-
Notifications
You must be signed in to change notification settings - Fork 107
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Struggled with Configuring DigitalOcean's Load Balancer, Now Cannot Deploy Applications, Still #405
Comments
More information about the single-container app
apiVersion: application.kubero.dev/v1alpha1
kind: KuberoApp
metadata:
creationTimestamp: "2024-09-17T18:49:36Z"
generation: 4
labels:
manager: kubero
name: flatnotes
namespace: example-production
resourceVersion: "142255"
uid: 10024ceb-562f-4e3c-969e-a72c53bf905d
spec:
addons: []
affinity: {}
autodeploy: true
autoscale: true
autoscaling:
enabled: true
branch: main
buildstrategy: plain
cronjobs: []
deploymentstrategy: docker
envVars:
- name: FLATNOTES_AUTH_TYPE
value: password
- name: FLATNOTES_USERNAME
value: diraneyya
- name: FLATNOTES_PASSWORD
value: 5cBKHhP1GWDv8i
- name: FLATNOTES_SECRET_KEY
value: zjUEHMbj53I8No9RX9u0yc0hiXPyeL
extraVolumes:
- accessMode: ReadWriteOnce
accessModes:
- ReadWriteMany
emptyDir: false
mountPath: /app/data
name: data-volume
size: 0.2Gi
storageClass: standard
fullnameOverride: ""
gitrepo:
admin: false
clone_url: ""
ssh_url: ""
image:
build:
command: npm install
repository: node
securityContext:
allowPrivilegeEscalation: false
capabilities:
add: []
drop: []
readOnlyRootFilesystem: false
runAsGroup: 0
runAsNonRoot: false
runAsUser: 1000
tag: latest
containerPort: 8080
fetch:
repository: ghcr.io/kubero-dev/fetch
securityContext:
allowPrivilegeEscalation: false
capabilities:
add: []
drop: []
readOnlyRootFilesystem: false
runAsGroup: 0
runAsNonRoot: false
runAsUser: 1000
tag: v1
pullPolicy: Always
repository: dullage/flatnotes:latest
run:
command: node index.js
readOnlyAppStorage: false
repository: node
securityContext:
allowPrivilegeEscalation: false
capabilities:
add: []
drop: []
readOnlyRootFilesystem: false
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
tag: latest
tag: latest
imagePullSecrets: []
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: true
className: nginx
enabled: true
hosts:
- host: flatnotes.example.theworkgroup.org
paths:
- path: /
pathType: ImplementationSpecific
tls:
- hosts: []
secretName: flatnotes-tls
name: flatnotes
nameOverride: ""
nodeSelector: {}
phase: production
pipeline: example
podAnnotations: {}
podSecurityContext: {}
podsize:
default: true
description: 'Small (CPU: 0.25, Memory: 0.5Gi)'
name: small
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 250m
memory: 0.5Gi
replicaCount: 1
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 250m
memory: 0.5Gi
service:
port: 80
type: ClusterIP
serviceAccount:
annotations: {}
sleep: disabled
tolerations: []
vulnerabilityscan:
enabled: false
image:
repository: aquasec/trivy
tag: latest
schedule: 44 23 * * *
web:
autoscaling:
maxReplicas: 2
minReplicas: 1
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
replicaCount: 1
worker:
autoscaling:
maxReplicas: 0
minReplicas: 0
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
replicaCount: 0
status:
conditions:
- lastTransitionTime: "2024-09-17T18:49:36Z"
status: "True"
type: Initialized
- lastTransitionTime: "2024-09-17T18:49:36Z"
message: 'failed to install release: unable to build kubernetes objects from release
manifest: unable to decode "": json: cannot unmarshal bool into Go struct field
ObjectMeta.metadata.annotations of type string'
reason: InstallError
status: "True"
type: ReleaseFailed |
I now tried the Whoogle template which is a project I have interest in. The following logs are relevant: {"level":"info","ts":1726616892.2781477,"logger":"helm.controller","msg":"Installed release","namespace":"kubero","name":"whoogle","apiVersion":"application.kubero.dev/v1alpha1","kind":"KuberoPipeline","release":"whoogle"}
{"level":"info","ts":1726616892.7020073,"logger":"helm.controller","msg":"Upgraded release","namespace":"kubero","name":"whoogle","apiVersion":"application.kubero.dev/v1alpha1","kind":"KuberoPipeline","release":"whoogle","force":false}
{"level":"error","ts":1726616893.0559657,"msg":"Reconciler error","controller":"kuberopipeline-controller","object":{"name":"whoogle","namespace":"kubero"},"namespace":"kubero","name":"whoogle","reconcileID":"7dd1a750-9387-4ffa-89f5-44527f7597e0","error":"Operation cannot be fulfilled on kuberopipelines.application.kubero.dev \"whoogle\": the object has been modified; please apply your changes to the latest version and try again","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:326\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:273\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:234"}
{"level":"info","ts":1726616893.461924,"logger":"helm.controller","msg":"Upgraded release","namespace":"kubero","name":"whoogle","apiVersion":"application.kubero.dev/v1alpha1","kind":"KuberoPipeline","release":"whoogle","force":false}
{"level":"info","ts":1726616893.897856,"logger":"helm.controller","msg":"Upgraded release","namespace":"kubero","name":"whoogle","apiVersion":"application.kubero.dev/v1alpha1","kind":"KuberoPipeline","release":"whoogle","force":false}
{"level":"error","ts":1726616894.2406867,"msg":"Reconciler error","controller":"kuberopipeline-controller","object":{"name":"whoogle","namespace":"kubero"},"namespace":"kubero","name":"whoogle","reconcileID":"f8521e1b-1c97-4e4d-9650-00f3689107df","error":"Operation cannot be fulfilled on kuberopipelines.application.kubero.dev \"whoogle\": the object has been modified; please apply your changes to the latest version and try again","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:326\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:273\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:234"}
{"level":"info","ts":1726616894.6749716,"logger":"helm.controller","msg":"Upgraded release","namespace":"kubero","name":"whoogle","apiVersion":"application.kubero.dev/v1alpha1","kind":"KuberoPipeline","release":"whoogle","force":false}
{"level":"info","ts":1726616895.083216,"logger":"helm.controller","msg":"Upgraded release","namespace":"kubero","name":"whoogle","apiVersion":"application.kubero.dev/v1alpha1","kind":"KuberoPipeline","release":"whoogle","force":false}
{"level":"info","ts":1726616953.8560119,"logger":"helm.controller","msg":"Installed release","namespace":"whoogle-production","name":"whoogle","apiVersion":"application.kubero.dev/v1alpha1","kind":"KuberoApp","release":"whoogle"}
{"level":"info","ts":1726616954.2661686,"logger":"helm.controller","msg":"Reconciled release","namespace":"whoogle-production","name":"whoogle","apiVersion":"application.kubero.dev/v1alpha1","kind":"KuberoApp","release":"whoogle"} And of course, evidence of the issue: Sorry for spamming you but I am quite interested in this project and very excited to get it up and running! |
Can I reopen this? |
@diraneyya sure. If you need some fast help you might also join the discord chat ... I think you are close to having it running.
|
@mms-gianni thank you for your empathy and understanding, yes I probably should get on the Discord. I followed these steps a dozen times. Please see below the output: As for the storage type, I have changed that to Looking forward to your insight on this. I have not been this excited about any open-source project for a while and really thrilled to get this up and running. Thank you! |
yes. Many Kubernetes providers do not support the "ReadWriteMany" option. This is a general Kubernetes topic and must be handled by 3rd party solutions. Here are 3 options. But most of them add some complexity. |
What would you like to share?
I am currently using the following load-balancer settings on DigitalOcean:
As can be seen here: https://kubero.theworkgroup.org, the website is insecure even though the certificate is valid:
Note that I am new to all of this so I do not have much of a troubleshooting strategy but I read the documentation thoroughly and all of it checks out fine.
Additional information
kubero debug
outputs the following:More command output
kubectl get certificaterequests.cert-manager.io --all-namespaces
kubectl get clusterissuers.cert-manager.io
kubectl get clusterissuers.cert-manager.io letsencrypt-prod -o yaml
Note that I am also not able to deploy any services so far. So I am working on solving one problem at a time. I am suspecting that the load-balancer's configuration is the right place to start but I am not entirely sure.
The text was updated successfully, but these errors were encountered: