-
Notifications
You must be signed in to change notification settings - Fork 125
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Installation on GCP stuck on "writing google specific secrets to vault secret store" #2199
Comments
I'm receiving these issues on a DigitalOcean aswell. |
If I extract the vault token as explained here and set the env var some things still don't work, like the ingress for argocd, but otherwise all pods are healthy and I can connect to them |
@Eric-TPS can you confirm what version of |
Just to provide some more info, besides using the UI I've also tried with the cli with this command kubefirst beta google create \
--alerts-email [email protected] \
--github-org orgname \
--domain-name domain \
--google-project project-426512 \
--cluster-name cluster \
--force-destroy true \
--cloud-region europe-central2 \
--node-count 1 \
--dns-provider cloudflare It stopped at writing the google secrets as before. I executed Still, the installation seemed incomplete as the kubefirst UI wouldn't let me create namespaces nor clusters, and 2/3 of the pods were unhealthy due to missing license. |
@PGimenez have you always used a single node in your cluster? I used 3 nodes when I did my tests yesterday which were successful. I've just tried again with a single node (
EDIT. I've just successfully installed using your command (with creds changed). |
@jarededwards - I attempted to deploy using version 2.3.7 from the DO marketplace. The Kubefirst cluster deployed fine, but the environment it tried to deploy would not complete at the vault stage. I attempted a redeployment multiple time without success. |
@PGimenez Can you try rerunning with |
I tried with 2 nodes per zone (6 nodes total, isn't this overkill?) but now the install gets stuck creating the keyrings with this error:
I've tried creating new projects, disabling/enabling the kms api to delete all keyrings, but this error keeps appearing :/ |
On the face of it, yes but there's a lot going on in the cluster. It's definitely something to look at post-beta. The Can you try importing it into your TF state? |
I tried again with 2 nodes per zone in a new project, and I'm stuck at the same place as in my previous post. Manually finished the TF apply, added the secrets manually as well, but 2 of the 3 kubefirst-api pods are not ready with this error
The remaining pod works, but I cannot create anything in the UI ![]() If I try to continue the installation with the kubefirst cli, I get the 500 error although I've manually added the secrets
I'm going to give the k3d install a try. |
@PGimenez I've messaged you in our Slack to do a pairing session on this as it's not making an awful lot of sense as to why I can't recreate this. |
@PGimenez apropos of nothing, I've just had a similar issue with a GCP cluster. I "solved" the problem by deleting the bad Vault pod. It restarted in a healthy condition. It's not a solution, but it is a potential workaround for you |
Which version of kubefirst are you using?
v2.4.10
Which cloud provider?
Google Cloud
Which DNS?
Cloudflare
Which installation type?
UI (Console app)
Which distributed Git provider?
GitHub
Did you use a fork of
gitops-template
?No
Which Operating System?
macOS
What is the issue?
The installation gets stuck for over two hours at 93% writing google specific secrets to vault secret store
![CleanShot 2024-06-14 at 00 10 45](https://private-user-images.githubusercontent.com/5058397/339567499-28fc667b-c295-48df-9623-76140ee63ac8.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjE1MDYyNjgsIm5iZiI6MTcyMTUwNTk2OCwicGF0aCI6Ii81MDU4Mzk3LzMzOTU2NzQ5OS0yOGZjNjY3Yi1jMjk1LTQ4ZGYtOTYyMy03NjE0MGVlNjNhYzgucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDI0MDcyMCUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyNDA3MjBUMjAwNjA4WiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9YTA2ZDc1NTcxZTVhODA0NzZhOGUzNDhiYTQ4OTkyMDc2MWFhNjBjZDA5ZTYyZWYyMzdkMzAzYTY5YjdhNWExZSZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmYWN0b3JfaWQ9MCZrZXlfaWQ9MCZyZXBvX2lkPTAifQ._btkUyyYLdDuXKwDXwZM88HFApLB4XEu3CTa4dfjY74)
Only thing I can see is the vault-1 pod in unhealthy status and showing this message in the logs:
2024-06-13T22:14:01.017Z [INFO] core.autoseal: seal configuration missing, not initialized: seal_type=recovery
update: if I kill the vault-1 pod it runs fine afterwards. however, if I reload the page to restart the install process, it gets stuck at the same point
Code of Conduct
The text was updated successfully, but these errors were encountered: