Issue Deion After installing IBM Cloud Private-CE 3.1.1 wit

Hi Emma,Thanks for your email. I ran the but I was going now

Hi Edwin - did you save the on a Windows machine first? It looks like there ar

Part 2 of the logs.Thx,EdwinFrom: EmmaHumber <notifications@

Part1bFrom: EmmaHumber <notifications@github.com>Sent: Tuesda

Part 1cFrom: EmmaHumber <notifications@github.com>Sent: Tuesd

Event Streams- Broker component not available in namespace.,about ibm/event-streams

Comments (23)

egargaritano commented on August 14, 2024 1

Hi Emma, See below. Thanks, Edwin KAFKA-NETPOL.YAML apiVersion: v1 items: - apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: creationTimestamp: 2019-01-30T17:17:59Z generation: 1 labels: app: ibm-es chart: ibm-eventstreams-dev component: essential heritage: Tiller release: kafka name: kafka-ibm-es-access-default-deny namespace: thor-namespace resourceVersion: "654803" selfLink: /apis/extensions/v1beta1/namespaces/thor-namespace/networkpolicies/kafka-ibm-es-access-default-deny uid: fe14d612-24b2-11e9-9eb1-00505692608c spec: egress: - ports: - port: 53 protocol: UDP - port: 53 protocol: TCP podSelector: matchLabels: release: kafka policyTypes: - Ingress - Egress - apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: creationTimestamp: 2019-01-30T17:17:59Z generation: 1 labels: app: ibm-es chart: ibm-eventstreams-dev component: essential heritage: Tiller release: kafka name: kafka-ibm-es-access-jobs namespace: thor-namespace resourceVersion: "654814" selfLink: /apis/extensions/v1beta1/namespaces/thor-namespace/networkpolicies/kafka-ibm-es-access-jobs uid: fe18dd8b-24b2-11e9-9eb1-00505692608c spec: egress: - ports: - port: 8001 protocol: TCP podSelector: matchLabels: component: essential release: kafka policyTypes: - Egress - Ingress - apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: creationTimestamp: 2019-01-30T17:17:59Z generation: 1 labels: app: ibm-es chart: ibm-eventstreams-dev component: elastic heritage: Tiller release: kafka name: kafka-ibm-es-elastic-access namespace: thor-namespace resourceVersion: "654806" selfLink: /apis/extensions/v1beta1/namespaces/thor-namespace/networkpolicies/kafka-ibm-es-elastic-access uid: fe161849-24b2-11e9-9eb1-00505692608c spec: egress: - ports: - port: 9080 protocol: TCP to: - podSelector: matchLabels: component: indexmgr - ports: - port: 9300 protocol: TCP to: - podSelector: matchLabels: component: elastic ingress: - from: - podSelector: matchLabels: component: indexmgr ports: - port: 9200 protocol: TCP - from: - podSelector: matchLabels: component: elastic ports: - port: 9300 protocol: TCP podSelector: matchLabels: component: elastic release: kafka policyTypes: - Egress - Ingress - apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: creationTimestamp: 2019-01-30T17:17:59Z generation: 1 labels: app: ibm-es chart: ibm-eventstreams-dev component: indexmgr heritage: Tiller release: kafka name: kafka-ibm-es-indexmgr-access namespace: thor-namespace resourceVersion: "654811" selfLink: /apis/extensions/v1beta1/namespaces/thor-namespace/networkpolicies/kafka-ibm-es-indexmgr-access uid: fe17ae7b-24b2-11e9-9eb1-00505692608c spec: egress: - ports: - port: 9200 protocol: TCP to: - podSelector: matchLabels: component: elastic - ports: - port: 9080 protocol: TCP to: - podSelector: matchLabels: component: rest ingress: - from: - podSelector: matchLabels: component: kafka ports: - port: 8080 protocol: TCP - from: - podSelector: matchLabels: component: elastic - podSelector: matchLabels: component: rest ports: - port: 9080 protocol: TCP podSelector: matchLabels: component: indexmgr release: kafka policyTypes: - Egress - Ingress - apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: creationTimestamp: 2019-01-30T17:17:59Z generation: 1 labels: app: ibm-es chart: ibm-eventstreams-dev component: kafka heritage: Tiller release: kafka name: kafka-ibm-es-kafka-access namespace: thor-namespace resourceVersion: "654819" selfLink: /apis/extensions/v1beta1/namespaces/thor-namespace/networkpolicies/kafka-ibm-es-kafka-access uid: fe1a1d43-24b2-11e9-9eb1-00505692608c spec: egress: - ports: - port: 8001 protocol: TCP - ports: - port: 2181 protocol: TCP to: - podSelector: matchLabels: component: zookeeper - ports: - port: 9092 protocol: TCP to: - podSelector: matchLabels: component: kafka - ports: - port: 8080 protocol: TCP to: - podSelector: matchLabels: component: indexmgr - ports: - port: 8443 protocol: TCP to: - podSelector: matchLabels: component: security ingress: - from: - podSelector: matchLabels: component: rest ports: - port: 8084 protocol: TCP - from: - podSelector: matchLabels: component: proxy ports: - port: 8093 protocol: TCP - from: - podSelector: matchLabels: component: kafka ports: - port: 9092 protocol: TCP - ports: - port: 8081 protocol: TCP podSelector: matchLabels: component: kafka release: kafka policyTypes: - Egress - Ingress - apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: creationTimestamp: 2019-01-30T17:17:59Z generation: 1 labels: app: ibm-es chart: ibm-eventstreams-dev component: proxy heritage: Tiller release: kafka name: kafka-ibm-es-proxy-access namespace: thor-namespace resourceVersion: "654825" selfLink: /apis/extensions/v1beta1/namespaces/thor-namespace/networkpolicies/kafka-ibm-es-proxy-access uid: fe1b37d8-24b2-11e9-9eb1-00505692608c spec: egress: - ports: - port: 8001 protocol: TCP - ports: - port: 8093 protocol: TCP to: - podSelector: matchLabels: component: kafka - ports: - port: 9080 protocol: TCP to: - podSelector: matchLabels: component: rest ingress: - {} podSelector: matchLabels: component: proxy release: kafka policyTypes: - Egress - Ingress - apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: creationTimestamp: 2019-01-30T17:17:59Z generation: 1 labels: app: ibm-es chart: rest component: rest heritage: Tiller release: kafka name: kafka-ibm-es-rest-access namespace: thor-namespace resourceVersion: "654792" selfLink: /apis/extensions/v1beta1/namespaces/thor-namespace/networkpolicies/kafka-ibm-es-rest-access uid: fe0e82a9-24b2-11e9-9eb1-00505692608c spec: egress: - ports: - port: 8001 protocol: TCP - ports: - port: 8084 protocol: TCP to: - podSelector: matchLabels: component: kafka - ports: - port: 9080 protocol: TCP to: - podSelector: matchLabels: component: indexmgr - ports: - port: 2181 protocol: TCP to: - podSelector: matchLabels: component: zookeeper - ports: - port: 8443 protocol: TCP - ports: - protocol: TCP - port: 53 protocol: UDP ingress: - {} podSelector: matchLabels: component: rest release: kafka policyTypes: - Egress - Ingress - apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: creationTimestamp: 2019-01-30T17:17:59Z generation: 1 labels: app: ibm-es chart: ibm-eventstreams-dev component: security heritage: Tiller release: kafka name: kafka-ibm-es-security-access namespace: thor-namespace resourceVersion: "654826" selfLink: /apis/extensions/v1beta1/namespaces/thor-namespace/networkpolicies/kafka-ibm-es-security-access uid: fe207465-24b2-11e9-9eb1-00505692608c spec: egress: - ports: - port: 8443 protocol: TCP ingress: - from: - podSelector: matchLabels: component: kafka - podSelector: matchLabels: component: rest - podSelector: matchLabels: component: ui ports: - port: 8443 protocol: TCP podSelector: matchLabels: component: security release: kafka policyTypes: - Egress - Ingress - apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: creationTimestamp: 2019-01-30T17:17:59Z generation: 1 labels: app: ibm-es chart: ui component: ui heritage: Tiller release: kafka name: kafka-ibm-es-ui-access namespace: thor-namespace resourceVersion: "654794" selfLink: /apis/extensions/v1beta1/namespaces/thor-namespace/networkpolicies/kafka-ibm-es-ui-access uid: fe1164f4-24b2-11e9-9eb1-00505692608c spec: egress: - ports: - port: 8001 protocol: TCP - ports: - port: 9080 protocol: TCP to: - podSelector: matchLabels: component: rest - ports: - port: 8443 protocol: TCP - ports: - port: 8443 protocol: TCP to: - podSelector: matchLabels: component: security - ports: - port: 4300 protocol: TCP ingress: - {} podSelector: matchLabels: component: ui release: kafka policyTypes: - Egress - Ingress - apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: creationTimestamp: 2019-01-30T17:17:59Z generation: 1 labels: app: ibm-es chart: zookeeper component: zookeeper heritage: Tiller release: kafka name: kafka-ibm-es-zookeeper-access namespace: thor-namespace resourceVersion: "654799" selfLink: /apis/extensions/v1beta1/namespaces/thor-namespace/networkpolicies/kafka-ibm-es-zookeeper-access uid: fe12ceca-24b2-11e9-9eb1-00505692608c spec: egress: - ports: - port: 8001 protocol: TCP - ports: - port: 2888 protocol: TCP - port: 3888 protocol: TCP to: - podSelector: matchLabels: component: zookeeper ingress: - from: - podSelector: matchLabels: component: kafka - podSelector: matchLabels: component: rest ports: - port: 2181 protocol: TCP - from: - podSelector: matchLabels: component: zookeeper ports: - port: 2888 protocol: TCP - from: - podSelector: matchLabels: component: zookeeper ports: - port: 3888 protocol: TCP podSelector: matchLabels: component: zookeeper release: kafka policyTypes: - Egress - Ingress kind: List metadata: resourceVersion: "" selfLink: "" ZOOKEEPER-NETPOL.YAML apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: creationTimestamp: 2019-01-30T17:17:59Z generation: 1 labels: app: ibm-es chart: zookeeper component: zookeeper heritage: Tiller release: kafka name: kafka-ibm-es-zookeeper-access namespace: thor-namespace resourceVersion: "654799" selfLink: /apis/extensions/v1beta1/namespaces/thor-namespace/networkpolicies/kafka-ibm-es-zookeeper-access uid: fe12ceca-24b2-11e9-9eb1-00505692608c spec: egress: - ports: - port: 8001 protocol: TCP - ports: - port: 2888 protocol: TCP - port: 3888 protocol: TCP to: - podSelector: matchLabels: component: zookeeper ingress: - from: - podSelector: matchLabels: component: kafka - podSelector: matchLabels: component: rest ports: - port: 2181 protocol: TCP - from: - podSelector: matchLabels: component: zookeeper ports: - port: 2888 protocol: TCP - from: - podSelector: matchLabels: component: zookeeper ports: - port: 3888 protocol: TCP podSelector: matchLabels: component: zookeeper release: kafka policyTypes: - Egress - Ingress From: EmmaHumber <[email protected]> Sent: Monday, February 11, 2019 12:27 PM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Mention <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) HI @egargaritano <https://github.com/egargaritano> There's still something odd about how files get attached to this issue and I can't see them. Could you copy and paste the text of the two network policy output files into the email response directly as you did for the kubectl describe commands above, as that way I can see the content. Thanks Emma — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswH1gyApCs3GDsWhQR6kVzmu2y9Lrks5vMafHgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswNmHKhInsSXez6iYo8V1j7bzpBUbks5vMafHgaJpZM4aek3N.gif>

