Hide Forgot
URGENT! - the current content of 'apiserver-pod.json' is incorrect and customers will be unable to start kubernetes cluster using the instructions here: https://access.redhat.com/documentation/en/red-hat-enterprise-linux-atomic-host/7/paged/getting-started-with-kubernetes/chapter-1-get-started-orchestrating-containers-with-kubernetes The content for the 'apiserver-pod.json' need to be updated to reflect the following (full version at end of comment): # diff docs-apiserver-pod.json fixed-apiserver-pod.json 12a13,20 > "command": [ > "/usr/bin/kube-apiserver", > "--v=0", > "--address=0.0.0.0", > "--etcd_servers=http://127.0.0.1:2379", > "--service-cluster-ip-range=10.254.0.0/16", > "--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota" > ], These options need to be passed in as part of the JSON file because the '/etc/kubernetes/apiserver' file is no longer present in RHELAH 7.3. Previously, that file would have provided these options to the 'apiserver' container. Full version of 'apiserver-pod.json' ------------------------------------- { "kind": "Pod", "apiVersion": "v1", "metadata": { "name": "kube-apiserver" }, "spec": { "hostNetwork": true, "containers": [ { "name": "kube-apiserver", "image": "rhel7/kubernetes-apiserver", "command": [ "/usr/bin/kube-apiserver", "--v=0", "--address=0.0.0.0", "--etcd_servers=http://{{ ansible_default_ipv4.address }}:2379", "--service-cluster-ip-range=10.254.0.0/16", "--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota" ], "ports": [ { "name": "https", "hostPort": 443, "containerPort": 443 }, { "name": "local", "hostPort": 8080, "containerPort": 8080 } ], "volumeMounts": [ { "name": "etcssl", "mountPath": "/etc/ssl", "readOnly": true }, { "name": "config", "mountPath": "/etc/kubernetes", "readOnly": true } ], "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8080 }, "initialDelaySeconds": 15, "timeoutSeconds": 15 } } ], "volumes": [ { "name": "etcssl", "hostPath": { "path": "/etc/ssl" } }, { "name": "config", "hostPath": { "path": "/etc/kubernetes" } } ] } }
I fixed the apiserver-pod.json file and pushed it to master. It is ready to publish. It should publish later today. We will note when it is published.
There is a small error from the copy/paste I did. This line: "--etcd_servers=http://{{ ansible_default_ipv4.address }}:2379", Should read: "--etcd_servers=http://127.0.0.1:2379", Probably a good thing to check before the publish happens today.
Thanks Chris and Micah. This is now live. Moving this to CLOSED-->CURRENT_RELEASE.
Vikram/Chris, my comments in #3 were not addressed. The live version is missing a value for '--etcd_servers': "containers": [ { "name": "kube-apiserver", "image": "rhel7/kubernetes-apiserver", "command": [ "/usr/bin/kube-apiserver", "--v=0", "--address=0.0.0.0", "--etcd_servers=http://:2379", <----- NOTE HERE NO IP ADDR "--service-cluster-ip-range=10.254.0.0/16", "--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota" ],
Okay. I corrected the etcd_servers line to read as follows: "--etcd_servers=http://127.0.0.1:2379", It is ready to publish.
Thanks Chris. Republished here[1]. Moving this bug to CLOSED --> CURRENT_RELEASE. [1] https://access.redhat.com/documentation/en/red-hat-enterprise-linux-atomic-host/7/paged/getting-started-with-kubernetes/chapter-1-get-started-orchestrating-containers-with-kubernetes