Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Intermittent issue kubernetes admission percona-xtradbcluster-webhook #1561

Open
juliano-secondo opened this issue Dec 15, 2023 · 7 comments
Open

Intermittent issue kubernetes admission percona-xtradbcluster-webhook #1561

juliano-secondo opened this issue Dec 15, 2023 · 7 comments
Assignees
@spron-in

Comments

@juliano-secondo
Copy link

I'm experiencing an intermittent issue where at times I encounter the error described below, while at other times, everything functions normally.

https://percona-xtradb-cluster-operator.percona.svc:443/validate-percona-xtradbcluster?timeout=10s:](https://percona-xtradb-cluster-operator.percona.svc/validate-percona-xtradbcluster?timeout=10s:) tls: failed to verify certificate: x509: certificate signed by unknown

if I remove the kubernetes admission: percona-xtradbcluster-webhook this error never happens again
@spron-in spron-in self-assigned this Dec 18, 2023
@spron-in
Copy link
Collaborator

Hello @juliano-secondo - it is interesting, but also hard to debug intermittent issues.
Can you tell me more about your environment?

I assume you use cluster wide deployment. Anything else that would help us to reproduce the problem?

@juliano-secondo
Copy link
Author

I have some clusters running it and all of them that I didn't delete the admission I have this intermittent issue. I'm using fluxcd to deploy pxc db cluster by kustomize code, it runs every 10 minutes and time by time I got the error I sent here. I didn't find any way to reproduce it, I'm openning for any idea to reproduce it.

@spron-in
Copy link
Collaborator

@juliano-secondo please share more. Versions, custom resource yamls, how many clusters you have, etc.

@juliano-secondo
Copy link
Author

I have 6 clusters all of them using pxc-operator:1.12.1, but I already created a new cluster just for debug this issue and I already tried with latest v1.13.3 and I got the same.

Using custom resource:
https://raw.githubusercontent.com/percona/percona-xtradb-cluster-operator/v1.12.0/deploy/crd.yaml
and
https://raw.githubusercontent.com/percona/percona-xtradb-cluster-operator/v1.13.0/deploy/crd.yaml was used for test on latest version

@spron-in
Copy link
Collaborator

Thanks! Can you please also share cr.yaml manifest (as you shared the link to custom resource definition) - it is not the database cluster.

@juliano-secondo
Copy link
Author

this one you mean?

affinity: {}
fullnameOverride: ""
image: ""
imagePullPolicy: IfNotPresent
imagePullSecrets: null
nameOverride: ""
nodeSelector: {}
operatorImageRepository: ${default_image_registry}/percona/percona-xtradb-cluster-operator
replicaCount: 2
resources:
  limits:
    cpu: 200m
    memory: 500Mi
  requests:
    cpu: 100m
    memory: 20Mi
tolerations: null
watchAllNamespaces: true

@ebuildy
Copy link
Contributor

ebuildy commented May 2, 2024

this one you mean?

affinity: {}
fullnameOverride: ""
image: ""
imagePullPolicy: IfNotPresent
imagePullSecrets: null
nameOverride: ""
nodeSelector: {}
operatorImageRepository: ${default_image_registry}/percona/percona-xtradb-cluster-operator
replicaCount: 2
resources:
  limits:
    cpu: 200m
    memory: 500Mi
  requests:
    cpu: 100m
    memory: 20Mi
tolerations: null
watchAllNamespaces: true

Remove limits.cpu : 200m , this is too small. I strongly advise to not set limit for "go" program ^^

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spron-in spron-in

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ebuildy @spron-in @juliano-secondo