Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Strange behavior when downloading kubeadm from dl.k8s.io #7398

Closed
sebypp opened this issue Oct 13, 2024 · 3 comments
Closed

Strange behavior when downloading kubeadm from dl.k8s.io #7398

sebypp opened this issue Oct 13, 2024 · 3 comments
Labels
sig/k8s-infra Categorizes an issue or PR as relevant to SIG K8s Infra.

Comments

@sebypp
Copy link

sebypp commented Oct 13, 2024

Hello everyone,

Background information: I'm trying to create a Kubernetes cluster using kubespray and some VMs from Hetzner. The setup is pretty simple, I have 3 control and 3 worker nodes, each with public IP addresses (so nothing fancy).

Problem statement: when kubespray is trying to download kubeadm from dl.k8s.io, 5 hosts work, but for the 6th one I get HTTP Error 403: Forbidden. This might indicate blacklisting is configured on dl.k8s.io, which seems a bit strange, considering Hetzner is a reputable cloud vendor. Full evidence below

TASK [kubernetes_sigs.kubespray.download : Download_file | Download item] ***********************************************************************************************************************************************
ok: [controller03]
ok: [controller02]
ok: [controller01]
FAILED - RETRYING: [node02]: Download_file | Download item (4 retries left).
changed: [node01]
changed: [node03]
FAILED - RETRYING: [node02]: Download_file | Download item (3 retries left).
FAILED - RETRYING: [node02]: Download_file | Download item (2 retries left).
FAILED - RETRYING: [node02]: Download_file | Download item (1 retries left).
fatal: [node02]: FAILED! => {
    "attempts": 4,
    "changed": false,
    "dest": "/tmp/releases/kubeadm-v1.30.4-amd64",
    "elapsed": 0,
    "response": "HTTP Error 403: Forbidden",
    "status_code": 403,
    "url": "https://dl.k8s.io/release/v1.30.4/bin/linux/amd64/kubeadm"
}

MSG:

Request failed

Any ideas?

Thx!
@sebypp sebypp added the sig/k8s-infra Categorizes an issue or PR as relevant to SIG K8s Infra. label Oct 13, 2024
@dims
Copy link
Member

dims commented Oct 13, 2024

@sebypp we've seen this before with other artifacts, so please create a local mirror of things you need and use it.

kubernetes/registry.k8s.io#138

You can search for hetzner in the k8s slack and see more discussions that keep popping up.

@sebypp
Copy link
Author

sebypp commented Oct 15, 2024
edited
Loading

@dims , thanks for the heads up. I've also got a reply from Hetzner support saying that some GeoIP databases are incorrectly flagging their IP addresses as belonging to different geographies.

The suggested solution was "please assign an alternative IP address using the "Primary IPs" menu of your respective project." Curious how that will work with Terraform :)

@sebypp sebypp closed this as completed Oct 15, 2024
@dims
Copy link
Member

dims commented Oct 15, 2024

@sebypp yea, unfortunate :(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
sig/k8s-infra Categorizes an issue or PR as relevant to SIG K8s Infra.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dims @sebypp