Comments (20)
dixudx
commented on June 10, 2024
@jasine Any detailed logs on such auth failures?
It seems something got changed in the Kubernetes cluster. I'll try to reproduce this and see what happens.
from clusternet.
jasine
commented on June 10, 2024
@dixudx detailed logs
I0627 11:07:41.208943 1 helmrelease.go:240] start processing HelmRelease "dev-186/dipper-dipper-helm-dipper-dipper"
I0627 11:07:41.208976 1 helm.go:424] handle HelmRelease dev-186/dipper-dipper-helm-dipper-dipper
I0627 11:07:41.209033 1 deployer.go:126] handle HelmRelease dev-186/dipper-dipper-helm-dipper-dipper
I0627 11:07:41.380423 1 chart.go:114] chart locates at: /root/.cache/helm/repository/dipper-v0.0.0-377d7fb0.tgz
I0627 11:07:41.420510 1 round_trippers.go:463] GET https://10.43.0.1:443/apis/proxies.clusternet.io/v1alpha1/sockets/f421c5a9-3c57-48ba-97bd-aca828017643/proxy/direct/api/v1/namespaces/dipper/secrets?labelSelector=name%3Ddipper%2Cowner%3Dhelm
I0627 11:07:41.420530 1 round_trippers.go:469] Request Headers:
I0627 11:07:41.420539 1 round_trippers.go:473] Accept: application/json, */*
I0627 11:07:41.420546 1 round_trippers.go:473] Impersonate-User: clusternet
I0627 11:07:41.420552 1 round_trippers.go:473] Impersonate-Extra-Clusternet-Token: xxxx
I0627 11:07:41.420561 1 round_trippers.go:473] Authorization: Basic <masked>
I0627 11:07:41.420568 1 round_trippers.go:473] User-Agent: clusternet-controller-manager/v0.16.0 (linux/amd64) kubernetes/3085492
I0627 11:07:41.421548 1 round_trippers.go:574] Response Status: 401 Unauthorized in 0 milliseconds
I0627 11:07:41.421563 1 round_trippers.go:577] Response Headers:
I0627 11:07:41.421570 1 round_trippers.go:580] Audit-Id: 71fbecfa-07ac-4a25-a7e3-b814968288ab
I0627 11:07:41.421577 1 round_trippers.go:580] Cache-Control: no-cache, private
I0627 11:07:41.421584 1 round_trippers.go:580] Content-Type: application/json
I0627 11:07:41.421591 1 round_trippers.go:580] Content-Length: 129
I0627 11:07:41.421599 1 round_trippers.go:580] Date: Tue, 27 Jun 2023 11:07:41 GMT
I0627 11:07:41.421623 1 request.go:1171] Response Body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Unauthorized","reason":"Unauthorized","code":401}
E0627 11:07:41.422255 1 helmrelease.go:218] error syncing 'dev-186/dipper-dipper-helm-dipper-dipper': query: failed to query with labels: Unauthorized, requeuing
I0627 11:07:41.422745 1 request.go:1171] Request Body: {"count":14,"lastTimestamp":"2023-06-27T11:07:41Z","message":"query: failed to query with labels: Unauthorized"}
I0627 11:07:41.422825 1 round_trippers.go:463] PATCH https://10.43.0.1:443/api/v1/namespaces/dev-186/events/dipper-dipper-helm-dipper-dipper.176c7f617a29a2d9
I0627 11:07:41.422873 1 round_trippers.go:469] Request Headers:
I0627 11:07:41.422904 1 round_trippers.go:473] User-Agent: clusternet-controller-manager/v0.16.0 (linux/amd64) kubernetes/3085492/clusternet-controller-manager-kube-client
I0627 11:07:41.422954 1 round_trippers.go:473] Content-Type: application/strategic-merge-patch+json
I0627 11:07:41.422993 1 round_trippers.go:473] Accept: application/json, */*
I0627 11:07:41.423032 1 round_trippers.go:473] Authorization: Bearer <masked>
I0627 11:07:41.427977 1 round_trippers.go:574] Response Status: 200 OK in 4 milliseconds
I0627 11:07:41.427993 1 round_trippers.go:577] Response Headers:
I0627 11:07:41.428016 1 round_trippers.go:580] Content-Length: 1097
I0627 11:07:41.428036 1 round_trippers.go:580] Date: Tue, 27 Jun 2023 11:07:41 GMT
I0627 11:07:41.428044 1 round_trippers.go:580] Audit-Id: 97822bc2-362e-4eec-b2da-cbf6654ec391
I0627 11:07:41.428051 1 round_trippers.go:580] Cache-Control: no-cache, private
I0627 11:07:41.428057 1 round_trippers.go:580] Content-Type: application/json
I0627 11:07:41.428063 1 round_trippers.go:580] X-Kubernetes-Pf-Flowschema-Uid: 4fa00540-6a9a-43d9-ac03-9b104269db34
I0627 11:07:41.428070 1 round_trippers.go:580] X-Kubernetes-Pf-Prioritylevel-Uid: 6b4c0877-6a26-4d0f-b22a-8ecce246ef01
