What steps did you take and what happened:
Following the default example from the website to deploy in a cluster
> kubectl apply -f https://projectcontour.io/quickstart/contour.yaml
What did you expect to happen:
Get contour deployed and all pods as Ready and Running
> kubectl get pods -n projectcontour -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
contour-98d599f9f-47s99 0/1 ContainerCreating 0 42m <none> fc3 <none> <none>
contour-98d599f9f-6bq9t 0/1 ContainerCreating 0 42m <none> fc4 <none> <none>
contour-certgen-v1.9.0-vh26m 0/1 Error 0 42m 10.17.3.24 fc4 <none> <none>
contour-certgen-v1.9.0-xv24n 0/1 Error 0 42m 10.17.1.51 fc2 <none> <none>
envoy-b27cj 0/2 Init:0/1 0 42m <none> fc3 <none> <none>
envoy-bhc86 0/2 Init:0/1 0 42m <none> fc1 <none> <none>
envoy-w2hcv 0/2 Init:0/1 0 42m <none> fc2 <none> <none>
envoy-wwb29 0/2 Init:0/1 0 42m <none> fc4 <none> <none>
Anything else you would like to add:
Here's the fully description of all pods for contour
> kubectl describe pods -n projectcontour
Name: contour-98d599f9f-47s99
Namespace: projectcontour
Priority: 0
Node: fc3/10.0.0.2
Start Time: Sun, 18 Oct 2020 12:43:18 +0200
Labels: app=contour
pod-template-hash=98d599f9f
Annotations: prometheus.io/port: 8000
prometheus.io/scrape: true
Status: Pending
IP:
IPs: <none>
Controlled By: ReplicaSet/contour-98d599f9f
Containers:
contour:
Container ID:
Image: docker.io/projectcontour/contour:v1.9.0
Image ID:
Ports: 8001/TCP, 8000/TCP
Host Ports: 0/TCP, 0/TCP
Command:
contour
Args:
serve
--incluster
--xds-address=0.0.0.0
--xds-port=8001
--envoy-service-http-port=80
--envoy-service-https-port=443
--contour-cafile=/certs/ca.crt
--contour-cert-file=/certs/tls.crt
--contour-key-file=/certs/tls.key
--config-path=/config/contour.yaml
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Liveness: http-get http://:8000/healthz delay=0s timeout=1s period=10s #success=1 #failure=3
Readiness: tcp-socket :8001 delay=15s timeout=1s period=10s #success=1 #failure=3
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
POD_NAME: contour-98d599f9f-47s99 (v1:metadata.name)
Mounts:
/certs from contourcert (ro)
/config from contour-config (ro)
/var/run/secrets/kubernetes.io/serviceaccount from contour-token-prnhw (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
contourcert:
Type: Secret (a volume populated by a Secret)
SecretName: contourcert
Optional: false
contour-config:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: contour
Optional: false
contour-token-prnhw:
Type: Secret (a volume populated by a Secret)
SecretName: contour-token-prnhw
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 43m default-scheduler Successfully assigned projectcontour/contour-98d599f9f-47s99 to fc3
Warning FailedMount 21m (x3 over 41m) kubelet, fc3 Unable to attach or mount volumes: unmounted volumes=[contourcert], unattached volumes=[contour-config contour-token-prnhw contourcert]: timed out waiting for the condition
Warning FailedMount 12m (x23 over 43m) kubelet, fc3 MountVolume.SetUp failed for volume "contourcert" : secret "contourcert" not found
Warning FailedMount 7m32s (x4 over 36m) kubelet, fc3 Unable to attach or mount volumes: unmounted volumes=[contourcert], unattached volumes=[contour-token-prnhw contourcert contour-config]: timed out waiting for the condition
Warning FailedMount 2m56s (x11 over 39m) kubelet, fc3 Unable to attach or mount volumes: unmounted volumes=[contourcert], unattached volumes=[contourcert contour-config contour-token-prnhw]: timed out waiting for the condition
Name: contour-98d599f9f-6bq9t
Namespace: projectcontour
Priority: 0
Node: fc4/10.0.0.3
