[go: up one dir, main page]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MicroK8s v1.31.0 revision 7178 missing addon CIS-hardening #4688

Closed
djjeffr opened this issue Sep 27, 2024 · 2 comments
Closed

MicroK8s v1.31.0 revision 7178 missing addon CIS-hardening #4688

djjeffr opened this issue Sep 27, 2024 · 2 comments

Comments

@djjeffr
Copy link
djjeffr commented Sep 27, 2024

Summary

MicroK8s v1.31.0 revision 7178 missing addon CIS-hardening
See https://bugs.launchpad.net/canonical-identity-provider/+bug/2083079

What Should Happen Instead?

Addon should exist

Reproduction Steps

  1. microk8s status
  2. doesn't list addon

Introspection Report

Can you suggest a fix?

Load addon

Are you interested in contributing with a fix?

no

Also community addon doesn't load;

~ $ microk8s enable community
Infer repository core for addon community
Cloning into '/var/snap/microk8s/common/addons/community'...
fatal: detected dubious ownership in repository at '/snap/microk8s/current/addons/community/.git'
To add an exception for this directory, call:

    git config --global --add safe.directory /snap/microk8s/current/addons/community/.git

fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
Traceback (most recent call last):
File "/snap/microk8s/7178/scripts/wrappers/addons.py", line 351, in
addons(prog_name="microk8s addons")
File "/snap/microk8s/7178/usr/lib/python3/dist-packages/click/core.py", line 764, in call
return self.main(*args, **kwargs)
File "/snap/microk8s/7178/usr/lib/python3/dist-packages/click/core.py", line 717, in main
rv = self.invoke(ctx)
File "/snap/microk8s/7178/usr/lib/python3/dist-packages/click/core.py", line 1137, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/snap/microk8s/7178/usr/lib/python3/dist-packages/click/core.py", line 1137, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/snap/microk8s/7178/usr/lib/python3/dist-packages/click/core.py", line 956, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/snap/microk8s/7178/usr/lib/python3/dist-packages/click/core.py", line 555, in invoke
return callback(*args, **kwargs)
File "/snap/microk8s/7178/scripts/wrappers/addons.py", line 207, in add
subprocess.check_call(cmd)
File "/snap/microk8s/7178/usr/lib/python3.8/subprocess.py", line 364, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['/snap/microk8s/7178/git.wrapper', 'clone', '/snap/microk8s/current/addons/community', PosixPath('/var/snap/microk8s/common/addons/communited non-zero exit status 128.

~$ microk8s version
MicroK8s v1.31.0 revision 7178

inspection-report-20240927_220449.tar.gz
@berkayoz
Copy link
Member

Hey @djjeffr,

Is this node upgraded from an older version to v1.31? Doing a fresh install I can observe the addon in the list

microk8s is running
high-availability: no
  datastore master nodes: 127.0.0.1:19001
  datastore standby nodes: none
addons:
  enabled:
    dns                  # (core) CoreDNS
    ha-cluster           # (core) Configure high availability on the current node
    helm                 # (core) Helm - the package manager for Kubernetes
    helm3                # (core) Helm 3 - the package manager for Kubernetes
  disabled:
    cert-manager         # (core) Cloud native certificate management
    cis-hardening        # (core) Apply CIS K8s hardening
    community            # (core) The community addons repository
    dashboard            # (core) The Kubernetes dashboard
    gpu                  # (core) Alias to nvidia add-on
    host-access          # (core) Allow Pods connecting to Host services smoothly
    hostpath-storage     # (core) Storage class; allocates storage from host directory
    ingress              # (core) Ingress controller for external access
    kube-ovn             # (core) An advanced network fabric for Kubernetes
    mayastor             # (core) OpenEBS MayaStor
    metallb              # (core) Loadbalancer for your Kubernetes cluster
    metrics-server       # (core) K8s Metrics Server for API access to service metrics
    minio                # (core) MinIO object storage
    nvidia               # (core) NVIDIA hardware (GPU and network) support
    observability        # (core) A lightweight observability stack for logs, traces and metrics
    prometheus           # (core) Prometheus operator for monitoring and logging
    rbac                 # (core) Role-Based Access Control for authorisation
    registry             # (core) Private image registry exposed on localhost:32000
    rook-ceph            # (core) Distributed Ceph storage using Rook
    storage              # (core) Alias to hostpath-storage add-on, deprecated

You might need to update the addons repository with microk8s addons repo update core.

For the community addons repo can you check the ownership of the /snap/microk8s/current/addons/community and /var/snap/microk8s/common/addons/community folders?

@djjeffr
Copy link
Author
djjeffr commented Oct 2, 2024

Thanks that worked.

@djjeffr djjeffr closed this as completed Oct 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@berkayoz @djjeffr