Bug 1201965 - kube-apiserver fails to create /var/run/kubernetes
Summary: kube-apiserver fails to create /var/run/kubernetes
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: kubernetes
Version: 7.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Jan Chaloupka
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-03-14 03:36 UTC by Etsuji Nakai
Modified: 2015-05-24 02:45 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-05-23 14:10:09 UTC
knakayam: needinfo-


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Bugzilla 1199219 None CLOSED Atomic (7.1.2) update to v1beta3 api version w/latest tag. 2019-08-27 03:28:44 UTC

Internal Links: 1199219

Description Etsuji Nakai 2015-03-14 03:36:56 UTC
Description of problem:

kube-apiserver fails to create /var/run/kubernetes on startup.

Version-Release number of selected component (if applicable):

# rpm -qa | grep kube
kubernetes-0.9.0-0.3.git96af0c3.el7.x86_64

How reproducible:

# systemctl start kube-apiserver.service

The service becomes online on serface, but it shows the following errors on log file.

Mar 14 12:31:54 kubemaster01 kube-apiserver[1126]: E0314 12:31:54.338817    1126 apiserver.go:269] Unable to listen for secure (open /var/run/kubernetes/apiserver.crt: no such file or directory); will try again.
Mar 14 12:32:09 kubemaster01 kube-apiserver[1126]: E0314 12:32:09.339238    1126 apiserver.go:269] Unable to listen for secure (open /var/run/kubernetes/apiserver.crt: no such file or directory); will try again.


Additional info:

This is probably because kube-apiserver runs as user kube and it doesn't have a write permission on /var/run.

As a workaround, I created the drop-in systemd config and it worked well.

# cat /etc/systemd/system/kube-apiserver.service.d/pre-start.conf 
[Service]
PermissionsStartOnly=yes
ExecStartPre=/usr/bin/mkdir -p /var/run/kubernetes
ExecStartPre=/usr/bin/chown kube.kube /var/run/kubernetes

Comment 2 Eric Paris 2015-03-14 14:47:58 UTC
Fix in Fedora:
https://bugzilla.redhat.com/show_bug.cgi?id=1200969


Note You need to log in before you can comment on or make changes to this bug.