kuby-core: Kuby Ingress Error: Could not apply https://raw.githubusercontent.com/kubernetes/ingress-nginx....

I’m getting this error when we are trying to setup the provider on Digital Ocean.

Kuby config

require 'active_support/core_ext'
require 'active_support/encrypted_configuration'

# Define a production Kuby deploy environment
Kuby.define('KubyApp') do
  environment(:production) do
    # Because the Rails environment isn't always loaded when
    # your Kuby config is loaded, provide access to Rails
    # credentials manually.
    app_creds = ActiveSupport::EncryptedConfiguration.new(
      config_path: File.join('config', 'credentials', 'production.yml.enc'),
      key_path: File.join('config', 'credentials', 'production.key'),
      env_key: 'RAILS_MASTER_KEY',
      raise_if_missing_key: true
    )

    docker do
      # Configure your Docker registry credentials here. Add them to your
      # Rails credentials file by running `bundle exec rake credentials:edit`.
      credentials do
        username app_creds[:KUBY_DOCKER_USERNAME]
        password app_creds[:KUBY_DOCKER_PASSWORD]
        email app_creds[:KUBY_DOCKER_EMAIL]
      end

      # distro :alpine

      # Configure the URL to your Docker image here, eg:
      # image_url 'foo.bar.com/me/myproject'
      #
      # If you're using Gitlab's Docker registry, try something like this:
      image_url 'registry.gitlab.com/user/repo'
    end

    kubernetes do

      provider :digitalocean do
        access_token app_creds[:DIGITALOCEAN_ACCESS_TOKEN]
        cluster_id app_creds[:CLUSTER_ID]
      end

      # Add a plugin that facilitates deploying a Rails app.
      add_plugin :rails_app do
        hostname 'app2.domain.com'
        manage_database false

        env do
          data do
            add "DATABASE_URL", app_creds[:DATABASE_URL]
          end
        end
        # configure database credentials
        # database do
        #   user app_creds[:KUBY_DB_USER]
        #   password app_creds[:KUBY_DB_PASSWORD]
        # end
      end

      # Use Docker Desktop as the provider.
      # See: https://www.docker.com/products/docker-desktop
      #
      # Note: you will likely want to use a different provider when deploying
      # your application into a production environment. To configure a different
      # provider, add the corresponding gem to your gemfile and update the
      # following line according to the provider gem's README.

     
    end
  end
end

Kuby terminal error on kuby setup

bundle exec kuby -e production setup
Refreshing kubeconfig...
Successfully refreshed kubeconfig!
Deploying nginx ingress resources
Error from server (NotFound): namespaces "ingress-nginx" not found
namespace/ingress-nginx created
configmap/nginx-configuration created
configmap/tcp-services created
configmap/udp-services created
serviceaccount/nginx-ingress-serviceaccount created
deployment.apps/nginx-ingress-controller created
limitrange/ingress-nginx created
unable to recognize "https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.27.1/deploy/static/mandatory.yaml": no matches for kind "ClusterRole" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.27.1/deploy/static/mandatory.yaml": no matches for kind "Role" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.27.1/deploy/static/mandatory.yaml": no matches for kind "RoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.27.1/deploy/static/mandatory.yaml": no matches for kind "ClusterRoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
Could not apply https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.27.1/deploy/static/mandatory.yaml: kubectl exited with status code 1
error: Could not apply https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.27.1/deploy/static/mandatory.yaml: kubectl exited with status code 1

Kuby terminal error on kuby deploy

bundle exec kuby -e production deploy
Error from server (NotFound): namespaces "app-production" not found
Validating global resource, namespace 'app-production'
namespace/app-production created (dry run)
Deploying namespace 'app-production'
namespace/app-production created
[INFO][2022-03-11 17:41:57 +0200]
[INFO][2022-03-11 17:41:57 +0200]	------------------------------------Phase 1: Initializing deploy------------------------------------
[INFO][2022-03-11 17:42:00 +0200]	All required parameters and files are present
[INFO][2022-03-11 17:42:00 +0200]	Discovering resources:
[INFO][2022-03-11 17:42:03 +0200]	  - Service/app-assets-svc
[INFO][2022-03-11 17:42:03 +0200]	  - Ingress/app-ingress
[INFO][2022-03-11 17:42:03 +0200]	  - Deployment/app-assets
[INFO][2022-03-11 17:42:03 +0200]	  - ConfigMap/app-config
[INFO][2022-03-11 17:42:03 +0200]	  - ConfigMap/app-assets-nginx-config
[INFO][2022-03-11 17:42:03 +0200]	  - ServiceAccount/app-assets-sa
[INFO][2022-03-11 17:42:03 +0200]	  - Service/app-svc
[INFO][2022-03-11 17:42:03 +0200]	  - ClusterIssuer/letsencrypt-production
[INFO][2022-03-11 17:42:03 +0200]	  - ServiceAccount/app-sa
[INFO][2022-03-11 17:42:03 +0200]	  - Deployment/app-web
[INFO][2022-03-11 17:42:03 +0200]	  - Secret/app-secrets
[INFO][2022-03-11 17:42:03 +0200]	  - Secret/app-registry-secret
[INFO][2022-03-11 17:42:07 +0200]
[INFO][2022-03-11 17:42:07 +0200]	------------------------------------------Result: FAILURE-------------------------------------------
[FATAL][2022-03-11 17:42:07 +0200]	Template validation failed
[FATAL][2022-03-11 17:42:07 +0200]
[FATAL][2022-03-11 17:42:07 +0200]	Invalid template: ClusterIssuer-letsencrypt-production20220311-21350-rc7rha.yml
[FATAL][2022-03-11 17:42:07 +0200]	> Error message:
[FATAL][2022-03-11 17:42:07 +0200]	    W0311 17:42:03.089014   21380 helpers.go:557] --dry-run is deprecated and can be replaced with --dry-run=client.
[FATAL][2022-03-11 17:42:07 +0200]	    error: unable to recognize "/var/folders/hh/z_vjqk3j3dl5vw0whd7h7bp80000gn/T/ClusterIssuer-letsencrypt-production20220311-21350-rc7rha.yml": no matches for kind "ClusterIssuer" in version "cert-manager.io/v1alpha2"
[FATAL][2022-03-11 17:42:07 +0200]	> Template content:
[FATAL][2022-03-11 17:42:07 +0200]	    ---
[FATAL][2022-03-11 17:42:07 +0200]	    apiVersion: cert-manager.io/v1alpha2
[FATAL][2022-03-11 17:42:07 +0200]	    kind: ClusterIssuer
[FATAL][2022-03-11 17:42:07 +0200]	    metadata:
[FATAL][2022-03-11 17:42:07 +0200]	      name: letsencrypt-production
[FATAL][2022-03-11 17:42:07 +0200]	      namespace: cert-manager
[FATAL][2022-03-11 17:42:07 +0200]	    spec:
[FATAL][2022-03-11 17:42:07 +0200]	      acme:
[FATAL][2022-03-11 17:42:07 +0200]	        server: https://acme-v02.api.letsencrypt.org/directory
[FATAL][2022-03-11 17:42:07 +0200]	        email: shopandfy@xmail8.com
[FATAL][2022-03-11 17:42:07 +0200]	        privateKeySecretRef:
[FATAL][2022-03-11 17:42:07 +0200]	          name: letsencrypt-production
[FATAL][2022-03-11 17:42:07 +0200]	        solvers:
[FATAL][2022-03-11 17:42:07 +0200]	        - http01:
[FATAL][2022-03-11 17:42:07 +0200]	            ingress:
[FATAL][2022-03-11 17:42:07 +0200]	              class: nginx
[FATAL][2022-03-11 17:42:07 +0200]
[FATAL][2022-03-11 17:42:07 +0200]
[FATAL][2022-03-11 17:42:07 +0200]	Invalid template: Ingress-app-ingress20220311-21350-ht7nke.yml
[FATAL][2022-03-11 17:42:07 +0200]	> Error message:
[FATAL][2022-03-11 17:42:07 +0200]	    W0311 17:42:05.241076   21398 helpers.go:557] --dry-run is deprecated and can be replaced with --dry-run=client.
[FATAL][2022-03-11 17:42:07 +0200]	    error: unable to recognize "/var/folders/hh/z_vjqk3j3dl5vw0whd7h7bp80000gn/T/Ingress-app-ingress20220311-21350-ht7nke.yml": no matches for kind "Ingress" in version "extensions/v1beta1"
[FATAL][2022-03-11 17:42:07 +0200]	> Template content:
[FATAL][2022-03-11 17:42:07 +0200]	    ---
[FATAL][2022-03-11 17:42:07 +0200]	    apiVersion: extensions/v1beta1
[FATAL][2022-03-11 17:42:07 +0200]	    kind: Ingress
[FATAL][2022-03-11 17:42:07 +0200]	    metadata:
[FATAL][2022-03-11 17:42:07 +0200]	      annotations:
[FATAL][2022-03-11 17:42:07 +0200]	        kubernetes.io/ingress.class: nginx
[FATAL][2022-03-11 17:42:07 +0200]	        cert-manager.io/cluster-issuer: letsencrypt-production
[FATAL][2022-03-11 17:42:07 +0200]	      name: app-ingress
[FATAL][2022-03-11 17:42:07 +0200]	      namespace: app-production
[FATAL][2022-03-11 17:42:07 +0200]	    spec:
[FATAL][2022-03-11 17:42:07 +0200]	      rules:
[FATAL][2022-03-11 17:42:07 +0200]	      - host: app2.domain.com
[FATAL][2022-03-11 17:42:07 +0200]	        http:
[FATAL][2022-03-11 17:42:07 +0200]	          paths:
[FATAL][2022-03-11 17:42:07 +0200]	          - backend:
[FATAL][2022-03-11 17:42:07 +0200]	              serviceName: app-svc
[FATAL][2022-03-11 17:42:07 +0200]	              servicePort: 8080
[FATAL][2022-03-11 17:42:07 +0200]	            path: "/"
[FATAL][2022-03-11 17:42:07 +0200]	      - host: app2.domain.com
[FATAL][2022-03-11 17:42:07 +0200]	        http:
[FATAL][2022-03-11 17:42:07 +0200]	          paths:
[FATAL][2022-03-11 17:42:07 +0200]	          - backend:
[FATAL][2022-03-11 17:42:07 +0200]	              serviceName: app-assets-svc
[FATAL][2022-03-11 17:42:07 +0200]	              servicePort: 8082
[FATAL][2022-03-11 17:42:07 +0200]	            path: "/assets"
[FATAL][2022-03-11 17:42:07 +0200]	          - backend:
[FATAL][2022-03-11 17:42:07 +0200]	              serviceName: app-assets-svc
[FATAL][2022-03-11 17:42:07 +0200]	              servicePort: 8082
[FATAL][2022-03-11 17:42:07 +0200]	            path: "/packs"
[FATAL][2022-03-11 17:42:07 +0200]	      tls:
[FATAL][2022-03-11 17:42:07 +0200]	      - hosts:
[FATAL][2022-03-11 17:42:07 +0200]	        - app2.domain.com
[FATAL][2022-03-11 17:42:07 +0200]	        secretName: app-tls
[FATAL][2022-03-11 17:42:07 +0200]
error: Template validation failed

Is there anything I can do to fix it?

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Comments: 28

Most upvoted comments

Solved. Problem was in DATABASE_URL and how I send it to database.yml.

+2
denikus on Mar 15, 2022

But what I want is a solution where I can follow along when DHH builds his famous demo blog, and where I can continue the demo with a deployment that is as easy as it was creating the blog.

Me too!

Do you think that Kuby could be that solution for a developer of small and simple rails apps (typically a monolithic rails app + redis + postgresql )? Or should I look elsewhere?

That’s exactly what I want Kuby to be. It’s amazing to me that a large number of Rails developers are still using Capistrano in 2022. Don’t get me wrong, Capistrano is a great tool, but I believe there are better ways to deploy apps these days.

+1
camertron on May 2, 2022

Hey @JorgenIvarsson, thanks for your comment. I’m getting ready to publish a big Kuby release ahead of my talk at RailsConf that should address this issue (and a bunch of others). If you can wait a week or so, the upcoming release should unblock you.

+1
camertron on Apr 28, 2022

Hey @denikus and @scart88, sorry for all the trouble. Getting all of these things to work together is quite a challenge.

Yes, it looks like v1.20 should work with kuby-core master as well 😄

@scart88 it sounds like Rails isn’t able to connect to the database specified in your database.yml. Even though manage_database false may be set in your Kuby config, Kuby will still try to create and/or migrate your database automatically. Try running the following command to get a list of running pods:

bundle exec kuby -e production remote status

There should be one pod in the Init:CrashLoopBackOff state. Copy the name of the pod and run the following command to print out the logs from the create-db init container:

bundle exec kuby -e production kubectl -N -- logs -c app-create-db <pod name here>

(This should be a lot easier, I’ll file an issue)

+1
camertron on Mar 14, 2022

Thank you very much for your fast reply and help. I’ve updated the gem master version.

I’m unable to select version v.1.19, is not showing in the DigitalOcean dropdown anymore. I can only select v.1.20, v1.21 and v1.22.

Right now, my Kubernetes version is v1.22.7. However, with this gem version, I’m getting the following errors

> bundle exec kuby -e production build
error: undefined method `map' for nil:NilClass

> bundle exec kuby -e production push
error: undefined method `map' for nil:NilClass

Setup seems to work better than before

bundle exec kuby -e production setup
Refreshing kubeconfig...
Successfully refreshed kubeconfig!
Deploying nginx ingress resources
Error from server (NotFound): namespaces "ingress-nginx" not found
namespace/ingress-nginx created
serviceaccount/ingress-nginx created
configmap/ingress-nginx-controller created
clusterrole.rbac.authorization.k8s.io/ingress-nginx created
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx created
role.rbac.authorization.k8s.io/ingress-nginx created
rolebinding.rbac.authorization.k8s.io/ingress-nginx created
service/ingress-nginx-controller-admission created
service/ingress-nginx-controller created
deployment.apps/ingress-nginx-controller created
ingressclass.networking.k8s.io/nginx created
validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission created
serviceaccount/ingress-nginx-admission created
clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission created
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created
role.rbac.authorization.k8s.io/ingress-nginx-admission created
rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created
job.batch/ingress-nginx-admission-create created
job.batch/ingress-nginx-admission-patch created
Nginx ingress resources deployed!
Installing cert-manager...
namespace/cert-manager created
serviceaccount/cert-manager-cainjector created
serviceaccount/cert-manager created
serviceaccount/cert-manager-webhook created
clusterrole.rbac.authorization.k8s.io/cert-manager-webhook:webhook-requester created
clusterrole.rbac.authorization.k8s.io/cert-manager-view created
clusterrole.rbac.authorization.k8s.io/cert-manager-edit created
service/cert-manager created
service/cert-manager-webhook created
deployment.apps/cert-manager-cainjector created
deployment.apps/cert-manager created
deployment.apps/cert-manager-webhook created
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "CustomResourceDefinition" in version "apiextensions.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "CustomResourceDefinition" in version "apiextensions.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "CustomResourceDefinition" in version "apiextensions.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "CustomResourceDefinition" in version "apiextensions.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "CustomResourceDefinition" in version "apiextensions.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "CustomResourceDefinition" in version "apiextensions.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRole" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "Role" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "RoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "RoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "Role" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "RoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRole" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRole" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRole" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRole" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRole" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRole" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ClusterRoleBinding" in version "rbac.authorization.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "MutatingWebhookConfiguration" in version "admissionregistration.k8s.io/v1beta1"
unable to recognize "https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml": no matches for kind "ValidatingWebhookConfiguration" in version "admissionregistration.k8s.io/v1beta1"
Could not apply https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml: kubectl exited with status code 1
error: Could not apply https://github.com/jetstack/cert-manager/releases/download/v0.13.1/cert-manager.yaml: kubectl exited with status code 1

I will try with v.1.20. Let’s see if it works.

+1
scart88 on Mar 12, 2022

Hey @scart88, thanks for reaching out. I’m 99% sure the problem you’re running into is related to your Kubernetes version. At the moment, Kuby only supports Kubernetes v1.19 or earlier. I can’t tell from the output alone, but the error message suggests your cluster doesn’t support the rbac.authorization.k8s.io/v1beta1 API, which was removed in k8s v1.22. I’m working on supporting later versions, but it’s proving to be quite a bit of work.

There is hope however. Because you’ve set manage_database false in your Kuby config, you can sidestep these problems by using kuby-core@master. In other words, put this in your Gemfile:

gem "kuby-core", github: "getkuby/kuby-core", ref: "9885015027e1ede7fd4f8e53fb7f10772f975845"
+1
camertron on Mar 11, 2022
Read more comments on GitHub
← kuby-core: Error: uninitialized constant Kuby::KubeDB with Sidekiq or Redis gems
reflect-cpp: Reflection for structs in an anoynoumus namespace results in compilation errors →