Known issues for 1.0.0-beta-RC

[deviantony]

This is a thread to reference known issues with the current development build for the 1.0.0-beta release.

• ArgoCD authentication issue: Known issues for 1.0.0-beta-RC #28 (comment)
• Lens support is broken: Known issues for 1.0.0-beta-RC #28 (comment)
• Unable to mount configmaps and secrets in some containers: Known issues for 1.0.0-beta-RC #28 (comment)
• kubectl get deployments -A is not working: Known issues for 1.0.0-beta-RC #28 (comment)
• Portainer agent won't start when using the "volume" backend store: Known issues for 1.0.0-beta-RC #28 (comment)
• Pod summary in Lens is reporting a pending status: Known issues for 1.0.0-beta-RC #28 (comment)
• Deployments are not shown in Lens: Known issues for 1.0.0-beta-RC #28 (comment)
• kubectl get pvc -A is not working: Known issues for 1.0.0-beta-RC #28 (comment)
• Lens is not showing PVs, PVCs, and SCs Known issues for 1.0.0-beta-RC #28 (comment)
• PVC and configmap listing is not working using the volume backend store: Known issues for 1.0.0-beta-RC #28 (comment)

[deviantony]

• This issue has been resolved, see Known issues for 1.0.0-beta-RC #28 (comment)

ArgoCD returns an issue with authentication:

Unable to create application: error while validating and normalizing app: error validating the repo: error getting k8s server version: the server has asked for the client to provide credentials

[stevensbkang]

ArgoCD returns an issue with authentication:

Unable to create application: error while validating and normalizing app: error validating the repo: error getting k8s server version: the server has asked for the client to provide credentials

This is now fixed by giving another value, bearerToken, in secret. This will require our doc update.

[deviantony]

• Fixed via fix: deployment and pod status for Lens #53

It seems that Lens support is currently broken, Deployments are not shown.

[deviantony]

• This issue has been resolved by fix: fix an issue when mounting configmaps and secrets #47

Mounting configmaps is broken.

When using the manifest below, the following errors are raised:

• When using the disk store

2023-09-04T14:50:04.718Z	ERROR	controller/controller.go:190	unable to create deployment	"error": "Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting \"/var/lib/k2d/configmaps/default-influxdb-config-k2dcm-influxdb.conf\" to rootfs at \"/etc/influxdb/influxdb.conf/influxdb.conf\": open o_path procfd: open /var/lib/docker/overlay2/06d16a1b89f7c6fb1ce2bd3e314772cae9bd5dc03abbcfc5fb0b9d3f69dae35b/merged/etc/influxdb/influxdb.conf/influxdb.conf: not a directory: unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type", "request_id": "fd276dc7-918c-41fd-b7a2-93bbd46cc202"}
github.com/portainer/k2d/internal/controller.(*OperationController).processOperation
	/home/runner/work/k2d/k2d/internal/controller/controller.go:190
github.com/portainer/k2d/internal/controller.(*OperationController).processPriorityOperations
	/home/runner/work/k2d/k2d/internal/controller/controller.go:165
github.com/portainer/k2d/internal/controller.(*OperationController).processOperationQueue
	/home/runner/work/k2d/k2d/internal/controller/controller.go:154

• When using the volume store

2023-09-04T14:49:51.205Z	ERROR	controller/controller.go:190	unable to create deployment	"error": "Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting \"/var/lib/docker/volumes/configmap-default-influxdb-config/_data\" to rootfs at \"/etc/influxdb/influxdb.conf\": mount /var/lib/docker/volumes/configmap-default-influxdb-config/_data:/etc/influxdb/influxdb.conf (via /proc/self/fd/6), flags: 0x5000: not a directory: unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type", "request_id": "b83093f4-4f8b-4312-b730-e6538b9ae303"}
github.com/portainer/k2d/internal/controller.(*OperationController).processOperation
	/home/runner/work/k2d/k2d/internal/controller/controller.go:190
github.com/portainer/k2d/internal/controller.(*OperationController).processPriorityOperations
	/home/runner/work/k2d/k2d/internal/controller/controller.go:165
github.com/portainer/k2d/internal/controller.(*OperationController).processOperationQueue
	/home/runner/work/k2d/k2d/internal/controller/controller.go:154

Manifests used for testing:

influxdb.yml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: influxdb-deployment
spec:
  selector:
    matchLabels:
      app: influxdb
  minReadySeconds: 5
  template:
    metadata:
      labels:
        app: influxdb
    spec:
      containers:
        - image: influxdb:1.7.4
          name: influxdb
          ports:
            - containerPort: 8086
          volumeMounts:
            - mountPath: /var/lib/influxdb
              name: influxdb-data
            - mountPath: /etc/influxdb/influxdb.conf
              name: influxdb-config
              subPath: influxdb.conf
              readOnly: true
          envFrom:
            - secretRef:
                name: influxdb-secrets
      volumes:
        - name: influxdb-data
          hostPath:
            path: /var/lib/k2d/data/influxdb-data
        - name: influxdb-config
          configMap:
            name: influxdb-config

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: influxdb-config
data:
  influxdb.conf: |+
    reporting-disabled = false
    bind-address = "127.0.0.1:8088"

    [meta]
      dir = "/var/lib/influxdb/meta"
      retention-autocreate = true
      logging-enabled = true 

---
apiVersion: v1  
  
kind: Secret  
metadata:  
  name: influxdb-secrets  
type: Opaque  
stringData:  
  INFLUXDB_CONFIG_PATH: /etc/influxdb/influxdb.conf  
  INFLUXDB_ADMIN_USER: admin  
  INFLUXDB_ADMIN_PASSWORD: kraken  
  INFLUXDB_DB: gatling  
  INFLUXDB_USER: user  
  INFLUXDB_USER_PASSWORD: kraken

influxdb-2.yml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: influxdb-deployment
spec:
  selector:
    matchLabels:
      app: influxdb
  minReadySeconds: 5
  template:
    metadata:
      labels:
        app: influxdb
    spec:
      containers:
        - image: influxdb:1.7.4
          name: influxdb
          ports:
            - containerPort: 8086
          volumeMounts:
            - mountPath: /var/lib/influxdb
              name: influxdb-data
            - mountPath: /etc/influxdb/influxdb.conf
              name: influxdb-config
              subPath: influxdb.conf
              readOnly: true
          envFrom:
            - secretRef:
                name: influxdb-secrets
      volumes:
        - name: influxdb-data
          persistentVolumeClaim:
            claimName: influxdb
        - name: influxdb-config
          configMap:
            name: influxdb-config
---
kind: "PersistentVolumeClaim"
apiVersion: "v1"
metadata:
  name: influxdb
spec:
  accessModes:
    - "ReadWriteOnce"
  resources:
    requests:
      storage: "10Gi"
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: influxdb-config
data:
  influxdb.conf: |+
    reporting-disabled = false
    bind-address = "127.0.0.1:8088"
    [meta]
      dir = "/var/lib/influxdb/meta"
      retention-autocreate = true
      logging-enabled = true
    [data]
      dir = "/var/lib/influxdb/data"
      index-version = "inmem"
      wal-dir = "/var/lib/influxdb/wal"
      wal-fsync-delay = "0s"
      query-log-enabled = true
      cache-max-memory-size = 1073741824
      cache-snapshot-memory-size = 26214400
      cache-snapshot-write-cold-duration = "10m0s"
      compact-full-write-cold-duration = "4h0m0s"
      max-series-per-database = 1000000
      max-values-per-tag = 100000
      max-concurrent-compactions = 0
      max-index-log-file-size = 1048576
      trace-logging-enabled = false
      tsm-use-madv-willneed = false
    [coordinator]
      write-timeout = "10s"
      max-concurrent-queries = 0
      query-timeout = "0s"
      log-queries-after = "0s"
      max-select-point = 0
      max-select-series = 0
      max-select-buckets = 0
    [retention]
      enabled = true
      check-interval = "30m0s"
    [shard-precreation]
      enabled = true
      check-interval = "10m0s"
      advance-period = "30m0s"
    [monitor]
      store-enabled = true
      store-database = "_internal"
      store-interval = "10s"
    [subscriber]
      enabled = true
      http-timeout = "30s"
      insecure-skip-verify = false
      ca-certs = ""
      write-concurrency = 40
      write-buffer-size = 1000
    [http]
      enabled = true
      bind-address = ":8086"
      auth-enabled = true
      log-enabled = true
      suppress-write-log = false
      write-tracing = false
      pprof-enabled = true
      debug-pprof-enabled = false
      https-enabled = false
      https-certificate = "/etc/ssl/influxdb.pem"
      https-private-key = ""
      max-row-limit = 0
      max-connection-limit = 0
      shared-secret = ""
      realm = "InfluxDB"
      unix-socket-enabled = false
      unix-socket-permissions = "0777"
      bind-socket = "/var/run/influxdb.sock"
      max-body-size = 25000000
      access-log-path = ""
      max-concurrent-write-limit = 0
      max-enqueued-write-limit = 0
      enqueued-write-timeout = 30000000000
    [logging]
      format = "auto"
      level = "info"
      suppress-logo = false
    [ifql]
      enabled = false
      log-enabled = true
      bind-address = ":8082"
    [[graphite]]
      enabled = false
      bind-address = ":2003"
      database = "gatling"
      retention-policy = ""
      protocol = "tcp"
      batch-size = 5000
      batch-pending = 10
      batch-timeout = "1s"
      consistency-level = "one"
      separator = "."
      udp-read-buffer = 0
      templates = [
        "gatling.*.*.*.*.*.* measurement.test.injector.simulation.request.status.field",
        "gatling.*.*.*.users.*.* measurement.test.injector.simulation.measurement.request.field"
      ]
    [[collectd]]
      enabled = false
      bind-address = ":25826"
      database = "collectd"
      retention-policy = ""
      batch-size = 5000
      batch-pending = 10
      batch-timeout = "10s"
      read-buffer = 0
      typesdb = "/usr/share/collectd/types.db"
      security-level = "none"
      auth-file = "/etc/collectd/auth_file"
      parse-multivalue-plugin = "split"
    [[opentsdb]]
      enabled = false
      bind-address = ":4242"
      database = "opentsdb"
      retention-policy = ""
      consistency-level = "one"
      tls-enabled = false
      certificate = "/etc/ssl/influxdb.pem"
      batch-size = 1000
      batch-pending = 5
      batch-timeout = "1s"
      log-point-errors = true
    [[udp]]
      enabled = false
      bind-address = ":8089"
      database = "udp"
      retention-policy = ""
      batch-size = 5000
      batch-pending = 10
      read-buffer = 0
      batch-timeout = "1s"
      precision = ""
    [continuous_queries]
      log-enabled = true
      enabled = true
      query-stats-enabled = false
      run-interval = "1s"
    [tls]
      min-version = ""
      max-version = ""
---
apiVersion: v1
kind: Secret
metadata:
  name: influxdb-secrets
type: Opaque
stringData:
  INFLUXDB_CONFIG_PATH: /etc/influxdb/influxdb.conf  
  INFLUXDB_ADMIN_USER: admin  
  INFLUXDB_ADMIN_PASSWORD: kraken  
  INFLUXDB_DB: gatling  
  INFLUXDB_USER: user  
  INFLUXDB_USER_PASSWORD: kraken

