I installed istio 1.6.0 in “istioctl install” at home. The ingress gateway and Prometheus can’t afford it. The error message is as follows:
[root@node0 ~]# istioctl install
This will install the default Istio profile into the cluster. Proceed? (y/N) y
Detected that your cluster does not support third party JWT authentication. Falling back to less secure first party JWT. See https://istio.io/docs/ops/best-practices/security/#configure-third-party-service-account-tokens for details.
✔ Istio core installed
✔ Istiod installed
✘ Addons encountered an error: failed to wait for resource: resources not ready after 5m0s: timed out waiting for the condition-system/prometheus
Deployment/istio-system/prometheus
✘ Ingress gateways encountered an error: failed to wait for resource: resources not ready after 5m0s: timed out waiting for the condition
Deployment/istio-system/istio-ingressgateway
- Pruning removed resources
Error: failed to apply manifests: errors occurred during operation
[root@node1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
node0 Ready master 91m v1.18.2
node1 Ready master 90m v1.18.2
node2 Ready <none> 90m v1.18.2
View pod information:
[root@node1 ~]# kubectl get pods -n istio-system
NAME READY STATUS RESTARTS AGE
istio-ingressgateway-66c7db878f-9hxqf 0/1 Running 0 55s
istiod-7cdc645bb4-jxww5 1/1 Running 0 59s
prometheus-5c84c494dd-tf4mg 1/2 Running 0 55s
View the information of ingressgateway:
[root@node1 ~]#kubectl describe pod istio-ingressgateway-66c7db878f-9hxqf -n istio-system
... ...
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled <unknown> default-scheduler Successfully assigned istio-system/istio-ingressgateway-66c7db878f-9hxqf to node2
Normal Pulled 2m8s kubelet, node2 Container image "docker.io/istio/proxyv2:1.6.0" already present on machine
Normal Created 2m8s kubelet, node2 Created container istio-proxy
Normal Started 2m8s kubelet, node2 Started container istio-proxy
Warning Unhealthy 84s (x22 over 2m6s) kubelet, node2 Readiness probe failed: Get http://10.244.104.18:15021/healthz/ready: dial tcp 10.244.104.18:15021: connect: connection refused
View the information of prometheus
[root@node1 ~]#kubectl describe pod prometheus-5c84c494dd-tf4mg -n istio-system
......
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled <unknown> default-scheduler Successfully assigned istio-system/prometheus-5c84c494dd-tf4mg to node1
Normal Pulled 5m46s kubelet, node1 Container image "docker.io/prom/prometheus:v2.15.1" already present on machine
Normal Created 5m46s kubelet, node1 Created container prometheus
Normal Started 5m46s kubelet, node1 Started container prometheus
Normal Pulling 5m46s kubelet, node1 Pulling image "docker.io/istio/proxyv2:1.6.0"
Normal Pulled 5m40s kubelet, node1 Successfully pulled image "docker.io/istio/proxyv2:1.6.0"
Normal Created 5m40s kubelet, node1 Created container istio-proxy
Normal Started 5m40s kubelet, node1 Started container istio-proxy
Warning Unhealthy 45s (x147 over 5m37s) kubelet, node1 Readiness probe failed: HTTP probe failed with statuscode: 503
Help me analyze the reason!!