from event-streams.

EmmaHumber commented on August 14, 2024

Hi Edwin

Thanks for getting in touch. From the logs you've sent in it looks like this Kafka pod can't talk to at least one of the Zookeepers instances, however the logs show that the three Zookeeper pods are up and running.

I can't tell from the information above why this might be. Could you run the script at

https://github.com/IBM/charts/blob/master/stable/ibm-eventstreams-dev/additionalFiles/get-logs.sh

and attach the file generated to this issue please?

Are you running SE Linux, or standard Red Hat?

Can you ping one worker node from the other worker nodes? eg ssh into 10.69.5.67 and see if you can ping 10.69.5.68 and 10.69.5.69.

Can you exec into the Kafka container:
kubectl exec -it KAFKA_POD_NAME -c kafka bash

and see if it can contact the zookeeper containers. There's no ping, so try nc:

nc -z 172.18.167.193 2181
nc -z 172.18.186.106 2181

Note that I can't work out the ip of the third zookeeper from the Kafka healthcheck logs - I'm assuming the Kafka healthcheck can communicate with this ZK, possibly because it is on the same node as the Kafka pod the logs above are from.

Thanks
Emma

from event-streams.

egargaritano commented on August 14, 2024

Hi Emma, Thanks for your email. I ran the script but I was going nowhere as I was getting an error as follows: [root@onthord0bav001 ~]# . get-logs.sh

…

-bash: $'\r': command not found

-bash: $'\r': command not found ': not a valid identifier ': not a valid identifier

-bash: $'\r': command not found

-bash: get-logs.sh: line 45: syntax error near unexpected token `$'in\r'' 'bash: get-logs.sh: line 45: ` case $1 in The system is based on RHEL 7 and is running Selinux (enforcing mode). All nodes can ping each other (that is .67 can ping .68 and .69; .68 can ping .67 and .69; and .69 can ping .67 and .68) The first two zookeeper nodes cannot be contacted (see nc_results.txt attached). You are right about the 3rd zookeeper that it can be contacted because it probably resides on the same node. Let me know if you need more tests to be performed. Thanks, Edwin From: EmmaHumber <[email protected]> Sent: Sunday, February 3, 2019 5:09 PM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Author <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi Edwin Thanks for getting in touch. From the logs you've sent in it looks like this Kafka pod can't talk to at least one of the Zookeepers instances, however the logs show that the three Zookeeper pods are up and running. I can't tell from the information above why this might be. Could you run the script at https://github.com/IBM/charts/blob/master/stable/ibm-eventstreams-dev/additionalFiles/get-logs.sh and attach the file generated to this issue please? Are you running SE Linux, or standard Red Hat? Can you ping one worker node from the other worker nodes? eg ssh into 10.69.5.67 and see if you can ping 10.69.5.68 and 10.69.5.69. Can you exec into the Kafka container: kubectl exec -it KAFKA_POD_NAME -c kafka bash and see if it can contact the zookeeper containers. There's no ping, so try nc: nc -z 172.18.167.193 2181 nc -z 172.18.186.106 2181 Note that I can't work out the ip of the third zookeeper from the Kafka healthcheck logs - I'm assuming the Kafka healthcheck can communicate with this ZK, possibly because it is on the same node as the Kafka pod the logs above are from. Thanks Emma — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswGaqVofDYAHev-KVmg7uJfUIccUwks5vJ13xgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswMRPIvA2dfO6KdLblZxWev5Fln5Pks5vJ13xgaJpZM4aek3N.gif> [root@onthord0bav001 ~]# getenforce Enforcing [root@onthord0bav001 ~]# kubectl get pods NAME READY STATUS RESTARTS AGE kafka-ibm-es-access-controller-deploy-568896b4db-55ldz 2/2 Running 3 5d kafka-ibm-es-access-controller-deploy-568896b4db-jgl6m 2/2 Running 5 5d kafka-ibm-es-elastic-sts-0 1/1 Running 1 5d kafka-ibm-es-elastic-sts-1 1/1 Running 1 5d kafka-ibm-es-indexmgr-deploy-5c8944874d-rwnz9 1/1 Running 410 5d kafka-ibm-es-kafka-sts-0 2/4 Running 156 5d kafka-ibm-es-kafka-sts-1 2/4 Running 156 5d kafka-ibm-es-kafka-sts-2 2/4 Running 156 5d kafka-ibm-es-proxy-deploy-7c94b6cbd4-8485r 1/1 Running 1 5d kafka-ibm-es-proxy-deploy-7c94b6cbd4-dtxgp 1/1 Running 2 5d kafka-ibm-es-rest-deploy-54c5d7764b-r5vnl 3/3 Running 4 5d kafka-ibm-es-ui-deploy-b87c86f5d-gm6k6 3/3 Running 6 5d kafka-ibm-es-zookeeper-sts-0 1/1 Running 4 5d kafka-ibm-es-zookeeper-sts-1 1/1 Running 4 5d kafka-ibm-es-zookeeper-sts-2 1/1 Running 4 5d [root@onthord0bav001 ~]# [root@onthord0bav001 ~]# [root@onthord0bav001 ~]# kubectl exec -it kafka-ibm-es-kafka-sts-0 -c kafka bash nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ nc -z 172.18.167.193 2181 ^Z [1]+ Stopped nc -z 172.18.167.193 2181 nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ bg [1]+ nc -z 172.18.167.193 2181 & nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ fg nc -z 172.18.167.193 2181 ^C nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ bg bash: bg: current: no such job nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ nc -z 172.18.186.106 2181 ^C nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ bg bash: bg: current: no such job nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ exit exit command terminated with exit code 1 [root@onthord0bav001 ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kafka-ibm-es-access-controller-svc ClusterIP None <none> 8443/TCP 5d kafka-ibm-es-elastic-svc ClusterIP None <none> 9200/TCP,9300/TCP 5d kafka-ibm-es-indexmgr-svc ClusterIP None <none> 9080/TCP,8080/TCP 5d kafka-ibm-es-kafka-broker-svc-0 ClusterIP None <none> 9092/TCP,8093/TCP,9094/ TCP,7070/TCP 5d kafka-ibm-es-kafka-broker-svc-1 ClusterIP None <none> 9092/TCP,8093/TCP,9094/ TCP,7070/TCP 5d kafka-ibm-es-kafka-broker-svc-2 ClusterIP None <none> 9092/TCP,8093/TCP,9094/ TCP,7070/TCP 5d kafka-ibm-es-kafka-headless-svc ClusterIP None <none> 9092/TCP,8093/TCP,9094/ TCP,8081/TCP 5d kafka-ibm-es-proxy-svc NodePort 172.18.133.183 <none> 30000:30270/TCP,30001:3 0004/TCP,30051:30156/TCP,30101:31243/TCP 5d kafka-ibm-es-rest-proxy-svc NodePort 172.18.198.48 <none> 32000:31595/TCP 5d kafka-ibm-es-rest-svc ClusterIP 172.18.230.160 <none> 9080/TCP 5d kafka-ibm-es-ui-svc NodePort 172.18.6.254 <none> 32000:32050/TCP 5d kafka-ibm-es-zookeeper-fixed-ip-svc-0 ClusterIP 172.18.186.106 <none> 2181/TCP,2888/TCP,3888/ TCP 5d kafka-ibm-es-zookeeper-fixed-ip-svc-1 ClusterIP 172.18.70.121 <none> 2181/TCP,2888/TCP,3888/ TCP 5d kafka-ibm-es-zookeeper-fixed-ip-svc-2 ClusterIP 172.18.167.193 <none> 2181/TCP,2888/TCP,3888/ TCP 5d kafka-ibm-es-zookeeper-headless-svc ClusterIP None <none> 2181/TCP,2888/TCP,3888/ TCP 5d [root@onthord0bav001 ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kafka-ibm-es-access-controller-svc ClusterIP None <none> 8443/TCP 5d kafka-ibm-es-elastic-svc ClusterIP None <none> 9200/TCP,9300/TCP 5d kafka-ibm-es-indexmgr-svc ClusterIP None <none> 9080/TCP,8080/TCP 5d kafka-ibm-es-kafka-broker-svc-0 ClusterIP None <none> 9092/TCP,8093/TCP,9094/TCP,7070/TCP 5d kafka-ibm-es-kafka-broker-svc-1 ClusterIP None <none> 9092/TCP,8093/TCP,9094/TCP,7070/TCP 5d kafka-ibm-es-kafka-broker-svc-2 ClusterIP None <none> 9092/TCP,8093/TCP,9094/TCP,7070/TCP 5d kafka-ibm-es-kafka-headless-svc ClusterIP None <none> 9092/TCP,8093/TCP,9094/TCP,8081/TCP 5d kafka-ibm-es-proxy-svc NodePort 172.18.133.183 <none> 30000:30270/TCP,30001:30004/TCP,30051:30156/TCP,30101:31243/TCP 5d kafka-ibm-es-rest-proxy-svc NodePort 172.18.198.48 <none> 32000:31595/TCP 5d kafka-ibm-es-rest-svc ClusterIP 172.18.230.160 <none> 9080/TCP 5d kafka-ibm-es-ui-svc NodePort 172.18.6.254 <none> 32000:32050/TCP 5d kafka-ibm-es-zookeeper-fixed-ip-svc-0 ClusterIP 172.18.186.106 <none> 2181/TCP,2888/TCP,3888/TCP 5d kafka-ibm-es-zookeeper-fixed-ip-svc-1 ClusterIP 172.18.70.121 <none> 2181/TCP,2888/TCP,3888/TCP 5d kafka-ibm-es-zookeeper-fixed-ip-svc-2 ClusterIP 172.18.167.193 <none> 2181/TCP,2888/TCP,3888/TCP 5d kafka-ibm-es-zookeeper-headless-svc ClusterIP None <none> 2181/TCP,2888/TCP,3888/TCP 5d [root@onthord0bav001 ~]# kubectl exec -it kafka-ibm-es-kafka-sts-0 -c kafka bash nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ nc -z 172.18.70.121 2181 nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$ nc -z 172.18.70.121 2181 nobody@kafka-ibm-es-kafka-sts-0:/opt/kafka$

