rke: Failed to Save Kubernetes certificates: Timeout waiting for K8s to be ready

RKE version: rke version v0.0.8-dev

Docker version: (docker version,docker info preferred) Docker version 17.03.2-ce, build f5ec1e2

Operating system and kernel: (cat /etc/os-release, uname -r preferred) NAME=“Ubuntu” VERSION=“16.04.3 LTS (Xenial Xerus)” ID=ubuntu ID_LIKE=debian PRETTY_NAME=“Ubuntu 16.04.3 LTS” VERSION_ID=“16.04” HOME_URL=“http://www.ubuntu.com/” SUPPORT_URL=“http://help.ubuntu.com/” BUG_REPORT_URL=“http://bugs.launchpad.net/ubuntu/” VERSION_CODENAME=xenial UBUNTU_CODENAME=xenial

Type/provider of hosts: (VirtualBox/Bare-metal/AWS/GCE/DO) Azure (UbuntuServer VM, no extensions)

cluster.yml file:

nodes:
- address: 10.18.160.13
  role:
  - controlplane
  - etcd
  hostname_override: kubemaster
  user: <redacted>
- address: 10.18.160.14
  role:
  - worker
  hostname_override: kubenode1
  user: <redacted>
- address: 10.18.160.15
  role:
  - worker
  hostname_override: kubenode2
  user: <redacted>
services:
  etcd:
    image: quay.io/coreos/etcd:latest
  kube-api:
    image: rancher/k8s:v1.8.3-rancher2
    service_cluster_ip_range: 10.234.0.0/18
  kube-controller:
    image: rancher/k8s:v1.8.3-rancher2
    cluster_cidr: 10.233.64.0/18
    service_cluster_ip_range: 10.234.0.0/18
  scheduler:
    image: rancher/k8s:v1.8.3-rancher2
  kubelet:
    image: rancher/k8s:v1.8.3-rancher2
    cluster_domain: cluster.local
    infra_container_image: gcr.io/google_containers/pause-amd64:3.0
    cluster_dns_server: 10.234.0.3
  kubeproxy:
    image: rancher/k8s:v1.8.3-rancher2
network:
  plugin: flannel
auth:
  strategy: x509
ssh_key_path: ~/.ssh/kubernetes

Steps to Reproduce: ./rke --debug up

Results:

...
INFO[2597] [worker] Successfully started [kube-proxy] container on host [10.18.160.18] 
INFO[2597] [worker] Successfully started Worker Plane.. 
INFO[2597] [certificates] Save kubernetes certificates as secrets 
DEBU[2597] [certificates] Saving certificate [kube-scheduler] to kubernetes 
FATA[2627] [certificates] Failed to Save Kubernetes certificates: Failed to save certificate [kube-scheduler] to kubernetes: [certificates] Timeout waiting for kubernetes to be ready

Tried several times on 2 different clusters configured the same way. It always fails at this point. Saving certificates to kubernetes.

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 23 (16 by maintainers)

Most upvoted comments

@HighwayofLife Closing this issue as #152 and #212 should be able to validate healthchecks for services and make sure the right ports opened on each host.

+1
galal-hussein on Jan 18, 2018
Read more comments on GitHub
← rke: Failed to get job complete status for job rke-network-plugin-deploy-job in namespace kube-system
rke: FATA[0079] [controlPlane] Failed to bring up Control Plane: Failed to verify healthcheck →