Bugfix: kubelet on edge node keeps restarting issue #370
Conversation
…xecuted issue. See detailed description of the issue at openyurtio#367.
|
@Windrow: GitHub didn't allow me to assign the following users: your_reviewer. Note that only openyurtio members, repo collaborators and people who have commented on this issue/PR can be assigned. Additionally, issues/PRs can only have 10 assignees at the same time. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
Welcome @Windrow! It looks like this is your first PR to openyurtio/openyurt 🎉 |
pkg/yurtctl/util/edgenode/common.go
Outdated
| command: | ||
| - yurthub | ||
| - --v=2 | ||
| - --server-addr=__kubernetes_service_addr__ | ||
| - --node-name=$(NODE_NAME) | ||
| - --join-token=__join_token__ |
There was a problem hiding this comment.
Why delete parameter --join-token which generated when converted by yurtctl.
There was a problem hiding this comment.
join-token is not specified in openyurt/config/yaml-templateyurthub.yaml, as well. I think it is not a must if we do not use hubself mode.
Precisely to say, this is the trick to make yurthub not use hubself mode but kubelet mode.
I0628 15:53:18.792549 1 cert_mgr.go:372] no join token, so use kubelet config to bootstrap hub
I have to admit, it's a workaround for the issue I encountered, but not a proper cure to the root cause.
There was a problem hiding this comment.
@Windrow join-token can be generated by yurtctl, and we suggest that use hubself mode with join-token to generate yurthub client certificate that used to connect kube-apiserver. so we need to keep --join-token parameter for yurthub.
But if we do not provide |
|
Working on a solution to the root cause. /wip |
pkg/yurtctl/util/edgenode/common.go
Outdated
| path: /var/lib/yurthub | ||
| type: DirectoryOrCreate | ||
| path: /etc/kubernetes/pki | ||
| type: Directory |
There was a problem hiding this comment.
/var/lib/yurthub should be kept for yurthub certificates storage. and /etc/kubernetes/pki is not need to added because /etc/kubernetes hostpath has already mounted.
openyurt-bot
added
size/XS
openyurt-bot
added
size/S
|
@Windrow Thank you for making up pull request. |
|
@Windrow please fix the following ci errors. |
|
@Windrow please fix the following ci errors. |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rambohe-ch, Windrow The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
* Bugfix: kubelet on edge node keeps restarting after yurtctl convert executed issue. See detailed description of the issue at openyurtio#367. * Revert ec98fef * Remove yurt-hub config directory and certificates in it when revert edgenode. * Fix compilation issue. * Fix compilation issue. * Fix compilation issue. * Fix compilation issue. * Fix compilation issue. * Fix gofmt warning. Co-authored-by: Yinzhe.Wu <Yinzhe.Wu@sony.com>
Bugfix: kubelet on edge node keeps restarting after yurtctl convert executed issue.
With current configuration,
/var/lib/yurthubis used but not cleared on reset, and files in it would not be updated on next setup. Therefore, if we reuse the reset edge node again when credential of the cluster changed, kubehub would use wrong credential after conversion.yurthub.yamlinyaml-templateuses/etc/kubernetes/pkiinstead of/var/lib/yurthub, which could be a replacement.See detailed description and investigation process of the issue at #367.
What type of PR is this?
/kind bug
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #367
Special notes for your reviewer:
/assign @rambohe-ch @yixingjia
Does this PR introduce a user-facing change?
other Note