from event-streams.

EmmaHumber commented on August 14, 2024

Hi Edwin - did you save the script on a Windows machine first? It looks like there are carriage return ("/r") characters on the end of each line which Linux won't be happy with.

My suspicion is that there is a setting in the SELinux configuration that is preventing the pods from talking across nodes. Can you also attach your SELinux settings from /etc/selinux/config

Is it possible for you to test with SELinux disabled to see if this resolves the problem? That will either rule SELinux configuration out, or highlight where to focus investigation.

Thanks
Emma

from event-streams.

egargaritano commented on August 14, 2024

Part 2 of the logs. Thx, Edwin From: EmmaHumber <[email protected]> Sent: Tuesday, February 5, 2019 2:31 AM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Author <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi Edwin - did you save the script on a Windows machine first? It looks like there are carriage return ("/r") characters on the end of each line which Linux won't be happy with. My suspicion is that there is a setting in the SELinux configuration that is preventing the pods from talking across nodes. Can you also attach your SELinux settings from /etc/selinux/config Is it possible for you to test with SELinux disabled to see if this resolves the problem? That will either rule SELinux configuration out, or highlight where to focus investigation. Thanks Emma — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswJ8kv2PbPo9a-Ng62m7GC07dfRGTks5vKTNEgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswOn1q8ISpt2rOqCykppSj0fjH_GGks5vKTNEgaJpZM4aek3N.gif>

from event-streams.

EmmaHumber commented on August 14, 2024

Hi Edwin - I can't see any new logs attached to this issue. Could you double check you added them as it looks like reply via email might not be including files.

Thanks
Emma

from event-streams.

egargaritano commented on August 14, 2024

Part1a didn’t go through, so I split into 3 parts. See attached. Thx, Edwin From: EmmaHumber <[email protected]> Sent: Tuesday, February 5, 2019 2:31 AM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Author <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi Edwin - did you save the script on a Windows machine first? It looks like there are carriage return ("/r") characters on the end of each line which Linux won't be happy with. My suspicion is that there is a setting in the SELinux configuration that is preventing the pods from talking across nodes. Can you also attach your SELinux settings from /etc/selinux/config Is it possible for you to test with SELinux disabled to see if this resolves the problem? That will either rule SELinux configuration out, or highlight where to focus investigation. Thanks Emma — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswJ8kv2PbPo9a-Ng62m7GC07dfRGTks5vKTNEgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswOn1q8ISpt2rOqCykppSj0fjH_GGks5vKTNEgaJpZM4aek3N.gif>

from event-streams.

egargaritano commented on August 14, 2024

Part1b From: EmmaHumber <[email protected]> Sent: Tuesday, February 5, 2019 2:31 AM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Author <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi Edwin - did you save the script on a Windows machine first? It looks like there are carriage return ("/r") characters on the end of each line which Linux won't be happy with. My suspicion is that there is a setting in the SELinux configuration that is preventing the pods from talking across nodes. Can you also attach your SELinux settings from /etc/selinux/config Is it possible for you to test with SELinux disabled to see if this resolves the problem? That will either rule SELinux configuration out, or highlight where to focus investigation. Thanks Emma — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswJ8kv2PbPo9a-Ng62m7GC07dfRGTks5vKTNEgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswOn1q8ISpt2rOqCykppSj0fjH_GGks5vKTNEgaJpZM4aek3N.gif>

from event-streams.

egargaritano commented on August 14, 2024

Part 1c From: EmmaHumber <[email protected]> Sent: Tuesday, February 5, 2019 2:31 AM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Author <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi Edwin - did you save the script on a Windows machine first? It looks like there are carriage return ("/r") characters on the end of each line which Linux won't be happy with. My suspicion is that there is a setting in the SELinux configuration that is preventing the pods from talking across nodes. Can you also attach your SELinux settings from /etc/selinux/config Is it possible for you to test with SELinux disabled to see if this resolves the problem? That will either rule SELinux configuration out, or highlight where to focus investigation. Thanks Emma — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswJ8kv2PbPo9a-Ng62m7GC07dfRGTks5vKTNEgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswOn1q8ISpt2rOqCykppSj0fjH_GGks5vKTNEgaJpZM4aek3N.gif>

from event-streams.

EmmaHumber commented on August 14, 2024

Hi - thanks for attempting to upload the docs again. Can you see the attachments on this issue? I can't see them unfortunately. I was wondering if you could try using the git web client to upload the files rather than email.

How did you get on with disabling SELinux to exclude this from what's going on?

Regards
Emma

from event-streams.

egargaritano commented on August 14, 2024

Hi Emma, I split the logs into four parts. Were you able to see them? I disabled Selinux by running the command – setenforce 0. Let me know if you still want me to upload the log files. Thanks, Edwin From: EmmaHumber <[email protected]> Sent: Tuesday, February 5, 2019 1:13 PM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Author <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi - thanks for attempting to upload the docs again. Can you see the attachments on this issue? I can't see them unfortunately. I was wondering if you could try using the git web client to upload the files rather than email. How did you get on with disabling SELinux to exclude this from what's going on? Regards Emma — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswP_AkRD5FwfRf9eJwXHyN6AVLp2sks5vKcmpgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswLJjFAvJP5t0aWMUNSCkYGF9K_8fks5vKcmpgaJpZM4aek3N.gif>

from event-streams.

egargaritano commented on August 14, 2024

Just uploaded the entire logs via the Git Client. Can you see them now? Thx, Edwin From: egargaritano <[email protected]> Sent: Tuesday, February 5, 2019 2:22 PM To: 'IBM/event-streams' <[email protected]>; 'IBM/event-streams' <[email protected]> Cc: 'Author' <[email protected]> Subject: RE: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi Emma, I split the logs into four parts. Were you able to see them? I disabled Selinux by running the command – setenforce 0. Let me know if you still want me to upload the log files. Thanks, Edwin From: EmmaHumber <[email protected] <mailto:[email protected]> > Sent: Tuesday, February 5, 2019 1:13 PM To: IBM/event-streams <[email protected] <mailto:[email protected]> > Cc: egargaritano <[email protected] <mailto:[email protected]> >; Author <[email protected] <mailto:[email protected]> > Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi - thanks for attempting to upload the docs again. Can you see the attachments on this issue? I can't see them unfortunately. I was wondering if you could try using the git web client to upload the files rather than email. How did you get on with disabling SELinux to exclude this from what's going on? Regards Emma — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswP_AkRD5FwfRf9eJwXHyN6AVLp2sks5vKcmpgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswLJjFAvJP5t0aWMUNSCkYGF9K_8fks5vKcmpgaJpZM4aek3N.gif>

from event-streams.

egargaritano commented on August 14, 2024

Hi Emma, I uploaded the logs in its entirety via the Git Client. I disabled the Selinux one each node using the setenforce 0 command and all nodes are showing permissive mode now. Hope this helps. Thanks, Edwin From: EmmaHumber <[email protected]> Sent: February 5, 2019 1:13 PM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Author <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi - thanks for attempting to upload the docs again. Can you see the attachments on this issue? I can't see them unfortunately. I was wondering if you could try using the git web client to upload the files rather than email. How did you get on with disabling SELinux to exclude this from what's going on? Regards Emma — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswP_AkRD5FwfRf9eJwXHyN6AVLp2sks5vKcmpgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswLJjFAvJP5t0aWMUNSCkYGF9K_8fks5vKcmpgaJpZM4aek3N.gif>

from event-streams.

andrewdunnings commented on August 14, 2024

Hi Edwin,

I'm replying on behalf of Emma:

Did disabling SELinux have any affect on the state of the Event Streams install, for example is the UI showing the brokers as unavailable still? If there’s no difference in behavior could you:

confirm se linux is disabled by running sestatus and checking the output, then
run kubectl delete pod ZOOKEEPER_POD_NAME for each zookeeper in turn, followed by a kubectl delete pod KAFKA_POD_NAME for each kafka in turn, waiting for each pod to restart before deleting the next, then
run kubectl get pods to confirm the status of each pod

If the pods still don’t all come up, we can remove the event streams network policy next:

Save the network policy files for kafka and zookeeper:

kubectl get netpol -o yaml $(kubectl get netpol | grep zookeeper | awk '{ print $1 }') > zookeeper-netpol.yaml
kubectl get netpol -o yaml $(kubectl get netpol | grep kafka | awk '{ print $1 }') > kafka-netpol.yaml

Delete the network policies for kafka and zookeeper:
3. kubectl delete netpol $(kubectl get netpol | grep zookeeper | awk '{ print $1 }')
4. kubectl delete netpol $(kubectl get netpol | grep kafka | awk '{ print $1 }')

Restart the zookeeper and kafka pods as described above
Run kubectl get pods to see status

Recreate the network policies for kafka and zookeeper:
7. kubectl apply -f zookeeper-netpol.yaml
8. kubectl apply -f kafka-netpol.yaml

I’m wondering if there is some issue attaching large files to this issue as I still can’t see them linked, so I’m going to suggest another route to supply the logs

https://slack-invite-ibm-cloud-tech.mybluemix.net/ - fill in your email to request an invite to join our slack workspace.

Once the invite has come through go to the channel https://ibm-cloud-tech.slack.com/messages/CADFRM4FR/ and post in there referencing this issue. You should be able to upload the log file there.

Thanks
Andrew

from event-streams.

egargaritano commented on August 14, 2024

Hi Andrew, Selinux is disabled, it’s in permissive mode now (ran the setenforce 0 command). I performed the commands to stop/start pods, then delete network policies. After network policies were deleted, all pods came up. When I reapplied the policies, there was an error “Error from server (Conflict): Operation cannot be fulfilled on networkpolicies.extensions "kafka-ibm-es-zookeeper-access": the object has been modified; please apply your changes to the latest version and try again” Not sure what this error is. Does it wait for my input? It shows system is healthy though. I then deleted the nework policies again, and this error is gone. Any thoughts? Thanks for your help. Regards, Edwin From: andrewdunnings <[email protected]> Sent: February 6, 2019 10:39 AM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Author <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi Edwin, I'm replying on behalf of Emma: Did disabling SELinux have any affect on the state of the Event Streams install, for example is the UI showing the brokers as unavailable still? If there’s no difference in behavior could you 1. confirm se linux is disabled by running sestatus and checking the output, then 2. run kubectl delete pod ZOOKEEPER_POD_NAME for each zookeeper in turn, followed by a kubectl delete pod KAFKA_POD_NAME for each kafka in turn, waiting for each pod to restart before deleting the next, then 3. run kubectl get pods to confirm the status of each pod If the pods still don’t all come up, we can remove the event streams network policy next: Save the network policy files for kafka and zookeeper: 1. kubectl get netpol -o yaml $(kubectl get netpol | grep zookeeper | awk '{ print $1 }') > zookeeper-netpol.yaml 2. kubectl get netpol -o yaml $(kubectl get netpol | grep kafka | awk '{ print $1 }') > kafka-netpol.yaml Delete the network policies for kafka and zookeeper: 3. kubectl delete netpol $(kubectl get netpol | grep zookeeper | awk '{ print $1 }') 4. kubectl delete netpol $(kubectl get netpol | grep kafka | awk '{ print $1 }') 5. Restart the zookeeper and kafka pods as described above 6. Run kubectl get pods to see status Recreate the network policies for kafka and zookeeper: 1. kubectl apply -f zookeeper-netpol.yaml 2. kubectl apply -f kafka-netpol.yaml I’m wondering if there is some issue attaching large files to this issue as I still can’t see them linked, so I’m going to suggest another route to supply the logs https://slack-invite-ibm-cloud-tech.mybluemix.net/ - fill in your email to request an invite to join our slack workspace. Once the invite has come through go to the channel https://ibm-cloud-tech.slack.com/messages/CADFRM4FR/ and post in there referencing this issue. You should be able to upload the log file there. Thanks Andrew — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswIxrAFk3pgbEi7vdo51vFZOCXOqQks5vKvckgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswEl06BIGRONjgUKSeIZImhXrMy-Aks5vKvckgaJpZM4aek3N.gif>

from event-streams.

andrewdunnings commented on August 14, 2024

Hi Edwin,

It's a good sign that the containers are coming up without the network policies in place.

The purpose of the network policies is to enforce restrictions on which pods can communicate with each other on particular ports. For example: the Kafka network policy has a rule that allows Kafka to send traffic to port 2181 of the Zookeeper pod, and similarly the Zookeeper network policy has a rule which allows it to receive traffic from the Kafka pod on port 2181.
These rules are put in place to prevent communication between pods that aren't designed to talk to each other, for security reasons.

It looks like the problem you are experiencing is that the network policies for Kafka and Zookeeper are incorrectly preventing them from communicating, since when you deleted the network policies all of the containers came up. This is unexpected behaviour so I'd like to investigate why this is occurring.

Please could you send the following:

Output of a kubectl get netpol command
The zookeeper-netpol.yaml and kafka-netpol.yaml files
The output of a kubectl describe pod ZOOKEEPER_POD and kubectl describe pod KAFKA_POD of one of each of the new pods

In the short term, you can make a decision whether you are happy to run without the Zookeeper and Kafka network policies in place. The consequence of this would be that the Kafka and Zookeeper pods will be able to contacted by other pods within your cluster.

Thanks,
Andrew

from event-streams.

