LAB 3.1 Installation

shasha

hi friends,
As I'm following the instructions in the book, when i reached to sep 14 with this command
kubeadm init --config=kubeadm-config.yaml --upload-certs | tee kubeadm-init.out # Save output for future review

i got this for output >>>
invalid configuration for GroupVersionKind /, Kind=: kind and apiVersion is mandatory information that must be specified
To see the stack trace of this error execute with --v=5 or higher

how can i solve this ??? what is wrong in my lab ???

serewicz

Hello,

Please look at the contents of your kubeadm-config.yaml file. Does it match what is in the book? Did you copy over the example file provided in the course tarball? Also make sure the path matches the file location when using --config.

Regards,

chrispokorni

Hi @shasha,

These errors are typically produced when kubeadm init is run several times consecutively.

I would recommend a kubeadm reset before running another kubeadm init.

Regards,
-Chris

chrispokorni

Hi @saumya043,

In addition to the details provided by the Overview section of lab 3.1, there are demo video guides that show you how to provision your VMs for the lab environment. These video guides are focusing on Google Cloud and Amazon Web Services, but in combination with VM specs detailed in the Overview, you may be able to provision VMs locally as well, through a hypervisor such as VirtualBox. However, Google Compute Engine (GCE) VMs are recommended because they require the least amount of configuration for the lab exercises to work as presented in the lab guide.

You can view and/or download these video guides from the resources URL provided in the Overview section of lab 3.1, with the required user ID and passwords found below the URL in the lab manual.

Depending on your host workstation's Operating System, the terminal or SSH client application you are planning to use, the video guides may relate in their entirety to your environment, or you may need to use additional tools to help you accomplish the setup of your lab environment.

The videos are aimed at users running Windows Operating System with Putty SSH client. One of the videos shows users how to create a PPK key file with Puty KeyGen, how to provision Google Compute Engine (GCE) VMs on the Google Cloud Platform (GCP), how to configure the VMs with the key file, and how to connect to these running VMs with the Putty SSH client. Another video shows how to provision Elastic Compute Cloud (EC2) VMs on the Amazon Web Services (AWS) platform, how to retrieve an auto generated PEM key file, then how to convert the key file with Putty KeyGen to PPK format required by the Putty SSH client, and then finally connect to the VMs with Putty.

Similar provisioning steps are required for other host Operating Systems, SSH clients, cloud environments and/or local hypervisors.

Regards,
-Chris

shasha

tnx for reply serewicz,
yes the contents of kubeadm-config.yaml file are match whit book

piVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: 1.19.1 #<-- Use the word stable for newest version
controlPlaneEndpoint: "k8smaster:6443" #<-- Use the node alias not the IP
networking:
podSubnet: 192.168.0.0/16 #<-- Match the IP range from the Calico config file

>

OH my GOD... the A from API is missed

shasha

Just After pass this i face with this error .

>

[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR Port-6443]: Port 6443 is in use
[ERROR Port-10259]: Port 10259 is in use
[ERROR Port-10257]: Port 10257 is in use
[ERROR FileAvailable--etc-kubernetes-manifests-kube-apiserver.yaml]: /etc/kubernetes/manifests/kube-apiserver.yaml already exists
[ERROR FileAvailable--etc-kubernetes-manifests-kube-controller-manager.yaml]: /etc/kubernetes/manifests/kube-controller-manager.yaml already exists
[ERROR FileAvailable--etc-kubernetes-manifests-kube-scheduler.yaml]: /etc/kubernetes/manifests/kube-scheduler.yaml already exists
[ERROR FileAvailable--etc-kubernetes-manifests-etcd.yaml]: /etc/kubernetes/manifests/etcd.yaml already exists
[ERROR Port-10250]: Port 10250 is in use
[ERROR Port-2379]: Port 2379 is in use
[ERROR Port-2380]: Port 2380 is in use
[ERROR DirAvailable--var-lib-etcd]: /var/lib/etcd is not empty
[preflight] If you know what you are doing, you can make a check non-fatal with --ignore-preflight-errors=...
To see the stack trace of this error execute with --v=5 or higher

>

i think when i try to solve my old problem i do something wrong.
does it any way to return to structure or must start from first step ?

saumya043

hi
I am not able to understand step 1 of this lab ....can anyone please explain it to me...as when i am running the command with my username and ip address(ethernet) it showing "LFS458.pem" identity file not found....

saumya043

should i create a ssh-key and another localhost alias....i am too confused

saumya043

@chrispokorni

shasha

@saumya043 this step depend on your lab could be different.
if you use VM and install OS yourself you can used your username and password insist of .pem file.
and if you make your environment on cloud. you must use their .pem file --( the LFS458.pem just an example in this document )

gaurav4978

Hello I am trying to run a below command:
kubeadm init --config=kubeadm-config.yaml --upload-certs | tee kubeadm-init.out

But I am getting an error:
invalid configuration for GroupVersionKind /, Kind=: kind and apiVersion is mandatory information that must be specified
To see the stack trace of this error execute with --v=5 or higher

If I check the contents of kubeadm-config.yaml file and compare with what is in the provided book they are same.

Any help on how I can fix this?

Thank you,
Gaurav

chrispokorni

Hi @gaurav4978,

Keep in mind that the content of this file is case sensitive.
Kind: should be lower-cased kind:

Using the config files and scripts provided in the SOLUTIONS tarball would help to prevent such typos in the future.

Regards,
-Chris

gaurav4978

Hey @chrispokorni ,
Thanks for your response. Nice pick though, but still seeing same issue do I need to reset kubeadm too?

Where do we find this "Using the config files and scripts provided in the SOLUTIONS tarball would help to prevent such typos in the future."

Thanks!

chrispokorni

Hi @gaurav4978,

You are correct, a kubeadm resetneeds to be executed before another attempt at kubeadm init

You can revisit the "Course Resources" page of Chapter 1, or Lab Exercise 3.1 to find instructions on how to access the SOLUTIONS tarball.

Regards,
-Chris

gaurav4978

Hi @chrispokorni ,

Thanks again for your prompt response.

The above second screenshot was from the Lab Exercise 3.1 from where I copied and created that config file. However, still seeing the same error even after _reset _command.

Thanks!

chrispokorni

Hi @gaurav4978,

Copy/paste directly from the PDF is not the most reliable method to build configuration files, that is why the SOLUTIONS tarball is made available, that includes files needed for most lab exercises.

Regards,
-Chris

rtodich

I am running into similar issues when running the below command...

kubeadm init --config kubeadm-config.yaml --upload-certs | tee kubeadm-init.out # Save output for future review

Everything seems to run just fine until this...

Ran the kubeadm reset command and then tried again with same error. My config file is just like the one in the tarbal. Only difference is I used the word stable instead of version number just like below.

kubernetesVersion: stable #<-- Use the word stable for newest version

Any advise would be great as I am hung until I get past this.

Cheers,
Ray

chrispokorni

Hi @rtodich,

I'd recommend using the kubernetes version from the lab guide, as it will allow you to also complete the cluster update exercise from chapter 4.

The connection refused errors may be related to a networking configuration of your infrastructure. Are you using cloud or local hypervisor for the VMs? Is there a firewall running on your instance that may block traffic to any ports? Is the hosts file configured with the correct IP address and alias?

Regards,
-Chris

rtodich

Hey Chris,

I changed the Kubernetes version to 1.20.1, which is what the book has. I am using AWS as my infrastructure. Host file is correct as I double-checked. Decided to create a new node and retry from scratch. Looks like the network errors are coming from the local host. The security group in AWS associated with the nodes are wide open within the ip ranges 172.31.0.0/16. Might the linux box itself have a firewall that is the issue?

rtodich

I can say that during the new configuration and the others, this is something that I have never been prompted for. Would this make a difference regarding the sshd-config file?

chrispokorni

HI @rtodich,

The services restart and the sshd prompts are dated, and have not been seen lately.

Your issue is related to your networking. Did you have a chance to watch the video demo on how to set up your infrastructure with AWS?

Are you using the default AWS VPC? If so, try creating a new VPC, with a single SG to allow all protocols ingress traffic from all source to all ports.

On your EC2 instance you can check whether the OS level firewall is active with sudo ufw status

Regards,
-Chris

rtodich

@chrispokorni said:
Hi @rtodich,

I'd recommend using the kubernetes version from the lab guide, as it will allow you to also complete the cluster update exercise from chapter 4.

The connection refused errors may be related to a networking configuration of your infrastructure. Are you using cloud or local hypervisor for the VMs? Is there a firewall running on your instance that may block traffic to any ports? Is the hosts file configured with the correct IP address and alias?

Regards,
-Chris

I have redone everything and am back at the section for initializing the cp. Below is the command I will be running.

kubeadm init --config kubeadm-config.yaml --upload-certs | tee kubeadm-init.out # Save output for future review

I have remove the / and the = between config=kubeadm-config.yaml as I have read this can be done. Would this be correct or should the = be in there?

chrispokorni

Hi @rtodich,

I could not find such a recommendation in the lab guide to run the command without the "=" sign. Also, if you have a chance to explore the official documentation, you may find examples using the "=" sign.

Regards,
-Chris

aadeola23

Hello,

Please see the error I had when I tried step 17

What do I do please?

Thank you.

chrispokorni

Hi @aadeola23,

It seems that in modifying the cp command in step #17 you managed to wipe the kubectl client credentials stored in the .kube/config file.

Please revisit the previous step #16 and run again the 2nd, 3rd and 4th commands as presented, without any changes. If successful, then continue with step #17, by running the commands without any changes.

Regards,
-Chris

aadeola23

Thanks Chris,

I have followed the steps as stated again but still getting the same error and I cannot move forward. I am not sure what you mean by:

"It seems that in modifying the cp command in step #17 you managed to wipe the kubectl client credentials stored in the .kube/config file."

I do not think I wiped the kubectl client credentials. I did not even edit the file I just closed it with "q!". Or maybe I do not understand what you mean.

What would you advise please?

Thank you.

chrispokorni

Hi @aadeola23,

Between the suggested command in step#17 and the executed command visible in the terminal snippet there is a clear difference, which caused the .kube/config file to be overwritten by the calico.yaml file. If this outcome is unclear, please explore the Linux man pages on cp (the copy command) for clarification.

If the suggested steps have been repeated as presented in the PDF lab guide, and the error persists, it may be due to an earlier step. Please provide the history of your commands you ran for this lab, and the kubeadm-init.out file provide it as an attachment.

Regards,
-Chris

aadeola23

Thanks a lot Chris.

I know where the problem is now. I should have used a '.' in step 17 while copying the calico file to the non-root user directory. Its okay now. Thanks so much.

See below:

student@master:~$ sudo cp /root/calico.yaml .
student@master:~$
student@master:~$
student@master:~$ kubectl apply -f calico.yaml
configmap/calico-config created
customresourcedefinition.apiextensions.k8s.io/bgpconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/bgppeers.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/blockaffinities.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/caliconodestatuses.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/clusterinformations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/felixconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/globalnetworkpolicies.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/globalnetworksets.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/hostendpoints.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamblocks.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamconfigs.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamhandles.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ippools.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipreservations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/kubecontrollersconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/networkpolicies.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/networksets.crd.projectcalico.org created
clusterrole.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrole.rbac.authorization.k8s.io/calico-node created
clusterrolebinding.rbac.authorization.k8s.io/calico-node created
daemonset.apps/calico-node created
serviceaccount/calico-node created
deployment.apps/calico-kube-controllers created
serviceaccount/calico-kube-controllers created
Warning: policy/v1beta1 PodDisruptionBudget is deprecated in v1.21+, unavailable in v1.25+; use policy/v1 PodDisruptionBudget
poddisruptionbudget.policy/calico-kube-controllers created
student@master:~$