I0627 11:07:41.428093 1 request.go:1171] Response Body: {"kind":"Event","apiVersion":"v1","metadata":{"name":"dipper-dipper-helm-dipper-dipper.176c7f617a29a2d9","namespace":"dev-186","uid":"4fd92fd9-6a68-47f0-bc7b-b1da4b2fb63b","resourceVersion":"111751920","creationTimestamp":"2023-06-27T11:06:57Z","managedFields":[{"manager":"clusternet-controller-manager","operation":"Update","apiVersion":"v1","time":"2023-06-27T11:07:41Z","fieldsType":"FieldsV1","fieldsV1":{"f:count":{},"f:firstTimestamp":{},"f:involvedObject":{},"f:lastTimestamp":{},"f:message":{},"f:reason":{},"f:source":{"f:component":{}},"f:type":{}}}]},"involvedObject":{"kind":"HelmRelease","namespace":"dev-186","name":"dipper-dipper-helm-dipper-dipper","uid":"8405f718-6d37-4780-a176-57a56a89a8a5","apiVersion":"apps.clusternet.io/v1alpha1","resourceVersion":"111004021"},"reason":"FailedSynced","message":"query: failed to query with labels: Unauthorized","source":{"component":"clusternet-controller-manager"},"firstTimestamp":"2023-06-27T11:06:56Z","lastTimestamp":"2023-06-27T11:07:41Z","count":14,"type":"W [truncated 73 chars]
from clusternet.
dixudx
commented on June 10, 2024
401 Unauthorized
@jasine It seems the token used by Clusternet deployer is not working any more. Did your child cluster get re-installed?
Please check whether the secret child-cluster-deployer in the dedicated child cluster namespace in the parent cluster still has the valid token that can be used to access child cluster.
from clusternet.
jasine
commented on June 10, 2024
401 Unauthorized
@jasine It seems the token used by Clusternet deployer is not working any more. Did your child cluster get re-installed?
Please check whether the secret
child-cluster-deployerin the dedicated child cluster namespace in the parent cluster still has the valid token that can be used to access child cluster.
Did your child cluster get re-installed
parent cluster is upgraded from 1.14 to 1.15/1.16, child cluster is installed after parent cluster upgrade
Please check whether the secret
child-cluster-deployerin the dedicated child cluster namespace in the parent cluster still has the valid token that can be used to access child cluster.
content in child-cluster-deployer secret is the same as secret clusternet-app-deployer in child cluster
from clusternet.
dixudx
commented on June 10, 2024
@jasine Could you try to check the cluster role bindings of this service account in the child cluster? From the error message "401 Unauthorized", it seems the deployer serviceaccount is not bound with right RBAC rules.
from clusternet.
jasine
commented on June 10, 2024
@jasine Could you try to check the cluster role bindings of this service account in the child cluster? From the error message "401 Unauthorized", it seems the deployer serviceaccount is not bound with right RBAC rules.
@dixudx the serviceaccount and the clusterrole seems correct
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
meta.helm.sh/release-name: clusternet-agent
meta.helm.sh/release-namespace: clusternet-system
creationTimestamp: "2023-06-29T14:19:53Z"
labels:
app.kubernetes.io/instance: clusternet-agent
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: clusternet-agent
helm.sh/chart: clusternet-agent-0.13.0
name: clusternet:app:deployer:admin
resourceVersion: "312"
uid: 67369a84-5fea-4a44-89e9-bfbb29c1c983
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: clusternet-app-deployer
namespace: clusternet-system
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
creationTimestamp: "2023-06-29T14:19:42Z"
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: cluster-admin
resourceVersion: "71"
uid: 01cf7117-7f12-48a5-aa8d-2e18b17ef4b6
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
from clusternet.
dixudx
commented on June 10, 2024
@jasine I did not reproduce this issue. I ran the parent cluster with k8s 1.23.17 and child cluster with v1.26.4+k3s1. All the clusternet components are running with v0.16.0.
$ kubectl get clsrr
NAME CLUSTER ID STATUS AGE
clusternet-bb3c2298-013a-4cfd-9095-df8a0ee3c415 bb3c2298-013a-4cfd-9095-df8a0ee3c415 Approved 8m53s
$ kubectl get mcls -A
NAMESPACE NAME CLUSTER ID SYNC MODE KUBERNETES STATUS AGE
clusternet-zb7dt clusternet-cluster-869rh bb3c2298-013a-4cfd-9095-df8a0ee3c415 Dual v1.26.4+k3s1 True 8m57s
$ kubectl get desc -A
NAMESPACE NAME DEPLOYER STATUS AGE
clusternet-zb7dt default-app-demo-generic Generic Success 2m7s
clusternet-zb7dt default-app-demo-helm Helm Success 2m7s
$ kubectl describe desc -n clusternet-zb7dt default-app-demo-helm
Name: default-app-demo-helm
Namespace: clusternet-zb7dt
Labels: apps.clusternet.io/config.kind=Base
apps.clusternet.io/config.name=default-app-demo
apps.clusternet.io/config.namespace=clusternet-zb7dt
apps.clusternet.io/config.uid=99eb99f1-9bd3-493a-9d14-e1cc25eadf53
apps.clusternet.io/subs.name=app-demo
apps.clusternet.io/subs.namespace=default
apps.clusternet.io/subs.uid=7f2d0ecf-5b30-4f20-9f49-ba36381c6f32
clusternet.io/created-by=clusternet-controller-manager
clusters.clusternet.io/cluster-id=bb3c2298-013a-4cfd-9095-df8a0ee3c415
clusters.clusternet.io/cluster-name=clusternet-cluster-869rh
Annotations: <none>
API Version: apps.clusternet.io/v1alpha1
Kind: Description
Metadata:
Creation Timestamp: 2023-06-30T03:25:09Z
Finalizers:
apps.clusternet.io/finalizer
Generation: 2
Managed Fields:
API Version: apps.clusternet.io/v1alpha1
Fields Type: FieldsV1
fieldsV1:
f:metadata:
f:finalizers:
.:
v:"apps.clusternet.io/finalizer":
f:labels:
.:
f:apps.clusternet.io/config.kind:
f:apps.clusternet.io/config.name:
f:apps.clusternet.io/config.namespace:
f:apps.clusternet.io/config.uid:
f:apps.clusternet.io/subs.name:
f:apps.clusternet.io/subs.namespace:
f:apps.clusternet.io/subs.uid:
f:clusternet.io/created-by:
f:clusters.clusternet.io/cluster-id:
f:clusters.clusternet.io/cluster-name:
f:ownerReferences:
.:
k:{"uid":"99eb99f1-9bd3-493a-9d14-e1cc25eadf53"}:
f:spec:
.:
f:chartRaw:
f:charts:
f:deployer:
f:raw:
Manager: clusternet-controller-manager
Operation: Update
Time: 2023-06-30T03:25:09Z
API Version: apps.clusternet.io/v1alpha1
Fields Type: FieldsV1
fieldsV1:
f:status:
.:
f:phase:
Manager: clusternet-controller-manager
Operation: Update
Subresource: status
Time: 2023-06-30T03:26:24Z
Owner References:
API Version: apps.clusternet.io/v1alpha1
Block Owner Deletion: true
Controller: true
Kind: Base
Name: default-app-demo
UID: 99eb99f1-9bd3-493a-9d14-e1cc25eadf53
Resource Version: 10036
UID: 2753cae5-3a40-4d33-935e-dc308c96ca6c
Spec:
Chart Raw:
eyJtZXRhZGF0YSI6eyJhbm5vdGF0aW9ucyI6eyJrdWJlY3RsLmt1YmVybmV0ZXMuaW8vbGFzdC1hcHBsaWVkLWNvbmZpZ3VyYXRpb24iOiJ7XCJhcGlWZXJzaW9uXCI6XCJhcHBzLmNsdXN0ZXJuZXQuaW8vdjFhbHBoYTFcIixcImtpbmRcIjpcIkhlbG1DaGFydFwiLFwibWV0YWRhdGFcIjp7XCJhbm5vdGF0aW9uc1wiOnt9LFwibmFtZVwiOlwibXlzcWxcIixcIm5hbWVzcGFjZVwiOlwiZGVmYXVsdFwifSxcInNwZWNcIjp7XCJjaGFydFwiOlwibXlzcWxcIixcInJlcG9cIjpcImh0dHBzOi8vY2hhcnRzLmJpdG5hbWkuY29tL2JpdG5hbWlcIixcInRhcmdldE5hbWVzcGFjZVwiOlwiYWJjXCIsXCJ2ZXJzaW9uXCI6XCI5LjEwLjRcIn19XG4ifSwiY3JlYXRpb25UaW1lc3RhbXAiOiIyMDIzLTA2LTMwVDAzOjI1OjA3WiIsImZpbmFsaXplcnMiOlsiYXBwcy5jbHVzdGVybmV0LmlvL2ZpbmFsaXplciIsImFwcHMuY2x1c3Rlcm5ldC5pby9mZWVkLXByb3RlY3Rpb24iXSwiZ2VuZXJhdGlvbiI6MiwibGFiZWxzIjp7IjdmMmQwZWNmLTViMzAtNGYyMC05ZjQ5LWJhMzYzODFjNmYzMiI6IlN1YnNjcmlwdGlvbiIsIjk5ZWI5OWYxLTliZDMtNDkzYS05ZDE0LWUxY2MyNWVhZGY1MyI6IkJhc2UiLCJhbm90aGVyLWxhYmVsIjoiYW5vdGhlci12YWx1ZSIsImFwcHMuY2x1c3Rlcm5ldC5pby9jb25maWcuZ3JvdXAiOiJhcHBzLmNsdXN0ZXJuZXQuaW8iLCJhcHBzLmNsdXN0ZXJuZXQuaW8vY29uZmlnLmtpbmQiOiJIZWxtQ2hhcnQiLCJhcHBzLmNsdXN0ZXJuZXQuaW8vY29uZmlnLm5hbWUiOiJteXNxbCIsImFwcHMuY2x1c3Rlcm5ldC5pby9jb25maWcubmFtZXNwYWNlIjoiZGVmYXVsdCIsImFwcHMuY2x1c3Rlcm5ldC5pby9jb25maWcudmVyc2lvbiI6InYxYWxwaGExIiwic29tZS1sYWJlbCI6InNvbWUtdmFsdWUifSwibmFtZSI6Im15c3FsIiwibmFtZXNwYWNlIjoiZGVmYXVsdCIsInJlc291cmNlVmVyc2lvbiI6Ijk2NzcifSwic3BlYyI6eyJjaGFydCI6Im15c3FsIiwiY2hhcnRQdWxsU2VjcmV0Ijp7fSwiY3JlYXRlTmFtZXNwYWNlIjp0cnVlLCJyZXBvIjoiaHR0cHM6Ly9jaGFydHMuYml0bmFtaS5jb20vYml0bmFtaSIsInRhcmdldE5hbWVzcGFjZSI6ImFiYyIsInRpbWVvdXRTZWNvbmRzIjozMDAsInZlcnNpb24iOiI5LjEwLjQifX0=
Charts:
Name: mysql
Namespace: default
Deployer: Helm
Raw:
eyJjb21tb25MYWJlbHMiOnsiY2x1c3Rlcm5ldC5pby9vdmVycmlkZS1ieSI6ImNsdXN0ZXJuZXQtaHViIiwic29tZS1sYWJlbCI6InNvbWUtdmFsdWUifSwicHJpbWFyeSI6eyJwZXJzaXN0ZW5jZSI6eyJlbmFibGVkIjpmYWxzZX19fQ==
Status:
Phase: Success
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal HelmReleasesCreated 2m14s clusternet-controller-manager HelmReleases clusternet-zb7dt/default-app-demo-helm-default-mysql is created successfully
Normal Synced 62s (x2 over 2m14s) clusternet-agent Description synced successfully
Normal Synced 62s (x4 over 2m14s) clusternet-controller-manager Description synced successfully
Normal HelmReleaseUpdated 62s clusternet-controller-manager HelmReleases clusternet-zb7dt/default-app-demo-helm-default-mysql is updated successfully
$ kubectl get hr -A
NAMESPACE NAME CHART VERSION REPO STATUS AGE
clusternet-zb7dt default-app-demo-helm-default-mysql mysql 9.10.4 https://charts.bitnami.com/bitnami deployed 2m39sWould you please perform checks by running below steps.
In your child cluster
kubectl get secret -n clusternet-system -o=jsonpath='{.items[?(@.metadata.annotations.kubernetes\.io/service-account\.name=="clusternet-app-deployer")].data.token}' | base64 --decode; echoIn your parent cluster
kubectl get secret -n clusternet-zb7dt child-cluster-deployer -o=jsonpath='{.data.token}' | base64 --decode; echo
Please change clusternet-zb7dt here to yours.
Compare the two token from above outputs
to see whether they are identical.
from clusternet.
jasine
commented on June 10, 2024
@dixudx yes, they are exactly the same
from clusternet.
dixudx
commented on June 10, 2024
@jasine Did the token get changed?
You've re-installed child cluster, right? Try to scale down and scale up clusternet-controller-manager.
kubectl scale deploy clusternet-controller-manager -n clusternet-system --replicas=0
kubectl scale deploy clusternet-controller-manager -n clusternet-system --replicas=3I'm suspecting that clusternet-controller-manager is using an older token.
from clusternet.
jasine
commented on June 10, 2024
@dixudx not working, should I redeploy a parent cluster?
from clusternet.
dixudx
commented on June 10, 2024
@jasine Please try to delete secret clusternet-app-deployer and restart clusternet-agent in child cluster.
kubectl delete secret -n clusternet-system clusternet-app-deployer
kubectl scale deploy clusternet-agent -n clusternet-system --replicas=0
kubectl scale deploy clusternet-agent -n clusternet-system --replicas=3
And then try to scale down and scale up clusternet-controller-manager in the parent cluster.
kubectl scale deploy clusternet-controller-manager -n clusternet-system --replicas=0
kubectl scale deploy clusternet-controller-manager -n clusternet-system --replicas=3from clusternet.
jasine
commented on June 10, 2024
@dixudx the error logs now as follows
E0704 02:56:10.100100 1 wait.go:190] failed to get Secret clusternet-system/clusternet-app-deployer: secrets "clusternet-app-deployer" not found
E0704 02:56:17.008467 1 wait.go:190] failed to get Secret clusternet-system/clusternet-app-deployer: secrets "clusternet-app-deployer" not found
E0704 02:56:23.360710 1 wait.go:190] failed to get Secret clusternet-system/clusternet-app-deployer: secrets "clusternet-app-deployer" not found
W0704 02:56:25.622592 1 clusterstatus_controller.go:151] failed to discover service CIDR: can't get ServiceIPRange
describe helmrelease still Unauthorized, I tried to delete helmrelease
Warning FailedSynced 2m57s (x13 over 3m20s) clusternet-controller-manager query: failed to query with labels: Unauthorized
Warning FailedSynced 2m36s (x3 over 2m42s) clusternet-controller-manager Kubernetes cluster unreachable: the server has asked for the client to provide credentials
from clusternet.
dixudx
commented on June 10, 2024
E0704 02:56:10.100100 1 wait.go:190] failed to get Secret clusternet-system/clusternet-app-deployer: secrets "clusternet-app-deployer" not found
E0704 02:56:17.008467 1 wait.go:190] failed to get Secret clusternet-system/clusternet-app-deployer: secrets "clusternet-app-deployer" not found
E0704 02:56:23.360710 1 wait.go:190] failed to get Secret clusternet-system/clusternet-app-deployer: secrets "clusternet-app-deployer" not found
@jasine Did you restart clusternet-agent in child cluster first and then clusternet-controller-manager in the parent cluster? Follow the steps here.
from clusternet.
jasine
commented on June 10, 2024
@dixudx Yes, I followed the steps exactly
from clusternet.
dixudx
commented on June 10, 2024
@jasine Can this issue be reproduced? This will help identify what's happening.
from clusternet.
jasine
commented on June 10, 2024
@jasine Can this issue be reproduced? This will help identify what's happening.
