akalittle opened a new issue, #7693: URL: https://github.com/apache/apisix/issues/7693
### Current Behavior helm template --release-name apisix-istio -f ./apisix/values.yaml apisix/apisix --output-dir ./apisix-deploy ```yaml # # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. global: imagePullSecrets: [] apisix: # Enable or disable Apache APISIX itself # Set it to false and ingress-controller.enabled=true will deploy only ingress-controller enabled: true # Enable nginx IPv6 resolver enableIPv6: true # Use Pod metadata.uid as the APISIX id. setIDFromPodUID: false customLuaSharedDicts: [] # - name: foo # size: 10k # - name: bar # size: 1m luaModuleHook: enabled: false # extend lua_package_path to load third party code luaPath: "" # the hook module which will be used to inject third party code into APISIX # use the lua require style like: "module.say_hello" hookPoint: "" # configmap that stores the codes configMapRef: name: "" # mounts decides how to mount the codes to the container. mounts: - key: "" path: "" enableCustomizedConfig: false customizedConfig: {} image: repository: apache/apisix pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. tag: 2.15.0-alpine # Use a `DaemonSet` or `Deployment` kind: Deployment # kind is DaemonSet,replicaCount not become effective replicaCount: 1 podAnnotations: {} podSecurityContext: {} # fsGroup: 2000 securityContext: {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 # See https://kubernetes.io/docs/tasks/run-application/configure-pdb/ for more details podDisruptionBudget: enabled: false minAvailable: 90% maxUnavailable: 1 resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi nodeSelector: {} tolerations: [] affinity: {} # If true, it will sets the anti-affinity of the Pod. podAntiAffinity: enabled: false # timezone is the timezone where apisix uses. # For example: "UTC" or "Asia/Shanghai" # This value will be set on apisix container's environment variable TZ. # You may need to set the timezone to be consistent with your local time zone, # otherwise the apisix's logs may used to retrieve event maybe in wrong timezone. timezone: "" # extraEnvVars An array to add extra env vars # e.g: # extraEnvVars: # - name: FOO # value: "bar" # - name: FOO2 # valueFrom: # secretKeyRef: # name: SECRET_NAME # key: KEY extraEnvVars: [] nameOverride: "" fullnameOverride: "" gateway: type: NodePort # If you want to keep the client source IP, you can set this to Local. # ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip externalTrafficPolicy: Cluster # type: LoadBalancer # annotations: # service.beta.kubernetes.io/aws-load-balancer-type: nlb externalIPs: [] http: enabled: true servicePort: 80 containerPort: 9080 tls: enabled: false servicePort: 443 containerPort: 9443 existingCASecret: "" certCAFilename: "" http2: enabled: true stream: # L4 proxy (TCP/UDP) enabled: false only: false tcp: [] udp: [] ingress: enabled: false annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: - host: apisix.local paths: [] tls: [] # - secretName: apisix-tls # hosts: # - chart-example.local admin: # Enable Admin API enabled: true # admin service type type: ClusterIP # loadBalancerIP: a.b.c.d # loadBalancerSourceRanges: # - "143.231.0.0/16" externalIPs: [] # port: 9180 servicePort: 9180 # Admin API support CORS response headers cors: true # Admin API credentials credentials: admin: edd1c9f034335f136f87ad84b625c8f1 viewer: 4054f7cf07e344346cd3f287985e76a2 allow: # The ip range for allowing access to Apache APISIX ipList: - 127.0.0.1/24 nginx: workerRlimitNofile: "20480" workerConnections: "10620" workerProcesses: auto enableCPUAffinity: true # APISIX plugins to be enabled plugins: - api-breaker - authz-keycloak - basic-auth - batch-requests - consumer-restriction - cors - echo - fault-injection - grpc-transcode - hmac-auth - http-logger - ip-restriction - ua-restriction - jwt-auth - kafka-logger - key-auth - limit-conn - limit-count - limit-req - node-status - openid-connect - authz-casbin - prometheus - proxy-cache - proxy-mirror - proxy-rewrite - redirect - referer-restriction - request-id - request-validation - response-rewrite - serverless-post-function - serverless-pre-function - sls-logger - syslog - tcp-logger - udp-logger - uri-blocker - wolf-rbac - zipkin - traffic-split - gzip - real-ip - ext-plugin-pre-req - ext-plugin-post-req - opentelemetry stream_plugins: - mqtt-proxy - ip-restriction - limit-conn pluginAttrs: opentelemetry: # trace_id_source: x-api-key resource: service.name: APISIX # tenant.id: business_id collector: address: opentelemetry-deploy-opentelemetry-collector.apisix-istio.svc.cluster.local:4318 request_timeout: 3 batch_span_processor: drop_on_queue_full: false max_queue_size: 6 batch_timeout: 2 inactive_timeout: 1 max_export_batch_size: 2 extPlugin: enabled: false cmd: ["/path/to/apisix-plugin-runner/runner", "run"] # customPlugins allows you to mount your own HTTP plugins. customPlugins: enabled: false # the lua_path that tells APISIX where it can find plugins, # note the last ';' is required. luaPath: "/opts/custom_plugins/?.lua" plugins: # plugin name. - name: "" # plugin attrs attrs: {} # plugin codes can be saved inside configmap object. configMap: # name of configmap. name: "" # since keys in configmap is flat, mountPath allows to define the mount # path, so that plugin codes can be mounted hierarchically. mounts: - key: "" path: "" - key: "" path: "" updateStrategy: {} # type: RollingUpdate extraVolumes: [] # - name: extras # emptyDir: {} extraVolumeMounts: [] # - name: extras # mountPath: /usr/share/extras # readOnly: true discovery: enabled: false registry: # Integration service discovery registry. E.g eureka\dns\nacos\consul_kv # reference: # https://apisix.apache.org/docs/apisix/discovery#configuration-for-eureka # https://apisix.apache.org/docs/apisix/discovery/dns#service-discovery-via-dns # https://apisix.apache.org/docs/apisix/discovery/consul_kv#configuration-for-consul-kv # https://apisix.apache.org/docs/apisix/discovery/nacos#configuration-for-nacos # # an eureka example: # eureka: # host: # - "http://${username}:${password}@${eureka_host1}:${eureka_port1}"; # - "http://${username}:${password}@${eureka_host2}:${eureka_port2}"; # prefix: "/eureka/" # fetch_interval: 30 # weight: 100 # timeout: # connect: 2000 # send: 2000 # read: 5000 # access log and error log configuration logs: enableAccessLog: true accessLog: "/dev/stdout" accessLogFormat: '$remote_addr - $remote_user [$time_local] $http_host \"$request\" $status $body_bytes_sent $request_time \"$http_referer\" \"$http_user_agent\" $upstream_addr $upstream_status $upstream_response_time \"$upstream_scheme://$upstream_host$upstream_uri\"' accessLogFormatEscape: default errorLog: "/dev/stderr" errorLogLevel: "warn" dns: resolvers: - 127.0.0.1 - 172.20.0.10 - 114.114.114.114 - 223.5.5.5 - 1.1.1.1 - 8.8.8.8 validity: 30 timeout: 5 initContainer: image: busybox tag: 1.28 autoscaling: enabled: false minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 targetMemoryUtilizationPercentage: 80 # Custom configuration snippet. configurationSnippet: main: | httpStart: | httpEnd: | httpSrv: | httpAdmin: | stream: | # Observability configuration. # ref: https://apisix.apache.org/docs/apisix/plugins/prometheus/ serviceMonitor: enabled: false # namespace where the serviceMonitor is deployed, by default, it is the same as the namespace of the apisix namespace: "" # name of the serviceMonitor, by default, it is the same as the apisix fullname name: "" # interval at which metrics should be scraped interval: 15s # path of the metrics endpoint path: /apisix/prometheus/metrics # prefix of the metrics metricPrefix: apisix_ # container port where the metrics are exposed containerPort: 9091 # @param serviceMonitor.labels ServiceMonitor extra labels labels: {} # @param serviceMonitor.annotations ServiceMonitor annotations annotations: {} # etcd configuration # use the FQDN address or the IP of the etcd etcd: # install etcd(v3) by default, set false if do not want to install etcd(v3) together enabled: true host: - http://etcd.host:2379 # host or ip e.g. http://172.20.128.89:2379 prefix: "/apisix" timeout: 30 # if etcd.enabled is true, set more values of bitnami/etcd helm chart auth: rbac: # No authentication by default create: false user: "" password: "" tls: enabled: false existingSecret: "" certFilename: "" certKeyFilename: "" verify: true sni: "" service: port: 2379 replicaCount: 3 dashboard: enabled: true ingress-controller: enabled: true fullname: apisix-istio config: apisix: name: apisix-istio serviceNamespace: apisix-istio serviceName: apisix-istio-admin ``` It's euqal to ```shell helm install apisix-istio apisix/apisix --set gateway.type=NodePort --set ingress-controller.enabled=true --set ingress-controller.config.apisix.serviceNamespace=apisix-istio --set ingress-controller.config.apisix.serviceName=apisix-istio-admin --namespace apisix-istio ``` But after apply all the yaml file, every time there is a pod with `index: 1` error. <img width="596" alt="image" src="https://user-images.githubusercontent.com/38489160/184804060-fdbe9c00-09ee-4b20-af24-60fe7b691420.png";> {"level":"panic","ts":"2022-08-16T05:19:54.322Z","caller":"etcdserver/server.go:515","msg":"failed to recover v3 backend from snapshot","error":"failed to find database snapshot file (snap: snapshot file doesn't exist)","stacktrace":"go.etcd.io/etcd/server/v3/etcdserver.NewServer\n\t/go/src/go.etcd.io/etcd/release/etcd/server/etcdserver/server.go:515\ngo.etcd.io/etcd/server/v3/embed.StartEtcd\n\t/go/src/go.etcd.io/etcd/release/etcd/server/embed/etcd.go:245\ngo.etcd.io/etcd/server/v3/etcdmain.startEtcd\n\t/go/src/go.etcd.io/etcd/release/etcd/server/etcdmain/etcd.go:228\ngo.etcd.io/etcd/server/v3/etcdmain.startEtcdOrProxyV2\n\t/go/src/go.etcd.io/etcd/release/etcd/server/etcdmain/etcd.go:123\ngo.etcd.io/etcd/server/v3/etcdmain.Main\n\t/go/src/go.etcd.io/etcd/release/etcd/server/etcdmain/main.go:40\nmain.main\n\t/go/src/go.etcd.io/etcd/release/etcd/server/main.go:32\nruntime.main\n\t/go/gos/go1.16.15/src/runtime/proc.go:225"} ### Expected Behavior all the etcd pods run normally. ### Error Logs {"level":"warn","ts":"2022-08-16T05:25:08.393Z","caller":"snap/db.go:88","msg":"failed to find [SNAPSHOT-INDEX].snap.db","snapshot-index":200002,"snapshot-file-path":"/bitnami/etcd/data/member/snap/0000000000030d42.snap.db","error":"snap: snapshot file doesn't exist"} {"level":"panic","ts":"2022-08-16T05:25:08.393Z","caller":"etcdserver/server.go:515","msg":"failed to recover v3 backend from snapshot","error":"failed to find database snapshot file (snap: snapshot file doesn't exist)","stacktrace":"go.etcd.io/etcd/server/v3/etcdserver.NewServer\n\t/go/src/go.etcd.io/etcd/release/etcd/server/etcdserver/server.go:515\ngo.etcd.io/etcd/server/v3/embed.StartEtcd\n\t/go/src/go.etcd.io/etcd/release/etcd/server/embed/etcd.go:245\ngo.etcd.io/etcd/server/v3/etcdmain.startEtcd\n\t/go/src/go.etcd.io/etcd/release/etcd/server/etcdmain/etcd.go:228\ngo.etcd.io/etcd/server/v3/etcdmain.startEtcdOrProxyV2\n\t/go/src/go.etcd.io/etcd/release/etcd/server/etcdmain/etcd.go:123\ngo.etcd.io/etcd/server/v3/etcdmain.Main\n\t/go/src/go.etcd.io/etcd/release/etcd/server/etcdmain/main.go:40\nmain.main\n\t/go/src/go.etcd.io/etcd/release/etcd/server/main.go:32\nruntime.main\n\t/go/gos/go1.16.15/src/runtime/proc.go:225"} panic: failed to recover v3 backend from snapshot goroutine 1 [running]: go.uber.org/zap/zapcore.(*CheckedEntry).Write(0xc0002326c0, 0xc0004aa2c0, 0x1, 0x1) /go/pkg/mod/go.uber.org/[email protected]/zapcore/entry.go:234 +0x58d go.uber.org/zap.(*Logger).Panic(0xc000134ff0, 0x1234726, 0x2a, 0xc0004aa2c0, 0x1, 0x1) /go/pkg/mod/go.uber.org/[email protected]/logger.go:227 +0x85 go.etcd.io/etcd/server/v3/etcdserver.NewServer(0xc00004a10a, 0x13, 0x0, 0x0, 0x0, 0x0, 0xc0004c1320, 0x2, 0x2, 0xc000214240, ...) /go/src/go.etcd.io/etcd/release/etcd/server/etcdserver/server.go:515 +0x1656 go.etcd.io/etcd/server/v3/embed.StartEtcd(0xc0001dc000, 0xc0001dc600, 0x0, 0x0) /go/src/go.etcd.io/etcd/release/etcd/server/embed/etcd.go:245 +0xef8 go.etcd.io/etcd/server/v3/etcdmain.startEtcd(0xc0001dc000, 0x12089be, 0x6, 0xc000514b01, 0x2) /go/src/go.etcd.io/etcd/release/etcd/server/etcdmain/etcd.go:228 +0x32 go.etcd.io/etcd/server/v3/etcdmain.startEtcdOrProxyV2(0xc00003a1f0, 0x1, 0x1) /go/src/go.etcd.io/etcd/release/etcd/server/etcdmain/etcd.go:123 +0x257a go.etcd.io/etcd/server/v3/etcdmain.Main(0xc00003a1f0, 0x1, 0x1) /go/src/go.etcd.io/etcd/release/etcd/server/etcdmain/main.go:40 +0x13f main.main() /go/src/go.etcd.io/etcd/release/etcd/server/main.go:32 +0x45 ### Steps to Reproduce the helm template above. ### Environment apache/apisix:2.15.0-alpine apache/apisix-ingress-controller:1.4.1 docker.io/bitnami/etcd:3.5.4-debian-11-r14 Kubernetes cluster version: Client Version: v1.24.0 Kustomize Version: v4.5.4 Server Version: v1.21.12-gke.2200 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
![https://user-images.githubusercontent.com/38489160/184804060-fdbe9c00-09ee-4b20-af24-60fe7b691420.png"](https://user-images.githubusercontent.com/38489160/184804060-fdbe9c00-09ee-4b20-af24-60fe7b691420.png"){kind=link}