hi everyone I m new to Cilium and could use some guidance Wh Pulumi Community #kubernetes

hi everyone, I’m new to Cilium and could use some ...

flat-afternoon-93346

06/14/2024, 6:22 AM

hi everyone, I’m new to Cilium and could use some guidance. While installing

Hubble

, I’m encountering errors with the pod restarting. Please advise on what steps I might have missed.

Copy code

hubble-relay pod showing these error inside the pod

time="2024-06-14T06:15:27Z" level=info msg="Starting gRPC health server..." addr=":4222" subsys=hubble-relay                                                             │
│ time="2024-06-14T06:15:27Z" level=info msg="Starting gRPC server..." options="{peerTarget:hubble-peer.kube-system.svc.cluster.local:443 dialTimeout:5000000000 retryTime │
│ out:30000000000 listenAddress::4245 healthListenAddress::4222 metricsListenAddress: log:0xc0003482a0 serverTLSConfig:<nil> insecureServer:true clientTLSConfig:0xc0000cc │
│ bd0 clusterName:default insecureClient:false observerOptions:[0x1f0ac00 0x1f0ace0] grpcMetrics:<nil> grpcUnaryInterceptors:[] grpcStreamInterceptors:[]}" subsys=hubble- │
│ relay                                                                                                                                                                    │
│ time="2024-06-14T06:15:32Z" level=warning msg="Failed to create peer client for peers synchronization; will try again after the timeout has expired" error="context dead │
│ line exceeded" subsys=hubble-relay target="hubble-peer.kube-system.svc.cluster.local:443"                                                                                │
│ time="2024-06-14T06:16:07Z" level=warning msg="Failed to create peer client for peers synchronization; will try again after the timeout has expired" error="context dead │
│ line exceeded" subsys=hubble-relay target="hubble-peer.kube-system.svc.cluster.local:443"

I have deployed it using helm pulumi, here is my code.

Copy code

import pulumi
from kube import kube_provider, kube
from pulumi_kubernetes import helm

config = pulumi.Config()

# Define the Cilium Helm release with Hubble enabled
cilium_release = helm.v3.Release(
    "cilium",
    chart="cilium",
    version="1.15.6",
    repository_opts=helm.v3.RepositoryOptsArgs(repo="<https://helm.cilium.io/>"),
    namespace="kube-system",
    values={
        "global": {
            "hubble": {
                "enabled": True,
            }
        },
        "hubble": {
            "ui": {"enabled": True},
            "relay": {
                "enabled": True,
                "peerTarget": "hubble-peer.kube-system.svc.cluster.local:443",
                "tls": {
                    "enabled": False,
                    "server": {
                        "insecure": True,  
                    },
                    "client": {
                        "insecure": True,  
                    },
                },
            },
            "metrics": {
                "enabled": [
                    "dns:query;ignoreAAAA",
                    "drop",
                    "tcp",
                    "flow",
                    "icmp",
                    "http",
                    "kafka",
                    "envoy:grpc",
                ],
                "dashboards": {
                    "enabled": False,
                    "label": "grafana_dashboard",
                    "labelValue": "1",
                    "namespace": None,
                },
                "enableOpenMetrics": False,
                "port": 9965,
                "serviceAnnotations": {},
                "serviceMonitor": {
                    "enabled": False,
                    "interval": "10s",
                    "jobLabel": "",
                    "labels": {},
                    "relabelings": [
                        {
                            "sourceLabels": ["__meta_kubernetes_pod_node_name"],
                            "targetLabel": "node",
                            "replacement": "${1}",
                        }
                    ],
                    "tlsConfig": {},
                    "annotations": {},
                },
                "tls": {
                    "enabled": False,
                    "server": {
                        "cert": "",
                        "extraDnsNames": [],
                        "extraIpAddresses": [],
                        "key": "",
                        "mtls": {
                            "enabled": False,
                            "key": "ca.crt",
                            "name": None,
                            "useSecret": False,
                        },
                    },
                },
            },
        },
    },
    opts=pulumi.ResourceOptions(provider=kube_provider),
)

# Export the Kubernetes provider and Cilium Helm release
pulumi.export("kube_provider", kube_provider)
pulumi.export("cilium_release_name", cilium_release.name)

116 Views

Open in Slack

Previous Next