Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

\uD83E\uDD14 Problem

Deploying a HiveMQ cluster from the hivemq-operator Helm chart to a Kubernetes cluster:

helm upgrade hivemq --install hivemq/hivemq-operator \
  --values my-values.yaml
  --namespace my-namespace

Checking if all expected pods are spawned:

kubectl get pods --namespace my-namespace

shows only the hivemq-operator pod:

NAME                                                   READY   STATUS    RESTARTS   AGE
hivemq-hivemq-operator-operator-5c788c6c4-5krrz   1/1     Running   0          19s

Problem is how to troubleshoot this.

\uD83C\uDF31 Solution

  1. Check the replicaSets

    kubectl get replicasets --namespace my-namespace

    you see hivemq-operator and hivemq-cluster’s replicaSets

    NAME                                             DESIRED   CURRENT   READY   AGE
    hivemq-6bb74cdd8b                           1         1         0       4s
    hivemq-hivemq-operator-operator-5c788c6c4   1         1         1       55s
  2. Check the hivemq-cluster replicaSet

    kubectl get replicaset hivemq-6bb74cdd8b -o yaml > output.yaml
  3. Check for errors in the conditions: section. The error message will indicate why the creation of the hivemq-cluster pod has failed:

    conditions:
        - lastTransitionTime: "2022-09-22T12:58:03Z"
          message: 'pods "hivemq-5464688645-" is forbidden: unable to validate against
            any security context constraint: [provider "anyuid": Forbidden: not usable
            by user or serviceaccount, spec.initContainers[0].securityContext.runAsUser:
            Invalid value: 1000: must be in the ranges: [1000670000, 1000679999], spec.containers[0].securityContext.runAsUser:
            Invalid value: 1000: must be in the ranges: [1000670000, 1000679999], provider
            "restricted": Forbidden: not usable by user or serviceaccount, provider "nonroot-v2":
            Forbidden: not usable by user or serviceaccount, provider "nonroot": Forbidden:
            not usable by user or serviceaccount, provider "hostmount-anyuid": Forbidden:
            not usable by user or serviceaccount, provider "machine-api-termination-handler":
            Forbidden: not usable by user or serviceaccount, provider "hostnetwork-v2":
            Forbidden: not usable by user or serviceaccount, provider "hostnetwork": Forbidden:
            not usable by user or serviceaccount, provider "hostaccess": Forbidden: not
            usable by user or serviceaccount, provider "node-exporter": Forbidden: not
            usable by user or serviceaccount, provider "privileged": Forbidden: not usable
            by user or serviceaccount]'
          reason: FailedCreate
          status: "True"
          type: ReplicaFailure
  4. Now you can fix the error and retry the helm upgrade.

  • No labels