Bug 1201965

Summary: kube-apiserver fails to create /var/run/kubernetes
Product: Red Hat Enterprise Linux 7 Reporter: Etsuji Nakai <enakai>
Component: kubernetesAssignee: Jan Chaloupka <jchaloup>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.1CC: cgoern, eparis, jchaloup, knakayam
Target Milestone: rcKeywords: Extras
Target Release: ---Flags: knakayam: needinfo-
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-05-23 14:10:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Etsuji Nakai 2015-03-14 03:36:56 UTC 
Description of problem:

kube-apiserver fails to create /var/run/kubernetes on startup.

Version-Release number of selected component (if applicable):

# rpm -qa | grep kube
kubernetes-0.9.0-0.3.git96af0c3.el7.x86_64

How reproducible:

# systemctl start kube-apiserver.service

The service becomes online on serface, but it shows the following errors on log file.

Mar 14 12:31:54 kubemaster01 kube-apiserver[1126]: E0314 12:31:54.338817    1126 apiserver.go:269] Unable to listen for secure (open /var/run/kubernetes/apiserver.crt: no such file or directory); will try again.
Mar 14 12:32:09 kubemaster01 kube-apiserver[1126]: E0314 12:32:09.339238    1126 apiserver.go:269] Unable to listen for secure (open /var/run/kubernetes/apiserver.crt: no such file or directory); will try again.


Additional info:

This is probably because kube-apiserver runs as user kube and it doesn't have a write permission on /var/run.

As a workaround, I created the drop-in systemd config and it worked well.

# cat /etc/systemd/system/kube-apiserver.service.d/pre-start.conf 
[Service]
PermissionsStartOnly=yes
ExecStartPre=/usr/bin/mkdir -p /var/run/kubernetes
ExecStartPre=/usr/bin/chown kube.kube /var/run/kubernetes
Comment 2 Eric Paris 2015-03-14 14:47:58 UTC 
Fix in Fedora:
https://bugzilla.redhat.com/show_bug.cgi?id=1200969