[Bug 1845264] [NEW] Calico plugin deployment fails with Atomic image.

Tue, 24 Sep 2019 14:36:13 -0700 

Public bug reported:

Deployment details:
template: 
cluster_distro: fedora-atomic
network_driver: calico
image: 
Fedora-Atomic-27-2018041
labels:
{'kube_tag': 'v1.15.4', 'kube_allow_priv': 'true', 'ingress': 'nginx', 
'tiller_enabled': 'true', 'tiller_tag': 'v2.13.1'} |

Issue:

The calico deployment fails and I see the following in the system logs:

Unable to update cni config: No networks found in /etc/cni/net.d
Container runtime network not ready: NetworkReady=false 
reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni 
config uninitialized

The directory /etc/cni/net.d is empty.

When I try to deploy calico manually with the following commands:
CALICO_DEPLOY=/srv/magnum/kubernetes/manifests/calico-deploy.yaml
/usr/local/bin/kubectl apply -f ${CALICO_DEPLOY} --namespace=kube-system

I get the following:
The DaemonSet "calico-node" is invalid: 
spec.template.spec.containers[0].securityContext.privileged: Forbidden: 
disallowed by cluster policy

I believe this is caused by missing --allow-privileged=true flag in kube
apiserver config.

This is a workaround that fixed it for me, along with label:
'kube_allow_priv': 'true':

--- 
/usr/lib/python3/dist-packages/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh.orig
     2019-09-24 21:13:02.947882594 +0000
+++ 
/usr/lib/python3/dist-packages/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh
  2019-09-24 21:13:16.291766370 +0000
@@ -60,7 +60,7 @@
 
-KUBE_API_ARGS="--runtime-config=api/all=true"
+KUBE_API_ARGS="--runtime-config=api/all=true 
--allow-privileged=$KUBE_ALLOW_PRIV"
 

Not sure if I missed any config options but I could not find if the flag
was added anywhere else.


Henro

** Affects: magnum (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1845264

Title:
  Calico plugin deployment fails with Atomic image.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/magnum/+bug/1845264/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to