Start Time: Sun, 18 Oct 2020 12:43:18 +0200
Labels: app=contour
pod-template-hash=98d599f9f
Annotations: prometheus.io/port: 8000
prometheus.io/scrape: true
Status: Pending
IP:
IPs: <none>
Controlled By: ReplicaSet/contour-98d599f9f
Containers:
contour:
Container ID:
Image: docker.io/projectcontour/contour:v1.9.0
Image ID:
Ports: 8001/TCP, 8000/TCP
Host Ports: 0/TCP, 0/TCP
Command:
contour
Args:
serve
--incluster
--xds-address=0.0.0.0
--xds-port=8001
--envoy-service-http-port=80
--envoy-service-https-port=443
--contour-cafile=/certs/ca.crt
--contour-cert-file=/certs/tls.crt
--contour-key-file=/certs/tls.key
--config-path=/config/contour.yaml
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Liveness: http-get http://:8000/healthz delay=0s timeout=1s period=10s #success=1 #failure=3
Readiness: tcp-socket :8001 delay=15s timeout=1s period=10s #success=1 #failure=3
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
POD_NAME: contour-98d599f9f-6bq9t (v1:metadata.name)
Mounts:
/certs from contourcert (ro)
/config from contour-config (ro)
/var/run/secrets/kubernetes.io/serviceaccount from contour-token-prnhw (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
contourcert:
Type: Secret (a volume populated by a Secret)
SecretName: contourcert
Optional: false
contour-config:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: contour
Optional: false
contour-token-prnhw:
Type: Secret (a volume populated by a Secret)
SecretName: contour-token-prnhw
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 43m default-scheduler Successfully assigned projectcontour/contour-98d599f9f-6bq9t to fc4
Warning FailedMount 21m (x5 over 41m) kubelet, fc4 Unable to attach or mount volumes: unmounted volumes=[contourcert], unattached volumes=[contourcert contour-config contour-token-prnhw]: timed out waiting for the condition
Warning FailedMount 12m (x23 over 43m) kubelet, fc4 MountVolume.SetUp failed for volume "contourcert" : secret "contourcert" not found
Warning FailedMount 7m32s (x3 over 34m) kubelet, fc4 Unable to attach or mount volumes: unmounted volumes=[contourcert], unattached volumes=[contour-config contour-token-prnhw contourcert]: timed out waiting for the condition
Warning FailedMount 2m59s (x6 over 36m) kubelet, fc4 Unable to attach or mount volumes: unmounted volumes=[contourcert], unattached volumes=[contour-token-prnhw contourcert contour-config]: timed out waiting for the condition
Name: contour-certgen-v1.9.0-vh26m
Namespace: projectcontour
Priority: 0
Node: fc4/10.0.0.3
Start Time: Sun, 18 Oct 2020 12:43:18 +0200
Labels: app=contour-certgen
controller-uid=b03c6999-f2dc-4f9a-b224-0621f7fc767f
job-name=contour-certgen-v1.9.0
Annotations: <none>
Status: Failed
IP: 10.17.3.24
IPs:
IP: 10.17.3.24
Controlled By: Job/contour-certgen-v1.9.0
Containers:
contour:
Container ID: docker://b8c3657350b67762fd9cb1f7e08280d0bfd5d8eeddb32da82568051f69eb59c5
Image: docker.io/projectcontour/contour:v1.9.0
Image ID: docker-pullable://projectcontour/contour@sha256:abbc4b4343f4741fb790bce58c7667b83e9a093548fa05940535934a99ca4769
Port: <none>
Host Port: <none>
Command:
contour
certgen
--kube
--incluster
--overwrite
--secrets-format=compact
--namespace=$(CONTOUR_NAMESPACE)
State: Terminated
Reason: Error
Exit Code: 1
Started: Sun, 18 Oct 2020 12:43:29 +0200
Finished: Sun, 18 Oct 2020 12:43:29 +0200
Ready: False
Restart Count: 0
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from contour-certgen-token-d5vmw (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
contour-certgen-token-d5vmw:
Type: Secret (a volume populated by a Secret)
SecretName: contour-certgen-token-d5vmw
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 43m default-scheduler Successfully assigned projectcontour/contour-certgen-v1.9.0-vh26m to fc4
Normal Pulling 43m kubelet, fc4 Pulling image "docker.io/projectcontour/contour:v1.9.0"
Normal Pulled 43m kubelet, fc4 Successfully pulled image "docker.io/projectcontour/contour:v1.9.0"
Normal Created 43m kubelet, fc4 Created container contour
Normal Started 43m kubelet, fc4 Started container contour
Name: contour-certgen-v1.9.0-xv24n
Namespace: projectcontour
Priority: 0
Node: fc2/10.0.0.4
Start Time: Sun, 18 Oct 2020 12:43:30 +0200
Labels: app=contour-certgen
controller-uid=b03c6999-f2dc-4f9a-b224-0621f7fc767f
job-name=contour-certgen-v1.9.0
Annotations: <none>
Status: Failed
IP: 10.17.1.51
IPs:
IP: 10.17.1.51
Controlled By: Job/contour-certgen-v1.9.0
Containers:
contour:
Container ID: docker://c19741d9f51945c3b6018daab3fe915edb7a3d2170117969762a73167e1b18e3
Image: docker.io/projectcontour/contour:v1.9.0
Image ID: docker-pullable://projectcontour/contour@sha256:abbc4b4343f4741fb790bce58c7667b83e9a093548fa05940535934a99ca4769
Port: <none>
Host Port: <none>
Command:
contour
certgen
--kube
--incluster
--overwrite
--secrets-format=compact
--namespace=$(CONTOUR_NAMESPACE)
State: Terminated
Reason: Error
Exit Code: 1
Started: Sun, 18 Oct 2020 12:43:40 +0200
Finished: Sun, 18 Oct 2020 12:43:40 +0200
Ready: False
Restart Count: 0
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from contour-certgen-token-d5vmw (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
contour-certgen-token-d5vmw:
Type: Secret (a volume populated by a Secret)
SecretName: contour-certgen-token-d5vmw
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 43m default-scheduler Successfully assigned projectcontour/contour-certgen-v1.9.0-xv24n to fc2
Normal Pulling 43m kubelet, fc2 Pulling image "docker.io/projectcontour/contour:v1.9.0"
Normal Pulled 43m kubelet, fc2 Successfully pulled image "docker.io/projectcontour/contour:v1.9.0"
Normal Created 43m kubelet, fc2 Created container contour
Normal Started 43m kubelet, fc2 Started container contour
Name: envoy-b27cj
Namespace: projectcontour
Priority: 0
Node: fc3/10.0.0.2
Start Time: Sun, 18 Oct 2020 12:43:18 +0200
Labels: app=envoy
controller-revision-hash=5cd7b76f74
pod-template-generation=1
Annotations: prometheus.io/path: /stats/prometheus
prometheus.io/port: 8002
prometheus.io/scrape: true
Status: Pending
IP:
IPs: <none>
Controlled By: DaemonSet/envoy
Init Containers:
envoy-initconfig:
Container ID:
Image: docker.io/projectcontour/contour:v1.9.0
Image ID:
Port: <none>
Host Port: <none>
Command:
contour
Args:
bootstrap
/config/envoy.json
--xds-address=contour
--xds-port=8001
--resources-dir=/config/resources
--envoy-cafile=/certs/ca.crt
--envoy-cert-file=/certs/tls.crt
--envoy-key-file=/certs/tls.key
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
Mounts:
/certs from envoycert (ro)
/config from envoy-config (rw)
Containers:
shutdown-manager:
Container ID:
Image: docker.io/projectcontour/contour:v1.9.0
Image ID:
Port: <none>
Host Port: <none>
Command:
/bin/contour
Args:
envoy
shutdown-manager
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Liveness: http-get http://:8090/healthz delay=3s timeout=1s period=10s #success=1 #failure=3
Environment: <none>
Mounts: <none>
envoy:
Container ID:
Image: docker.io/envoyproxy/envoy:v1.15.1
Image ID:
Ports: 80/TCP, 443/TCP
Host Ports: 80/TCP, 443/TCP
Command:
envoy
Args:
-c
/config/envoy.json
--service-cluster $(CONTOUR_NAMESPACE)
--service-node $(ENVOY_POD_NAME)
--log-level info
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Readiness: http-get http://:8002/ready delay=3s timeout=1s period=4s #success=1 #failure=3
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
ENVOY_POD_NAME: envoy-b27cj (v1:metadata.name)
Mounts:
/certs from envoycert (rw)
/config from envoy-config (rw)
Conditions:
Type Status
Initialized False
Ready False
ContainersReady False
PodScheduled True
Volumes:
envoy-config:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium:
SizeLimit: <unset>
envoycert:
Type: Secret (a volume populated by a Secret)
SecretName: envoycert
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/disk-pressure:NoSchedule
node.kubernetes.io/memory-pressure:NoSchedule
node.kubernetes.io/not-ready:NoExecute
node.kubernetes.io/pid-pressure:NoSchedule
node.kubernetes.io/unreachable:NoExecute
node.kubernetes.io/unschedulable:NoSchedule
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 43m default-scheduler Successfully assigned projectcontour/envoy-b27cj to fc3
Warning FailedMount 21m (x8 over 41m) kubelet, fc3 Unable to attach or mount volumes: unmounted volumes=[envoycert], unattached volumes=[envoy-config envoycert]: timed out waiting for the condition
Warning FailedMount 12m (x23 over 43m) kubelet, fc3 MountVolume.SetUp failed for volume "envoycert" : secret "envoycert" not found
Warning FailedMount 2m55s (x4 over 30m) kubelet, fc3 Unable to attach or mount volumes: unmounted volumes=[envoycert], unattached volumes=[envoycert envoy-config]: timed out waiting for the condition
Name: envoy-bhc86
Namespace: projectcontour
Priority: 0
Node: fc1/10.0.0.1
Start Time: Sun, 18 Oct 2020 12:43:18 +0200
Labels: app=envoy
controller-revision-hash=5cd7b76f74
pod-template-generation=1
Annotations: prometheus.io/path: /stats/prometheus
prometheus.io/port: 8002
prometheus.io/scrape: true
Status: Pending
IP:
IPs: <none>
Controlled By: DaemonSet/envoy
Init Containers:
envoy-initconfig:
Container ID:
Image: docker.io/projectcontour/contour:v1.9.0
Image ID:
Port: <none>
Host Port: <none>
Command:
contour
Args:
bootstrap
/config/envoy.json
--xds-address=contour
--xds-port=8001
--resources-dir=/config/resources
--envoy-cafile=/certs/ca.crt
--envoy-cert-file=/certs/tls.crt
--envoy-key-file=/certs/tls.key
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
Mounts:
/certs from envoycert (ro)
/config from envoy-config (rw)
Containers:
shutdown-manager:
Container ID:
Image: docker.io/projectcontour/contour:v1.9.0
Image ID:
Port: <none>
Host Port: <none>
Command:
/bin/contour
Args:
envoy
shutdown-manager
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Liveness: http-get http://:8090/healthz delay=3s timeout=1s period=10s #success=1 #failure=3
Environment: <none>
Mounts: <none>
envoy:
Container ID:
Image: docker.io/envoyproxy/envoy:v1.15.1
Image ID:
Ports: 80/TCP, 443/TCP
Host Ports: 80/TCP, 443/TCP
Command:
envoy
Args:
-c
/config/envoy.json
--service-cluster $(CONTOUR_NAMESPACE)
--service-node $(ENVOY_POD_NAME)
--log-level info
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Readiness: http-get http://:8002/ready delay=3s timeout=1s period=4s #success=1 #failure=3
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
ENVOY_POD_NAME: envoy-bhc86 (v1:metadata.name)
Mounts:
/certs from envoycert (rw)
/config from envoy-config (rw)
Conditions:
Type Status
Initialized False
Ready False
ContainersReady False
PodScheduled True
Volumes:
envoy-config:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium:
SizeLimit: <unset>
envoycert:
Type: Secret (a volume populated by a Secret)
SecretName: envoycert
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/disk-pressure:NoSchedule
node.kubernetes.io/memory-pressure:NoSchedule
node.kubernetes.io/not-ready:NoExecute
node.kubernetes.io/pid-pressure:NoSchedule
node.kubernetes.io/unreachable:NoExecute
node.kubernetes.io/unschedulable:NoSchedule
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 43m default-scheduler Successfully assigned projectcontour/envoy-bhc86 to fc1
Warning FailedMount 20m (x2 over 25m) kubelet, fc1 Unable to attach or mount volumes: unmounted volumes=[envoycert], unattached volumes=[envoycert envoy-config]: timed out waiting for the condition
Warning FailedMount 12m (x23 over 43m) kubelet, fc1 MountVolume.SetUp failed for volume "envoycert" : secret "envoycert" not found
Warning FailedMount 2m51s (x16 over 41m) kubelet, fc1 Unable to attach or mount volumes: unmounted volumes=[envoycert], unattached volumes=[envoy-config envoycert]: timed out waiting for the condition
Name: envoy-w2hcv
Namespace: projectcontour
Priority: 0
Node: fc2/10.0.0.4
Start Time: Sun, 18 Oct 2020 12:43:18 +0200
Labels: app=envoy
controller-revision-hash=5cd7b76f74
pod-template-generation=1
Annotations: prometheus.io/path: /stats/prometheus
prometheus.io/port: 8002
prometheus.io/scrape: true
Status: Pending
IP:
IPs: <none>
Controlled By: DaemonSet/envoy
Init Containers:
envoy-initconfig:
Container ID:
Image: docker.io/projectcontour/contour:v1.9.0
Image ID:
Port: <none>
Host Port: <none>
Command:
contour
Args:
bootstrap
/config/envoy.json
--xds-address=contour
--xds-port=8001
--resources-dir=/config/resources
--envoy-cafile=/certs/ca.crt
--envoy-cert-file=/certs/tls.crt
--envoy-key-file=/certs/tls.key
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
Mounts:
/certs from envoycert (ro)
/config from envoy-config (rw)
Containers:
shutdown-manager:
Container ID:
Image: docker.io/projectcontour/contour:v1.9.0
Image ID:
Port: <none>
Host Port: <none>
Command:
/bin/contour
Args:
envoy
shutdown-manager
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Liveness: http-get http://:8090/healthz delay=3s timeout=1s period=10s #success=1 #failure=3
Environment: <none>
Mounts: <none>
envoy:
Container ID:
Image: docker.io/envoyproxy/envoy:v1.15.1
Image ID:
Ports: 80/TCP, 443/TCP
Host Ports: 80/TCP, 443/TCP
Command:
envoy
Args:
-c
/config/envoy.json
--service-cluster $(CONTOUR_NAMESPACE)
--service-node $(ENVOY_POD_NAME)
--log-level info
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Readiness: http-get http://:8002/ready delay=3s timeout=1s period=4s #success=1 #failure=3
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
ENVOY_POD_NAME: envoy-w2hcv (v1:metadata.name)
Mounts:
/certs from envoycert (rw)
/config from envoy-config (rw)
Conditions:
Type Status
Initialized False
Ready False
ContainersReady False
PodScheduled True
Volumes:
envoy-config:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium:
SizeLimit: <unset>
envoycert:
Type: Secret (a volume populated by a Secret)
SecretName: envoycert
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/disk-pressure:NoSchedule
node.kubernetes.io/memory-pressure:NoSchedule
node.kubernetes.io/not-ready:NoExecute
node.kubernetes.io/pid-pressure:NoSchedule
node.kubernetes.io/unreachable:NoExecute
node.kubernetes.io/unschedulable:NoSchedule
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 43m default-scheduler Successfully assigned projectcontour/envoy-w2hcv to fc2
Warning FailedMount 27m (x3 over 39m) kubelet, fc2 Unable to attach or mount volumes: unmounted volumes=[envoycert], unattached volumes=[envoycert envoy-config]: timed out waiting for the condition
Warning FailedMount 12m (x23 over 43m) kubelet, fc2 MountVolume.SetUp failed for volume "envoycert" : secret "envoycert" not found
