devops-admin
Reputation: 2003
Kubernetes pods not able to update repositories of debian based
Kubernetes pods are not able to update repositories of Debian based.
I have set up the k8s cluster below steps.
Using Kubernetes official links
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/
https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/configure-cgroup-driver/
sudo apt update
sudo apt install docker.io
sudo apt-get update
sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl
sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
cat <<EOF | sudo tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
sudo systemctl enable docker
sudo systemctl daemon-reload
sudo systemctl restart docker
## Just in the master node
sudo kubeadm init --pod-network-cidr=10.244.0.0/16
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
# Deployed below nginx specs
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
type: ClusterIP
selector:
app: nginx
ports:
- port: 8080
targetPort: 80
name: nginx-http
kubectl apply -f nginx.yaml
kubectl exec -it nginx-56bcb5bb6c-ts7l2 -- bash
After running update from inside pod, throws below errors.
root@nginx-56bcb5bb6c-ts7l2:/# apt update
Get:1 http://security.debian.org/debian-security bullseye-security InRelease
Get:2 http://deb.debian.org/debian bullseye InRelease
Get:3 http://deb.debian.org/debian bullseye-updates InRelease
Err:1 http://security.debian.org/debian-security bullseye-security InRelease
Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?)
Err:2 http://deb.debian.org/debian bullseye InRelease
Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?)
Err:3 http://deb.debian.org/debian bullseye-updates InRelease
Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?)
Reading package lists... Done
N: See apt-secure(8) manpage for repository creation and user configuration details.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
E: The repository 'http://security.debian.org/debian-security bullseye-security InRelease' is no longer signed.
E: Failed to fetch http://security.debian.org/debian-security/dists/bullseye-security/InRelease Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?)
E: Failed to fetch http://deb.debian.org/debian/dists/bullseye/InRelease Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?)
E: The repository 'http://deb.debian.org/debian bullseye InRelease' is no longer signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Failed to fetch http://deb.debian.org/debian/dists/bullseye-updates/InRelease Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?)
E: The repository 'http://deb.debian.org/debian bullseye-updates InRelease' is no longer signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
root@nginx-56bcb5bb6c-ts7l2:/#
Below is the version of the Kubernetes cluster.
osboxes@k-master:~$ kubectl version
WARNING: This version information is deprecated and will be replaced with the output from kubectl version --short. Use --output=yaml|json to get the full version.
Client Version: version.Info{Major:"1", Minor:"24", GitVersion:"v1.24.2", GitCommit:"f66044f4361b9f1f96f0053dd46cb7dce5e990a8", GitTreeState:"clean", BuildDate:"2022-06-15T14:22:29Z", GoVersion:"go1.18.3", Compiler:"gc", Platform:"linux/amd64"}
Kustomize Version: v4.5.4
Server Version: version.Info{Major:"1", Minor:"24", GitVersion:"v1.24.2", GitCommit:"f66044f4361b9f1f96f0053dd46cb7dce5e990a8", GitTreeState:"clean", BuildDate:"2022-06-15T14:15:38Z", GoVersion:"go1.18.3", Compiler:"gc", Platform:"linux/amd64"}
osboxes@k-master:~$ kubectl version --short
Flag --short has been deprecated, and will be removed in the future. The --short output will become the default.
Client Version: v1.24.2
Kustomize Version: v4.5.4
Server Version: v1.24.2
Why these errors are coming from inside the pod, while an apt update from the host node runs fine?
Upvotes: 0
Views: 1433
Answers (1)
Dhiraj Bansal
Reputation: 455
Seems issue is with network does the network require authentication.
Please check it using another network as I am able to run apt update command from with in the container.
$ kubectl run mginx --rm -i --tty --restart=Never --image=nginx -- /bin/sh
If you don't see a command prompt, try pressing enter.
#
#
#
# id
uid=0(root) gid=0(root) groups=0(root)
# apt update
Get:1 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:2 http://deb.debian.org/debian bullseye InRelease [116 kB]
Get:3 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB]
Get:4 http://security.debian.org/debian-security bullseye-security/main amd64 Packages [154 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 Packages [8182 kB]
Get:6 http://deb.debian.org/debian bullseye-updates/main amd64 Packages [2592 B]
Fetched 8539 kB in 1s (7158 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
1 package can be upgraded. Run 'apt list --upgradable' to see it.
#
Upvotes: 1
Related Questions
- apt-get update error related with kubeadm
- Install Kubernetes (kubectl, kubeadm, kubelet) on debian stretch
- Running apt-get update in a ubuntu pod in kind kubernetes cluster gives Clearsigned file isn't valid, got 'NOSPLIT' error
- Kubernetes Engine - Pod deployment not updating to the latest image
- Kubernetes pod failed to update
- Pod with Debian image is getting created but container is continuously crashing
- Pod unable to install packages(apt-get update or apt-get install )
- Kubernetes cannot pull an image from private repository on Docker Hub
- Kubernetes - Private Repository deployment issue
- Kubernetes: Unable to create repository