deckhouse icon indicating copy to clipboard operation
deckhouse copied to clipboard
verified publisher icon deckhouse

Can't edit kube-dns ModuleConfig

Open alex123012 opened this issue 1 year ago • 0 comments

Preflight Checklist

  • [X] I agree to follow the Code of Conduct that this project adheres to.
  • [X] I have searched the issue tracker for an issue that matches the one I want to file, without success.

Version

v1.60.0

Expected Behavior

Ability to edit mc of kube-dns module

Actual Behavior

After deckhouse update to v1.60.0 - i can't edit kube-dns ModuleConfig because of validating webhook. I think, the issue is with this MR: https://github.com/deckhouse/deckhouse/pull/8107 (here and here)

kubectl patch --type=merge -p '{"metadata": {"annotations": {"meta.helm.sh/release-name": "cluster-resources", "meta.helm.sh/release-namespace": "cluster-resources"}}}' ModuleConfig/kube-dns
Error from server: admission webhook "clusterdomainaliases-policy.deckhouse.io" denied the request: Hook failed

My MC:

apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  creationTimestamp: "2024-05-23T21:36:13Z"
  generation: 1
  name: kube-dns
  resourceVersion: "8244"
  uid: 7aa95968-66b3-4941-8fe0-752c541b0a7c
spec:
  enabled: true
status:
  message: ""
  version: "1"

Steps To Reproduce

No response

Additional Information

This is a fresh cluster with minimal bundle installed on 24.05.2024. The kube-dns module was enabled by command:

kubectl exec -ti deploy/deckhouse -n d8-system -- deckhouse-controller module enable kube-dns

Logs

time="2024-05-24T21:07:50Z" level=info msg="AdmissionResponse from hook: AdmissionResponse(allowed=true)" binding=publicdomaintemplate-policy.deckhouse.io event=kubernetesValidating hook=002-deckhouse/webhooks/validating/public-domain-template queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="Hook executed successfully" binding=publicdomaintemplate-policy.deckhouse.io event=kubernetesValidating hook=002-deckhouse/webhooks/validating/public-domain-template queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg=complete http_method=POST operator.component=admissionWebhook resp_bytes_length=134 resp_elapsed_ms=600100 resp_status=200 uri="/hooks/publicdomaintemplate-policy-deckhouse-io?timeout=10s"
time="2024-05-24T21:07:50Z" level=info msg="AdmissionResponse from hook: AdmissionResponse(allowed=true)" binding=disable-sds-drbd-module.deckhouse.io event=kubernetesValidating hook=002-deckhouse/webhooks/validating/disable-sds-drbd-module-hook queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="Hook executed successfully" binding=disable-sds-drbd-module.deckhouse.io event=kubernetesValidating hook=002-deckhouse/webhooks/validating/disable-sds-drbd-module-hook queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg=complete http_method=POST operator.component=admissionWebhook resp_bytes_length=134 resp_elapsed_ms=760800 resp_status=200 uri="/hooks/disable-sds-drbd-module-deckhouse-io?timeout=10s"
time="2024-05-24T21:07:50Z" level=info msg="jq: error (at <stdin>:175): Cannot iterate over null (null)" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="Traceback (most recent call last):" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/hooks/042-kube-dns/webhooks/validating/cluster-domain-alias\", line 69, in main" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    hook::run \"$@\"" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/frameworks/shell/hook.sh\", line 17, in hook::run" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    hook::_run_first_available_handler \"${HANDLERS}\"" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/frameworks/shell/hook.sh\", line 73, in hook::_run_first_available_handler" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    ($handler) # brackets are to run handler as a subprocess" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/hooks/042-kube-dns/webhooks/validating/cluster-domain-alias\", line 53, in __main__" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    clusterDomainAliases=$(context::jq -r '.review.request.object.spec.settings.clusterDomainAliases[]')" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/frameworks/shell/context.sh\", line 9, in context::jq" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    context::global::jq '.['\"${BINDING_CONTEXT_CURRENT_INDEX}\"']' | jq \"$@\"" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="Exiting with status 5" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="Traceback (most recent call last):" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/hooks/042-kube-dns/webhooks/validating/cluster-domain-alias\", line 69, in main" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    hook::run \"$@\"" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/frameworks/shell/hook.sh\", line 17, in hook::run" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    hook::_run_first_available_handler \"${HANDLERS}\"" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/frameworks/shell/hook.sh\", line 73, in hook::_run_first_available_handler" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    ($handler) # brackets are to run handler as a subprocess" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/hooks/042-kube-dns/webhooks/validating/cluster-domain-alias\", line 53, in __main__" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    clusterDomainAliases=$(context::jq -r '.review.request.object.spec.settings.clusterDomainAliases[]')" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="Exiting with status 5" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="Traceback (most recent call last):" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/hooks/042-kube-dns/webhooks/validating/cluster-domain-alias\", line 69, in main" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    hook::run \"$@\"" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/frameworks/shell/hook.sh\", line 17, in hook::run" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    hook::_run_first_available_handler \"${HANDLERS}\"" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="  File \"/frameworks/shell/hook.sh\", line 71, in hook::_run_first_available_handler" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="    for handler in ${HANDLERS}; do" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg="Exiting with status 5" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias output=stderr queue= task=HookRun
time="2024-05-24T21:07:50Z" level=error msg="Hook failed. Will retry after delay. Failed count is 1. Error: 042-kube-dns/webhooks/validating/cluster-domain-alias FAILED: exit status 5" binding=clusterdomainaliases-policy.deckhouse.io event=kubernetesValidating hook=042-kube-dns/webhooks/validating/cluster-domain-alias queue= task=HookRun
time="2024-05-24T21:07:50Z" level=info msg=complete http_method=POST operator.component=admissionWebhook resp_bytes_length=195 resp_elapsed_ms=1.1189e+06 resp_status=200 uri="/hooks/clusterdomainaliases-policy-deckhouse-io?timeout=10s"

alex123012 avatar May 24 '24 21:05 alex123012