-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
watchercache.go spamming log: Failed to create watcher ListRoot="/calico/ipam/v2/assignment/" #4557
Comments
@holmesb did you update the ClusterRole as part of that upgrade? When upgrading Calico image versions, you also need to update the associated Kubernetes resources, as they are pretty tightly coupled. v3.18.0 introduced a new requirement for kube-controllers to
In general, don't expect the old manifests to work with newer code (and vice-versa). I'd recommend looking at using the Calico operator to install Calico, which will make sure the running configuration matches the running code without needing human intervention. |
… with v3.18.x (see projectcalico/calico#4557). Specifically, granted watch to custom resources blockaffinities, ipamblocks & ipamhandles
…see projectcalico/calico#4557). Specifically, granted watch to custom resources blockaffinities, ipamblocks & ipamhandles (#7575)
… with v3.18.x (see projectcalico/calico#4557). Specifically, granted watch to custom resources blockaffinities, ipamblocks & ipamhandles (kubernetes-sigs#7575)
* Add Calico v3.17.3 and v3.18.1 (kubernetes-sigs#7524) * add hashes for calico v3.17.3 * add hashes for claico v3.18.1 * bump default calico version to v3.17.3 * calico crds are missing yaml separator breaking kdd * Calico new versions v3.17.4 and v3.18.2 (kubernetes-sigs#7563) * calico: upgrade from v3.17.3 to v3.17.4 * calico: upgrade from v3.18.1 to v3.18.2 * Fixes issue kubernetes-sigs#7573 - Made Calico permissions compatible with v3.18.x (see projectcalico/calico#4557). Specifically, granted watch to custom resources blockaffinities, ipamblocks & ipamhandles (kubernetes-sigs#7575) * bump calico 3.18 to v3.18.3 (kubernetes-sigs#7592) * Support Calico advertisement of MetalLB LoadBalancer IPs (kubernetes-sigs#7593) * add initial MetalLB docs * metallb allow disabling the deployment of the metallb speaker * calico>=3.18 allow using calico to advertise service loadbalancer IPs * Document the use of MetalLB and Calico * clean MetalLB docs Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com> Co-authored-by: holmesb <5072156+holmesb@users.noreply.github.com>
… with v3.18.x (see projectcalico/calico#4557). Specifically, granted watch to custom resources blockaffinities, ipamblocks & ipamhandles (kubernetes-sigs#7575)
… with v3.18.x (see projectcalico/calico#4557). Specifically, granted watch to custom resources blockaffinities, ipamblocks & ipamhandles (kubernetes-sigs#7575)
Hi,
We've just upgraded from v3.16.5 to v3.18.1. The calico-kube-controllers pod log is filled (many events per second) with messages from watchercache.go.
2021-04-23 06:58:23.990 [INFO][1] watchercache.go 243: Failed to create watcher ListRoot="/calico/ipam/v2/assignment/" error=connection is unauthorized: unknown (get IPAMBlocks.crd.projectcalico.org) performFullResync=true
2021-04-23 06:58:23.990 [INFO][1] watchercache.go 174: Full resync is required ListRoot="/calico/ipam/v2/assignment/"
Its CPU consumption has also increased significantly.
I've checked that a ClusterRole & ClusterRoleBinding: calico-node both exist. They are the same as on another cluster running v3.16.5 that doesn't exhibit this problem. Also, there are no notable differences in the calico-kube-controllers deployments on the two clusters, other than the image version. Configmap: calico-config is the same.
Steps to Reproduce (for bugs)
Upgrade from Calico v3.16.5 to v3.18.1. Also occurs when doing a clean install of k8s and Calico v3.18.1.
Your Environment
Many thanks
The text was updated successfully, but these errors were encountered: