I run Kind on my windows machine and use the following configuration for my local nodes
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
kubeadmConfigPatches:
- |
kind: InitConfiguration
nodeRegistration:
kubeletExtraArgs:
node-labels: "ingress-ready=true"
extraPortMappings:
- containerPort: 80
hostPort: 80
protocol: TCP
- containerPort: 443
hostPort: 443
protocol: TCP
- role: worker
- role: worker
- role: worker
Afer running
kind create cluster --name dev --config .\kind-cluster.yaml
I can see that the nodes were created succesfully
kubectl get nodes -owide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
dev-control-plane Ready control-plane 2m28s v1.25.3 172.19.0.5 <none> Ubuntu 22.04.1 LTS 5.10.102.1-microsoft-standard-WSL2 containerd://1.6.9
dev-worker Ready <none> 111s v1.25.3 172.19.0.3 <none> Ubuntu 22.04.1 LTS 5.10.102.1-microsoft-standard-WSL2 containerd://1.6.9
dev-worker2 Ready <none> 2m3s v1.25.3 172.19.0.2 <none> Ubuntu 22.04.1 LTS 5.10.102.1-microsoft-standard-WSL2 containerd://1.6.9
dev-worker3 Ready <none> 110s v1.25.3 172.19.0.4 <none> Ubuntu 22.04.1 LTS 5.10.102.1-microsoft-standard-WSL2 containerd://1.6.9
As a next step I am trying to create ingress by running
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/
static/provider/kind/deploy.yaml
The output seems to be fine
namespace/ingress-nginx created
serviceaccount/ingress-nginx created
serviceaccount/ingress-nginx-admission created
role.rbac.authorization.k8s.io/ingress-nginx created
role.rbac.authorization.k8s.io/ingress-nginx-admission created
clusterrole.rbac.authorization.k8s.io/ingress-nginx created
clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission created
rolebinding.rbac.authorization.k8s.io/ingress-nginx created
rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx created
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created
configmap/ingress-nginx-controller created
service/ingress-nginx-controller created
service/ingress-nginx-controller-admission created
deployment.apps/ingress-nginx-controller created
job.batch/ingress-nginx-admission-create created
job.batch/ingress-nginx-admission-patch created
ingressclass.networking.k8s.io/nginx created
validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission created
If I run
kubectl get pods -n ingress-nginx -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
ingress-nginx-admission-create-5s2x5 0/1 ErrImagePull 0 34s 10.244.1.2 dev-worker2 <none> <none>
ingress-nginx-admission-patch-h7px4 0/1 ErrImagePull 0 34s 10.244.2.2 dev-worker <none> <none>
ingress-nginx-controller-6bccc5966-xqcqc 0/1 ContainerCreating 0 34s <none> dev-control-plane <none> <none>
In Lens, I can see the following error message on worker nodes
Failed to pull image "registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20220916-gd32f8c343@sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f": rpc error: code = Unknown desc = failed to pull and unpack image "registry.k8s.io/ingress-nginx/kube-webhook-certgen@sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f": failed to resolve reference "registry.k8s.io/ingress-nginx/kube-webhook-certgen@sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f": failed to do request: Head "https://registry.k8s.io/v2/ingress-nginx/kube-webhook-certgen/manifests/sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f": x509: certificate signed by unknown authority
While on control panel node, the error is different
Unable to attach or mount volumes: unmounted volumes=[webhook-cert], unattached volumes=[webhook-cert kube-api-access-6hfr9]: timed out waiting for the condition
and
MountVolume.SetUp failed for volume "webhook-cert" : secret "ingress-nginx-admission" not found
Trying to figure out what would be the root cause.
