Created
August 9, 2021 19:52
-
-
Save blkperl/524ba2b7b0765c8d289ed3bcb892a292 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: networking.k8s.io/v1 | |
| kind: NetworkPolicy | |
| metadata: | |
| name: default-deny-egress | |
| namespace: default | |
| spec: | |
| podSelector: {} | |
| policyTypes: | |
| - Egress |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: task-create-cm | |
| --- | |
| # BASE ROLLBINDING | |
| # NEEDED IN EVERY SERVICE ACCOuNT | |
| kind: RoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: task-create-cm | |
| subjects: | |
| - kind: ServiceAccount | |
| name: task-create-cm | |
| namespace: default | |
| roleRef: | |
| kind: Role | |
| name: workflow-base-role | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| kind: ClusterRoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: task-create-cm | |
| subjects: | |
| - kind: ServiceAccount | |
| name: task-create-cm | |
| namespace: default | |
| roleRef: | |
| kind: ClusterRole | |
| name: task-create-cm | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| kind: ClusterRole | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: task-create-cm | |
| rules: | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - configmaps | |
| verbs: | |
| - create | |
| - list | |
| - get | |
| - patch | |
| # vim:ft=yaml.gotexttmpl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| k create -f wf-cm.yaml | |
| workflow.argoproj.io/k8s-jobs-cg84v created | |
| argo get k8s-jobs-cg84v | |
| Name: k8s-jobs-cg84v | |
| Namespace: default | |
| ServiceAccount: task-create-cm | |
| Status: Failed | |
| Message: Error (exit code 1): Unable to connect to the server: dial tcp 10.152.183.1:443: i/o timeout | |
| Conditions: | |
| PodRunning False | |
| Completed True | |
| Created: Mon Aug 09 12:45:31 -0700 (53 seconds ago) | |
| Started: Mon Aug 09 12:45:32 -0700 (52 seconds ago) | |
| Finished: Mon Aug 09 12:46:17 -0700 (7 seconds ago) | |
| Duration: 45 seconds | |
| Progress: 1/1 | |
| ResourcesDuration: 31s*(100Mi memory),31s*(1 cpu) | |
| STEP TEMPLATE PODNAME DURATION MESSAGE | |
| ✖ k8s-jobs-cg84v main k8s-jobs-cg84v 34s Error (exit code 1): Unable to connect to the server: dial tcp 10.152.183.1:443: i/o timeout | |
| k logs k8s-jobs-cg84v | |
| time="2021-08-09T19:45:36.041Z" level=info msg="Starting Workflow Executor" executorType=pns version=untagged | |
| time="2021-08-09T19:45:36.050Z" level=info msg="Creating PNS executor (namespace: default, pod: k8s-jobs-cg84v, pid: 6)" | |
| time="2021-08-09T19:45:36.050Z" level=info msg="Creating a K8sAPI executor" | |
| time="2021-08-09T19:45:36.051Z" level=info msg="Executor initialized" deadline="0001-01-01 00:00:00 +0000 UTC" includeScriptOutput=false namespace=default podName=k8s-jobs-cg84v template="{\"name\":\"main\",\"inputs\":{},\"outputs\":{},\"metadata\":{},\"resource\":{\"action\":\"apply\",\"manifest\":\"apiVersion: v1\\nkind: ConfigMap\\nmetadata:\\n name: test\\n namespace: default\\ndata:\\n keys: \\\"test\\\"\\n\"}}" version="&Version{Version:untagged,BuildDate:2021-08-09T18:07:59Z,GitCommit:7182f3b7a77dc53f7e81727ca47e6802a57fc2e8,GitTag:untagged,GitTreeState:clean,GoVersion:go1.15.7,Compiler:gc,Platform:linux/amd64,}" | |
| time="2021-08-09T19:45:36.051Z" level=info msg="Loading manifest to /tmp/manifest.yaml" | |
| time="2021-08-09T19:45:36.052Z" level=info msg="kubectl apply -f /tmp/manifest.yaml -o json" | |
| time="2021-08-09T19:46:06.485Z" level=warning msg="Non-transient error: exit status 1" | |
| time="2021-08-09T19:46:06.488Z" level=error msg="executor error: Unable to connect to the server: dial tcp 10.152.183.1:443: i/o timeout\ngithub.com/argoproj/argo-workflows/v3/errors.New\n\t/go/src/github.com/argoproj/argo-workflows/errors/errors.go:49\ngithub.com/argoproj/argo-workflows/v3/workflow/executor.(*WorkflowExecutor).ExecResource\n\t/go/src/github.com/argoproj/argo-workflows/workflow/executor/resource.go:46\ngithub.com/argoproj/argo-workflows/v3/cmd/argoexec/commands.execResource\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/commands/resource.go:48\ngithub.com/argoproj/argo-workflows/v3/cmd/argoexec/commands.NewResourceCommand.func1\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/commands/resource.go:25\ngithub.com/spf13/cobra.(*Command).execute\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:846\ngithub.com/spf13/cobra.(*Command).ExecuteC\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:950\ngithub.com/spf13/cobra.(*Command).Execute\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:887\nmain.main\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/main.go:15\nruntime.main\n\t/usr/local/go/src/runtime/proc.go:204\nruntime.goexit\n\t/usr/local/go/src/runtime/asm_amd64.s:1374" | |
| time="2021-08-09T19:46:06.489Z" level=fatal msg="Unable to connect to the server: dial tcp 10.152.183.1:443: i/o timeout\ngithub.com/argoproj/argo-workflows/v3/errors.New\n\t/go/src/github.com/argoproj/argo-workflows/errors/errors.go:49\ngithub.com/argoproj/argo-workflows/v3/workflow/executor.(*WorkflowExecutor).ExecResource\n\t/go/src/github.com/argoproj/argo-workflows/workflow/executor/resource.go:46\ngithub.com/argoproj/argo-workflows/v3/cmd/argoexec/commands.execResource\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/commands/resource.go:48\ngithub.com/argoproj/argo-workflows/v3/cmd/argoexec/commands.NewResourceCommand.func1\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/commands/resource.go:25\ngithub.com/spf13/cobra.(*Command).execute\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:846\ngithub.com/spf13/cobra.(*Command).ExecuteC\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:950\ngithub.com/spf13/cobra.(*Command).Execute\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:887\nmain.main\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/main.go:15\nruntime.main\n\t/usr/local/go/src/runtime/proc.go:204\nruntime.goexit\n\t/usr/local/go/src/runtime/asm_amd64.s:1374" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| k apply -f network-policy.yaml | |
| networkpolicy.networking.k8s.io/default-deny-egress created | |
| k create -f wf-cm.yaml | |
| workflow.argoproj.io/k8s-jobs-2t6td created | |
| argo get k8s-jobs-2t6td | |
| Name: k8s-jobs-2t6td | |
| Namespace: default | |
| ServiceAccount: task-create-cm | |
| Status: Failed | |
| Message: Error (exit code 1): Unable to connect to the server: dial tcp 10.152.183.1:443: i/o timeout | |
| Conditions: | |
| PodRunning False | |
| Completed True | |
| Created: Mon Aug 09 12:49:34 -0700 (1 minute ago) | |
| Started: Mon Aug 09 12:49:34 -0700 (1 minute ago) | |
| Finished: Mon Aug 09 12:50:19 -0700 (37 seconds ago) | |
| Duration: 45 seconds | |
| Progress: 1/1 | |
| ResourcesDuration: 31s*(1 cpu),31s*(100Mi memory) | |
| STEP TEMPLATE PODNAME DURATION MESSAGE | |
| ✖ k8s-jobs-2t6td main k8s-jobs-2t6td 34s Error (exit code 1): Unable to connect to the server: dial tcp 10.152.183.1:443: i/o timeout | |
| k logs k8s-jobs-2t6td | |
| time="2021-08-09T19:49:38.223Z" level=info msg="Starting Workflow Executor" executorType=pns version=untagged | |
| time="2021-08-09T19:49:38.250Z" level=info msg="Creating PNS executor (namespace: default, pod: k8s-jobs-2t6td, pid: 6)" | |
| time="2021-08-09T19:49:38.250Z" level=info msg="Creating a K8sAPI executor" | |
| time="2021-08-09T19:49:38.251Z" level=info msg="Executor initialized" deadline="0001-01-01 00:00:00 +0000 UTC" includeScriptOutput=false namespace=default podName=k8s-jobs-2t6td template="{\"name\":\"main\",\"inputs\":{},\"outputs\":{},\"metadata\":{},\"resource\":{\"action\":\"apply\",\"manifest\":\"apiVersion: v1\\nkind: ConfigMap\\nmetadata:\\n name: test\\n namespace: default\\ndata:\\n keys: \\\"test\\\"\\n\"}}" version="&Version{Version:untagged,BuildDate:2021-08-09T13:58:47Z,GitCommit:24bb1b77a1b5cd2f78251aca26d007c7d75b8993,GitTag:untagged,GitTreeState:clean,GoVersion:go1.16.7,Compiler:gc,Platform:linux/amd64,}" | |
| time="2021-08-09T19:49:38.251Z" level=info msg="Loading manifest to /tmp/manifest.yaml" | |
| time="2021-08-09T19:49:38.254Z" level=info msg="kubectl apply -f /tmp/manifest.yaml -o json" | |
| time="2021-08-09T19:50:08.605Z" level=error msg="executor error: Unable to connect to the server: dial tcp 10.152.183.1:443: i/o timeout\ngithub.com/argoproj/argo-workflows/v3/errors.New\n\t/go/src/github.com/argoproj/argo-workflows/errors/errors.go:49\ngithub.com/argoproj/argo-workflows/v3/workflow/executor.(*WorkflowExecutor).ExecResource\n\t/go/src/github.com/argoproj/argo-workflows/workflow/executor/resource.go:41\ngithub.com/argoproj/argo-workflows/v3/cmd/argoexec/commands.execResource\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/commands/resource.go:48\ngithub.com/argoproj/argo-workflows/v3/cmd/argoexec/commands.NewResourceCommand.func1\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/commands/resource.go:25\ngithub.com/spf13/cobra.(*Command).execute\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:846\ngithub.com/spf13/cobra.(*Command).ExecuteC\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:950\ngithub.com/spf13/cobra.(*Command).Execute\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:887\nmain.main\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/main.go:15\nruntime.main\n\t/usr/local/go/src/runtime/proc.go:225\nruntime.goexit\n\t/usr/local/go/src/runtime/asm_amd64.s:1371" | |
| time="2021-08-09T19:50:08.606Z" level=fatal msg="Unable to connect to the server: dial tcp 10.152.183.1:443: i/o timeout\ngithub.com/argoproj/argo-workflows/v3/errors.New\n\t/go/src/github.com/argoproj/argo-workflows/errors/errors.go:49\ngithub.com/argoproj/argo-workflows/v3/workflow/executor.(*WorkflowExecutor).ExecResource\n\t/go/src/github.com/argoproj/argo-workflows/workflow/executor/resource.go:41\ngithub.com/argoproj/argo-workflows/v3/cmd/argoexec/commands.execResource\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/commands/resource.go:48\ngithub.com/argoproj/argo-workflows/v3/cmd/argoexec/commands.NewResourceCommand.func1\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/commands/resource.go:25\ngithub.com/spf13/cobra.(*Command).execute\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:846\ngithub.com/spf13/cobra.(*Command).ExecuteC\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:950\ngithub.com/spf13/cobra.(*Command).Execute\n\t/go/pkg/mod/github.com/spf13/cobra@v1.0.0/command.go:887\nmain.main\n\t/go/src/github.com/argoproj/argo-workflows/cmd/argoexec/main.go:15\nruntime.main\n\t/usr/local/go/src/runtime/proc.go:225\nruntime.goexit\n\t/usr/local/go/src/runtime/asm_amd64.s:1371" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| k delete networkpolicy default-deny-egress | |
| networkpolicy.networking.k8s.io "default-deny-egress" deleted | |
| k create -f wf-cm.yaml | |
| workflow.argoproj.io/k8s-jobs-h47sk created | |
| argo get k8s-jobs-h47sk | |
| Name: k8s-jobs-h47sk | |
| Namespace: default | |
| ServiceAccount: task-create-cm | |
| Status: Succeeded | |
| Conditions: | |
| PodRunning False | |
| Completed True | |
| Created: Mon Aug 09 12:47:22 -0700 (15 seconds ago) | |
| Started: Mon Aug 09 12:47:22 -0700 (15 seconds ago) | |
| Finished: Mon Aug 09 12:47:32 -0700 (5 seconds ago) | |
| Duration: 10 seconds | |
| Progress: 1/1 | |
| ResourcesDuration: 3s*(1 cpu),3s*(100Mi memory) | |
| STEP TEMPLATE PODNAME DURATION MESSAGE | |
| ✔ k8s-jobs-h47sk main k8s-jobs-h47sk 5s | |
| k logs k8s-jobs-h47sk | |
| time="2021-08-09T19:47:24.655Z" level=info msg="Starting Workflow Executor" executorType=pns version=untagged | |
| time="2021-08-09T19:47:24.660Z" level=info msg="Creating PNS executor (namespace: default, pod: k8s-jobs-h47sk, pid: 6)" | |
| time="2021-08-09T19:47:24.660Z" level=info msg="Creating a K8sAPI executor" | |
| time="2021-08-09T19:47:24.660Z" level=info msg="Executor initialized" deadline="0001-01-01 00:00:00 +0000 UTC" includeScriptOutput=false namespace=default podName=k8s-jobs-h47sk template="{\"name\":\"main\",\"inputs\":{},\"outputs\":{},\"metadata\":{},\"resource\":{\"action\":\"apply\",\"manifest\":\"apiVersion: v1\\nkind: ConfigMap\\nmetadata:\\n name: test\\n namespace: default\\ndata:\\n keys: \\\"test\\\"\\n\"}}" version="&Version{Version:untagged,BuildDate:2021-08-09T18:07:59Z,GitCommit:7182f3b7a77dc53f7e81727ca47e6802a57fc2e8,GitTag:untagged,GitTreeState:clean,GoVersion:go1.15.7,Compiler:gc,Platform:linux/amd64,}" | |
| time="2021-08-09T19:47:24.660Z" level=info msg="Loading manifest to /tmp/manifest.yaml" | |
| time="2021-08-09T19:47:24.661Z" level=info msg="kubectl apply -f /tmp/manifest.yaml -o json" | |
| time="2021-08-09T19:47:27.113Z" level=info msg="Resource: default/configmap./test. SelfLink: api/v1/namespaces/default/configmaps/test" | |
| time="2021-08-09T19:47:27.113Z" level=info msg="No output parameters" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: argoproj.io/v1alpha1 | |
| kind: Workflow | |
| metadata: | |
| generateName: k8s-jobs- | |
| labels: | |
| app: test | |
| spec: | |
| entrypoint: main | |
| serviceAccountName: task-create-cm | |
| templates: | |
| - name: main | |
| resource: | |
| action: apply | |
| manifest: | | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: test | |
| namespace: default | |
| data: | |
| keys: "test" | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment