Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

CDSW worker status is false

avatar
Explorer

I added anew worker to the CDSW cluster and the status of this worker is false,

In the logs I gut this message:

Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes")

 

 

1 ACCEPTED SOLUTION

avatar
Master Guru
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login
6 REPLIES 6

avatar
Master Guru

@ronys This seems an issue with the TLS setup within CDSW. You have to make sure the wildcard domain is properly configured and then restart CDSW again to see if this makes progress. 

 

https://docs.cloudera.com/cdsw/1.9.2/installation/topics/cdsw-set-up-a-wildcard-dns-subdomain.html


Cheers!
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

avatar
Explorer

Hi,

I will dtail the problem, the cluster have five workers that working OK, the problem is with the new worker that we aadded.

The document refers to the master.

 

Thank you,

Rony

avatar
Master Guru
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login

avatar
Explorer

Hi,

 

When we run  CDSW validate  command on the problem worker we gut this message :

[Validating networking setup]

> Checking if kubelet iptables rules exist

The following chains are missing from iptables: [KUBE-EXTERNAL-SERVICES, WEAVE-NPC-EGRESS, WEAVE-NPC, WEAVE-NPC-EGRESS-ACCEPT, KUBE-SERVICES, WEAVE-NPC-INGRESS, WEAVE-NPC-EGRESS-DEFAULT, WEAVE-NPC-DEFAULT, WEAVE-NPC-EGRESS-CUSTOM, KUBE-FIREWALL]

WARNING:: Verification of iptables rules failed: 1

> Checking if DNS server is running on localhost

> Checking the number of DNS servers in resolv.conf

> Checking DNS entries for CDSW main domain

> Checking reverse DNS entries for CDSW main domain

> Checking DNS entries for CDSW wildcard domain

> Checking that firewalld is disabled

> Checking if ipv6 is enabled

 

[Validating Kubernetes versions]

> Checking kubernetes client version

> Checking kubernetes server version

 

--------------------------------------------------------------------------

Errors detected.

 

Please review the issues listed above. Further details can be collected by

capturing logs from all nodes using "cdsw logs".

 

Is this related to the problem?

 

Thank you,

Rony

avatar
Master Guru

No @ronys I think the installation of the worker node is corrupted somehow. This error seems related with kubeconfig file and may be you want to try delete the node again and clean that and then re add as worker. 


Cheers!
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

avatar
Explorer

Hi @GangWar

it works fine now

Thanks,

Rony