Comments (3)
jaxesn
commented on June 28, 2024
The kubeadm config file needs to have the etcd and coredns sections to override the tags otherwise kubeadm is going to use the default upstream tag which is why it's trying to download an image that doesn't exist in our repo.
Looking at that doc, it uses kubeadmin init with flags to override the kubernetes version and image repo. I'm not sure if there are flags for etcd and coredns. You may need to generate a kubeadm config instead and add the etcd/coredns parts then run init, passing the kubeadm config.
The kubeadm config for etcd/coredns will look something like this
As a side note, if you happen to be using vsphere/vcenter as your infrastructure provider you may want to check out eks anywhere instead of self managing with kubeadm.
from eks-distro.
wakinowen
commented on June 28, 2024
The kubeadm config file needs to have the etcd and coredns sections to override the tags otherwise kubeadm is going to use the default upstream tag which is why it's trying to download an image that doesn't exist in our repo.
Looking at that doc, it uses kubeadmin init with flags to override the kubernetes version and image repo. I'm not sure if there are flags for etcd and coredns. You may need to generate a kubeadm config instead and add the etcd/coredns parts then run init, passing the kubeadm config.
The kubeadm config for etcd/coredns will look something like this
As a side note, if you happen to be using vsphere/vcenter as your infrastructure provider you may want to check out eks anywhere instead of self managing with kubeadm.
Thank you so much Jackson!
I will try pass a config file with coredns and etcd image repo configured then.
from eks-distro.
wakinowen
commented on June 28, 2024
The issue is resolved when passing a config file to specify image tag for etcd and coredns
from eks-distro.
Related Issues (20)
- Discontinue support for k8s 1.23 HOT 1
- Releases: 1.23-1.28
- K8s Security: [Security Advisory] CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation
- K8s Security: [Security Advisory] CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation
- K8s Security: [kubernetes-announce] [Security Advisory] CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation
- K8s Security: [Security Advisory] CVE-2023-3893: Insufficient input sanitization on kubernetes-csi-proxy leads to privilege escalation
- K8s Security: [kubernetes-announce] [Security Advisory] CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation
- K8s Security: [kubernetes-announce] [Security Advisory] CVE-2023-3893: Insufficient input sanitization on kubernetes-csi-proxy leads to privilege escalation
- Ability to link EKS-D release to Platform Version on AWS EKS service HOT 5
- K8s Security: [Ingress-nginx Security Advisory] CVE-2022-4886: Ingress-nginx `path` sanitization can be bypassed with `log_format` directive
- K8s Security: [Ingress-nginx Security Advisory] CVE-2023-5044: Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
- K8s Security: [Ingress-nginx Security Advisory] CVE-2023-5043: Ingress nginx annotation injection causes arbitrary command execution
- K8s Security: [kubernetes-announce] [Ingress-nginx Security Advisory] CVE-2023-5044: Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation HOT 1
- K8s Security: [kubernetes-announce] [Ingress-nginx Security Advisory] CVE-2023-5043: Ingress nginx annotation injection causes arbitrary command execution HOT 1
- K8s Security: [kubernetes-announce] [Ingress-nginx Security Advisory] CVE-2022-4886: Ingress-nginx `path` sanitization can be bypassed with `log_format` directive HOT 1
- K8s Security: [Security Advisory] CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes
- K8s Security: [kubernetes-announce] [Security Advisory] CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes HOT 1
- Create 1-29 Foundation HOT 1
- AWS::EKS::AccessEntry/AccessEntry: CREATE_FAILED ( eksctl create cluster ) HOT 1
- Kops is unable to read kube-apiserver.docker_tag with error 403 Forbidden HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from eks-distro.