Docker downgrade fails #28
Comments
|
Could be that something upstream has changed. I'm going to try to upgrade to Kubernetes 1.8 soon, so will verify this, too. |
|
I just encountered the same problem. Seems to related to wrong systemd config. In |
|
@kerko cool, thanks for the pointer ! weekend is raspi time, will fix it then. |
|
I have tested in the mean time with Kubernetes v 1.8.0 and docker version 17.05.0-ce. You have to update the iptables for cni0, and than it works. BUT : I'm now hitting an issue that the server doesn't store the JWS key. So after 24 horus (ttl set to 0 doesn't help) you loose the ability to join. When a worker node reboots, it's lost. When the master reboots everything is gone. $ kubectl version $ docker version Server: |
|
I'm about to update to 1.8.0 and just checked the minimal Docker version to use: From https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG.md#external-dependencies:
So I will go with 17.03.2 if available for Hypriot and use that version for the next update. |
|
Super, i’m looking forward to your results. I really want to get it working. |
|
I'm just about to push, but it turns out that regardless what I do, the token has an expiry of 24h. I opened a Kubernetes issue here --> kubernetes/kubernetes#53637. However, when we create a token after the bootstrap with then it creates a proper token (check with |
|
@peykens @kerko I updated the playbooks, and also the base system to Hypriot 1.6.0. If you have the possibility, I'd recommend starting from scratch (did it just twice, took me ~ 15 mins each). The problem with the expiring tokens should be fixed, but for sure I only know it tomorrow ;-) Please let me know, whether this update works for you. |
|
Hi, I'm missing a file "Could not find or access 'docker.service'" in task TASK [kubernetes : Update docker service startup] The former docker-1.12.service Task :
|
|
Sorry, forgot to check in (renamed it to remove the version number). Should be back now ... |
|
Hi @rhuss , First of all thx for your effort.
|
|
thanks for the feedback. tbh, I use weave at the moment (that's what I tested) and don't run into the issues you mentioned. I guess, flannel integration needs some love again (however, I'm happy that one network implementation works smoothely). I haven't tested a proper reboot yet, but will do asap. Looks like still an issue with the downgrade. |
|
I just found out that it took 12 minutes but the docker came up on the node. For sure not the proper solution, really curious what it is: journalctl -u docker |
|
Ah, got it. Two service files, and I copied it to the wrong location. Let me fix this. |
Feel free to kick in for the flannel fix, happy about any PR ;-) |
|
Hold on, there are still issues wrt restarts. I think its much better to write a |
|
Took a bit, but there was an issue with Hypriot 1.6.0, too. Just added a fix for this, so should work now. @peykens any chance that you can test the updated playbooks ? |
|
I will flash all my Pi's with hypriot image 1.6.0 again and start from scratch |
|
Hi @rhuss , I flashed my 4 Pi's and started from scratch. I just skip the network overlay since I use flannel. So thx a lot for the work. Unfourtunately, the ingress controller is no longer working on these versions :-( Do you also use an ingress controller ? |
|
In the mean time I dropped my flannel and restarted with the weave. |
|
Ok, got it finally working. Needed to create the ServiceAccount, ClusterRole and ClusterRoleBinding. SUPER, now let's wait and see if it keeps on working after 24h (initial token expiry). Next step, the Kubernetes dashboard. If you have any working links to that, it would be great. |
|
@peykens Traefik integration is pending (I have some initial POC), for the dashboard, including heapster and influxdb you can just call: You then have a kubernetes-dashboard service which you can either export via ingress or via |
|
OK, missed that one. apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: kubernetes-dashboard
spec:
rules:
- http:
paths:
- path: /dashboard
backend:
serviceName: kubernetes-dashboard
servicePort: 80ssh tunnel works fine to get access to the dashboard. |
|
Yeah, kubernetes-dashboard is running in namespace kube-system (as the other infra services). I suggest that you install the ingress object also into this namespace. |
This work for sure as I created an extra token which never expires (you can check with |
|
I created the ingress in namespace kube-system, but it doesn't help. |
|
Last guess: Replace Otherwise, I will continue on the traefik ingress controller soon (and also rook as distributed fs), and will adapt the dashboard accordingly. |
|
I had another app running behind / therefore I used another path. Thx a lot for your help. Don't know how to thank you. |
|
you are welcome ;-). I'm going to close this issue now, feel free to open a new one if you hit some other issues. |
|
Per kubernetes/kubeadm#335 (comment), |
Hi,
I'm trying to run this great ansible scripts, but the docker downgrade always fails.
RUNNING HANDLER [kubernetes : restart docker] ***************************************************************************************************************************************
fatal: [192.168.1.200]: FAILED! => {"changed": false, "failed": true, "msg": "Unable to start service docker: Job for docker.service failed. See 'systemctl status docker.service' and 'journalctl -xn' for details.\n"}
Anyone else also facing this issue ?
The text was updated successfully, but these errors were encountered: