Azure-docs: Kiali container doesn't come up

Created on 17 Feb 2019 · 9Comments · Source: MicrosoftDocs/azure-docs

I used the command given in this documentation to install Istio, which has Kiali.enabled as true " --set kiali.enabled=true" , but when run this command, I see Kiali container doesn't come up. it is looking for kiali secret, which is not there.

I did Kubectl describe pod <kiali-pod> , see the following error flagged:

Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 12m default-scheduler Successfully assigned istio-system/kiali-7bf98df4fb-vmh26 to aks-agentpool-19733474-1
Normal Pulling 12m kubelet, aks-agentpool-19733474-1 pulling image "docker.io/kiali/kiali:v0.12"
Normal Pulled 11m kubelet, aks-agentpool-19733474-1 Successfully pulled image "docker.io/kiali/kiali:v0.12"
Warning Failed 6m52s (x21 over 11m) kubelet, aks-agentpool-19733474-1 Error: secret "kiali" not found

I think, there is some more config about Kiali required. Please fix this.

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

ID: 68b5d00d-529b-a8be-47bf-773c967f0e72
Version Independent ID: 0cf044ef-b26f-a8fa-213f-1e3fffaf53d6
Content: Install Istio in Azure Kubernetes Service (AKS)
Content Source: articles/aks/istio-install.md
Service: container-service
GitHub Login: @paulbouwer
Microsoft Alias: pabouwer

assigned-to-author container-servicsvc doc-bug triaged

Source

ghost

All 9 comments

Thanks for the feedback! We are currently investigating and will update you shortly.

mimckitt on 17 Feb 2019

@pnkjtr I am able to reproduce the issue.
I think its better to open an issue with the istio.

@iainfoulds you comments please.

jakaruna-MSFT on 19 Feb 2019

Looks like secret is not included in the helm chart purposefully.
https://github.com/istio/istio/issues/9392

jakaruna-MSFT on 19 Feb 2019

@jakaruna-MSFT I am not the owner of this doc. @paulbouwer should be able to provide assistance.

iainfoulds on 19 Feb 2019

@paulbouwer Please add your comments.

jakaruna-MSFT on 20 Feb 2019

@pnkjtr - thanks for reporting this. Looks like there was a change in the Helm chart that has caused this.

@MicahMcKittrick-MSFT @jakaruna-MSFT @iainfoulds
I will have a look into this and update the doc.

paulbouwer on 4 Mar 2019

👍1

@pnkjtr @MicahMcKittrick-MSFT @jakaruna-MSFT @iainfoulds

So from Istio version 1.0.6 onwards, the Istio nested charts for Grafana and Kiali have removed the templates for rendering secrets. You, as the end user, are now required to add the secrets as a separate and out of band step.

This is documented in the Istio Chart README.md currently under the master branch.

Here are the relevant bits and example values, replicated for those reading this issue:

$ NAMESPACE=istio-system

Kiali

$ echo -n 'admin' | base64
YWRtaW4=
$ echo -n '1f2d1e2e67df' | base64
MWYyZDFlMmU2N2Rm
$ cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: kiali
  namespace: $NAMESPACE
  labels:
    app: kiali
type: Opaque
data:
  username: YWRtaW4=
  passphrase: MWYyZDFlMmU2N2Rm
EOF

Grafana

$ echo -n 'admin' | base64
YWRtaW4=
$ echo -n '1f2d1e2e67df' | base64
MWYyZDFlMmU2N2Rm
$ cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: grafana
  namespace: $NAMESPACE
  labels:
    app: grafana
type: Opaque
data:
  username: YWRtaW4=
  passphrase: MWYyZDFlMmU2N2Rm
EOF

I do not agree with this update to the Helm charts. You should be able to add the secrets via the Helm charts if you wish to, or reference existing secrets if you wish to do that - it should be about choice. This is creating friction. I will look to follow this up on the Istio repo.

In the interim, maybe the pragmatic approach is to add a note in the install docs here for customers wanting to look at versions of Istio from 1.0.6 and up to warn them of this new behaviour. It may be worth saving a larger update to the docs for Istio 1.1 which looks imminent.

Thoughts?

paulbouwer on 13 Mar 2019

@paulbouwer yeah I agree that makes sense. No use in doing multiple minor updates if a larger update might be needed shortly.

mimckitt on 13 Mar 2019

@MicahMcKittrick-MSFT - PR 69823 merged for this.

paulbouwer on 18 Mar 2019

👍1

Was this page helpful?

0 / 5 - 0 ratings