[deviantony]

• Fixed by fix: fix an issue when listing deployments #49

The -A flag fails to display deployments across all namespaces:

root@docker:/# k get deployments
NAME                  READY   UP-TO-DATE   AVAILABLE   AGE
node-red              1/1     1            1           21s
app-deployment        1/3     1            1           23s
influxdb-deployment   1/1     1            1           26s

root@docker:/# k get deployments -A
No resources found

[deviantony]

• Fixed by fix: fix an issue preventing the edge agent from starting #50

Deploying the async Edge agent automatically when starting k2d fails with the following error when using the volume backend store:

2023/09/05 01:20PM INF github.com/portainer/agent/cmd/agent/main.go:166 > agent running on Kubernetes platform |
2023/09/05 01:20PM FTL github.com/portainer/agent/cmd/agent/main.go:170 > unable to create Kubernetes client | error="read /var/run/secrets/kubernetes.io/serviceaccount/token: is a directory"

[deviantony]

• Fixed by fix: deployment and pod status for Lens #53

Pod summary in Lens is reporting a pending a status for all pods:

[stevensbkang]

• Fixed via fix: fix an issue when displaying pv, pvc and sc #54

kubectl get pvc -A does not work:

(⎈|k2d:N/A)➜  k2d (feat/argo) k get pvc -A                                                                                                                            [11:29:46]  ✭
Error from server (InternalError): an error on the server ("unable to get table: unable to list persistent volume claim: unable to get persistent volume claim: unable to get configmap: resource not found") has prevented the request from succeeding (get persistentvolumeclaims)

[stevensbkang]

• Fixed via fix: fix an issue when displaying pv, pvc and sc #54

Lens is not showing PVs, PVCs, and Storage Classes

[deviantony]

• Fixed via fix: review label usage for pvc and volume association #67

PVC are not reported by kubectl get pvc or kubectl get pvc -A when using the volume backend store.

The system configmaps are also not located in the correct namespace.