kubernetes: kubectl alpha debug node does not work on tainted nodes

What happened:

kubectl alpha debug node does not work for nodes with NoExecute taints.

$ kubectl alpha debug node/mynode -it --image=ubuntu
Creating debugging pod node-debugger-mynode-mnn2s with container debugger on node mynode.
Error from server (NotFound): pods "" not found

We have several types of Node hardware, and some of them are tainted to keep away normal pods.

What you expected to happen:

A debug pod is created with tolerations for the taints.

How to reproduce it (as minimally and precisely as possible):

  1. Add a NoExecute taint to a node
  2. Run kubectl alpha debug node on the node

Anything else we need to know?:

Environment:

  • Kubernetes version (use kubectl version): 1.19.7
  • OS (e.g: cat /etc/os-release):
    NAME="Flatcar Container Linux by Kinvolk"
ID=flatcar
ID_LIKE=coreos
VERSION=2605.11.0
VERSION_ID=2605.11.0
BUILD_ID=2021-01-08-2026
PRETTY_NAME="Flatcar Container Linux by Kinvolk 2605.11.0 (Oklo)"
ANSI_COLOR="38;5;75"
HOME_URL="https://flatcar-linux.org/"
BUG_REPORT_URL="https://issues.flatcar-linux.org"
FLATCAR_BOARD="amd64-usr"
  • Kernel (e.g. uname -a): Linux hostname 5.4.87-flatcar #1 SMP Fri Jan 8 19:54:07 -00 2021 x86_64 Intel(R) Xeon(R) Silver 4114 CPU @ 2.20GHz GenuineIntel GNU/Linux
  • Install tools: CKE
  • Network plugin and version (if this is a network-related bug): Coil v2.0.5
  • Others:

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Comments: 16 (14 by maintainers)

Most upvoted comments

I reproduced it, if the node has NoExecute, this problem does occur~~ This should be the expected behavior once the node is marked as NoExecute. Maybe we need to give clear tips, the current error message is not clear

@verb What’s your point of view?

/assign

+1
wawa0210 on Jan 24, 2021
Read more comments on GitHub
← kubernetes: kubectl 1.8 cannot validate simple namespace yml
kubernetes: kubectl apply --prune --all fails to remove existing resources →