Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

\uD83E\uDD14 Problem

Deploying a HiveMQ cluster from the hivemq-operator Helm chart to a Kubernetes cluster:

helm upgrade hivemq --install hivemq/hivemq-operator \
  --values my-values.yaml
  --namespace my-namespace

Checking if all expected pods are spawned:

kubectl get pods --namespace my-namespace

shows only the hivemq-operator pod:

NAME                                                   READY   STATUS    RESTARTS   AGE
hivemq-hivemq-operator-operator-5c788c6c4-5krrz   1/1     Running   0          19s

Problem is how to troubleshoot this.

\uD83C\uDF31 Solution

  1. Check the replicaSets

    kubectl get replicasets --namespace my-namespace

    you see hivemq-operator and hivemq-cluster’s replicaSets

    NAME                                             DESIRED   CURRENT   READY   AGE
hivemq-6bb74cdd8b                           1         1         0       4s
hivemq-hivemq-operator-operator-5c788c6c4   1         1         1       55s

  2. Check the hivemq-cluster replicaSet

    kubectl get replicaset hivemq-6bb74cdd8b -o yaml > output.yaml

  3. Check for errors in the conditions: section. The error message will indicate why the creation of the hivemq-cluster pod has failed:
    *This is an example error:

    conditions:
    - lastTransitionTime: "2022-09-22T12:58:03Z"
      message: 'pods "hivemq-5464688645-" is forbidden: unable to validate against
        any security context constraint: [provider "anyuid": Forbidden: not usable
        by user or serviceaccount, spec.initContainers[0].securityContext.runAsUser:
        Invalid value: 1000: must be in the ranges: [1000670000, 1000679999], spec.containers[0].securityContext.runAsUser:
        Invalid value: 1000: must be in the ranges: [1000670000, 1000679999], provider
        "restricted": Forbidden: not usable by user or serviceaccount, provider "nonroot-v2":
        Forbidden: not usable by user or serviceaccount, provider "nonroot": Forbidden:
        not usable by user or serviceaccount, provider "hostmount-anyuid": Forbidden:
        not usable by user or serviceaccount, provider "machine-api-termination-handler":
        Forbidden: not usable by user or serviceaccount, provider "hostnetwork-v2":
        Forbidden: not usable by user or serviceaccount, provider "hostnetwork": Forbidden:
        not usable by user or serviceaccount, provider "hostaccess": Forbidden: not
        usable by user or serviceaccount, provider "node-exporter": Forbidden: not
        usable by user or serviceaccount, provider "privileged": Forbidden: not usable
        by user or serviceaccount]'
      reason: FailedCreate
      status: "True"
      type: ReplicaFailure

  4. Now you can fix the error and retry the helm upgrade.

  • No labels