GithubDocuments
    1. Marketplace
    3. KubeBlocks Docs
    Collections
    KubeBlocks Docs
    earayu
    No description available
    DocumentsKnowledge Graph
    user_docs.troubleshooting.known-issues.pdf

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    Issue 1: KubeBlocks creates enormous number of secrets
    Problem Description
    Affected Version
    Root Cause
    Solution
    Issue 2: PostgreSQL fails to start with special characters in password
    Problem Description
    Affected Version
    Solution
    How to report a bug

    Known Issues

    Issue 1: KubeBlocks creates enormous number of secrets

    Problem Description

    KubeBlocks keeps creating an enormous number of secrets for each cluster and never stops. You may see the following information in KubeBlocks logs:
    INFO reconcile object *v1. ServiceAccount with action UPDATE OK

    Affected Version

    • KubeBlocks v1.0.0 with Kubernetes versions ≤ 1.24

    Root Cause

    Before Kubernetes version 1.24, Kubernetes automatically generated Secret- based tokens for ServiceAccounts, as documented in Kubernetes Service Account Tokens.

    Solution

    Upgrade KubeBlocks to v1.0.1- beta.3 or later.

    Issue 2: PostgreSQL fails to start with special characters in password

    Problem Description

    PostgreSQL may fail to start when the password contains certain special characters. By checking POD logs:
    File "/usr/lib/python3/dist- packages/yaml/scanner.py", line 116, in check_token self.fetch_more_tokens() File "/usr/lib/python3/dist- packages/yaml/scanner.py", line 231, in fetch_more_tokens return self.fetch_anchor() File "/usr/lib/python3/dist- packages/yaml/scanner.py", line 621, in fetchanchor
    self.tokens.append(self.scan_anchor(AnchorToken)) File "/usr/lib/python3/dist- packages/yaml/scanner.py", line 929, in scan_anchor raise ScannerError(while scanning an %s" % name, start_mark, yaml.scanner.ScannerError: while scanning an anchor in "", line 45, column 17: password: &JgE#F5x&eNwis*2dW!7&amp ...

    Affected Version

    • KubeBlocks v0.9.4 and before
    • KubeBlocks v1.0.0

    Solution

    Upgrade KubeBlocks to v1.0.1- beta.6 or v0.9.5- beta.4 or later.
    To fix this, you can explicitly set the list of symbols allowed in password generation policy.
    apiVersion: apps.kubeblocks.io/v1 kind: Cluster metadata: spec: componentSpecs: - name: postgresql systemAccounts: - name: postgres passwordConfig: length: 20 # Password length: 20 characters numDigits: 4 # At least 4 digits numSymbols: 2 # At least 2 symbols letterCase: MixedCases # Uppercase and lowercase letters symbolCharacters: !! # set the allowed symbols when generating password # other fields in the Cluster manifest are omitted for brevity

    How to report a bug

    To report a bug, you may
    • create an issue in the KubeBlocks GitHub repository.
    • [optional] provide the zip file generated by kbcli report command:
    kbcli report cluster - - with- logs - - mask # pack cluster manifest, version, and logs kbcli report kubeblocks - - with- logs - - mask # pack kubeblocks logs where clusterName is the name of the cluster you are reporting the bug for, and - - mask will mask sensitive info for secrets and ConfigMap.