Warning FailedMount 3m (x14 over 41m) kubelet, fc2 Unable to attach or mount volumes: unmounted volumes=[envoycert], unattached volumes=[envoy-config envoycert]: timed out waiting for the condition
Name: envoy-wwb29
Namespace: projectcontour
Priority: 0
Node: fc4/10.0.0.3
Start Time: Sun, 18 Oct 2020 12:43:18 +0200
Labels: app=envoy
controller-revision-hash=5cd7b76f74
pod-template-generation=1
Annotations: prometheus.io/path: /stats/prometheus
prometheus.io/port: 8002
prometheus.io/scrape: true
Status: Pending
IP:
IPs: <none>
Controlled By: DaemonSet/envoy
Init Containers:
envoy-initconfig:
Container ID:
Image: docker.io/projectcontour/contour:v1.9.0
Image ID:
Port: <none>
Host Port: <none>
Command:
contour
Args:
bootstrap
/config/envoy.json
--xds-address=contour
--xds-port=8001
--resources-dir=/config/resources
--envoy-cafile=/certs/ca.crt
--envoy-cert-file=/certs/tls.crt
--envoy-key-file=/certs/tls.key
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
Mounts:
/certs from envoycert (ro)
/config from envoy-config (rw)
Containers:
shutdown-manager:
Container ID:
Image: docker.io/projectcontour/contour:v1.9.0
Image ID:
Port: <none>
Host Port: <none>
Command:
/bin/contour
Args:
envoy
shutdown-manager
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Liveness: http-get http://:8090/healthz delay=3s timeout=1s period=10s #success=1 #failure=3
Environment: <none>
Mounts: <none>
envoy:
Container ID:
Image: docker.io/envoyproxy/envoy:v1.15.1
Image ID:
Ports: 80/TCP, 443/TCP
Host Ports: 80/TCP, 443/TCP
Command:
envoy
Args:
-c
/config/envoy.json
--service-cluster $(CONTOUR_NAMESPACE)
--service-node $(ENVOY_POD_NAME)
--log-level info
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Readiness: http-get http://:8002/ready delay=3s timeout=1s period=4s #success=1 #failure=3
Environment:
CONTOUR_NAMESPACE: projectcontour (v1:metadata.namespace)
ENVOY_POD_NAME: envoy-wwb29 (v1:metadata.name)
Mounts:
/certs from envoycert (rw)
/config from envoy-config (rw)
Conditions:
Type Status
Initialized False
Ready False
ContainersReady False
PodScheduled True
Volumes:
envoy-config:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium:
SizeLimit: <unset>
envoycert:
Type: Secret (a volume populated by a Secret)
SecretName: envoycert
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/disk-pressure:NoSchedule
node.kubernetes.io/memory-pressure:NoSchedule
node.kubernetes.io/not-ready:NoExecute
node.kubernetes.io/pid-pressure:NoSchedule
node.kubernetes.io/unreachable:NoExecute
node.kubernetes.io/unschedulable:NoSchedule
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 43m default-scheduler Successfully assigned projectcontour/envoy-wwb29 to fc4
Warning FailedMount 12m (x23 over 43m) kubelet, fc4 MountVolume.SetUp failed for volume "envoycert" : secret "envoycert" not found
Warning FailedMount 7m27s (x13 over 39m) kubelet, fc4 Unable to attach or mount volumes: unmounted volumes=[envoycert], unattached volumes=[envoy-config envoycert]: timed out waiting for the condition
Warning FailedMount 2m56s (x4 over 41m) kubelet, fc4 Unable to attach or mount volumes: unmounted volumes=[envoycert], unattached volumes=[envoycert envoy-config]: timed out waiting for the condition
Environment:
kubectl version):Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.3", GitCommit:"2e7996e3e2712684bc73f0dec0200d64eec7fe40", GitTreeState:"clean", BuildDate:"2020-05-20T12:52:00Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/arm"}
Server Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.3", GitCommit:"2e7996e3e2712684bc73f0dec0200d64eec7fe40", GitTreeState:"clean", BuildDate:"2020-05-20T12:43:34Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/arm"}
> sudo lshw -short
H/W path Device Class Description
======================================================
system Raspberry Pi 4 Model B Rev 1.1
/0 bus Motherboard
/0/1 processor cpu
/0/2 processor cpu
/0/3 processor cpu
/0/4 processor cpu
/0/5 memory 3827MiB System memory
/0/0 bridge Broadcom Limited
/0/0/0 bus VL805 USB 3.0 Host Controller
/0/0/0/0 usb1 bus xHCI Host Controller
/0/0/0/0/1 bus USB2.0 Hub
/0/0/0/1 usb2 bus xHCI Host Controller
/0/0/0/1/1 scsi0 storage SABRENT
/0/0/0/1/1/0.0.0 /dev/sda volume 223GiB EXT4 volume
/1 eth0 network Ethernet interface
/2 veth18c6832f network Ethernet interface
/3 vetha7e4b18b network Ethernet interface
/4 flannel.1 network Ethernet interface
/5 wlan0 network Wireless interface
/6 docker0 network Ethernet interface
/7 cni0 network Ethernet interface
/etc/os-release):PRETTY_NAME="Raspbian GNU/Linux 10 (buster)"
NAME="Raspbian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"
Duplicate of #2868
Thanks for the detailed bug report @fals! We are currently working on adding an ARM build (see #3031), and that should be available in the next Contour release. If you are able to validate that PR in your test environment, we would love the feedback.
thanks!
@fals FYI the above referenced PR has merged, so projectcontour/contour:main is now multi-arch and includes linux/arm64. It'd be awesome if you could test it out! Assuming all's well, Contour 1.10 will include multi-arch support.
Hey @skriss, I'm more than happy to test it out. Where can I find the new deployment file? Should I just change the existing one for v1.9.0?
Hey @skriss, I'm more than happy to test it out. Where can I find the new deployment file? Should I just change the existing one for v1.9.0?
https://github.com/projectcontour/contour/blob/main/examples/render/contour.yaml should do the trick, it'll point to the main contour image and also has been updated to Envoy 1.16, which as I understand now ships multi-arch support as well.
@skriss I've tried the deployment you mentioned, I have a similar failure. Should I change the image from docker.io/projectcontour/contour:main to docker.io/projectcontour/contour:arm64 in the deployment?
No, it should work without any change to the tag. The first thing I'd do is set the image pull policies to Always to ensure you're not getting a cached image -- there are a few:
Also, just to confirm, arm64 is the right architecture for your environment, right?
@skriss if I run the following command in my master node that is a raspberry Pi 4B, I have as result:
> kubectl describe node fc1 | grep -i architecture
Architecture: arm
@skriss just confirmed, I deployed the classic kuard image, I can only run the arm not arm64
kubectl run kuard --image=gcr.io/kuar-demo/kuard-arm:1 only this one works
Ah, gotcha. So, we could add arm to the list of archs we build Contour for, but the problem is that Envoy is only built for amd64 and arm64 (see the 1.16 image). So you'd be able to run Contour on your cluster, but not Envoy, which wouldn't be very useful.
@skriss I'm going setup as arm64 and I come back to you when it is done.
I just setup my RPI4 with ESXi. Then deployed an Ubuntu 20.04 VM which I then joined to my existing kubeadm cluster. After that I deployed Contour/Envoy on the arm ESXi node by using nodeSelectors targeting kubernetes.io/arch: arm64 and everything worked! =)
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
contour-6d98688f47-9rn2p 1/1 Running 0 13m 192.168.73.130 armvm01 <none> <none>
envoy-bbg2p 2/2 Running 0 3m4s 192.168.73.134 armvm01 <none> <none>