Comments (24)
shibi1989
commented on July 23, 2024
4
Getting error Failed to resolve consul-server-0.consul-server.default.svc: lookup consul-server-0.consul-server.default.svc on 10.96.0.10:53: no such host * Failed to join 10.244.1.78: Remote state is encrypted and encryption is not configured.
Already having core DNS in kubernetes cluster. Using kubernetes 1.12.2 version.
I have used helm to install the consul.
from consul-helm.
deepanvermag3
commented on July 23, 2024
Is this resolved for you?
from consul-helm.
shibi1989
commented on July 23, 2024
No
…On Tue, Dec 25, 2018, 11:45 AM Deepan Verma ***@***.***> wrote:
Is this resolved for you?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#76 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AQ0TjfpMTi8AUtmhbXQUKgUHINHW5AcBks5u8cJlgaJpZM4ZAX9l>
.
from consul-helm.
giovannicandido
commented on July 23, 2024
Any update?
from consul-helm.
adilyse
commented on July 23, 2024
Hi @shibi1989
Could you provide some additional information about your setup and installation? What type of kubernetes cluster are you using (cloud hosted, local setup, etc)? What version of the helm chart did you use? What configuration options did you use?
This information will help me narrow down what might be going wrong.
Thanks,
Rebecca
from consul-helm.
erkanerol
commented on July 23, 2024
I have the same issue on EKS
from consul-helm.
vnbx
commented on July 23, 2024
Having the same issue with helm chart and ConsulAgent config.
from consul-helm.
giovannicandido
commented on July 23, 2024
In my case the error was because no statefull storage could be created because the default was not set. But this message is complete useless in this case.
https://kubernetes.io/docs/tasks/administer-cluster/change-default-storage-class/
from consul-helm.
dwaiba
commented on July 23, 2024
Works fine for me on setting server.storageClass and using external provisioner like nfs-client on private clusters. Also works fine on gke where defaults are set
from consul-helm.
lkysow
commented on July 23, 2024
I'm going to close this issue since it's 6 months old. If anyone is still having this issue please comment here and I can re-open.
from consul-helm.
yueru-mylove
commented on July 23, 2024
I also got this problem. Though the consul agent join each member correctly, it still display some errors in the log below, almost the same with the error above.
2019/12/26 03:47:48 [WARN] memberlist: Failed to resolve hashicorp-consul-server-1.hashicorp-consul-server.default.svc: lookup hashicorp-consul-server-1.hashicorp-consul-server.default.svc on 10.10.0.10:53: no such host
2019/12/26 03:47:48 [WARN] memberlist: Failed to resolve hashicorp-consul-server-2.hashicorp-consul-server.default.svc: lookup hashicorp-consul-server-2.hashicorp-consul-server.default.svc on 10.10.0.10:53: no such host
2019/12/26 03:47:48 [WARN] agent: (LAN) couldn't join: 0 Err: 3 errors occurred:
* Failed to join 10.244.0.83: dial tcp 10.244.0.83:8301: connect: no route to host
* Failed to resolve hashicorp-consul-server-1.hashicorp-consul-server.default.svc: lookup hashicorp-consul-server-1.hashicorp-consul-server.default.svc on 10.10.0.10:53: no such host
* Failed to resolve hashicorp-consul-server-2.hashicorp-consul-server.default.svc: lookup hashicorp-consul-server-2.hashicorp-consul-server.default.svc on 10.10.0.10:53: no such host
2019/12/26 03:47:48 [WARN] agent: Join LAN failed: <nil>, retrying in 30s
2019/12/26 03:47:52 [WARN] raft: Failed to get previous log: 1 log not found (last: 0)
2019/12/26 03:47:52 [INFO] consul: New leader elected: hashicorp-consul-server-1
2019/12/26 03:47:52 [INFO] agent: Synced node info
2019/12/26 03:47:59 [INFO] serf: EventMemberJoin: master 10.244.0.84
2019/12/26 03:48:18 [INFO] agent: (LAN) joining: [hashicorp-consul-server-0.hashicorp-consul-server.default.svc hashicorp-consul-server-1.hashicorp-consul-server.default.svc hashicorp-consul-server-2.hashicorp-consul-server.default.svc]
2019/12/26 03:48:18 [INFO] agent: (LAN) joined: 3
2019/12/26 03:48:18 [INFO] agent: Join LAN completed. Synced with 3 initial agents
And the kube version is 1.16.2. bootstrapped by kubeadm , stand-alone. Need help.
from consul-helm.
lkysow
commented on July 23, 2024
@yueru-mylove it looks like in the end of your logs the consul cluster comes up correctly. Sometimes KubeDNS takes a while to start working so the initial errors are expectes. Are you noticing some functionality not working? Please open up a new issue if so because I don't see the encryption errors in your logs which was the reason for this issue.
from consul-helm.
yueru-mylove
commented on July 23, 2024
@Ikysow Thankyou so much, sir. It working normaly. And I just have a question if a consul dns is must when deploying consul-cluster with k8s as I ever got a failed deploying without consul dns using customized sts, svc, sa, cm yaml file while each part is working normally.
And the error log is as belows:
2020/01/02 04:48:06 [ERR] agent: failed to sync remote state: No cluster leader
2020/01/02 04:48:18 [ERR] agent: Coordinate update error: No cluster leader
2020/01/02 04:48:41 [ERR] agent: failed to sync remote state: No cluster leader
2020/01/02 04:48:51 [ERR] agent: Coordinate update error: No cluster leader
Thank a lot.
from consul-helm.
lkysow
commented on July 23, 2024
Consul DNS is not required. Those errors happen when the servers can't elect a leader. I'd look at the logs on each server to try and figure out what's going on.
What exactly do you mean you got failed deployment without Consul DNS? How are you turning it on/off? With:
dns:
enabled: false
? This won't affect leader election.
from consul-helm.
yueru-mylove
commented on July 23, 2024
The consul-0 starting logs is as belows:
==> Log data will now stream in as it occurs:
2020/01/03 01:57:14 [INFO] raft: Initial configuration (index=0): []
2020/01/03 01:57:14 [INFO] serf: EventMemberJoin: consul-0.dc1 10.244.0.102
2020/01/03 01:57:14 [INFO] raft: Node at 10.244.0.102:8300 [Follower] entering Follower state (Leader: "")
2020/01/03 01:57:14 [INFO] serf: EventMemberJoin: consul-0 10.244.0.102
2020/01/03 01:57:14 [INFO] agent: Started DNS server 0.0.0.0:8600 (udp)
2020/01/03 01:57:14 [INFO] serf: Attempting re-join to previously known node: consul-2: 10.244.0.101:8301
2020/01/03 01:57:14 [INFO] serf: Attempting re-join to previously known node: consul-2.dc1: 10.244.0.101:8302
2020/01/03 01:57:14 [INFO] agent: Started DNS server 0.0.0.0:8600 (tcp)
2020/01/03 01:57:14 [INFO] agent: Started HTTP server on [::]:8500 (tcp)
2020/01/03 01:57:14 [INFO] consul: Adding LAN server consul-0 (Addr: tcp/10.244.0.102:8300) (DC: dc1)
2020/01/03 01:57:14 [INFO] consul: Handled member-join event for server "consul-0.dc1" in area "wan"
2020/01/03 01:57:14 [INFO] agent: Retry join LAN is supported for: aliyun aws azure digitalocean gce k8s mdns os packet scaleway softlayer triton vsphere
2020/01/03 01:57:14 [INFO] agent: Joining LAN cluster...
2020/01/03 01:57:14 [INFO] agent: (LAN) joining: [consul-0.consul.default.svc.cluster.local consul-1.consul.default.svc.cluster.local consul-2.consul.default.svc.cluster.local]
2020/01/03 01:57:14 [INFO] agent: started state syncer
==> Consul agent running!
2020/01/03 01:57:14 [WARN] memberlist: Failed to resolve consul-1.consul.default.svc.cluster.local: lookup consul-1.consul.default.svc.cluster.local on 10.10.0.10:53: no such host
2020/01/03 01:57:14 [WARN] memberlist: Failed to resolve consul-2.consul.default.svc.cluster.local: lookup consul-2.consul.default.svc.cluster.local on 10.10.0.10:53: no such host
2020/01/03 01:57:14 [INFO] agent: (LAN) joined: 1
2020/01/03 01:57:14 [INFO] agent: Join LAN completed. Synced with 1 initial agents
2020/01/03 01:57:17 [WARN] serf: Failed to re-join any previously known node
2020/01/03 01:57:17 [WARN] serf: Failed to re-join any previously known node
2020/01/03 01:57:21 [ERR] agent: failed to sync remote state: No cluster leader
2020/01/03 01:57:22 [WARN] raft: no known peers, aborting election
2020/01/03 01:57:42 [ERR] agent: Coordinate update error: No cluster leader
2020/01/03 01:57:54 [ERR] agent: failed to sync remote state: No cluster leader
And consul-1 and consul-2 only has log:
==> Log data will now stream in as it occurs:
So I really don't know why I got this. Consul service:
apiVersion: v1
kind: Service
metadata:
name: consul
labels:
name: consul
spec:
type: ClusterIP
clusterIP: None
ports:
- name: http
port: 8500
targetPort: 8500
- name: https
port: 8443
targetPort: 8443
- name: rpc
port: 8400
targetPort: 8400
- name: serflan-tcp
protocol: "TCP"
port: 8301
targetPort: 8301
- name: serflan-udp
protocol: "UDP"
port: 8301
targetPort: 8301
- name: serfwan-tcp
protocol: "TCP"
port: 8302
targetPort: 8302
- name: serfwan-udp
protocol: "UDP"
port: 8302
targetPort: 8302
- name: server
port: 8300
targetPort: 8300
- name: consuldns
port: 8600
targetPort: 8600
selector:
app: consulsts file:
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: consul
spec:
serviceName: consul
replicas: 3
selector:
matchLabels:
app: consul
template:
metadata:
labels:
app: consul
spec:
terminationGracePeriodSeconds: 10
containers:
- name: consul
image: consul:latest
args:
- "agent"
- "-server"
- "-bootstrap-expect=3"
- "-ui"
- "-data-dir=/consul/data"
- "-bind=0.0.0.0"
- "-client=0.0.0.0"
- "-advertise=$(PODIP)"
- "-retry-join=consul-0.consul.$(NAMESPACE).svc.cluster.local"
- "-retry-join=consul-1.consul.$(NAMESPACE).svc.cluster.local"
- "-retry-join=consul-2.consul.$(NAMESPACE).svc.cluster.local"
- "-domain=cluster.local"
- "-disable-host-node-id"
volumeMounts:
- name: data
mountPath: /consul/data
env:
- name: PODIP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- containerPort: 8500
name: ui-port
- containerPort: 8400
name: alt-port
- containerPort: 53
name: udp-port
- containerPort: 8443
name: https-port
- containerPort: 8080
name: http-port
- containerPort: 8301
name: serflan
- containerPort: 8302
name: serfwan
- containerPort: 8600
name: consuldns
- containerPort: 8300
name: server
volumes:
- name: data
hostPath:
path: /home/dataThank you so much.
from consul-helm.
lkysow
commented on July 23, 2024
@yueru-mylove I'm moving this to #323. Please follow up there.
from consul-helm.
yueru-mylove
commented on July 23, 2024
@yueru-mylove I'm moving this to #323. Please follow up there.
Thank you so much. sir.
from consul-helm.
zonArt
commented on July 23, 2024
Hi,
Don't know if I should open a new issue or can re-use this one but I have the exact same issue (well.... maybe it's not exactly the same). I'm trying to deploy consul clients within kubernetes and got the servers outside. When I do so I receive this error message: Failed to join <server IPs>: Remote state is encrypted and encryption is not configured. I agree I haven't setup gossip encryption as I'm using mTLS so I supposed setting tls was enough but it doesn't seem to. Here is my values.yaml file:
server:
enabled: false
externalServers:
enabled: true
hosts: ["<node1.my.domain>", "<node2.my.domain>", "<node3.my.domain>"]
useSystemRoots: true
client:
image: consul:1.7.0
join: ["<node1.my.domain>", "<node2.my.domain>", "<node3.my.domain>"]
global:
domain: <my.domain>
tls:
enabled: true
caCert:
secretName: consul-agent
secretKey: tls.crt
caKey:
secretName: consul-agent
secretKey: tls.key
Might not be fully complete so that's why I'm asking for help
Additional information:
I'm using kubernetes 1.18 on a self hosted cluster, consul is also running internally on three VMs with version 1.7.0 thus tried to deploy 1.7.0 agents, deployed with helm 2 and version 0.24.1 of the helm chart
from consul-helm.
lkysow
commented on July 23, 2024
@zonArt can you please open a new issue and we'll respond there. Thanks!
from consul-helm.
zonArt
commented on July 23, 2024
@zonArt can you please open a new issue and we'll respond there. Thanks!
Hi @lkysow, thanks, I've just opened it here (with same content)
from consul-helm.
Jorgevillada
commented on July 23, 2024
if you change default storage in eks(gp2) or configure another storageclass(EFS, nfs, rook). you must guarantee that they are not the same folder for the replicas. the files
checkpoint-signature
node-id
raft
serf
will be overwritten and you won't be able to find the another servers.
from consul-helm.
unittolabs
commented on July 23, 2024
I faced the same problem at AKS with the given config:
global:
enabled: false
image: consul:1.8.5
imageK8S: hashicorp/consul-k8s:0.19.0
datacenter: azure-dev
acls:
# manageSystemACLs: true
bootstrapToken:
secretName: consul-acl-token
secretKey: vault
server:
enabled: true
replicas: 3
bootstrapExpect: 3
connect: false
resources:
requests:
cpu: 200m
memory: 256Mi
limits:
cpu: 200m
memory: 256Mi
affinity: |
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app: {{ template "consul.name" . }}
release: "{{ .Release.Name }}"
component: server
topologyKey: kubernetes.io/hostname
ui:
enabled: true
but what is interesting, it that I don't face it when I try to deploy the same config in GKE.
logs from AKS:
2020-11-13T10:57:28.801Z [WARN] agent: Join cluster failed, will retry: cluster=LAN retry_interval=30s error=<nil>
2020-11-13T10:57:30.044Z [ERROR] agent: Coordinate update error: error="No cluster leader"
2020-11-13T10:57:37.912Z [ERROR] agent.anti_entropy: failed to sync remote state: error="No cluster leader"
2020-11-13T10:57:58.802Z [INFO] agent: (LAN) joining: lan_addresses=[vault-consul-server-0.vault-consul-server.vault.svc, vault-consul-server-1.vault-consul-server.vault.svc, vault-consul-server-2.vault-consul-server.vault.svc]
2020-11-13T10:57:58.813Z [WARN] agent.server.memberlist.lan: memberlist: Failed to resolve vault-consul-server-0.vault-consul-server.vault.svc: lookup vault-consul-server-0.vault-consul-server.vault.svc on 10.0.0.10:53: no such host
2020-11-13T10:57:59.057Z [WARN] agent.server.memberlist.lan: memberlist: Failed to resolve vault-consul-server-1.vault-consul-server.vault.svc: lookup vault-consul-server-1.vault-consul-server.vault.svc on 10.0.0.10:53: no such host
2020-11-13T10:57:59.392Z [WARN] agent.server.memberlist.lan: memberlist: Failed to resolve vault-consul-server-2.vault-consul-server.vault.svc: lookup vault-consul-server-2.vault-consul-server.vault.svc on 10.0.0.10:53: no such host
2020-11-13T10:57:59.392Z [WARN] agent: (LAN) couldn't join: number_of_nodes=0 error="3 errors occurred:
* Failed to resolve vault-consul-server-0.vault-consul-server.vault.svc: lookup vault-consul-server-0.vault-consul-server.vault.svc on 10.0.0.10:53: no such host
* Failed to resolve vault-consul-server-1.vault-consul-server.vault.svc: lookup vault-consul-server-1.vault-consul-server.vault.svc on 10.0.0.10:53: no such host
* Failed to resolve vault-consul-server-2.vault-consul-server.vault.svc: lookup vault-consul-server-2.vault-consul-server.vault.svc on 10.0.0.10:53: no such host
from consul-helm.
lkysow
commented on July 23, 2024
@unitto1 can you open up a new issue please?
from consul-helm.
unittolabs
commented on July 23, 2024
@unitto1 can you open up a new issue please?
In my case, it was fixed via moving to the new AKS cluster, so create the new issue will be not reasonable.
Seems it's some weird error linked to the misconfiguration of Kubenetes Storage Class but I'm not sure.
from consul-helm.
Related Issues (20)
- Variable Interpolation within Helm chart HOT 7
- [ERROR] Unable to get Agent services: error="Unexpected response code: 403 (ACL not found)" HOT 9
- GKE Ingress requires pathType to be ImplementationSpecific
- flag provided but not defined: -log-json HOT 6
- Mesh-Gateway k8s: Error initializing configuration HOT 6
- Chart v0.32.+ : invalid config key "TransparentProxy" for proxy-defaults.yaml HOT 2
- Could not resolve host: static-server HOT 9
- test issue migration
- consul-consul-webhook-cert-manager flag provided but not defined: -log-json HOT 2
- 0.32.1/1.10.0 WAN Federation consul-server-acl-init job failing to execute resulting in failed helm installation HOT 8
- Kubernetes, ConsulCatalog and Traefik - Changing default Sync Rule between K8s and ConsulCatalog? HOT 2
- Consul connect injected sidecars not permitted by Pod Security Policies HOT 2
- Allow specifying a default policy / role for namespace mirroring HOT 2
- How route traffic to another consul node? HOT 5
- Consul ingress gateways not starting after chart upgrade HOT 6
- Which directory consul kv data is stored HOT 4
- consul connect: 503 after scaling in or pod restarts HOT 15
- feat: Add `-recursor` flag
- Failed helm upgrade leaves behind a job that prevents future upgrades? HOT 7
- Allow Consul client daemonset connectivity via nodePort (instead of only hostPort) HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from consul-helm.