Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

node-authorizer yaml file is invalid #8428

Closed
ryan-dyer-sp opened this issue Jan 28, 2020 · 3 comments
Closed

node-authorizer yaml file is invalid #8428

ryan-dyer-sp opened this issue Jan 28, 2020 · 3 comments

Comments

@ryan-dyer-sp
Copy link
Contributor

1. What kops version are you running? The command kops version, will display
this information.
Version 1.15.0 (git-9992b4055)

2. What Kubernetes version are you running? kubectl version will print the
version if a cluster is running or provide the Kubernetes version specified as
a kops flag.
Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.3", GitCommit:"2d3c76f9091b6bec110a5e63777c332469e0cba2", GitTreeState:"clean", BuildDate:"2019-08-19T11:13:54Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.10", GitCommit:"575467a0eaf3ca1f20eb86215b3bde40a5ae617a", GitTreeState:"clean", BuildDate:"2019-12-11T12:32:32Z", GoVersion:"go1.12.12", Compiler:"gc", Platform:"linux/amd64"}

3. What cloud provider are you using?
AWS - ec2 instances

4. What commands did you run? What is the simplest way to reproduce this issue?
kops update > rolling-update with node authorization enabled
Followed this documentation: https://medium.com/@gambol99/node-authorization-with-kops-c4a682d5b9ca

5. What happened after the commands executed?
Nodes fail to come online. Master is unable to launch the node-authorization daemonset

6. What did you expect to happen?
Masters and nodes all come online happily

7. Please provide your cluster manifest. Execute
kops get --name my.example.com -o yaml to display your cluster manifest.
You may want to remove your cluster name and other sensitive information.

8. Please run the commands with most verbose logging by adding the -v 10 flag.
Paste the logs into this report, or in a gist and provide the gist link here.
When I pull the node-authorizer k8s-1.12.yaml file from my s3 bucket and inspect it. It has a '{}' at the top of the file. This interferes with kubectls ability to parse this file and apply it to the cluster. Removing the '{}' and applying the file manually does result in the daemonset being created. Still investigating if this is sufficient to enable node authorization on the cluster.

9. Anything else do we need to know?
@rifelpet
Copy link
Member

There was a bug in Kops that caused empty yaml manifests to fail to apply the entire file. This was fixed in #8317 and backported to 1.15 for the next 1.15.1 release which should be released soon.

@rifelpet
Copy link
Member

Kops 1.15.1 was just released, any chance you can upgrade to that and see if the issue is fixed?

@ryan-dyer-sp
Copy link
Contributor Author

1.15.1 does solve the problem. TYVM!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rifelpet @ryan-dyer-sp