Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG]Failed to create pg cluster #8886

Closed
tianyue86 opened this issue Feb 7, 2025 · 1 comment
Closed

[BUG]Failed to create pg cluster #8886

tianyue86 opened this issue Feb 7, 2025 · 1 comment
Assignees
@shanshanying
Labels
kind/bug Something isn't working
Milestone
Release 1.0.0

Comments

@tianyue86
Copy link

tianyue86 commented Feb 7, 2025
edited
Loading

Describe the env

kbcli version
Kubernetes: v1.31.1-aliyun.1
KubeBlocks: 1.0.0-beta.26
kbcli: 1.0.0-beta.10

To Reproduce
Steps to reproduce the behavior:

  1. Get pg yaml
helm template pgclu02 ./addons-cluster/postgresql --version 1.0.0-alpha.0
---
# Source: postgresql-cluster/templates/cluster.yaml
apiVersion: apps.kubeblocks.io/v1
kind: Cluster
metadata:
  name: pgclu02
  namespace: default
  labels: 
    helm.sh/chart: postgresql-cluster-1.0.0-alpha.0
    app.kubernetes.io/version: "15.7.0"
    app.kubernetes.io/instance: pgclu02
spec:
  terminationPolicy: Delete
  clusterDef: postgresql
  topology: replication
  componentSpecs:
    - name: postgresql
      serviceVersion: 16.4.0
      labels:        
        apps.kubeblocks.postgres.patroni/scope: pgclu02-postgresql      
      disableExporter: true      
      replicas: 2      
      resources:
        limits:
          cpu: "0.5"
          memory: "0.5Gi"
        requests:
          cpu: "0.5"
          memory: "0.5Gi"      
      volumeClaimTemplates:
        - name: data # ref clusterDefinition components.containers.volumeMounts.name
          spec:
            accessModes:
              - ReadWriteOnce
            resources:
              requests:
                storage: 20Gi
  1. apply the yaml to create pg cluster
  2. check the cluster status
k get cluster -A
NAMESPACE   NAME              CLUSTER-DEFINITION   TERMINATION-POLICY   STATUS     AGE
default     pgclu02           postgresql           Delete               Creating   4m26s

k get pod
NAME                            READY   STATUS    RESTARTS   AGE
pgclu02-postgresql-0            3/4     Running   0          4m35s
pgclu02-postgresql-1            3/4     Running   0          4m35s

k get cmp
NAME                          DEFINITION                       SERVICE-VERSION   STATUS     AGE
pgclu02-postgresql            postgresql-16-1.0.0-alpha.0      16.4.0                       4m54s

k describe cmp pgclu02-postgresql
Events:
  Type     Reason   Age                    From                  Message
  ----     ------   ----                   ----                  -------
  Normal   Unknown  5m24s (x2 over 5m25s)  component-controller  the component phase is unknown
  Warning  Warning  5m19s (x9 over 5m25s)  component-controller  roles.rbac.authorization.k8s.io "kb-postgresql-16-1.0.0-alpha.0" is forbidden: user "system:serviceaccount:kb-system:kubeblocks" (groups=["system:serviceaccounts" "system:serviceaccounts:kb-system" "system:authenticated"]) is attempting to grant RBAC permissions not currently held:
{APIGroups:[""], Resources:["endpoints"], Verbs:["get" "patch" "update" "create" "list" "watch" "delete"]}
  Normal  ComponentPhaseTransition  5m19s (x7 over 5m24s)  component-controller  component is Creating
  Normal  Unavailable               5m19s (x7 over 5m24s)  component-controller  the component phase is Creating
  1. see error
2025-02-07T02:58:28.455Z	ERROR	Reconciler error	{"controller": "component", "controllerGroup": "apps.kubeblocks.io", "controllerKind": "Component", "Component": {"name":"pgclu02-postgresql","namespace":"default"}, "namespace": "default", "name": "pgclu02-postgresql", "reconcileID": "1e26045a-0814-44dd-bdd2-70ca9dce5bf7", "error": "roles.rbac.authorization.k8s.io \"kb-postgresql-16-1.0.0-alpha.0\" is forbidden: user \"system:serviceaccount:kb-system:kubeblocks\" (groups=[\"system:serviceaccounts\" \"system:serviceaccounts:kb-system\" \"system:authenticated\"]) is attempting to grant RBAC permissions not currently held:\n{APIGroups:[\"\"], Resources:[\"endpoints\"], Verbs:[\"get\" \"patch\" \"update\" \"create\" \"list\" \"watch\" \"delete\"]}"}
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler
	/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.2/pkg/internal/controller/controller.go:329
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem
	/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.2/pkg/internal/controller/controller.go:266
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2
	/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.2/pkg/internal/controller/controller.go:227

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

  • OS: [e.g. iOS]
  • Browser [e.g. chrome, safari]
  • Version [e.g. 22]

Additional context
Add any other context about the problem here.
@tianyue86 tianyue86 added the kind/bug Something isn't working label Feb 7, 2025
@tianyue86 tianyue86 added this to the Release 1.0.0 milestone Feb 7, 2025
@wangyelei
Copy link
Contributor

related pr #8854

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@shanshanying shanshanying

Labels
kind/bug Something isn't working
Projects
None yet
Milestone
Release 1.0.0
Development

No branches or pull requests
3 participants
@wangyelei @shanshanying @tianyue86