microk8s: Failed to enable dns

The PR with the fix is merged. The snap on the edge channel should be available within the next few hours. Try it with:

sudo snap install microk8s --classic --channel=edge

The Patch should reach stable with the 1.18.3 release.

Thank you all for helping in fixing this.

OK, the problem lies here:

https://github.com/ubuntu/microk8s/blob/master/microk8s-resources/actions/common/utils.sh#L70

When microk8s is invoking sudo, it’s modifying the linker paths to only look in its container. Previously, with versions <= 1.15 the scripts just invoked sudo directly without any wrapper function or environment modification. You can see where it changed the kubelet restart at the end of this file in this commit:

https://github.com/ubuntu/microk8s/blob/36f79886a074167a0972a19cc14b134bef5a1bd8/microk8s-resources/actions/enable.dns.sh

So, the workaround is to simply perform these steps manually:

1. Copy the microk8s DNS manifest from /var/lib/snapd/snap/microk8s/current/actions/dns.yaml to a temporary location
2. Edit the manifest, replacing all occurrences of $ARCH with your native architecture (most likely amd64
3. Apply the manifest with microk8s kubectl or your own kubectl binary with these args: microk8s kubectl --kubeconfig=/var/snap/microk8s/current/credentials/client.config apply -f dns.yaml
4. Edit the kubelet arguments file located at /var/snap/microk8s/current/args/kubelet, adding these lines:

--cluster-domain=cluster.local
--cluster-dns=10.152.183.10

1. Restart kubelet via systemd: sudo systemctl restart snap.microk8s.daemon-kubelet.service
2. Congratulate yourself for doing microk8s’ work for it!

However, you’ll still get microk8s status reporting that DNS is not enabled. I found why, but it’s 3 AM and I’ll open a bug report after some sleep.

Okay, I tried the snap of the PR and the microk8s enable dns path seems to be working:

$ sudo snap install ./microk8s.snap --classic --dangerous
microk8s v1.18.2 installed 

$ sudo microk8s enable dns
Enabling DNS                                                  
Applying manifest                                                                                                           serviceaccount/coredns created
configmap/coredns created                                                                                                   deployment.apps/coredns created    
service/kube-dns created                                                                                                    clusterrole.rbac.authorization.k8s.io/coredns created
clusterrolebinding.rbac.authorization.k8s.io/coredns created                                                                Restarting kubelet                                            
DNS is enabled  

FWIW I’m getting the same error with microk8s enable dns on Fedora 32 with microk8s 18.9:

$
systemctl: /snap/microk8s/1702/usr/lib/x86_64-linux-gnu/libp11-kit.so.0: no version information available (required by /usr/lib/systemd/libsystemd-shared-245.so)
systemctl: symbol lookup error: /usr/lib/systemd/libsystemd-shared-245.so: undefined symbol: p11_kit_uri_get_slot_info, version LIBP11_KIT_1.0

I had to use 18.9 because the latest (19.2) wouldn’t start the node and I couldn’t figure out why. I worked around this issue in 18.9 by restarting microk8s completely (although I know I probably could have restarted just the affected service, I didn’t bother finding out the service name).

Also getting this error on arch with up-to-date libp11 packages.