Welcome to the Linux Foundation Forum!

LAB#3.4: Deployment is not coming to Available

I am not able to make my deployment available as per Lab 3.4. I followed the steps as per the doc to create the deployment of nginx. The deployment gets created but the status in Available is 0. Here is the outpu:

student@master-node:~$ kubectl get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 0/1 1 0 5m19s.
here are the logs for it :
student@master-node:~$ kubectl logs -f nginx-65f88748fd-ls6d9
Error from server (BadRequest): container "nginx" in pod "nginx-65f88748fd-ls6d9" is waiting to start: ContainerCreating

I am working on GCP Vm, docker engine is up. My user "student" is part of docker group and without sudo able to run docker images. I am not able to figure out why the deployment is not coming as active.
COuld some one please help...?

Thanks in Advance!
Shubhasis

Comments

  • serewicz
    serewicz Posts: 1,000

    Hello,

    Are the various infrastructure pods running? Please run kubectl get pods --all-namespaces

    If they are all running check to make sure all ports are open to all nodes in the VPC. If they are not running check the logs of each. Also please see if there are any errors in the output of kubectl get events

    Regards,

  • Thanks for your reply. I see some exceptions.
    Regarding namespaces: Coredns status are "COntainer Creating", rest are fine. Here is the logs:
    student@master-node:~$ kubectl get pods --all-namespaces
    NAMESPACE NAME READY STATUS RESTARTS AGE
    default nginx-65f88748fd-ls6d9 0/1 ContainerCreating 0 31m
    kube-system calico-node-g655z 2/2 Running 2 15h
    kube-system calico-node-wc2bs 2/2 Running 0 51m
    kube-system coredns-fb8b8dccf-7pwbh 0/1 ContainerCreating 0 43m
    kube-system coredns-fb8b8dccf-pjd5t 0/1 ContainerCreating 0 43m

    kube-system etcd-master-node 1/1 Running 1 15h
    kube-system kube-apiserver-master-node 1/1 Running 1 15h
    kube-system kube-controller-manager-master-node 1/1 Running 1 15h
    kube-system kube-proxy-6zgpl 1/1 Running 0 51m
    kube-system kube-proxy-vd9t6 1/1 Running 1 15h
    kube-system kube-scheduler-master-node 1/1 Running 1 15h

    For the events log, I see the exceptions in form of warnings:
    31m Warning FailedCreatePodSandBox pod/nginx-65f88748fd-ls6d9 Failed create pod sandbox: rpc error: code = Unknown desc = failed to set up sandbox container "b91c065e04ab892712d705833b8e76e08bc448c00a8bb226aa27a7339bb44101" network for pod "nginx-65f88748fd-ls6d9": NetworkPlugin cni failed to set up pod "nginx-65f88748fd-ls6d9_default" network: no podCidr for node master-node
    6m39s Warning FailedCreatePodSandBox pod/nginx-65f88748fd-ls6d9 (combined from similar events): Failed create pod sandbox: rpc error: code = Unknown desc = failed to set up sandbox container "1a34960163aee1b4ef59b8b3af0ba99c585f457929110933542fc96da2fe62ce" network for pod "nginx-65f88748fd-ls6d9": NetworkPlugin cni failed to set up pod "nginx-65f88748fd-ls6d9_default" network: no podCidr for node master-node

    I think VPC of my VM's running on GC is fine as I have set no firewalls.

    Please suggest .

  • Please suggest, I think the problem lies with the fact that the core dns pods are not coming up and hence they are blocking the deployments. I will appreciate if I can find the solution of it. Struggling from last two days with no solution yet :(

  • @serewicz said:
    Hello,
    Are the various infrastructure pods running? Please run kubectl get pods --all-namespaces
    If they are all running check to make sure all ports are open to all nodes in the VPC. If they are not running check the logs of each. Also please see if there are any errors in the output of kubectl get events
    Regards,

    @serewicz said:
    Hello,
    Are the various infrastructure pods running? Please run kubectl get pods --all-namespaces
    If they are all running check to make sure all ports are open to all nodes in the VPC. If they are not running check the logs of each. Also please see if there are any errors in the output of kubectl get events
    Regards,

    Thanks for your reply Serewicz. I see some exceptions.
    Regarding namespaces: Coredns status are "COntainer Creating", rest are fine. Here is the logs:
    student@master-node:~$ kubectl get pods --all-namespaces
    NAMESPACE NAME READY STATUS RESTARTS AGE
    default nginx-65f88748fd-ls6d9 0/1 ContainerCreating 0 31m
    kube-system calico-node-g655z 2/2 Running 2 15h
    kube-system calico-node-wc2bs 2/2 Running 0 51m
    kube-system coredns-fb8b8dccf-7pwbh 0/1 ContainerCreating 0 43m
    kube-system coredns-fb8b8dccf-pjd5t 0/1 ContainerCreating 0 43m
    kube-system etcd-master-node 1/1 Running 1 15h
    kube-system kube-apiserver-master-node 1/1 Running 1 15h
    kube-system kube-controller-manager-master-node 1/1 Running 1 15h
    kube-system kube-proxy-6zgpl 1/1 Running 0 51m
    kube-system kube-proxy-vd9t6 1/1 Running 1 15h
    kube-system kube-scheduler-master-node 1/1 Running 1 15h

    For the events log, I see the exceptions in form of warnings:
    31m Warning FailedCreatePodSandBox pod/nginx-65f88748fd-ls6d9 Failed create pod sandbox: rpc error: code = Unknown desc = failed to set up sandbox container "b91c065e04ab892712d705833b8e76e08bc448c00a8bb226aa27a7339bb44101" network for pod "nginx-65f88748fd-ls6d9": NetworkPlugin cni failed to set up pod "nginx-65f88748fd-ls6d9_default" network: no podCidr for node master-node
    6m39s Warning FailedCreatePodSandBox pod/nginx-65f88748fd-ls6d9 (combined from similar events): Failed create pod sandbox: rpc error: code = Unknown desc = failed to set up sandbox container "1a34960163aee1b4ef59b8b3af0ba99c585f457929110933542fc96da2fe62ce" network for pod "nginx-65f88748fd-ls6d9": NetworkPlugin cni failed to set up pod "nginx-65f88748fd-ls6d9_default" network: no podCidr for node master-node

    I think VPC of my VM's running on GC is fine as I have set no firewalls. It is indeed due to the core dns namespace not coming up. PLease help me here, stuck on this issue from last two days.

  • serewicz
    serewicz Posts: 1,000

    Hello,

    If you did not go out of your way to open all ports, then the default settings of the VPC may be the issue. I would also go back and ensure that when you ran kubeadm init, you passed the exact IP range as is found in the calico.yaml file. You can also use wireshark or tcpdump on both nodes to see what traffic is leaving one and being accepted by the other. Chances are calico/Felix/BIRD communication is not making it through even if other traffic is seen.

    If you review the setup video it will guide you in ensuring all ports are open between nodes, which I think is the issue.

    Regards,

  • chrispokorni
    chrispokorni Posts: 2,155

    Hi,
    Sometimes just deleting the coredns pods forces new ones to be created, and at times that may fix the issue. If that does not, then per @serewicz 's suggestion a custom VPC (not the default one) with a custom all-open firewall rule would enable all traffic between your nodes. The default firewalls for the default VPC are typically blocking some traffic, even if that is not immediately obvious.
    Regards,
    -Chris

  • @serewicz said:
    Hello,
    If you did not go out of your way to open all ports, then the default settings of the VPC may be the issue. I would also go back and ensure that when you ran kubeadm init, you passed the exact IP range as is found in the calico.yaml file. You can also use wireshark or tcpdump on both nodes to see what traffic is leaving one and being accepted by the other. Chances are calico/Felix/BIRD communication is not making it through even if other traffic is seen.
    If you review the setup video it will guide you in ensuring all ports are open between nodes, which I think is the issue.
    Regards,

    @serewicz, Thanks so much. You nailed it right. The reason was I provided wrong CIDR range for my Pod Network which is calico in my case. Re initializing the kubeadm did the trick.
    Thanks Again!> @chrispokorni said:

    Hi,
    Sometimes just deleting the coredns pods forces new ones to be created, and at times that may fix the issue. If that does not, then per @serewicz 's suggestion a custom VPC (not the default one) with a custom all-open firewall rule would enable all traffic between your nodes. The default firewalls for the default VPC are typically blocking some traffic, even if that is not immediately obvious.
    Regards,
    -Chris

    Thanks Chris for looking at it... I realize the reason to be not given the right cidr while applying the network configuration, in my case it was calico. Thanks for checking it... all default pods are up now!

Categories

Upcoming Training