/remove-lifecycle rotten

Isn't this issue about the state of federation?

@k8s-ci-robot
Copy link
Contributor

@luceos: you can't re-open an issue/PR unless you authored it or you are assigned to it.

In response to this:

/reopen
/remove-lifecycle rotten

Isn't this issue about the state of federation?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot removed the lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. label Jul 25, 2018
@nikhita
Copy link
Member

nikhita commented Aug 27, 2018

/assign

@nikhita
Copy link
Member

nikhita commented Aug 27, 2018

/reopen

@k8s-ci-robot k8s-ci-robot reopened this Aug 27, 2018
@nikhita
Copy link
Member

nikhita commented Aug 27, 2018

/unassign

@nikhita nikhita mentioned this issue Aug 27, 2018
Closed
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Nov 25, 2018
@fejta-bot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Dec 25, 2018
@nikhita
Copy link
Member

nikhita commented Dec 26, 2018

/lifecycle frozen

@k8s-ci-robot k8s-ci-robot added lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. labels Dec 26, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
area/federation lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/multicluster Categorizes an issue or PR as relevant to sig-multicluster.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@luceos @cblecker @irfanurrehman @nikhita @k8s-ci-robot @fejta-bot