Search code examples
kubernetes-ingressnginx-ingressk0s

Unable to start nginx-ingress-controller Readiness and Liveness probes failed


I have installed using instructions at this link for the Install NGINX using NodePort option.

When I do ks logs -f ingress-nginx-controller-7f48b8-s7pg4 -n ingress-nginx I get :

W0304 09:33:40.568799       8 client_config.go:614] Neither --kubeconfig nor --master was 
specified.  Using the inClusterConfig.  This might not work.
I0304 09:33:40.569097       8 main.go:241] "Creating API client" host="https://10.96.0.1:443"
I0304 09:33:40.584904       8 main.go:285] "Running in Kubernetes cluster" major="1" minor="23" git="v1.23.1+k0s" state="clean" commit="b230d3e4b9d6bf4b731d96116a6643786e16ac3f" platform="linux/amd64"
I0304 09:33:40.911443       8 main.go:105] "SSL fake certificate created" file="/etc/ingress-controller/ssl/default-fake-certificate.pem"
I0304 09:33:40.916404       8 main.go:115] "Enabling new Ingress features available since Kubernetes v1.18"
W0304 09:33:40.918137       8 main.go:127] No IngressClass resource with name nginx found. Only annotation will be used.
I0304 09:33:40.942282       8 ssl.go:532] "loading tls certificate" path="/usr/local/certificates/cert" key="/usr/local/certificates/key"
I0304 09:33:40.977766       8 nginx.go:254] "Starting NGINX Ingress controller"
I0304 09:33:41.007616       8 event.go:282] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"ingress-nginx", Name:"ingress-nginx-controller", UID:"1a4482d2-86cb-44f3-8ebb-d6342561892f", APIVersion:"v1", ResourceVersion:"987560", FieldPath:""}): type: 'Normal' reason: 'CREATE' ConfigMap ingress-nginx/ingress-nginx-controller
E0304 09:33:42.087113       8 reflector.go:138] k8s.io/[email protected]/tools/cache/reflector.go:167: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E0304 09:33:43.041954       8 reflector.go:138] k8s.io/[email protected]/tools/cache/reflector.go:167: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E0304 09:33:44.724681       8 reflector.go:138] k8s.io/[email protected]/tools/cache/reflector.go:167: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E0304 09:33:48.303789       8 reflector.go:138] k8s.io/[email protected]/tools/cache/reflector.go:167: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E0304 09:33:59.113203       8 reflector.go:138] k8s.io/[email protected]/tools/cache/reflector.go:167: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E0304 09:34:16.727052       8 reflector.go:138] k8s.io/[email protected]/tools/cache/reflector.go:167: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
I0304 09:34:39.216165       8 main.go:187] "Received SIGTERM, shutting down"
I0304 09:34:39.216773       8 nginx.go:372] "Shutting down controller queues"
E0304 09:34:39.217779       8 store.go:178] timed out waiting for caches to sync
I0304 09:34:39.217856       8 nginx.go:296] "Starting NGINX process"
I0304 09:34:39.218007       8 leaderelection.go:243] attempting to acquire leader lease ingress-nginx/ingress-controller-leader-nginx...
I0304 09:34:39.219741       8 queue.go:78] "queue has been shutdown, failed to enqueue" key="&ObjectMeta{Name:initial-sync,GenerateName:,Namespace:,SelfLink:,UID:,ResourceVersion:,Generation:0,CreationTimestamp:0001-01-01 00:00:00 +0000 UTC,DeletionTimestamp:<nil>,DeletionGracePeriodSeconds:nil,Labels:map[string]string{},Annotations:map[string]string{},OwnerReferences:[]OwnerReference{},Finalizers:[],ClusterName:,ManagedFields:[]ManagedFieldsEntry{},}"
I0304 09:34:39.219787       8 nginx.go:316] "Starting validation webhook" address=":8443" certPath="/usr/local/certificates/cert" keyPath="/usr/local/certificates/key"
I0304 09:34:39.242501       8 leaderelection.go:253] successfully acquired lease ingress-nginx/ingress-controller-leader-nginx
I0304 09:34:39.242807       8 queue.go:78] "queue has been shutdown, failed to enqueue" key="&ObjectMeta{Name:sync status,GenerateName:,Namespace:,SelfLink:,UID:,ResourceVersion:,Generation:0,CreationTimestamp:0001-01-01 00:00:00 +0000 UTC,DeletionTimestamp:<nil>,DeletionGracePeriodSeconds:nil,Labels:map[string]string{},Annotations:map[string]string{},OwnerReferences:[]OwnerReference{},Finalizers:[],ClusterName:,ManagedFields:[]ManagedFieldsEntry{},}"
I0304 09:34:39.242837       8 status.go:84] "New leader elected" identity="ingress-nginx-controller-7f48b8-s7pg4"
I0304 09:34:39.252025       8 status.go:204] "POD is not ready" pod="ingress-nginx/ingress-nginx-controller-7f48b8-s7pg4" node="fbcdcesdn02"
I0304 09:34:39.255282       8 status.go:132] "removing value from ingress status" address=[]
I0304 09:34:39.255328       8 nginx.go:380] "Stopping admission controller"
I0304 09:34:39.255379       8 nginx.go:388] "Stopping NGINX process"
E0304 09:34:39.255664       8 nginx.go:319] "Error listening for TLS connections" err="http: Server closed"
2022/03/04 09:34:39 [notice] 43#43: signal process started
I0304 09:34:40.263361       8 nginx.go:401] "NGINX process has stopped"
I0304 09:34:40.263396       8 main.go:195] "Handled quit, awaiting Pod deletion"
I0304 09:34:50.263585       8 main.go:198] "Exiting" code=0

When I do ks describe pod ingress-nginx-controller-7f48b8-s7pg4 -n ingress-nginx I get :

Name:         ingress-nginx-controller-7f48b8-s7pg4
Namespace:    ingress-nginx
Priority:     0
Node:         fxxxxxxxx/10.XXX.XXX.XXX
Start Time:   Fri, 04 Mar 2022 08:12:57 +0200
Labels:       app.kubernetes.io/component=controller
              app.kubernetes.io/instance=ingress-nginx
              app.kubernetes.io/name=ingress-nginx
              pod-template-hash=7f48b8
Annotations:  kubernetes.io/psp: 00-k0s-privileged
Status:       Running
IP:           10.244.0.119
IPs:
  IP:           10.244.0.119
Controlled By:  ReplicaSet/ingress-nginx-controller-7f48b8
Containers:
  controller:
    Container ID:  containerd://638ff4d63b7ba566125bd6789d48db6e8149b06cbd9d887ecc57d08448ba1d7e
    Image:         k8s.gcr.io/ingress-nginx/controller:v0.48.1@sha256:e9fb216ace49dfa4a5983b183067e97496e7a8b307d2093f4278cd550c303899
    Image ID:      k8s.gcr.io/ingress-nginx/controller@sha256:e9fb216ace49dfa4a5983b183067e97496e7a8b307d2093f4278cd550c303899
    Ports:         80/TCP, 443/TCP, 8443/TCP
    Host Ports:    0/TCP, 0/TCP, 0/TCP
    Args:
      /nginx-ingress-controller
      --election-id=ingress-controller-leader
      --ingress-class=nginx
      --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
      --validating-webhook=:8443
      --validating-webhook-certificate=/usr/local/certificates/cert
      --validating-webhook-key=/usr/local/certificates/key
    State:          Waiting
      Reason:       CrashLoopBackOff
    Last State:     Terminated
      Reason:       Completed
      Exit Code:    0
      Started:      Fri, 04 Mar 2022 11:33:40 +0200
      Finished:     Fri, 04 Mar 2022 11:34:50 +0200
    Ready:          False
    Restart Count:  61
    Requests:
      cpu:      100m
      memory:   90Mi
    Liveness:   http-get http://:10254/healthz delay=10s timeout=1s period=10s #success=1 #failure=5
    Readiness:  http-get http://:10254/healthz delay=10s timeout=1s period=10s #success=1 #failure=3
    Environment:
      POD_NAME:       ingress-nginx-controller-7f48b8-s7pg4 (v1:metadata.name)
      POD_NAMESPACE:  ingress-nginx (v1:metadata.namespace)
      LD_PRELOAD:     /usr/local/lib/libmimalloc.so
    Mounts:
      /usr/local/certificates/ from webhook-cert (ro)
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-zvcnr (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             False
  ContainersReady   False
  PodScheduled      True
Volumes:
  webhook-cert:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  ingress-nginx-admission
    Optional:    false
  kube-api-access-zvcnr:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   Burstable
Node-Selectors:              kubernetes.io/os=linux
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason     Age                     From     Message
  ----     ------     ----                    ----     -------
  Warning  Unhealthy  23m (x316 over 178m)    kubelet  Readiness probe failed: HTTP probe failed with statuscode: 500
  Warning  BackOff    8m52s (x555 over 174m)  kubelet  Back-off restarting failed container
  Normal   Pulled     3m54s (x51 over 178m)   kubelet  Container image "k8s.gcr.io/ingress-nginx/controller:v0.48.1@sha256:e9fb216ace49dfa4a5983b183067e97496e7a8b307d2093f4278cd550c303899" already present on machine

When I try to curl the health endpoints I get Connection refused :

curl

The state of the pods shows that they are both not ready :

NAME                                    READY   STATUS             RESTARTS       AGE
ingress-nginx-admission-create-4hzzk    0/1     Completed          0              3h30m
ingress-nginx-controller-7f48b8-s7pg4   0/1     CrashLoopBackOff   63 (91s ago)   3h30m

I have tried to increase the values for initialDelaySeconds in /etc/nginx/nginx.conf but when I attempt to exec into the container (ks exec -it -n ingress-nginx ingress-nginx-controller-7f48b8-s7pg4 -- bash) I also get an error error: unable to upgrade connection: container not found ("controller")

I am not really sure where I should be looking in the overall setup.


Solution

  • I have installed using instructions at this link for the Install NGINX using NodePort option.

    The problem is that you are using outdated k0s documentation: https://docs.k0sproject.io/v1.22.2+k0s.1/examples/nginx-ingress/

    You should use this link instead:
    https://docs.k0sproject.io/main/examples/nginx-ingress/

    You will install the controller-v1.0.0 version on your Kubernetes cluster by following the actual documentation link.

    $ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.0.0/deploy/static/provider/baremetal/deploy.yaml
    

    The result is:

    $ sudo k0s kubectl get pods -n ingress-nginx
    NAME                                        READY   STATUS      RESTARTS   AGE
    ingress-nginx-admission-create-dw2f4        0/1     Completed   0          11m
    ingress-nginx-admission-patch-4dmpd         0/1     Completed   0          11m
    ingress-nginx-controller-75f58fbf6b-xrfxr   1/1     Running     0          11m