I am trying to use rules_k8s for Bazel to deploy to my Kubernetes cluster.
Thus I have this cloudbuild.yaml file, which is executed by Google Cloud Build:
steps:
- name: gcr.io/cloud-builders/bazel
args: ['run', '//:kubernetes.apply']
(//:kubernetes is just a k8s_objects)
On my local machine running bazel run //:kubernetes.apply works fine, but
although the Google Cloud Build succeeds, it logs those errors. So the configuration is not applied to my Kubernetes cluster:
Target //:kubernetes.apply up-to-date:
bazel-bin/kubernetes.apply
INFO: Elapsed time: 29.863s, Critical Path: 0.14s
INFO: 0 processes.
INFO: Build completed successfully, 1 total action
INFO: Running command line: bazel-bin/kubernetes.apply
INFO: Build Event Protocol files produced successfully.
INFO: Build completed successfully, 1 total action
kubectl toolchain was not properly configured so k8s_deployment.apply cannot be executed.
kubectl toolchain was not properly configured so k8s_service.apply cannot be executed.
kubectl toolchain was not properly configured so projection_database_k8s_deployment.apply cannot be executed.
kubectl toolchain was not properly configured so projection_database_k8s_service.apply cannot be executed.
kubectl toolchain was not properly configured so k8s_deployment.apply cannot be executed.
kubectl toolchain was not properly configured so k8s_service.apply cannot be executed.
kubectl toolchain was not properly configured so k8s_deployment.apply cannot be executed.
kubectl toolchain was not properly configured so k8s_service.apply cannot be executed.
kubectl toolchain was not properly configured so event_store_k8s_deployment.apply cannot be executed.
kubectl toolchain was not properly configured so event_store_k8s_service.apply cannot be executed.
kubectl toolchain was not properly configured so k8s_deployment.apply cannot be executed.
kubectl toolchain was not properly configured so k8s_service.apply cannot be executed.
kubectl toolchain was not properly configured so event_store_k8s_deployment.apply cannot be executed.
kubectl toolchain was not properly configured so event_store_k8s_service.apply cannot be executed.
kubectl toolchain was not properly configured so k8s_deployment.apply cannot be executed.
kubectl toolchain was not properly configured so k8s_service.apply cannot be executed.
kubectl toolchain was not properly configured so event_store_k8s_deployment.apply cannot be executed.
kubectl toolchain was not properly configured so event_store_k8s_service.apply cannot be executed.
I also get a warning from the bazel cache:
DEBUG: /builder/home/.cache/bazel/_bazel_root/eab0d61a99b6696edb3d2aff87b585e8/external/io_bazel_rules_k8s/toolchains/kubectl/kubectl_toolchain.bzl:28:9: No kubectl tool was found or built, executing run for rules_k8s targets might not work.
P.S.: I get the same errors when using //:kubernetes.create
My setup
Deployments
load("#io_bazel_rules_k8s//k8s:object.bzl", "k8s_object")
k8s_object(
name = "k8s_deployment",
kind = "deployment",
cluster = "gke_cents-ideas_europe-west3-a_cents-ideas",
template = ":ideas.deployment.yaml",
images = {
"gcr.io/cents-ideas/ideas:latest": ":image"
},
)
Services
k8s_object(
name = "k8s_service",
kind = "service",
cluster = "gke_cents-ideas_europe-west3-a_cents-ideas",
template = ":ideas.service.yaml",
)
Aggregations
load("#io_bazel_rules_k8s//k8s:objects.bzl", "k8s_objects")
k8s_objects(
name = "k8s",
objects = [
":k8s_deployment",
":k8s_service",
]
)
Final composition
k8s_objects(
name = "kubernetes",
objects = [
"//services/ideas:k8s",
# ...
]
)
Update
I've now tried to make my own docker image with Bazel and kubectl:
FROM gcr.io/cloud-builders/bazel
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
RUN chmod +x ./kubectl
RUN mv ./kubectl /usr/local/bin/kubectl
I pushed it to GCR and changed my cloudbuild.yaml to:
steps:
- name: eu.gcr.io/cents-ideas/bazel-kubectl
args: ["run", "//:kubernetes.apply"]
I firstly noticed, that the step took way longer than before. However at the end it throws an error:
$ /usr/local/bin/kubectl --kubeconfig= --cluster=gke_cents-ideas_europe-west3-a_cents-ideas --context= --user= apply -f -
error: cluster "gke_cents-ideas_europe-west3-a_cents-ideas" does not exist
Here is the full log.
As for the updated question, now you need to authenticate somehow to GKE inside the container.
First thing, I recommend installing gcloud tool to your container.
Btw, as for the huge container size 1.2 GB, that's because cloud-builders/bazel is huge :)
Have a look at our example on slim bazel container version:
https://github.com/aspect-development/bazel-k8s-example/blob/master/tools/Dockerfile.dazel
And here is Dockerfile for installing gcloud and kubectl, so you can grab needed parts from both files:
https://github.com/GoogleCloudPlatform/cloud-builders/blob/master/gcloud/Dockerfile
The second thing is authenticating, after gcloud is installed it should be easy.
Overall cloudbuild step should look similar to this:
- name: <link to your container>
entrypoint: /bin/sh
args:
- -c
- |
gcloud container clusters get-credentials cents-ideas --zone europe-west3-a --project cents-ideas
bazel run //:kubernetes.apply
It complains that it can't find kubectl on your machine. If GKE is used, also the gcloud sdk needs to be installed.
And also check that authentication is configured for those tools: kubectl auth, GKE auth.
The main issue is that kubectl doesn't come with the gcr.io/cloud-builders/bazel docker image. That is why it can't be found.
There are however, efforts to implement the kubectl toolchain into Bazel manually: https://github.com/bazelbuild/rules_k8s/tree/master/toolchains/kubectl#kubectl-toolchain. But as those features are currently in experimental status, they often don't work.
More info can be found in this issue: https://github.com/bazelbuild/rules_k8s/issues/512
For now, your best bet will be to install kubectl in the container.
Related
glcoud beta code dev launches the Google Cloud Run Emulator.
(Mac OS 12.1, M1 ARM)
In VSCode, this works, with
Starting deploy...
Waiting for deployments to stabilize...
Deployments stabilized in 1.103 second
Watching for changes...
Service URL: http://localhost:8080/
If I run the same command from my system terminal (just the vanilla, default terminal on M1 Mac), it fails with
Starting deploy...
WARN[0015] Skipping deploy due to error:kubectl create: starting command ~/google-cloud-sdk/bin/kubectl --context gcloud-local-dev create --dry-run=client -oyaml -f /var/folders/vc/ajfl_bjoi3hghaooeihghaf/T/deploy_ou_9015s.yaml: pipe: too many open files subtask=-1 task=DevLoop
Watching for changes...
I've tried both zsh and fish, in case it's a shell thing, but no.
I also made sure to shut down what's going on in one terminal before trying the other.
What could be causing this?
EDIT:
gcloud --version outputs
Google Cloud SDK 367.0.0
beta 2021.12.10
bq 2.0.72
core 2021.12.10
gsutil 5.5
kubectl 1.20.8
minikube 1.24.0
skaffold 1.34.0
I am using Visual Code with Azure Core Tools to deploy a container to a K8S cluster which has KEDA installed. But seeing this docker error. The error is caused because the docker build is run without the double quotes.
$ func kubernetes deploy --name bollaservicebusfunc --registry sbolladockerhub --python
Running 'docker build -t sbolladockerhub/bollaservicebusfunc C:\Users\20835918\work\welcome to space'....done
Error running docker build -t sbolladockerhub/bollaservicebusfunc C:\Users\20835918\work\welcome to space.
output:
"docker build" requires exactly 1 argument.
See 'docker build --help'.
Usage: docker build [OPTIONS] PATH | URL | -
Build an image from a Dockerfile
(.venv)
20835918#CROC1LWPF1S99JJ MINGW64 ~/work/welcome to space (master)
I know there is a known bug Spaces in directory
But posting to see if there is a workaround, this is important as I have eveything in Onedrive - Comapny Name and it has spaces in it
Looking into the code for func, you could specify --image-name instead of --registry which seems to skip building the container.
You would have to build your docker container manually using the same code shown in the output and provide the value for the -t argument of the docker command for --image-name of the func command after.
Also, since this would not push your docker container as well, make sure to push it before running the func command.
I am using Google cloud composer ,and created composer environment.Composer environment is ready(has green tick), now I am trying to set variables used in DAG python code using google cloud shell.
command to set variables:
gcloud composer environments run test-environment \
--location us-central1 variables -- \
--set gcp_project xxx-gcp
Exact error message:
ERROR: (gcloud.composer.environments.run) Desired GKE pod not found. If the environment was recently started, please wait and retry.
I tried following things as part of investigation, but got same error each time.
I have created a new environment using UI and not google shell commands.
I checked pods in kubernetes engine and all are green , did not see any issue.
I verified composer API, Billing kubernetes, all required API's are enabled.
I have 'Editor' role assigned.
added screenshot I saw first time some failures
Error with exit code 1
google troubleshooting guide describe: If the exit code is 1, the container crashed because the application crashed.
This is a side effect of Composer version 1.6.0 if you are using a google-cloud-sdk that is too old, because it now launches pods in namespaces other than default. The error you see is a result of looking for Kubernetes pods in the default namespace and failing to find them.
To fix this, run gcloud components update. If you cannot yet update, a workaround to execute Airflow commands is to manually SSH to a pod yourself and run airflow. To start, obtain GKE cluster credentials:
$ gcloud container clusters get-credentials $COMPOSER_GKE_CLUSTER_NAME
Once you have the credentials, you should find which namespace the pods are running in (which you can also find using Cloud Console):
$ kubectl get namespaces
NAME STATUS AGE
composer-1-6-0-airflow-1-9-0-6f89fdb7 Active 17h
default Active 17h
kube-public Active 17h
kube-system Active 17h
You can then SSH into any scheduler/worker pod, and run commands:
$ kubectl exec \
--namespace=$NAMESPACE \
-it airflow-worker-569bc59df5-x6jhl airflow list_dags -r
You can also open a shell if you prefer:
$ kubectl exec \
--namespace=$NAMESPACE \
-it airflow-worker-569bc59df5-x6jhl bash
airflow#airflow-worker-569bc59df5-x6jhl:~$ airflow list_dags -r
The failed airflow-database-init-job jobs are unrelated and will not cause problems in your Composer environment.
I run the following commands and when I check if the pods are running I get the following errors:
Failed to pull image "tomcat": rpc error: code = Unknown desc = no
matching manifest for linux/amd64 in the manifest list entries
kubectl run tomcat --image=tomcat --port 8080
and
Failed to pull image "ngnix": rpc error: code = Unknown desc
= Error response from daemon: pull access denied for ngnix, repository does not exist or may require 'docker login'
kubectl run nginx3 --image ngnix --port 80
I seen a post in git about how to complete this when private repos cause an issue but not public. Has anyone ran into this before?
First Problem
From github issue
Sometimes, we'll have non-amd64 image build jobs finish before their amd64 counterparts, and due to the way we push the manifest list objects to the library namespace on the Docker Hub, that results in amd64-using folks (our primary target users) getting errors of the form "no supported platform found in manifest list" or "no matching manifest for XXX in the manifest list entries"
Docker Hub manifest list is not up-to-date with amd64 build for tomcat:latest.
Try another tag
kubectl run tomcat --image=tomcat:9.0 --port 8080
Second Problem
Use nginx not ngnix. Its a typo.
$ kubectl run nginx3 --image nginx --port 80
For a use case I need to create deployments from a pod when a script is being executed from inside the pod.
I am using google container engine for my cluster.
How to configure the container inside the pod to be able to run commands like kubectl create deployment.yaml?
P.S A bit clueless about it at the moment.
Your container is going to need to have kubectl available. There are some container images available, personally I can't vouch for any of them.
Personally I'd probably build my own and download the latest kubectl. A Dockerfile like this is probably a good starting point
FROM alpine:latest
RUN apk --no-cache add curl
RUN curl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl -o /usr/local/bin/kubectl
RUN chmod +x /usr/local/bin/kubectl
This will build you a container image with kubectl, so you can then all the kubectl commands you want.