Welcome to the Linux Foundation Forum!

About label "system" in Lab Exercise 8.1

The nginx-one.yaml has three places with labels "system: secondary", one place "nodeSelector: system: secondOne"
After I added "kubectl label node lfs458-worker system=secondOne" , the two pods are still not running.
At the step 9, we need into "kubectl get pods -l system=secondary --all-namespaces"
I think there is one mistake with the "system" lable.
Could you please check it? And tell me which one is right?

Thanks,

Wei

Answers

  • chrispokorni
    chrispokorni Posts: 2,376

    Hi Wei / @zhangwe,

    The solution is explained in step 8 of exercise 8.1. It instructs you what to do next when the pods are not running.

    Otherwise, the labels and selectors are correct in the exercise, provided no typos are introduced when the commands were issued at the terminal.

    Regards,
    -Chris

  • zhangwe
    zhangwe Posts: 45

    Hello,

    I followed all things on the step 8, and I still could let the pods running. I even deleted the deployments nginx-one, and re-created it again. It did not work. So I can not do the end point Lab.
    As I mentioned before, the label system has two value "secondary" and "secondOne" in the nginx-one.yaml. Which one is right?

    Thanks,

    Wei

  • serewicz
    serewicz Posts: 1,000

    Hello,

    Please ensure you are using case-sensitive values.

    Please use the diff command to figure out what is different from your yaml file and the nginx-one.yaml file included in the tarball. Paste the output here so we can see what parameters are different. I have a feeling you have a typo, or are editing the incorrect file, or perhaps not looking in the accounting namespace.

    Please also show the output of kubectl get nodes --show-labels and kubectl get pods -l system=secondary --all-namespaces after having completed exercise 8.1, step 9.

    Regards,

  • zhangwe
    zhangwe Posts: 45

    Hello,

    The first Node is a master node, the second node is a worker node.

    student@zw-instance-group2-dbk4:~$ kubectl get nodes --show-labels
    NAME STATUS ROLES AGE VERSION LABELS
    zw-instance-group2-dbk4 Ready master 4d18h v1.16.1 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=zw-instance-group2-dbk4,kubernetes.io/os=linux,node-role.kubernetes.io/master=,sytem=secondary
    zw-instance-group2-x732 Ready 4d17h v1.16.1 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=zw-instance-group2-x732,kubernetes.io/os=linux,sytem=secondOne
    student@zw-instance-group2-dbk4:~$

    student@zw-instance-group2-dbk4:~$ kubectl -n accounting delete pod nginx-one-6f9597b9f4-flsnn
    pod "nginx-one-6f9597b9f4-flsnn" deleted

    student@zw-instance-group2-dbk4:~$ kubectl get pods -l system=secondary --all-namespaces
    NAMESPACE NAME READY STATUS RESTARTS AGE
    accounting nginx-one-6f9597b9f4-25tkx 0/1 Pending 0 18s
    accounting nginx-one-6f9597b9f4-kth9v 0/1 Pending 0 3m51s
    student@zw-instance-group2-dbk4:~$

    student@zw-instance-group2-dbk4:~$ cat nginx-one.yaml
    apiVersion: apps/v1
    kind: Deployment
    metadata:
    name: nginx-one
    labels:
    system: secondary
    namespace: accounting
    spec:
    selector:
    matchLabels:
    system: secondary
    replicas: 2
    template:
    metadata:
    labels:
    system: secondary
    spec:
    containers:
    - image: nginx:1.11.1
    imagePullPolicy: Always
    name: nginx
    ports:
    - containerPort: 8080
    protocol: TCP
    nodeSelector:
    system: secondOne
    student@zw-instance-group2-dbk4:~$

  • serewicz
    serewicz Posts: 1,000

    Hello,

    First, why are you still using 1.16.1 as the version?

    Second, Notice the pods show pending. This indicates something is not quite right - either scheduler or kubelet cannot find a required resource. I have a feeling that if you run kubectl describe on the pods you will find an error which may indicate a typo in your yaml. Did you run the diff command against the tarball?

    Third, Did the formatting not get pasted from your cat. There is a way to paste code into the window using the drop down in the post menu-bar. This allows us to see if there is an indentation error. Remember that yaml is sensitive to indentation.

    Regards,

  • zhangwe
    zhangwe Posts: 45

    I used lab material "a16ltxxopobd-LFS258-labs_V2019-12-03.pdf", I still using 1.16.1 as the version.
    Is there a new Lab material?

  • mstepien
    mstepien Posts: 473

    Hi zhangwe,

    Yes, there is a new lab version updated to 1.17.1. In the course, please navigate to the Table of Contents located on the left-hand side of the screen and select Resources > Files > LFS258 - Lab Exercises (2.7.2020).

    Thank you,
    Magda

  • zhangwe
    zhangwe Posts: 45

    OK. I will download the new material, and re-do the Lab.

    Thanks,

    Wei

  • chrispokorni
    chrispokorni Posts: 2,376

    Hello Wei,

    Your detailed output is appreciated. Check carefully the labels on your nodes. Each label instance has a typo in the system key parameter.

    Regards,
    -Chris

  • chrispokorni
    chrispokorni Posts: 2,376
    edited March 2020

    Also, keep in mind that the secondary label is intended for the deployment object and its managed resources (replicaset and pods). The secondOne label is intended for the node.

  • zhangwe
    zhangwe Posts: 45
    edited March 2020

    I downloaded new Lab material and delete the two VM node. on GCP. I createed two new VM nodes by following the video instruction, and installed the master node and a work node. I got following errors:

    student@master:~$ sudo kubeadm config print init-defaults
    W0310 18:09:16.492656 22717 validation.go:28] Cannot validate kube-proxy config - no validator is available
    W0310 18:09:16.492737 22717 validation.go:28] Cannot validate kubelet config - no validator is available

    student@master:~$ sudo kubeadm token create
    W0310 18:14:39.820271 27833 validation.go:28] Cannot validate kube-proxy config - no validator is available
    W0310 18:14:39.820330 27833 validation.go:28] Cannot validate kubelet config - no validator is available

    root@worker1:~# kubeadm join \

    --token 53gnpy.frzk9xxue4g932e5 \
    k8smaster:6443 \
    --discovery-token-ca-cert-hash \
    sha256:18d6ccbe2874afe0544f82b566342222966f4fef9798f4caa6bea3ffdb7e09d1

    Command 'kubeadm' not found, but can be installed with:

    snap install kubeadm

    student@master:~$ history
    1 wget https://training.linuxfoundation.org/cm/LFS258/LFS258_V2020-02-07_SOLUTIONS.tar.bz2 --user=xxxxx --password=xxxxxx
    2 tar -xvf LFS258_V2020-02-07_SOLUTIONS.tar.bz2
    3 sudo -i
    4 history
    5 sudo -i
    6 mkdir -p $HOME/.kube
    7 sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
    8 sudo chown $(id -u):$(id -g) $HOME/.kube/config
    9 chmod
    10 chmod --help
    11 less .kube/config
    12 sudo cp /root/rbac-kdd.yaml .
    13 ls
    14 ls -l
    15 cd LFS258/
    16 ls -l
    17 cd ..
    18 kubectl apply -f rbac-kdd.yaml
    19 cat rbac-kdd.yaml
    20 sudo cp /root/calico.yaml .
    21 kubectl apply -f calico.yaml
    22 sudo apt-get install bash-completion -y
    23 source <(kubectl completion bash)
    24 ls -l
    25 $source
    26 source
    27 kubectl completion bash
    28 echo "source <(kubectl completion bash)" >> ~/.bashrc
    29 ls -a
    30 cd .bashrc
    31 ls -a -l
    32 less .bashrc
    33 kubectl get nodes
    34 kubectl describe nodes master
    35 kubectl -n kube-system get po
    36 sudo kubeadm config print init-defaults
    37 ip addr show ens4 | grep inet
    38 ip a
    39 sudo kubeadm token list
    40 sudo kubeadm token create
    41 sudo kubeadm token list
    42 history

    root@master:~# history
    1 apt-get update && apt-get upgrade -y
    2 apt-get install -y vim
    3 apt-get install -y docker.io
    4 vim /etc/apt/sources.list.d/kubernetes.list
    5 cat /etc/apt/sources.list.d/kubernetes.list
    6 curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
    7 apt-get update
    8 apt-get install -y kubeadm=1.17.1-00 kubelet=1.17.1-00 kubectl=1.17.1-00
    9 history
    10 apt-mark hold kubelet kubeadm kubectl
    11 wget https://tinyurl.com/yb4xturm -O rbac-kdd.yaml
    12 wget wget https://docs.projectcalico.org/manifests/calico.yaml
    13 less calico.yaml
    14 ip -a
    15 ip a
    16 ip addr show
    17 root@lfs458-node-1a0a:~# vim /etc/hosts
    18 vim /etc/hosts
    19 cat /etc/hosts
    20 vim kubeadm-config.yaml
    21 cat kubeadm-config.yaml
    22 kubeadm init --config=kubeadm-config.yaml --upload-certs | tee kubeadm-init.out
    23 exit
    24 history
    root@master:~#

  • chrispokorni
    chrispokorni Posts: 2,376

    Hi Wei,
    The messages prefixed with a "W" are warnings, not errors.
    From your history, it seems that maybe your calico.yaml file did not get downloaded, as the download (wget) command seems to be incomplete. Also, revise the wget command and make sure you apply it only once.
    Without seeing the output generated by each command, it is hard to tell what else may be the issue here.

    Regards,
    -Chris

  • zhangwe
    zhangwe Posts: 45

    For the worker node:
    root@worker1:~# kubeadm join --token 53gnpy.frzk9xxue4g932e5 k8smaster:6443 --discovery-token-ca-cert-hash sha256:18d6ccbe2874afe0544f82b566342222966f4fef9798f4caa6bea3ffdb7e09d1
    W0310 18:46:41.066900 19913 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set.
    [preflight] Running pre-flight checks
    [WARNING Service-Docker]: docker service is not enabled, please run 'systemctl enable docker.service'
    [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
    error execution phase preflight: couldn't validate the identity of the API Server: abort connecting to API servers after timeout of 5m0s
    To see the stack trace of this error execute with --v=5 or higher

    root@worker1:~# history
    1 apt-get update && apt-get upgrade -y
    2 apt-get install -y docker.io
    3 kubeadm join k8smaster:6443 --token 53gnpy.frzk9xxue4g932e5 --discovery-token-ca-cert-hash sha256:18d6ccbe2874afe0544f82b566342222966f4fef9798f4caa6bea3ffdb7e09d1
    4 kubeadm join --token 53gnpy.frzk9xxue4g932e5 k8smaster:6443 --discovery-token-ca-cert-hash sha256:18d6ccbe2874afe0544f82b566342222966f4fef9798f4caa6bea3ffdb7e09d1
    5 apt-get install -y vim
    6 vim /etc/apt/sources.list.d/kubernetes.list
    7 curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
    8 apt-get update
    9 apt-get install -y kubeadm=1.17.1-00 kubelet=1.17.1-00 kubectl=1.17.1-00
    10 apt-mark hold kubeadm kubelet kubectl
    11 kubeadm join --token 53gnpy.frzk9xxue4g932e5 k8smaster:6443 --discovery-token-ca-cert-hash sha256:18d6ccbe2874afe0544f82b566342222966f4fef9798f4caa6bea3ffdb7e09d1
    12 history

  • zhangwe
    zhangwe Posts: 45

    For the worker node:
    root@worker1:~# kubeadm join --token 53gnpy.frzk9xxue4g932e5 k8smaster:6443 --discovery-token-ca-cert-hash sha256:18d6ccbe2874afe0544f82b566342222966f4fef9798f4caa6bea3ffdb7e09d1
    W0310 18:46:41.066900 19913 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set.
    [preflight] Running pre-flight checks
    [WARNING Service-Docker]: docker service is not enabled, please run 'systemctl enable docker.service'
    [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
    error execution phase preflight: couldn't validate the identity of the API Server: abort connecting to API servers after timeout of 5m0s
    To see the stack trace of this error execute with --v=5 or higher

    root@worker1:~# history
    1 apt-get update && apt-get upgrade -y
    2 apt-get install -y docker.io
    3 kubeadm join k8smaster:6443 --token 53gnpy.frzk9xxue4g932e5 --discovery-token-ca-cert-hash sha256:18d6ccbe2874afe0544f82b566342222966f4fef9798f4caa6bea3ffdb7e09d1
    4 kubeadm join --token 53gnpy.frzk9xxue4g932e5 k8smaster:6443 --discovery-token-ca-cert-hash sha256:18d6ccbe2874afe0544f82b566342222966f4fef9798f4caa6bea3ffdb7e09d1
    5 apt-get install -y vim
    6 vim /etc/apt/sources.list.d/kubernetes.list
    7 curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
    8 apt-get update
    9 apt-get install -y kubeadm=1.17.1-00 kubelet=1.17.1-00 kubectl=1.17.1-00
    10 apt-mark hold kubeadm kubelet kubectl
    11 kubeadm join --token 53gnpy.frzk9xxue4g932e5 k8smaster:6443 --discovery-token-ca-cert-hash sha256:18d6ccbe2874afe0544f82b566342222966f4fef9798f4caa6bea3ffdb7e09d1
    12 history

Categories

Upcoming Training