@dixudx Yes, I make some tests, it works fine on k8s 1.26.1, and the issue can be reproduced on k3s v1.27.3+k3s1 and v1.25.6+k3s1, so maybe it can be reproduced on most versions of k3s
from clusternet.
dixudx
commented on June 10, 2024
@jasine Would you please share some steps that I can reproduce this issue. Thanks.
from clusternet.
jasine
commented on June 10, 2024
@jasine Would you please share some steps that I can reproduce this issue. Thanks.
parent cluster
- install k3s
curl -sfL https://rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh -s - \
--disable-network-policy \
--disable-helm-controller \
--disable servicelb,traefik,local-storage,metrics-server- install helm
- install clusternet
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
helm repo add clusternet ${HELM_REPO}
helm repo update
helm install clusternet-hub -n clusternet-system clusternet/clusternet-hub \
--create-namespace \
--set replicaCount=1 \
--set resources.limits.cpu=1000m \
--set anonymousAuthSupported=false
helm install clusternet-scheduler -n clusternet-system clusternet/clusternet-scheduler \
--create-namespace \
--set replicaCount=1
helm install clusternet-controller-manager -n clusternet-system clusternet/clusternet-controller-manager \
--create-namespace \
--set replicaCount=1
kubectl apply -f https://raw.githubusercontent.com/clusternet/clusternet/main/manifests/samples/cluster_serviceaccount_token.yaml
echo "clusternet join token:"
kubectl get secret -n clusternet-system -o=jsonpath='{.items[?(@.metadata.annotations.kubernetes\.io/service-account\.name=="cluster-bootstrap-use")].data.token}' | base64 --decode; echo
child cluster
- install k3s
k3s_config
curl -sfL https://rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/k3s-install.sh | INSTALL_K3S_VERSION=${K3S_VERSION} INSTALL_K3S_MIRROR=cn sh -s - \
--data-dir /data/k3s \
--disable-network-policy \
--disable-helm-controller \
--disable servicelb,traefik,local-storage,metrics-server
- install helm
- install clusternet-agent
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
helm repo add clusternet ${HELM_REPO} || true
helm repo update
#helm 渲染的时候会把逗号转义,多个 label 之间需要转义
helm install clusternet-agent -n clusternet-system --create-namespace --wait --version ${CLUSTERNET_CHART_VERSION} \
--set parentURL=${PARENT_HOST} \
--set registrationToken=${TOKEN} \
--set replicaCount=1 \
--set extraArgs.cluster-reg-name=$(hostname) \
--set extraArgs.cluster-reg-namespace=$(hostname) \
--set priorityClassName=system-cluster-critical \
clusternet/clusternet-agent
distribute apps
- create chart and sub then this issue will be reproduced when describe helmrelease
from clusternet.
dixudx
commented on June 10, 2024
@jasine For k3s, you need to set anonymousAuthSupported=false for clusternet-controller-manager.
helm install clusternet-controller-manager -n clusternet-system clusternet/clusternet-controller-manager \
--create-namespace \
--set replicaCount=1 \
--set anonymousAuthSupported=falsePlease take another try. This works for me.
If this works for you as well, would you please submit a PR to add a note on this setting, especially for k3s users. Thanks.
from clusternet.
jasine
commented on June 10, 2024
@dixudx Sorry, I ignored the anonymousAuthSupported on controller-manager, thanks a lot
from clusternet.
Related Issues (20)
- Getting error whenever tried to check the logs of Clusternet-Agent pod through Kubernetes command HOT 22
- Adopting a Standardized ClusterInventory API from SIG Multi-Cluster HOT 1
- Unable to manage child clusternet through parent clusternet HOT 11
- Who is Adopting Clusternet? | Clusternet 使用者征集 HOT 4
- Increase code coverage HOT 4
- Getting error in agent-clusternet in child clusternet HOT 7
- HelmChart type resources cannot be deployed when clusternet-agent sets AppPusher=false HOT 1
- Add post-join actions after child cluster joins in parent cluster successfully. HOT 2
- controller-manager will panic when the length of bindingClusters and replicas in subscription are not equal
- helm deploy failed HOT 4
- Replace ApplyResourceWithRetry with ApplyResource HOT 2
- Optimized performance of clusternet in large-scale CR scenarios.
- add metrics and pprof server for controller-manager
- Support Scheduling Priority and Preemption HOT 4
- for dividing scheduling, manifest changes should not directly trigger the updates of base objects HOT 1
- does clusternet support Multi-Cluster Controller HOT 5
- The default priority of localization for dynamic scheduling is 1000(the highest), which is not flexible HOT 2
- when we watch wrapper resource, sometimes we can not receive event
- shadow api can not access pv which dynamicly created by pvc HOT 9
- Installation issues: How to add other sub-clusters to the parent cluster HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from clusternet.