1

I try to set up a kubernetes cluster behind a enterprise proxy with own ca.
Basically I followed following tutorial: https://vitux.com/install-and-deploy-kubernetes-on-ubuntu/

Additional I does following stuff to get behind our enterprise network

  • I set in env: http_proxy https_proxy no_proxy
  • I add the proxy in /etc/apt/apt.conf
  • I installed CA files in /usr/local/share/ca-certificates (and run update-ca-certificates)
  • I add proxy conf to docker systemd daemon (reload daemon and restart docker)

Now, when I try to use kubeadm init following happen: 

[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
I1111 22:00:24.471496    5900 checks.go:845] pulling k8s.gcr.io/kube-apiserver:v1.16.2
I1111 22:00:40.105465    5900 checks.go:845] pulling k8s.gcr.io/kube-controller-manager:v1.16.2
I1111 22:00:50.804949    5900 checks.go:845] pulling k8s.gcr.io/kube-scheduler:v1.16.2
I1111 22:00:56.139481    5900 checks.go:845] pulling k8s.gcr.io/kube-proxy:v1.16.2
I1111 22:01:01.264787    5900 checks.go:845] pulling k8s.gcr.io/pause:3.1
I1111 22:01:02.420756    5900 checks.go:845] pulling k8s.gcr.io/etcd:3.3.15-0
I1111 22:01:22.864754    5900 checks.go:845] pulling k8s.gcr.io/coredns:1.6.2
[preflight] Some fatal errors occurred:
        [ERROR ImagePull]: failed to pull image k8s.gcr.io/coredns:1.6.2: output: 1.6.2: Pulling from coredns
c6568d217a00: Pulling fs layer
3970bc7cbb16: Pulling fs layer
c6568d217a00: Verifying Checksum
3970bc7cbb16: Verifying Checksum
3970bc7cbb16: Download complete
filesystem layer verification failed for digest sha256:c6568d217a0023041ef9f729e8836b19f863bcdb612bb3a329ebc165539f5a80
, error: exit status 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
error execution phase preflight
k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow.(*Runner).Run.func1
        /workspace/anago-v1.16.2-beta.0.19+c97fe5036ef3df/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow/runner.go:237
k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow.(*Runner).visitAll
        /workspace/anago-v1.16.2-beta.0.19+c97fe5036ef3df/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow/runner.go:424
k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow.(*Runner).Run
        /workspace/anago-v1.16.2-beta.0.19+c97fe5036ef3df/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow/runner.go:209
k8s.io/kubernetes/cmd/kubeadm/app/cmd.NewCmdInit.func1
        /workspace/anago-v1.16.2-beta.0.19+c97fe5036ef3df/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/cmd/init.go:146
k8s.io/kubernetes/vendor/github.com/spf13/cobra.(*Command).execute
        /workspace/anago-v1.16.2-beta.0.19+c97fe5036ef3df/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/github.com/spf13/cobra/command.go:830
k8s.io/kubernetes/vendor/github.com/spf13/cobra.(*Command).ExecuteC
        /workspace/anago-v1.16.2-beta.0.19+c97fe5036ef3df/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/github.com/spf13/cobra/command.go:914
k8s.io/kubernetes/vendor/github.com/spf13/cobra.(*Command).Execute
        /workspace/anago-v1.16.2-beta.0.19+c97fe5036ef3df/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/github.com/spf13/cobra/command.go:864
k8s.io/kubernetes/cmd/kubeadm/app.Run
        /workspace/anago-v1.16.2-beta.0.19+c97fe5036ef3df/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/app/kubeadm.go:50
main.main
        _output/dockerized/go/src/k8s.io/kubernetes/cmd/kubeadm/kubeadm.go:25
runtime.main
        /usr/local/go/src/runtime/proc.go:200
runtime.goexit
        /usr/local/go/src/runtime/asm_amd64.s:1337

Does anyone have a idea?

OS: Ubuntu 18.04.3 LTS

Björn Ternes
  • 1,137
  • 4
  • 14
  • 33
  • Are you have this kubeadm in cloud or bare metal? Also did you saw https://stackoverflow.com/a/45583032/11148139 ? – PjoterS Nov 12 '19 at 15:18
  • I saw it, its meant with "I add proxy conf to docker systemd daemon (reload daemon and restart docker)". Docker pull does work without problems. Its "in cloud" --> proxmox. – Björn Ternes Nov 12 '19 at 16:40
  • Ive tried to follow this instruction, and it was not working for me. Have you tried to install docker from this docs: https://docs.docker.com/install/linux/docker-ce/ubuntu/#install-docker-engine---community and later `kubeadm` based on official docs: https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl and then kubeadm init? It passed scheduler, apiserver and proxy but stopped on coredns. Could you also attach your config files which was changed? – PjoterS Nov 15 '19 at 13:28
  • I found the error. Our proxy blocked some small layer files. – Björn Ternes Dec 19 '19 at 11:32

0 Answers0