egargaritano commented on August 14, 2024

Hi Andrew, Here are the results of your request. See attached. I’m happy to run without policies for now so we can just test the functionality. Over time, we would want to enforce security as we might be deploying various kafka namespaces for each environment. Let me know if you have found anything that could be the root cause. Thanks, Edwin From: andrewdunnings <[email protected]> Sent: Friday, February 8, 2019 6:58 AM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Author <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi Edwin, It's a good sign that the containers are coming up without the network policies in place. The purpose of the network policies is to enforce restrictions on which pods can communicate with each other on particular ports. For example: the Kafka network policy has a rule that allows Kafka to send traffic to port 2181 of the Zookeeper pod, and similarly the Zookeeper network policy has a rule which allows it to receive traffic from the Kafka pod on port 2181. These rules are put in place to prevent communication between pods that aren't designed to talk to each other, for security reasons. It looks like the problem you are experiencing is that the network policies for Kafka and Zookeeper are incorrectly preventing them from communicating, since when you deleted the network policies all of the containers came up. This is unexpected behaviour so I'd like to investigate why this is occurring. Please could you send the following: * Output of a kubectl get netpol command * The zookeeper-netpol.yaml and kafka-netpol.yaml files * The output of a kubectl describe pod ZOOKEEPER_POD and kubectl describe pod KAFKA_POD of one of each of the new pods In the short term, you can make a decision whether you are happy to run without the Zookeeper and Kafka network policies in place. The consequence of this would be that the Kafka and Zookeeper pods will be able to contacted by other pods within your cluster. Thanks, Andrew — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswNP8_H5lLTd6IWhm7AzAQh45EfUPks5vLWZjgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswLcND8qiCV46piFP_O98Tg3s6-F5ks5vLWZjgaJpZM4aek3N.gif> Name: kafka-ibm-es-kafka-sts-0 Namespace: thor-namespace Priority: 0 PriorityClassName: <none> Node: 10.69.5.69/10.69.5.69 Start Time: Thu, 07 Feb 2019 22:42:56 -0500 Labels: app=ibm-es chart=ibm-eventstreams-dev component=kafka configMapRevision=default controller-revision-hash=kafka-ibm-es-kafka-sts-54b66596b heritage=Tiller kafka=0 release=kafka serviceSelector=kafka-sts statefulset.kubernetes.io/pod-name=kafka-ibm-es-kafka-sts-0 Annotations: kubernetes.io/psp=ibm-anyuid-hostaccess-psp productID=5737_H33_communityEdition_nonChargeable productName=IBM Event Streams Community Edition productVersion=1.1.0 prometheus.io/port=8081 prometheus.io/scrape=true Status: Running IP: 172.17.104.108 Controlled By: StatefulSet/kafka-ibm-es-kafka-sts Containers: kafka: Container ID: docker://ca168cd0de35f83c99f93fe2038b11553c255b2fec68bc8d1cb2d99581aac574 Image: ibmcom/eventstreams-kafka-ce-icp-linux-amd64:2018-11-23-09.03.09-f51c694 Image ID: docker-pullable://ibmcom/eventstreams-kafka-ce-icp-linux-amd64@sha256:95e5a7ec42ec448cc82f38d1b3c60a4c47ff82ff4091617ef0dd4fd4449ded30 Ports: 9092/TCP, 9093/TCP, 9094/TCP Host Ports: 0/TCP, 0/TCP, 0/TCP State: Running Started: Thu, 07 Feb 2019 22:42:59 -0500 Ready: True Restart Count: 0 Limits: cpu: 1 memory: 2Gi Requests: cpu: 1 memory: 2Gi Liveness: http-get http://:7070/liveness delay=360s timeout=1s period=15s #success=1 #failure=3 Readiness: http-get http://:7070/readiness delay=120s timeout=1s period=15s #success=1 #failure=1 Environment: LICENSE: accept ZK_FIXED_IP_NAME: kafka-ibm-es-zookeeper-fixed-ip-svc NAMESPACE: thor-namespace RELEASE: kafka CLUSTER_NAME: <set to the key 'clusterName' in secret 'kafka-ibm-es-oauth-secret'> Optional: false ES_API_KEY: <set to the key 'eventstreams-kafka-api-key' in secret 'kafka-ibm-es-iam-secret'> Optional: false KAFKA_HEAP_OPTS: -XX:+UseContainerSupport KAFKA_LISTENERS: INTERNAL://:9092,EXTERNAL://:9093,INTERNAL_SECURE://:9094 LISTENER_SECURITY_PROTOCOL_MAP: INTERNAL:PLAINTEXT,EXTERNAL:SASL_PLAINTEXT,INTERNAL_SECURE:SASL_PLAINTEXT ACCESS_CONTROLLER_HOSTNAME: kafka-ibm-es-access-controller-svc ACCESS_CONTROLLER_PORT: 8443 ADVERTISED_LISTENERS: INTERNAL://:9092,INTERNAL_SECURE://:8084 INTER_BROKER_PROTOCOL_VERSION: 2.0 LOG_MESSAGE_FORMAT_VERSION: 2.0 ROOT_LOGGING_LEVEL: INFO BROKER_LOGGING_LEVEL: INFO REQUEST_LOGGING_LEVEL: WARN LOG_CLEANER_LOGGING_LEVEL: INFO KAFKA_AUTH_LOGGING_LEVEL: INFO LOG_TO_STDOUT: false Mounts: /var/data from tempdir (rw) /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) metrics-reporter: Container ID: docker://8f4b1e37cf057033895d4bf13a62b701ec17a39634d0a511e749c53fe07a81a9 Image: ibmcom/eventstreams-kafka-metrics-reporter-ce-icp-linux-amd64:2018-11-15-16.03.55-fc56475 Image ID: docker-pullable://ibmcom/eventstreams-kafka-metrics-reporter-ce-icp-linux-amd64@sha256:51972c7039568fcf797e7b210d3ef4aec49abcf17ee9b9c7caeab948de07d09e Port: 8081/TCP Host Port: 0/TCP State: Running Started: Thu, 07 Feb 2019 22:43:00 -0500 Ready: True Restart Count: 0 Limits: memory: 1500Mi Requests: memory: 1500Mi Liveness: tcp-socket :8081 delay=120s timeout=30s period=30s #success=1 #failure=100 Readiness: http-get http://:8081/metrics delay=90s timeout=30s period=30s #success=1 #failure=100 Environment: LICENSE: accept NAMESPACE: thor-namespace METRICS_PORT: 8081 IBM_JAVA_OPTIONS: -XX:+UseContainerSupport Mounts: /etc/kafka-metrics-reporter from metrics-config-volume (rw) /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) metrics-proxy: Container ID: docker://112dbca622d955898d0af1bcf3bd0cec22d4f09c9ef8ebf6567c1a2acb0d53cf Image: ibmcom/eventstreams-kafka-metrics-proxy-ce-icp-linux-amd64:2018-11-22-13.44.45-932c41b Image ID: docker-pullable://ibmcom/eventstreams-kafka-metrics-proxy-ce-icp-linux-amd64@sha256:9f0e1f161be4daeee6726f9925ef40d66d1b71faefc8e789c6df5d0816838c44 Ports: 8093/TCP, 8084/TCP, 8080/TCP Host Ports: 0/TCP, 0/TCP, 0/TCP State: Running Started: Thu, 07 Feb 2019 22:43:01 -0500 Ready: True Restart Count: 0 Liveness: http-get http://:8080/live delay=15s timeout=1s period=15s #success=1 #failure=3 Readiness: http-get http://:8080/ready delay=1s timeout=1s period=5s #success=1 #failure=3 Environment: LICENSE: accept ES_PROXY_CONFIG: { "routes": "[{\"port\":8093, \"service\": \"localhost:9093\"}, {\"port\":8084, \"service\": \"localhost:9094\"}]", "tlsEnabled": "false", "updateURL": "http://kafka-ibm-es-indexmgr-svc:8080/update", "deletionURL": "http://kafka-ibm-es-indexmgr-svc:8080/topicDelete", "connectionTimeoutMs": "3600000", "traceLevel": "0", "logFormat": "json" } Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) healthcheck: Container ID: docker://7b624dab2eeb1602eba573487e04377437bfa85271cc51a8674923ea49605769 Image: ibmcom/eventstreams-healthcheck-ce-icp-linux-amd64:2018-11-21-16.21.30-9947d87 Image ID: docker-pullable://ibmcom/eventstreams-healthcheck-ce-icp-linux-amd64@sha256:19e78c55cb4fee2a94991f6f86837d967621efa3a4991be31aee7dee735e40dd Port: 7070/TCP Host Port: 0/TCP State: Running Started: Thu, 07 Feb 2019 22:43:02 -0500 Ready: True Restart Count: 0 Liveness: http-get http://:7070/healthz delay=180s timeout=1s period=15s #success=1 #failure=3 Readiness: http-get http://:7070/healthz delay=150s timeout=1s period=15s #success=1 #failure=3 Environment: LICENSE: accept NAMESPACE: thor-namespace ZOOKEEPER_CONNECT: kafka-ibm-es-zookeeper-fixed-ip-svc-0:2181,kafka-ibm-es-zookeeper-fixed-ip-svc-1:2181,kafka-ibm-es-zookeeper-fixed-ip-svc-2:2181 Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: metrics-config-volume: Type: ConfigMap (a volume populated by a ConfigMap) Name: kafka-ibm-es-metrics-cm Optional: false tempdir: Type: EmptyDir (a temporary directory that shares a pod's lifetime) Medium: kafka-ibm-es-kafka-sa-token-glds8: Type: Secret (a volume populated by a Secret) SecretName: kafka-ibm-es-kafka-sa-token-glds8 Optional: false QoS Class: Burstable Node-Selectors: <none> Tolerations: node.kubernetes.io/memory-pressure:NoSchedule node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning Unhealthy 35m (x5 over 12h) kubelet, 10.69.5.69 Liveness probe failed: Get http://172.17.104.108:7070/liveness: net/http: request canceled (Client.Timeout exceeded while awaiting headers) Name: kafka-ibm-es-kafka-sts-1 Namespace: thor-namespace Priority: 0 PriorityClassName: <none> Node: 10.69.5.68/10.69.5.68 Start Time: Thu, 07 Feb 2019 22:42:46 -0500 Labels: app=ibm-es chart=ibm-eventstreams-dev component=kafka configMapRevision=default controller-revision-hash=kafka-ibm-es-kafka-sts-54b66596b heritage=Tiller kafka=1 release=kafka serviceSelector=kafka-sts statefulset.kubernetes.io/pod-name=kafka-ibm-es-kafka-sts-1 Annotations: kubernetes.io/psp=ibm-anyuid-hostaccess-psp productID=5737_H33_communityEdition_nonChargeable productName=IBM Event Streams Community Edition productVersion=1.1.0 prometheus.io/port=8081 prometheus.io/scrape=true Status: Running IP: 172.17.106.164 Controlled By: StatefulSet/kafka-ibm-es-kafka-sts Containers: kafka: Container ID: docker://63b3798f242cfc3446eec8bb7cad6b97db4e46a09e6cf6aab6fbd2e374f3ad8a Image: ibmcom/eventstreams-kafka-ce-icp-linux-amd64:2018-11-23-09.03.09-f51c694 Image ID: docker-pullable://ibmcom/eventstreams-kafka-ce-icp-linux-amd64@sha256:95e5a7ec42ec448cc82f38d1b3c60a4c47ff82ff4091617ef0dd4fd4449ded30 Ports: 9092/TCP, 9093/TCP, 9094/TCP Host Ports: 0/TCP, 0/TCP, 0/TCP State: Running Started: Thu, 07 Feb 2019 22:42:49 -0500 Ready: True Restart Count: 0 Limits: cpu: 1 memory: 2Gi Requests: cpu: 1 memory: 2Gi Liveness: http-get http://:7070/liveness delay=360s timeout=1s period=15s #success=1 #failure=3 Readiness: http-get http://:7070/readiness delay=120s timeout=1s period=15s #success=1 #failure=1 Environment: LICENSE: accept ZK_FIXED_IP_NAME: kafka-ibm-es-zookeeper-fixed-ip-svc NAMESPACE: thor-namespace RELEASE: kafka CLUSTER_NAME: <set to the key 'clusterName' in secret 'kafka-ibm-es-oauth-secret'> Optional: false ES_API_KEY: <set to the key 'eventstreams-kafka-api-key' in secret 'kafka-ibm-es-iam-secret'> Optional: false KAFKA_HEAP_OPTS: -XX:+UseContainerSupport KAFKA_LISTENERS: INTERNAL://:9092,EXTERNAL://:9093,INTERNAL_SECURE://:9094 LISTENER_SECURITY_PROTOCOL_MAP: INTERNAL:PLAINTEXT,EXTERNAL:SASL_PLAINTEXT,INTERNAL_SECURE:SASL_PLAINTEXT ACCESS_CONTROLLER_HOSTNAME: kafka-ibm-es-access-controller-svc ACCESS_CONTROLLER_PORT: 8443 ADVERTISED_LISTENERS: INTERNAL://:9092,INTERNAL_SECURE://:8084 INTER_BROKER_PROTOCOL_VERSION: 2.0 LOG_MESSAGE_FORMAT_VERSION: 2.0 ROOT_LOGGING_LEVEL: INFO BROKER_LOGGING_LEVEL: INFO REQUEST_LOGGING_LEVEL: WARN LOG_CLEANER_LOGGING_LEVEL: INFO KAFKA_AUTH_LOGGING_LEVEL: INFO LOG_TO_STDOUT: false Mounts: /var/data from tempdir (rw) /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) metrics-reporter: Container ID: docker://bfd454360a21e449a8f39d2ad034cd09519e1df3317ee4627e518e78f6e2eda5 Image: ibmcom/eventstreams-kafka-metrics-reporter-ce-icp-linux-amd64:2018-11-15-16.03.55-fc56475 Image ID: docker-pullable://ibmcom/eventstreams-kafka-metrics-reporter-ce-icp-linux-amd64@sha256:51972c7039568fcf797e7b210d3ef4aec49abcf17ee9b9c7caeab948de07d09e Port: 8081/TCP Host Port: 0/TCP State: Running Started: Thu, 07 Feb 2019 22:42:51 -0500 Ready: True Restart Count: 0 Limits: memory: 1500Mi Requests: memory: 1500Mi Liveness: tcp-socket :8081 delay=120s timeout=30s period=30s #success=1 #failure=100 Readiness: http-get http://:8081/metrics delay=90s timeout=30s period=30s #success=1 #failure=100 Environment: LICENSE: accept NAMESPACE: thor-namespace METRICS_PORT: 8081 IBM_JAVA_OPTIONS: -XX:+UseContainerSupport Mounts: /etc/kafka-metrics-reporter from metrics-config-volume (rw) /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) metrics-proxy: Container ID: docker://88f1dc7208f1eea6301ca2ad1a797819941169d1cd624368a044c6cea01b12f9 Image: ibmcom/eventstreams-kafka-metrics-proxy-ce-icp-linux-amd64:2018-11-22-13.44.45-932c41b Image ID: docker-pullable://ibmcom/eventstreams-kafka-metrics-proxy-ce-icp-linux-amd64@sha256:9f0e1f161be4daeee6726f9925ef40d66d1b71faefc8e789c6df5d0816838c44 Ports: 8093/TCP, 8084/TCP, 8080/TCP Host Ports: 0/TCP, 0/TCP, 0/TCP State: Running Started: Thu, 07 Feb 2019 22:42:52 -0500 Ready: True Restart Count: 0 Liveness: http-get http://:8080/live delay=15s timeout=1s period=15s #success=1 #failure=3 Readiness: http-get http://:8080/ready delay=1s timeout=1s period=5s #success=1 #failure=3 Environment: LICENSE: accept ES_PROXY_CONFIG: { "routes": "[{\"port\":8093, \"service\": \"localhost:9093\"}, {\"port\":8084, \"service\": \"localhost:9094\"}]", "tlsEnabled": "false", "updateURL": "http://kafka-ibm-es-indexmgr-svc:8080/update", "deletionURL": "http://kafka-ibm-es-indexmgr-svc:8080/topicDelete", "connectionTimeoutMs": "3600000", "traceLevel": "0", "logFormat": "json" } Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) healthcheck: Container ID: docker://6c0a7d0488dd08dd718ed5a3ff0793e99665d4c0eb5aec71fdc6f551ff643825 Image: ibmcom/eventstreams-healthcheck-ce-icp-linux-amd64:2018-11-21-16.21.30-9947d87 Image ID: docker-pullable://ibmcom/eventstreams-healthcheck-ce-icp-linux-amd64@sha256:19e78c55cb4fee2a94991f6f86837d967621efa3a4991be31aee7dee735e40dd Port: 7070/TCP Host Port: 0/TCP State: Running Started: Thu, 07 Feb 2019 22:42:53 -0500 Ready: True Restart Count: 0 Liveness: http-get http://:7070/healthz delay=180s timeout=1s period=15s #success=1 #failure=3 Readiness: http-get http://:7070/healthz delay=150s timeout=1s period=15s #success=1 #failure=3 Environment: LICENSE: accept NAMESPACE: thor-namespace ZOOKEEPER_CONNECT: kafka-ibm-es-zookeeper-fixed-ip-svc-0:2181,kafka-ibm-es-zookeeper-fixed-ip-svc-1:2181,kafka-ibm-es-zookeeper-fixed-ip-svc-2:2181 Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: metrics-config-volume: Type: ConfigMap (a volume populated by a ConfigMap) Name: kafka-ibm-es-metrics-cm Optional: false tempdir: Type: EmptyDir (a temporary directory that shares a pod's lifetime) Medium: kafka-ibm-es-kafka-sa-token-glds8: Type: Secret (a volume populated by a Secret) SecretName: kafka-ibm-es-kafka-sa-token-glds8 Optional: false QoS Class: Burstable Node-Selectors: <none> Tolerations: node.kubernetes.io/memory-pressure:NoSchedule node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning Unhealthy 37m (x5 over 12h) kubelet, 10.69.5.68 Liveness probe failed: Get http://172.17.106.164:7070/liveness: net/http: request canceled (Client.Timeout exceeded while awaiting headers) Name: kafka-ibm-es-kafka-sts-2 Namespace: thor-namespace Priority: 0 PriorityClassName: <none> Node: 10.69.5.67/10.69.5.67 Start Time: Thu, 07 Feb 2019 22:43:15 -0500 Labels: app=ibm-es chart=ibm-eventstreams-dev component=kafka configMapRevision=default controller-revision-hash=kafka-ibm-es-kafka-sts-54b66596b heritage=Tiller kafka=2 release=kafka serviceSelector=kafka-sts statefulset.kubernetes.io/pod-name=kafka-ibm-es-kafka-sts-2 Annotations: kubernetes.io/psp=ibm-anyuid-hostaccess-psp productID=5737_H33_communityEdition_nonChargeable productName=IBM Event Streams Community Edition productVersion=1.1.0 prometheus.io/port=8081 prometheus.io/scrape=true Status: Running IP: 172.17.86.162 Controlled By: StatefulSet/kafka-ibm-es-kafka-sts Containers: kafka: Container ID: docker://5162fe7472eba55922781f899724e2f052105573e98fea0c8aea9481f1f417e8 Image: ibmcom/eventstreams-kafka-ce-icp-linux-amd64:2018-11-23-09.03.09-f51c694 Image ID: docker-pullable://ibmcom/eventstreams-kafka-ce-icp-linux-amd64@sha256:95e5a7ec42ec448cc82f38d1b3c60a4c47ff82ff4091617ef0dd4fd4449ded30 Ports: 9092/TCP, 9093/TCP, 9094/TCP Host Ports: 0/TCP, 0/TCP, 0/TCP State: Running Started: Thu, 07 Feb 2019 22:43:18 -0500 Ready: True Restart Count: 0 Limits: cpu: 1 memory: 2Gi Requests: cpu: 1 memory: 2Gi Liveness: http-get http://:7070/liveness delay=360s timeout=1s period=15s #success=1 #failure=3 Readiness: http-get http://:7070/readiness delay=120s timeout=1s period=15s #success=1 #failure=1 Environment: LICENSE: accept ZK_FIXED_IP_NAME: kafka-ibm-es-zookeeper-fixed-ip-svc NAMESPACE: thor-namespace RELEASE: kafka CLUSTER_NAME: <set to the key 'clusterName' in secret 'kafka-ibm-es-oauth-secret'> Optional: false ES_API_KEY: <set to the key 'eventstreams-kafka-api-key' in secret 'kafka-ibm-es-iam-secret'> Optional: false KAFKA_HEAP_OPTS: -XX:+UseContainerSupport KAFKA_LISTENERS: INTERNAL://:9092,EXTERNAL://:9093,INTERNAL_SECURE://:9094 LISTENER_SECURITY_PROTOCOL_MAP: INTERNAL:PLAINTEXT,EXTERNAL:SASL_PLAINTEXT,INTERNAL_SECURE:SASL_PLAINTEXT ACCESS_CONTROLLER_HOSTNAME: kafka-ibm-es-access-controller-svc ACCESS_CONTROLLER_PORT: 8443 ADVERTISED_LISTENERS: INTERNAL://:9092,INTERNAL_SECURE://:8084 INTER_BROKER_PROTOCOL_VERSION: 2.0 LOG_MESSAGE_FORMAT_VERSION: 2.0 ROOT_LOGGING_LEVEL: INFO BROKER_LOGGING_LEVEL: INFO REQUEST_LOGGING_LEVEL: WARN LOG_CLEANER_LOGGING_LEVEL: INFO KAFKA_AUTH_LOGGING_LEVEL: INFO LOG_TO_STDOUT: false Mounts: /var/data from tempdir (rw) /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) metrics-reporter: Container ID: docker://af2ff2e234bbf5c9e0ef4fec8cdac59de86a32c2c9efffe7c05e06c5b223a1e0 Image: ibmcom/eventstreams-kafka-metrics-reporter-ce-icp-linux-amd64:2018-11-15-16.03.55-fc56475 Image ID: docker-pullable://ibmcom/eventstreams-kafka-metrics-reporter-ce-icp-linux-amd64@sha256:51972c7039568fcf797e7b210d3ef4aec49abcf17ee9b9c7caeab948de07d09e Port: 8081/TCP Host Port: 0/TCP State: Running Started: Thu, 07 Feb 2019 22:43:20 -0500 Ready: True Restart Count: 0 Limits: memory: 1500Mi Requests: memory: 1500Mi Liveness: tcp-socket :8081 delay=120s timeout=30s period=30s #success=1 #failure=100 Readiness: http-get http://:8081/metrics delay=90s timeout=30s period=30s #success=1 #failure=100 Environment: LICENSE: accept NAMESPACE: thor-namespace METRICS_PORT: 8081 IBM_JAVA_OPTIONS: -XX:+UseContainerSupport Mounts: /etc/kafka-metrics-reporter from metrics-config-volume (rw) /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) metrics-proxy: Container ID: docker://cd691c3cf679ca8b98ef782677a62e0d3e24fbcc65f7eaffdbf2a18a670a7a67 Image: ibmcom/eventstreams-kafka-metrics-proxy-ce-icp-linux-amd64:2018-11-22-13.44.45-932c41b Image ID: docker-pullable://ibmcom/eventstreams-kafka-metrics-proxy-ce-icp-linux-amd64@sha256:9f0e1f161be4daeee6726f9925ef40d66d1b71faefc8e789c6df5d0816838c44 Ports: 8093/TCP, 8084/TCP, 8080/TCP Host Ports: 0/TCP, 0/TCP, 0/TCP State: Running Started: Thu, 07 Feb 2019 22:43:21 -0500 Ready: True Restart Count: 0 Liveness: http-get http://:8080/live delay=15s timeout=1s period=15s #success=1 #failure=3 Readiness: http-get http://:8080/ready delay=1s timeout=1s period=5s #success=1 #failure=3 Environment: LICENSE: accept ES_PROXY_CONFIG: { "routes": "[{\"port\":8093, \"service\": \"localhost:9093\"}, {\"port\":8084, \"service\": \"localhost:9094\"}]", "tlsEnabled": "false", "updateURL": "http://kafka-ibm-es-indexmgr-svc:8080/update", "deletionURL": "http://kafka-ibm-es-indexmgr-svc:8080/topicDelete", "connectionTimeoutMs": "3600000", "traceLevel": "0", "logFormat": "json" } Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) healthcheck: Container ID: docker://79a18e347636f55e6be2f80f5e138a4cd4826d0510a49516c633941453d9c00e Image: ibmcom/eventstreams-healthcheck-ce-icp-linux-amd64:2018-11-21-16.21.30-9947d87 Image ID: docker-pullable://ibmcom/eventstreams-healthcheck-ce-icp-linux-amd64@sha256:19e78c55cb4fee2a94991f6f86837d967621efa3a4991be31aee7dee735e40dd Port: 7070/TCP Host Port: 0/TCP State: Running Started: Thu, 07 Feb 2019 22:43:23 -0500 Ready: True Restart Count: 0 Liveness: http-get http://:7070/healthz delay=180s timeout=1s period=15s #success=1 #failure=3 Readiness: http-get http://:7070/healthz delay=150s timeout=1s period=15s #success=1 #failure=3 Environment: LICENSE: accept NAMESPACE: thor-namespace ZOOKEEPER_CONNECT: kafka-ibm-es-zookeeper-fixed-ip-svc-0:2181,kafka-ibm-es-zookeeper-fixed-ip-svc-1:2181,kafka-ibm-es-zookeeper-fixed-ip-svc-2:2181 Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: metrics-config-volume: Type: ConfigMap (a volume populated by a ConfigMap) Name: kafka-ibm-es-metrics-cm Optional: false tempdir: Type: EmptyDir (a temporary directory that shares a pod's lifetime) Medium: kafka-ibm-es-kafka-sa-token-glds8: Type: Secret (a volume populated by a Secret) SecretName: kafka-ibm-es-kafka-sa-token-glds8 Optional: false QoS Class: Burstable Node-Selectors: <none> Tolerations: node.kubernetes.io/memory-pressure:NoSchedule node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning Unhealthy 35m (x5 over 12h) kubelet, 10.69.5.67 Liveness probe failed: Get http://172.17.86.162:7070/liveness: net/http: request canceled (Client.Timeout exceeded while awaiting headers) Name: kafka-ibm-es-zookeeper-sts-0 Namespace: thor-namespace Priority: 0 PriorityClassName: <none> Node: 10.69.5.67/10.69.5.67 Start Time: Thu, 07 Feb 2019 22:40:18 -0500 Labels: app=ibm-es chart=zookeeper component=zookeeper controller-revision-hash=kafka-ibm-es-zookeeper-sts-858cb9d5f8 heritage=Tiller mhub.ibm.com/auto-zookeeper-index=0 release=kafka serviceSelector=zookeeper-sts statefulset.kubernetes.io/pod-name=kafka-ibm-es-zookeeper-sts-0 zookeeper=0 Annotations: kubernetes.io/psp=ibm-anyuid-hostaccess-psp productID=5737_H33_communityEdition_nonChargeable productName=IBM Event Streams Community Edition productVersion=1.1.0 Status: Running IP: 172.17.86.161 Controlled By: StatefulSet/kafka-ibm-es-zookeeper-sts Containers: zookeeper: Container ID: docker://43a0e5c167fc51a1bdd0d3696f8554803a60e46b569be8576070c831512cbf88 Image: ibmcom/eventstreams-zookeeper-ce-icp-linux-amd64:2018-11-15-16.04.27-97fcd55 Image ID: docker-pullable://ibmcom/eventstreams-zookeeper-ce-icp-linux-amd64@sha256:3cef1e510b0e8aef1a24e04104d22c619ed5dec0dd955911cb34ebee49516bb5 Ports: 2181/TCP, 2888/TCP, 3888/TCP Host Ports: 0/TCP, 0/TCP, 0/TCP State: Running Started: Thu, 07 Feb 2019 22:40:23 -0500 Ready: True Restart Count: 0 Limits: cpu: 100m memory: 1Gi Requests: cpu: 100m memory: 750Mi Liveness: exec [zkOk.sh] delay=15s timeout=15s period=20s #success=1 #failure=10 Readiness: exec [zkReady.sh] delay=15s timeout=15s period=20s #success=1 #failure=10 Environment: LICENSE: accept ZK_ENSEMBLE: kafka-ibm-es-zookeeper-fixed-ip-svc-0.thor-namespace.svc.cluster.local;kafka-ibm-es-zookeeper-fixed-ip-svc-1.thor-namespace.svc.cluster.local;kafka-ibm-es-zookeeper-fixed-ip-svc-2.thor-namespace.svc.cluster.local; ZK_TICK_TIME: 2000 ZK_INIT_LIMIT: 10 ZK_SYNC_LIMIT: 5 ZK_MAX_CLIENT_CNXNS: 60 ZK_SNAP_RETAIN_COUNT: 3 ZK_PURGE_INTERVAL: 1 ZK_CLIENT_PORT: 2181 ZK_SERVER_PORT: 2888 ZK_ELECTION_PORT: 3888 ZK_REPLICAS: 3 NAMESPACE: thor-namespace Mounts: /var/lib/zookeeper from tempdir (rw) /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: tempdir: Type: EmptyDir (a temporary directory that shares a pod's lifetime) Medium: license-accept: Type: ConfigMap (a volume populated by a ConfigMap) Name: kafka-license-accept Optional: false kafka-ibm-es-kafka-sa-token-glds8: Type: Secret (a volume populated by a Secret) SecretName: kafka-ibm-es-kafka-sa-token-glds8 Optional: false QoS Class: Burstable Node-Selectors: <none> Tolerations: node.kubernetes.io/memory-pressure:NoSchedule node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: <none> Name: kafka-ibm-es-zookeeper-sts-1 Namespace: thor-namespace Priority: 0 PriorityClassName: <none> Node: 10.69.5.69/10.69.5.69 Start Time: Thu, 07 Feb 2019 22:41:44 -0500 Labels: app=ibm-es chart=zookeeper component=zookeeper controller-revision-hash=kafka-ibm-es-zookeeper-sts-858cb9d5f8 heritage=Tiller mhub.ibm.com/auto-zookeeper-index=1 release=kafka serviceSelector=zookeeper-sts statefulset.kubernetes.io/pod-name=kafka-ibm-es-zookeeper-sts-1 zookeeper=1 Annotations: kubernetes.io/psp=ibm-anyuid-hostaccess-psp productID=5737_H33_communityEdition_nonChargeable productName=IBM Event Streams Community Edition productVersion=1.1.0 Status: Running IP: 172.17.104.107 Controlled By: StatefulSet/kafka-ibm-es-zookeeper-sts Containers: zookeeper: Container ID: docker://f7c4f1a9ae43fa9122c4a97d646c274ccdbc365d8d6dcbc2658f99b28948081c Image: ibmcom/eventstreams-zookeeper-ce-icp-linux-amd64:2018-11-15-16.04.27-97fcd55 Image ID: docker-pullable://ibmcom/eventstreams-zookeeper-ce-icp-linux-amd64@sha256:3cef1e510b0e8aef1a24e04104d22c619ed5dec0dd955911cb34ebee49516bb5 Ports: 2181/TCP, 2888/TCP, 3888/TCP Host Ports: 0/TCP, 0/TCP, 0/TCP State: Running Started: Thu, 07 Feb 2019 22:41:48 -0500 Ready: True Restart Count: 0 Limits: cpu: 100m memory: 1Gi Requests: cpu: 100m memory: 750Mi Liveness: exec [zkOk.sh] delay=15s timeout=15s period=20s #success=1 #failure=10 Readiness: exec [zkReady.sh] delay=15s timeout=15s period=20s #success=1 #failure=10 Environment: LICENSE: accept ZK_ENSEMBLE: kafka-ibm-es-zookeeper-fixed-ip-svc-0.thor-namespace.svc.cluster.local;kafka-ibm-es-zookeeper-fixed-ip-svc-1.thor-namespace.svc.cluster.local;kafka-ibm-es-zookeeper-fixed-ip-svc-2.thor-namespace.svc.cluster.local; ZK_TICK_TIME: 2000 ZK_INIT_LIMIT: 10 ZK_SYNC_LIMIT: 5 ZK_MAX_CLIENT_CNXNS: 60 ZK_SNAP_RETAIN_COUNT: 3 ZK_PURGE_INTERVAL: 1 ZK_CLIENT_PORT: 2181 ZK_SERVER_PORT: 2888 ZK_ELECTION_PORT: 3888 ZK_REPLICAS: 3 NAMESPACE: thor-namespace Mounts: /var/lib/zookeeper from tempdir (rw) /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: tempdir: Type: EmptyDir (a temporary directory that shares a pod's lifetime) Medium: license-accept: Type: ConfigMap (a volume populated by a ConfigMap) Name: kafka-license-accept Optional: false kafka-ibm-es-kafka-sa-token-glds8: Type: Secret (a volume populated by a Secret) SecretName: kafka-ibm-es-kafka-sa-token-glds8 Optional: false QoS Class: Burstable Node-Selectors: <none> Tolerations: node.kubernetes.io/memory-pressure:NoSchedule node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: <none> Name: kafka-ibm-es-zookeeper-sts-2 Namespace: thor-namespace Priority: 0 PriorityClassName: <none> Node: 10.69.5.68/10.69.5.68 Start Time: Thu, 07 Feb 2019 22:41:26 -0500 Labels: app=ibm-es chart=zookeeper component=zookeeper controller-revision-hash=kafka-ibm-es-zookeeper-sts-858cb9d5f8 heritage=Tiller mhub.ibm.com/auto-zookeeper-index=2 release=kafka serviceSelector=zookeeper-sts statefulset.kubernetes.io/pod-name=kafka-ibm-es-zookeeper-sts-2 zookeeper=2 Annotations: kubernetes.io/psp=ibm-anyuid-hostaccess-psp productID=5737_H33_communityEdition_nonChargeable productName=IBM Event Streams Community Edition productVersion=1.1.0 Status: Running IP: 172.17.106.163 Controlled By: StatefulSet/kafka-ibm-es-zookeeper-sts Containers: zookeeper: Container ID: docker://a47b5b7646e6dcca59b67945058f543ee1ee59eb2c013763c56aa1b090524b6a Image: ibmcom/eventstreams-zookeeper-ce-icp-linux-amd64:2018-11-15-16.04.27-97fcd55 Image ID: docker-pullable://ibmcom/eventstreams-zookeeper-ce-icp-linux-amd64@sha256:3cef1e510b0e8aef1a24e04104d22c619ed5dec0dd955911cb34ebee49516bb5 Ports: 2181/TCP, 2888/TCP, 3888/TCP Host Ports: 0/TCP, 0/TCP, 0/TCP State: Running Started: Thu, 07 Feb 2019 22:41:31 -0500 Ready: True Restart Count: 0 Limits: cpu: 100m memory: 1Gi Requests: cpu: 100m memory: 750Mi Liveness: exec [zkOk.sh] delay=15s timeout=15s period=20s #success=1 #failure=10 Readiness: exec [zkReady.sh] delay=15s timeout=15s period=20s #success=1 #failure=10 Environment: LICENSE: accept ZK_ENSEMBLE: kafka-ibm-es-zookeeper-fixed-ip-svc-0.thor-namespace.svc.cluster.local;kafka-ibm-es-zookeeper-fixed-ip-svc-1.thor-namespace.svc.cluster.local;kafka-ibm-es-zookeeper-fixed-ip-svc-2.thor-namespace.svc.cluster.local; ZK_TICK_TIME: 2000 ZK_INIT_LIMIT: 10 ZK_SYNC_LIMIT: 5 ZK_MAX_CLIENT_CNXNS: 60 ZK_SNAP_RETAIN_COUNT: 3 ZK_PURGE_INTERVAL: 1 ZK_CLIENT_PORT: 2181 ZK_SERVER_PORT: 2888 ZK_ELECTION_PORT: 3888 ZK_REPLICAS: 3 NAMESPACE: thor-namespace Mounts: /var/lib/zookeeper from tempdir (rw) /var/run/secrets/kubernetes.io/serviceaccount from kafka-ibm-es-kafka-sa-token-glds8 (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: tempdir: Type: EmptyDir (a temporary directory that shares a pod's lifetime) Medium: license-accept: Type: ConfigMap (a volume populated by a ConfigMap) Name: kafka-license-accept Optional: false kafka-ibm-es-kafka-sa-token-glds8: Type: Secret (a volume populated by a Secret) SecretName: kafka-ibm-es-kafka-sa-token-glds8 Optional: false QoS Class: Burstable Node-Selectors: <none> Tolerations: node.kubernetes.io/memory-pressure:NoSchedule node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: <none>

from event-streams.

EmmaHumber commented on August 14, 2024

Hi Edwin

Thanks for the output of the kafka and zookeeper kubectl describe pods commands

Could you also supply the contents of the two .yaml files used to save the network policy information, ie zookeeper-netpol.yaml and kafkan-netpol.yaml

It looks like something has gone awry with the network policy and we'll need these two files to start to understand what that might be.

Thank you!
Emma

from event-streams.

egargaritano commented on August 14, 2024

Thanks Emma. Please see attached yaml files. Regards, Edwin From: EmmaHumber <[email protected]> Sent: Friday, February 8, 2019 6:07 PM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Author <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi Edwin Thanks for the output of the kafka and zookeeper kubectl describe pods commands Could you also supply the contents of the two .yaml files used to save the network policy information, ie zookeeper-netpol.yaml and kafkan-netpol.yaml It looks like something has gone awry with the network policy and we'll need these two files to start to understand what that might be. Thank you! Emma — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswOGiphAzpMoHbcQFXdCFc7zTc3ezks5vLgMXgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswMDbyUK3CNDqIWqIulgaE3X-6ALFks5vLgMXgaJpZM4aek3N.gif>

from event-streams.

EmmaHumber commented on August 14, 2024

HI @egargaritano There's still something odd about how files get attached to this issue and I can't see them.

Could you copy and paste the text of the two network policy output files into the email response directly as you did for the kubectl describe commands above, as that way I can see the content.

Thanks
Emma

from event-streams.

EmmaHumber commented on August 14, 2024

Hi @egargaritano

The network policies for Kafka, Zookeeper and the deny policy match my working system, the ports look correct, as do the container names and policy labels.

So, let's start back at the beginning.

Disable SE Linux
Install a fresh Event Streams with a new release name
Check the pods all come up

Let me know how you get on.

Thanks
Emma

from event-streams.

egargaritano commented on August 14, 2024

Thanks Emma. I opened a PMR ticket to help out on the ICP part and they have recommended to uninstall the ICP-CE version and install the ICP-EE version instead. Also will reinstall the EventStreams after that as you suggested. I will keep you up-to-date as to the status of this. Thanks for all your help. Regards, Edwin From: EmmaHumber <[email protected]> Sent: February 12, 2019 10:20 AM To: IBM/event-streams <[email protected]> Cc: egargaritano <[email protected]>; Mention <[email protected]> Subject: Re: [IBM/event-streams] Event Streams- Broker component not available in namespace. (#17) Hi @egargaritano <https://github.com/egargaritano> The network policies for Kafka, Zookeeper and the deny policy match my working system, the ports look correct, as do the container names and policy labels. So, let's start back at the beginning. 1. Disable SE Linux 2. Install a fresh Event Streams with a new release name 3. Check the pods all come up Let me know how you get on. Thanks Emma — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#17 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AeVswDB4t_vkUeSlRMvFU0sDXsmfuJT3ks5vMtuQgaJpZM4aek3N> . <https://github.com/notifications/beacon/AeVswLieS_ONnlcckRUHd8B__JCwGRmQks5vMtuQgaJpZM4aek3N.gif>

from event-streams.

EmmaHumber commented on August 14, 2024

Hi Edwin,

From the PMR ticket I saw I think you're up and running.

I'm closing this off for now, please do reopen if you have any further issues.

Thanks
Emma

from event-streams.

Event Streams- Broker component not available in namespace. about event-streams HOT 23 CLOSED

Comments (23)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent