FAILED
Error reading manifest file:
yaml: line 3: did not find expected key
---
applications:
- name: Ragu-psdonationwebservice
memory: 128MB
instrances: 1
command: node ./bin/www
services:
- mymongo
You have a typo. Try this:
---
applications:
- name: Ragu-psdonationwebservice
memory: 128MB
instances: 1
command: node ./bin/www
services:
- mymongo
Related
I'm deploying a service to an ecs from ecs-cli, but I couldn't find any attribute to specify the value of "LAUNCH TYPE" to use "capacity provider strategy". default is set to EC2. Is it possible to do it from ecs-cli or some attribute in the yml file or ecs-params?
docker-compose.yml
version: '3'
services:
task_auth:
environment:
AWS_API_VERSION: "2016-04-19"
AWS_CONTAINER_CREDENTIALS_RELATIVE_URI: /creds
BACKURL: http://XXXXXXX
image: XXXX.dkr.ecr.us-east-1.amazonaws.com/XXXXXX
ports:
- "8004:8000"
logging:
driver: awslogs
options:
awslogs-group: logscompose
awslogs-region: us-east-1
awslogs-stream-prefix: auth
ecs-params.yml
version: 1
task_definition:
ecs_network_mode: bridge
task_role_arn: arn:aws:iam::xx:role/xxxx
task_execution_role: arn:aws:iam::xxxxx:role/xxxxx
services:
task_auth:
cpu_shares: 0
mem_reservation: 134217728
Result
Thank you!!
I'm following this AWS documentation which explains how to properly configure AWS Secrets Manager to let it works with EKS through Kubernetes Secrets.
I successfully followed step by step all the different commands as explained in the documentation.
The only difference I get is related to this step where I have to run:
kubectl get po --namespace=kube-system
The expected output should be:
csi-secrets-store-qp9r8 3/3 Running 0 4m
csi-secrets-store-zrjt2 3/3 Running 0 4m
but instead I get:
csi-secrets-store-provider-aws-lxxcz 1/1 Running 0 5d17h
csi-secrets-store-provider-aws-rhnc6 1/1 Running 0 5d17h
csi-secrets-store-secrets-store-csi-driver-ml6jf 3/3 Running 0 5d18h
csi-secrets-store-secrets-store-csi-driver-r5cbk 3/3 Running 0 5d18h
As you can see the names are different, but I'm quite sure it's ok :-)
The real problem starts here in step 4: I created the following YAML file (as you ca see I added some parameters):
apiVersion: secrets-store.csi.x-k8s.io/v1alpha1
kind: SecretProviderClass
metadata:
name: aws-secrets
spec:
provider: aws
parameters:
objects: |
- objectName: "mysecret"
objectType: "secretsmanager"
And finally I created a deploy (as explain here in step 5) using the following yaml file:
# test-deployment.yaml
kind: Pod
apiVersion: v1
metadata:
name: nginx-secrets-store-inline
spec:
serviceAccountName: iamserviceaccountforkeyvaultsecretmanagerresearch
containers:
- image: nginx
name: nginx
volumeMounts:
- name: mysecret-volume
mountPath: "/mnt/secrets-store"
readOnly: true
volumes:
- name: mysecret-volume
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: "aws-secrets"
After the deployment through the command:
kubectl apply -f test-deployment.yaml -n mynamespace
The pod is not able to start properly because the following error is generated:
Error from server (BadRequest): container "nginx" in pod "nginx-secrets-store-inline" is waiting to start: ContainerCreating
But, for example, if I run the deployment with the following yaml the POD will be successfully created
# test-deployment.yaml
kind: Pod
apiVersion: v1
metadata:
name: nginx-secrets-store-inline
spec:
serviceAccountName: iamserviceaccountforkeyvaultsecretmanagerresearch
containers:
- image: nginx
name: nginx
volumeMounts:
- name: keyvault-credential-volume
mountPath: "/mnt/secrets-store"
readOnly: true
volumes:
- name: keyvault-credential-volume
emptyDir: {} # <<== !! LOOK HERE !!
as you can see I used
emptyDir: {}
So as far I can see the problem here is related to the following YAML lines:
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: "aws-secrets"
To be honest it's even not clear in my mind what's happing here.
Probably I didn't properly enabled the volume permission in EKS?
Sorry but I'm a newbie in both AWS and Kubernetes configurations.
Thanks for you time
--- NEW INFO ---
If I run
kubectl describe pod nginx-secrets-store-inline -n mynamespace
where nginx-secrets-store-inline is the name of the pod, I get the following output:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 30s default-scheduler Successfully assigned mynamespace/nginx-secrets-store-inline to ip-10-0-24-252.eu-central-1.compute.internal
Warning FailedMount 14s (x6 over 29s) kubelet MountVolume.SetUp failed for volume "keyvault-credential-volume" : rpc error: code = Unknown desc = failed to get secretproviderclass mynamespace/aws-secrets, error: SecretProviderClass.secrets-store.csi.x-k8s.io "aws-secrets" not found
Any hints?
Finally I realized why it wasn't working. As explained here, the error:
Warning FailedMount 3s (x4 over 6s) kubelet, kind-control-plane MountVolume.SetUp failed for volume "secrets-store-inline" : rpc error: code = Unknown desc = failed to get secretproviderclass default/azure, error: secretproviderclasses.secrets-store.csi.x-k8s.io "azure" not found
is related to namespace:
The SecretProviderClass being referenced in the volumeMount needs to exist in the same namespace as the application pod.
So both the yaml file should be deployed in the same namespace (adding, for example, the -n mynamespace argument).
Finally I got it working!
I want to use a template to create config files in /etc/network/interfaces.d/
But I got an error when I use with_items in a template task...
I'm not sure for the ansible_host.networks in with_items.
Thanks !
Inventory.yml :
proxmoxve: # group
hosts:
virtu:
networks:
internet:
interface: enp9s0
mode: manual
type: interface
openvswitch:
interface: vmbr1
mode: static
type: ovs_bridge
sauv:
networks:
internet:
interface: enp38s0
mode: manual
type: interface
openvswitch:
interface: vmbr1
mode: static
type: ovs_bridge
Playbook.yml :
---
- hosts: proxmoxve
tasks:
- name: "Install openvswitch with fresh cache"
apt:
name: openvswitch-switch
state: present
update_cache: yes
- name: "Set internet interfaces"
template:
src: templates/interfaces.j2
dest: "/etc/network.interfaces.d/{{ item.interface }}"
whith_items: "{{ ansible_host.networks }}"
Error :
ERROR! conflicting action statements: template, whith_items
The error appears to be in '/home/yanux/dev/ansible-proxmoxve/proxmoxve_config_networks.yml': line 10, column 5, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: "Set internet interface to manual"
^ here
There seems to be a typo: whith_items should be with_items.
Getting error -- when run from CLI -- cf push
yaml: unmarshal errors:
line 2: cannot unmarshal !!str https:/... into []string
my manifest.yml file
applications:
- name: test
instances: 1
memory: 256M
disk_quota: 1024M
path: ./web
buildpacks: https://github.com/cloudfoundry/nodejs-buildpack
services:
- node-uaa
The buildpacks entry in manifest.yml expects an array of strings. The error message is saying that it can't unmarshall the provided string value to the expected array of strings type.
Either change the entry to the singular:
buildpack: https://github.com/cloudfoundry/nodejs-buildpack
or wrap the value in an array:
buildpacks: [ https://github.com/cloudfoundry/nodejs-buildpack ]
I try to deploy simple example. I didn't change anything except warden.yml file. So, I tried to deploy it to AWS and use elastic IP, so I can access the server with specific IP.
When I deploy it I receive:
Director task 67
Deprecation: Ignoring cloud config. Manifest contains 'networks' section.
Started preparing deployment > Preparing deployment. Done (00:00:00)
Started preparing package compilation > Finding packages to compile. Done (00:00:00)
Started creating missing vms > webapp/3a8acd3a-77a8-4bad-8de4-fb544d70f76d (0). Failed: Unknown CPI error 'InvalidCall' with message 'Arguments are not correct, details: 'expected string value for member 1 of key values of member 1 of option filters'' in 'create_vm' CPI method (00:00:05)
Error 100: Unknown CPI error 'InvalidCall' with message 'Arguments are not correct, details: 'expected string value for member 1 of key values of member 1 of option filters'' in 'create_vm' CPI method
What is the reason of this error?
warden.yml
name: webapp-warden
director_uuid: <%= `bosh status --uuid` %>
releases:
- name: simple-bosh-release
version: latest
compilation:
workers: 1
network: webapp-network
reuse_compilation_vms: true
cloud_properties:
instance_type: t2.medium
availability_zone: us-west-2a
update:
canaries: 1
canary_watch_time: 30000-240000
update_watch_time: 30000-600000
max_in_flight: 3
resource_pools:
- name: common-resource-pool
network: webapp-network
size: 1
stemcell:
name: bosh-aws-xen-ubuntu-trusty-go_agent
version: latest
cloud_properties:
instance_type: t2.medium
availability_zone: us-west-2a
networks:
- name: webapp-network
type: vip
cloud_properties:
security_groups:
- default
# cloud_properties:
# subnet: subnet-87d256ce
- name: default
type: dynamic
cloud_properties:
security_groups:
- default
jobs:
- name: webapp
template: webapp
instances: 1
resource_pool: common-resource-pool
networks:
- name: webapp-network
static_ips:
- 52.40.58.163
- name: default
default: [dns, gateway]
properties:
webapp:
admin: foo#bar.com
servername: 52.40.58.163
This error is coming because there is an missing properties in network configuration. Provides the subnet id and try it. it will work.