Ingress-nginx-controller crash

Rancher running in AK Cluster all from scratch, followed the instructions below

All looks good even got an external IP from the ingress, however the pod of the ingress-nginx-controller from the ingres-nginx namespace is constantly in CrashLoopBackOff state

kubectl get pods
NAME READY STATUS RESTARTS AGE
ingress-nginx-controller-7564bb59cd-4vv7h 0/1 Running 11 (1s ago) 24m
Below the logs from the pod

NGINX Ingress controller
Release: v0.41.2
Build: d8a93551e6e5798fc4af3eb910cef62ecddc8938
Repository: GitHub - kubernetes/ingress-nginx: Ingress-NGINX Controller for Kubernetes
nginx version: nginx/1.19.4


I1008 08:42:11.157711 8 flags.go:205] “Watching for Ingress” class=“nginx”
W1008 08:42:11.157772 8 flags.go:210] Ingresses with an empty class will also be processed by this Ingress controller
W1008 08:42:11.158616 8 client_config.go:608] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
I1008 08:42:11.158883 8 main.go:241] “Creating API client” host=“https://10.0.0.1:443
I1008 08:42:11.196616 8 main.go:285] “Running in Kubernetes cluster” major=“1” minor=“23” git=“v1.23.12” state=“clean” commit=“c6939792865ef0f70f92006081690d77411c8ed5” platform=“linux/amd64”
I1008 08:42:11.452611 8 main.go:105] “SSL fake certificate created” file=“/etc/ingress-controller/ssl/default-fake-certificate.pem”
I1008 08:42:11.455790 8 main.go:115] “Enabling new Ingress features available since Kubernetes v1.18”
W1008 08:42:11.459343 8 main.go:127] No IngressClass resource with name nginx found. Only annotation will be used.
I1008 08:42:11.505028 8 ssl.go:528] “loading tls certificate” path=“/usr/local/certificates/cert” key=“/usr/local/certificates/key”
I1008 08:42:11.575373 8 nginx.go:249] “Starting NGINX Ingress controller”
I1008 08:42:11.624493 8 event.go:282] Event(v1.ObjectReference{Kind:“ConfigMap”, Namespace:“ingress-nginx”, Name:“ingress-nginx-controller”, UID:“b1adc7a1-bac7-494d-9dc5-415a0c3f2531”, APIVersion:“v1”, ResourceVersion:“2586”, FieldPath:“”}): type: ‘Normal’ reason: ‘CREATE’ ConfigMap ingress-nginx/ingress-nginx-controller
E1008 08:42:12.681161 8 reflector.go:127] k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E1008 08:42:14.020978 8 reflector.go:127] k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E1008 08:42:17.215954 8 reflector.go:127] k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E1008 08:42:23.462422 8 reflector.go:127] k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E1008 08:42:34.639582 8 reflector.go:127] k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource
E1008 08:42:57.424290 8 reflector.go:127] k8s.io/client-go@v0.19.3/tools/cache/reflector.go:156: Failed to watch *v1beta1.Ingress: failed to list *v1beta1.Ingress: the server could not find the requested resource

######################Cluster Info and Steps###########################

Kubernetes services
Node pools: 1 node pool
Kubernetes versions: 1.23.12
Node sizes: Standard_D2_v3
Authentication and Authorization:Local accounts with Kubernetes RBAC

Steps
#Create the AKS Cluster
az aks create --resource-group test-lab --name rancher-server --kubernetes-version 1.23.12 --node-count 3 --node-vm-size Standard_D2_v3
az aks get-credentials --resource-group test-lab --name rancher-server

#Install an Ingress
helm repo add ingress-nginx Welcome - NGINX Ingress Controller
helm repo update
helm upgrade --install ingress-nginx ingress-nginx/ingress-nginx --namespace ingress-nginx --set controller.service.type=LoadBalancer --version 3.12.0 --create-namespace
kubectl -n ingress-nginx get deploy ingress-nginx

kubectl get service ingress-nginx-controller --namespace=ingress-nginx
NAME ingress-nginx-controller
TYPE LoadBalancer
CLUSTER-IP 10.0.179.7
EXTERNAL-IP ...
PORT(S) 80:30727/TCP,443:31190/TCP
AGE 12h

#Install Cert Manager
kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/v1.7.1/cert-manager.crds.yaml
kubectl apply --validate=false -f https://github.com/cert-manager/cert-manager/releases/download/v1.7.1/cert-manager.crds.yaml
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.7.1
kubectl get pods --namespace cert-manager

#Install Rancher with Let’s Encrypt
helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
kubectl create namespace cattle-system
helm install rancher rancher-stable/rancher --namespace cattle-system --set hostname=rancher.jmalabs.uk --set bootstrapPassword=admin --set ingress.tls.source=letsEncrypt --set letsEncrypt.email=jmlp1@hotmail.co.uk --set letsEncrypt.ingress.class=nginx
kubectl -n cattle-system rollout status deploy/rancher
kubectl -n cattle-system get deploy rancher

Is this because K8s version is 1.23 and clashing with ngninx-ingress?

Fixed removing the version of the controller from helm
helm upgrade --install ingress-nginx ingress-nginx/ingress-nginx --namespace ingress-nginx --set controller.service.type=LoadBalancer --create-namespace

1 Like