Created
February 19, 2019 20:54
-
-
Save riggtravis/cefc7b11a9e3810090371f2e4163b3ed to your computer and use it in GitHub Desktop.
kops issue files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I0219 15:05:22.561099 48632 factory.go:68] state store s3://{{CONFIG_BUCKET_REDACTED}} | |
I0219 15:05:22.731083 48632 s3context.go:194] found bucket in region "us-east-1" | |
I0219 15:05:22.731185 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/config" | |
I0219 15:05:22.770509 48632 channel.go:97] resolving "stable" against default channel location "https://raw.githubusercontent.com/kubernetes/kops/master/channels/" | |
I0219 15:05:22.770542 48632 channel.go:102] Loading channel from "https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable" | |
I0219 15:05:22.770560 48632 context.go:159] Performing HTTP request: GET https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable | |
I0219 15:05:22.820062 48632 channel.go:111] Channel contents: spec: | |
images: | |
# We put the "legacy" version first, for kops versions that don't support versions ( < 1.5.0 ) | |
- name: kope.io/k8s-1.4-debian-jessie-amd64-hvm-ebs-2017-07-28 | |
providerID: aws | |
kubernetesVersion: ">=1.4.0 <1.5.0" | |
- name: kope.io/k8s-1.5-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.5.0 <1.6.0" | |
- name: kope.io/k8s-1.6-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.6.0 <1.7.0" | |
- name: kope.io/k8s-1.7-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.7.0 <1.8.0" | |
- name: kope.io/k8s-1.8-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.8.0 <1.9.0" | |
- name: kope.io/k8s-1.9-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.9.0 <1.10.0" | |
- name: kope.io/k8s-1.10-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.10.0 <1.11.0" | |
# Stretch is the default for 1.11 (for nvme) | |
- name: kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.11.0" | |
- providerID: gce | |
name: "cos-cloud/cos-stable-65-10323-99-0" | |
cluster: | |
kubernetesVersion: v1.5.8 | |
networking: | |
kubenet: {} | |
kubernetesVersions: | |
- range: ">=1.11.0" | |
recommendedVersion: 1.11.6 | |
requiredVersion: 1.11.0 | |
- range: ">=1.10.0" | |
recommendedVersion: 1.10.12 | |
requiredVersion: 1.10.0 | |
- range: ">=1.9.0" | |
recommendedVersion: 1.9.11 | |
requiredVersion: 1.9.0 | |
- range: ">=1.8.0" | |
recommendedVersion: 1.8.15 | |
requiredVersion: 1.8.0 | |
- range: ">=1.7.0" | |
recommendedVersion: 1.7.16 | |
requiredVersion: 1.7.0 | |
- range: ">=1.6.0" | |
recommendedVersion: 1.6.13 | |
requiredVersion: 1.6.0 | |
- range: ">=1.5.0" | |
recommendedVersion: 1.5.8 | |
requiredVersion: 1.5.1 | |
- range: "<1.5.0" | |
recommendedVersion: 1.4.12 | |
requiredVersion: 1.4.2 | |
kopsVersions: | |
- range: ">=1.11.0-alpha.1" | |
#recommendedVersion: "1.11.0" | |
#requiredVersion: 1.11.0 | |
kubernetesVersion: 1.11.6 | |
- range: ">=1.10.0-alpha.1" | |
recommendedVersion: "1.10.0" | |
#requiredVersion: 1.10.0 | |
kubernetesVersion: 1.10.12 | |
- range: ">=1.9.0-alpha.1" | |
recommendedVersion: 1.9.2 | |
#requiredVersion: 1.9.0 | |
kubernetesVersion: 1.9.11 | |
- range: ">=1.8.0-alpha.1" | |
recommendedVersion: 1.8.1 | |
requiredVersion: 1.7.1 | |
kubernetesVersion: 1.8.15 | |
- range: ">=1.7.0-alpha.1" | |
recommendedVersion: 1.8.1 | |
requiredVersion: 1.7.1 | |
kubernetesVersion: 1.7.16 | |
- range: ">=1.6.0-alpha.1" | |
recommendedVersion: 1.8.1 | |
requiredVersion: 1.7.1 | |
kubernetesVersion: 1.6.13 | |
- range: ">=1.5.0-alpha1" | |
recommendedVersion: 1.8.1 | |
requiredVersion: 1.7.1 | |
kubernetesVersion: 1.5.8 | |
- range: "<1.5.0" | |
recommendedVersion: 1.8.1 | |
requiredVersion: 1.7.1 | |
kubernetesVersion: 1.4.12 | |
I0219 15:05:22.820422 48632 create_cluster.go:496] Inferred --cloud=aws from zone "us-east-1a" | |
I0219 15:05:22.820683 48632 create_cluster.go:952] networking mode=kubenet => {"kubenet":{}} | |
I0219 15:05:22.822104 48632 aws_cloud.go:1094] Querying EC2 for all valid zones in region "us-east-1" | |
I0219 15:05:22.822595 48632 request_logger.go:45] AWS request: ec2/DescribeAvailabilityZones | |
I0219 15:05:22.965888 48632 subnets.go:184] Assigned CIDR 172.20.32.0/19 to subnet us-east-1a | |
I0219 15:05:22.965924 48632 defaults.go:213] Not setting up Proxy Excludes | |
I0219 15:05:22.968039 48632 populate_cluster_spec.go:370] Defaulted KubeControllerManager.ClusterCIDR to 100.96.0.0/11 | |
I0219 15:05:22.968058 48632 populate_cluster_spec.go:377] Defaulted ServiceClusterIPRange to 100.64.0.0/13 | |
I0219 15:05:22.968089 48632 aws_cloud.go:1094] Querying EC2 for all valid zones in region "us-east-1" | |
I0219 15:05:22.968590 48632 request_logger.go:45] AWS request: ec2/DescribeAvailabilityZones | |
I0219 15:05:23.006602 48632 subnets.go:49] All subnets have CIDRs; skipping assignment logic | |
I0219 15:05:23.006636 48632 defaults.go:213] Not setting up Proxy Excludes | |
I0219 15:05:23.006697 48632 aws_cloud.go:1094] Querying EC2 for all valid zones in region "us-east-1" | |
I0219 15:05:23.006783 48632 request_logger.go:45] AWS request: ec2/DescribeAvailabilityZones | |
I0219 15:05:23.045521 48632 tagbuilder.go:91] tags: [_aws _k8s_1_6] | |
I0219 15:05:23.045758 48632 options_loader.go:130] executing builder *components.DefaultsOptionsBuilder | |
I0219 15:05:23.045774 48632 options_loader.go:130] executing builder *components.EtcdOptionsBuilder | |
I0219 15:05:23.045797 48632 options_loader.go:130] executing builder *etcdmanager.EtcdManagerOptionsBuilder | |
I0219 15:05:23.045805 48632 options_loader.go:130] executing builder *nodeauthorizer.OptionsBuilder | |
I0219 15:05:23.045813 48632 options_loader.go:130] executing builder *components.KubeAPIServerOptionsBuilder | |
I0219 15:05:23.045847 48632 options_loader.go:130] executing builder *components.DockerOptionsBuilder | |
I0219 15:05:23.045861 48632 options_loader.go:130] executing builder *components.NetworkingOptionsBuilder | |
I0219 15:05:23.045870 48632 options_loader.go:130] executing builder *components.KubeDnsOptionsBuilder | |
I0219 15:05:23.045883 48632 options_loader.go:130] executing builder *components.KubeletOptionsBuilder | |
I0219 15:05:23.046295 48632 kubelet.go:156] Cloud Provider: aws | |
I0219 15:05:23.046331 48632 options_loader.go:130] executing builder *components.KubeControllerManagerOptionsBuilder | |
I0219 15:05:23.046346 48632 kubecontrollermanager.go:74] Kubernetes version "1.11.6" supports AttachDetachReconcileSyncPeriod; will configure | |
I0219 15:05:23.046359 48632 kubecontrollermanager.go:79] AttachDetachReconcileSyncPeriod is not set; will set to default 1m0s | |
I0219 15:05:23.046377 48632 options_loader.go:130] executing builder *components.KubeSchedulerOptionsBuilder | |
I0219 15:05:23.046388 48632 options_loader.go:130] executing builder *components.KubeProxyOptionsBuilder | |
I0219 15:05:23.046776 48632 options_loader.go:130] executing builder *components.DefaultsOptionsBuilder | |
I0219 15:05:23.046790 48632 options_loader.go:130] executing builder *components.EtcdOptionsBuilder | |
I0219 15:05:23.046807 48632 options_loader.go:130] executing builder *etcdmanager.EtcdManagerOptionsBuilder | |
I0219 15:05:23.046816 48632 options_loader.go:130] executing builder *nodeauthorizer.OptionsBuilder | |
I0219 15:05:23.046823 48632 options_loader.go:130] executing builder *components.KubeAPIServerOptionsBuilder | |
I0219 15:05:23.046845 48632 options_loader.go:130] executing builder *components.DockerOptionsBuilder | |
I0219 15:05:23.046859 48632 options_loader.go:130] executing builder *components.NetworkingOptionsBuilder | |
I0219 15:05:23.046871 48632 options_loader.go:130] executing builder *components.KubeDnsOptionsBuilder | |
I0219 15:05:23.046879 48632 options_loader.go:130] executing builder *components.KubeletOptionsBuilder | |
I0219 15:05:23.046889 48632 kubelet.go:156] Cloud Provider: aws | |
I0219 15:05:23.046899 48632 options_loader.go:130] executing builder *components.KubeControllerManagerOptionsBuilder | |
I0219 15:05:23.046908 48632 kubecontrollermanager.go:74] Kubernetes version "1.11.6" supports AttachDetachReconcileSyncPeriod; will configure | |
I0219 15:05:23.046920 48632 options_loader.go:130] executing builder *components.KubeSchedulerOptionsBuilder | |
I0219 15:05:23.046945 48632 options_loader.go:130] executing builder *components.KubeProxyOptionsBuilder | |
I0219 15:05:23.047392 48632 spec_builder.go:49] options: { | |
"channel": "stable", | |
"configBase": "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local", | |
"cloudProvider": "aws", | |
"kubernetesVersion": "1.11.6", | |
"subnets": [ | |
{ | |
"name": "us-east-1a", | |
"cidr": "172.20.32.0/19", | |
"zone": "us-east-1a", | |
"type": "Public" | |
} | |
], | |
"masterPublicName": "api.vault-cluster.k8s.local", | |
"masterInternalName": "api.internal.vault-cluster.k8s.local", | |
"networkCIDR": "172.20.0.0/16", | |
"topology": { | |
"masters": "public", | |
"nodes": "public", | |
"dns": { | |
"type": "Public" | |
} | |
}, | |
"secretStore": "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets", | |
"keyStore": "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki", | |
"configStore": "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local", | |
"clusterDNSDomain": "cluster.local", | |
"serviceClusterIPRange": "100.64.0.0/13", | |
"nonMasqueradeCIDR": "100.64.0.0/10", | |
"sshAccess": [ | |
"0.0.0.0/0" | |
], | |
"kubernetesApiAccess": [ | |
"0.0.0.0/0" | |
], | |
"etcdClusters": [ | |
{ | |
"name": "main", | |
"provider": "Legacy", | |
"etcdMembers": [ | |
{ | |
"name": "a", | |
"instanceGroup": "master-us-east-1a" | |
} | |
], | |
"version": "2.2.1", | |
"image": "k8s.gcr.io/etcd:2.2.1" | |
}, | |
{ | |
"name": "events", | |
"provider": "Legacy", | |
"etcdMembers": [ | |
{ | |
"name": "a", | |
"instanceGroup": "master-us-east-1a" | |
} | |
], | |
"version": "2.2.1", | |
"image": "k8s.gcr.io/etcd:2.2.1" | |
} | |
], | |
"docker": { | |
"ipMasq": false, | |
"ipTables": false, | |
"logDriver": "json-file", | |
"logLevel": "warn", | |
"logOpt": [ | |
"max-size=10m", | |
"max-file=5" | |
], | |
"storage": "overlay2,overlay,aufs", | |
"version": "17.03.2" | |
}, | |
"kubeDNS": { | |
"cacheMaxSize": 1000, | |
"cacheMaxConcurrent": 150, | |
"domain": "cluster.local", | |
"replicas": 2, | |
"serverIP": "100.64.0.10" | |
}, | |
"kubeAPIServer": { | |
"image": "k8s.gcr.io/kube-apiserver:v1.11.6", | |
"logLevel": 2, | |
"cloudProvider": "aws", | |
"securePort": 443, | |
"insecurePort": 8080, | |
"bindAddress": "0.0.0.0", | |
"insecureBindAddress": "127.0.0.1", | |
"enableAdmissionPlugins": [ | |
"Initializers", | |
"NamespaceLifecycle", | |
"LimitRanger", | |
"ServiceAccount", | |
"PersistentVolumeLabel", | |
"DefaultStorageClass", | |
"DefaultTolerationSeconds", | |
"MutatingAdmissionWebhook", | |
"ValidatingAdmissionWebhook", | |
"NodeRestriction", | |
"ResourceQuota" | |
], | |
"serviceClusterIPRange": "100.64.0.0/13", | |
"etcdServers": [ | |
"http://127.0.0.1:4001" | |
], | |
"etcdServersOverrides": [ | |
"/events#http://127.0.0.1:4002" | |
], | |
"allowPrivileged": true, | |
"apiServerCount": 1, | |
"anonymousAuth": false, | |
"kubeletPreferredAddressTypes": [ | |
"InternalIP", | |
"Hostname", | |
"ExternalIP" | |
], | |
"storageBackend": "etcd2", | |
"authorizationMode": "RBAC", | |
"requestheaderUsernameHeaders": [ | |
"X-Remote-User" | |
], | |
"requestheaderGroupHeaders": [ | |
"X-Remote-Group" | |
], | |
"requestheaderExtraHeaderPrefixes": [ | |
"X-Remote-Extra-" | |
], | |
"requestheaderAllowedNames": [ | |
"aggregator" | |
], | |
"etcdQuorumRead": false | |
}, | |
"kubeControllerManager": { | |
"logLevel": 2, | |
"image": "k8s.gcr.io/kube-controller-manager:v1.11.6", | |
"cloudProvider": "aws", | |
"clusterName": "vault-cluster.k8s.local", | |
"clusterCIDR": "100.96.0.0/11", | |
"allocateNodeCIDRs": true, | |
"configureCloudRoutes": true, | |
"leaderElection": { | |
"leaderElect": true | |
}, | |
"attachDetachReconcileSyncPeriod": "1m0s", | |
"useServiceAccountCredentials": true | |
}, | |
"kubeScheduler": { | |
"logLevel": 2, | |
"image": "k8s.gcr.io/kube-scheduler:v1.11.6", | |
"leaderElection": { | |
"leaderElect": true | |
} | |
}, | |
"kubeProxy": { | |
"image": "k8s.gcr.io/kube-proxy:v1.11.6", | |
"cpuRequest": "100m", | |
"logLevel": 2, | |
"clusterCIDR": "100.96.0.0/11", | |
"hostnameOverride": "@aws" | |
}, | |
"kubelet": { | |
"anonymousAuth": false, | |
"kubeconfigPath": "/var/lib/kubelet/kubeconfig", | |
"logLevel": 2, | |
"podManifestPath": "/etc/kubernetes/manifests", | |
"hostnameOverride": "@aws", | |
"podInfraContainerImage": "k8s.gcr.io/pause-amd64:3.0", | |
"allowPrivileged": true, | |
"enableDebuggingHandlers": true, | |
"clusterDomain": "cluster.local", | |
"clusterDNS": "100.64.0.10", | |
"networkPluginName": "kubenet", | |
"cloudProvider": "aws", | |
"cgroupRoot": "/", | |
"nonMasqueradeCIDR": "100.64.0.0/10", | |
"networkPluginMTU": 9001, | |
"evictionHard": "memory.available\u003c100Mi,nodefs.available\u003c10%,nodefs.inodesFree\u003c5%,imagefs.available\u003c10%,imagefs.inodesFree\u003c5%", | |
"featureGates": { | |
"ExperimentalCriticalPodAnnotation": "true" | |
} | |
}, | |
"masterKubelet": { | |
"anonymousAuth": false, | |
"kubeconfigPath": "/var/lib/kubelet/kubeconfig", | |
"logLevel": 2, | |
"podManifestPath": "/etc/kubernetes/manifests", | |
"hostnameOverride": "@aws", | |
"podInfraContainerImage": "k8s.gcr.io/pause-amd64:3.0", | |
"allowPrivileged": true, | |
"enableDebuggingHandlers": true, | |
"clusterDomain": "cluster.local", | |
"clusterDNS": "100.64.0.10", | |
"networkPluginName": "kubenet", | |
"cloudProvider": "aws", | |
"cgroupRoot": "/", | |
"registerSchedulable": false, | |
"nonMasqueradeCIDR": "100.64.0.0/10", | |
"networkPluginMTU": 9001, | |
"evictionHard": "memory.available\u003c100Mi,nodefs.available\u003c10%,nodefs.inodesFree\u003c5%,imagefs.available\u003c10%,imagefs.inodesFree\u003c5%", | |
"featureGates": { | |
"ExperimentalCriticalPodAnnotation": "true" | |
} | |
}, | |
"networking": { | |
"kubenet": {} | |
}, | |
"api": { | |
"loadBalancer": { | |
"type": "Public" | |
} | |
}, | |
"authorization": { | |
"rbac": {} | |
}, | |
"iam": { | |
"legacy": false, | |
"allowContainerRegistry": true | |
} | |
} | |
I0219 15:05:23.047640 48632 aws_cloud.go:1094] Querying EC2 for all valid zones in region "us-east-1" | |
I0219 15:05:23.047721 48632 request_logger.go:45] AWS request: ec2/DescribeAvailabilityZones | |
I0219 15:05:23.086860 48632 aws_cloud.go:1272] checking if instance type "m3.medium" is supported in region "us-east-1" | |
I0219 15:05:23.087072 48632 request_logger.go:45] AWS request: ec2/DescribeReservedInstancesOfferings | |
I0219 15:05:23.219496 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.4.0 <1.5.0 | |
I0219 15:05:23.219545 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.5.0 <1.6.0 | |
I0219 15:05:23.219561 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.6.0 <1.7.0 | |
I0219 15:05:23.219574 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.7.0 <1.8.0 | |
I0219 15:05:23.219584 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.8.0 <1.9.0 | |
I0219 15:05:23.219597 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.9.0 <1.10.0 | |
I0219 15:05:23.219609 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.10.0 <1.11.0 | |
I0219 15:05:23.219717 48632 aws_cloud.go:1094] Querying EC2 for all valid zones in region "us-east-1" | |
I0219 15:05:23.219834 48632 request_logger.go:45] AWS request: ec2/DescribeAvailabilityZones | |
I0219 15:05:23.283481 48632 aws_cloud.go:1272] checking if instance type "t2.medium" is supported in region "us-east-1" | |
I0219 15:05:23.283593 48632 request_logger.go:45] AWS request: ec2/DescribeReservedInstancesOfferings | |
I0219 15:05:23.341190 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.4.0 <1.5.0 | |
I0219 15:05:23.341228 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.5.0 <1.6.0 | |
I0219 15:05:23.341240 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.6.0 <1.7.0 | |
I0219 15:05:23.341267 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.7.0 <1.8.0 | |
I0219 15:05:23.341281 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.8.0 <1.9.0 | |
I0219 15:05:23.341292 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.9.0 <1.10.0 | |
I0219 15:05:23.341302 48632 channel.go:277] Kubernetes version "1.11.6" does not match range: >=1.10.0 <1.11.0 | |
I0219 15:05:23.350182 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/config" | |
I0219 15:05:23.356768 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/config" | |
I0219 15:05:23.356803 48632 s3context.go:222] Checking default bucket encryption for "{{CONFIG_BUCKET_REDACTED}}" | |
I0219 15:05:23.356821 48632 s3context.go:227] Calling S3 GetBucketEncryption Bucket="{{CONFIG_BUCKET_REDACTED}}" | |
I0219 15:05:23.362989 48632 s3context.go:247] bucket "{{CONFIG_BUCKET_REDACTED}}" has default encryption set to true | |
I0219 15:05:23.363047 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/config" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:23.402348 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/master-us-east-1a" | |
I0219 15:05:23.414456 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/master-us-east-1a" | |
I0219 15:05:23.414511 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/instancegroup/master-us-east-1a" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:23.458005 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/nodes" | |
I0219 15:05:23.468403 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/nodes" | |
I0219 15:05:23.468485 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/instancegroup/nodes" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:23.498576 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/cluster.spec" | |
I0219 15:05:23.498613 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/cluster.spec" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:23.526688 48632 create_cluster.go:1407] Using SSH public key: {{HOME}}/.ssh/id_rsa.pub | |
I0219 15:05:23.527046 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/ssh/public/admin/3b70fbe4dd730e672c715904333e658a" | |
I0219 15:05:23.527070 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/ssh/public/admin/3b70fbe4dd730e672c715904333e658a" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:23.636987 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/config" | |
I0219 15:05:23.655506 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/instancegroup/" | |
I0219 15:05:23.678368 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup: [s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/master-us-east-1a s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/nodes] | |
I0219 15:05:23.678430 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/master-us-east-1a" | |
I0219 15:05:23.691589 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/nodes" | |
I0219 15:05:23.709532 48632 channel.go:97] resolving "stable" against default channel location "https://raw.githubusercontent.com/kubernetes/kops/master/channels/" | |
I0219 15:05:23.709568 48632 channel.go:102] Loading channel from "https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable" | |
I0219 15:05:23.709581 48632 context.go:159] Performing HTTP request: GET https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable | |
I0219 15:05:23.713047 48632 channel.go:111] Channel contents: spec: | |
images: | |
# We put the "legacy" version first, for kops versions that don't support versions ( < 1.5.0 ) | |
- name: kope.io/k8s-1.4-debian-jessie-amd64-hvm-ebs-2017-07-28 | |
providerID: aws | |
kubernetesVersion: ">=1.4.0 <1.5.0" | |
- name: kope.io/k8s-1.5-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.5.0 <1.6.0" | |
- name: kope.io/k8s-1.6-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.6.0 <1.7.0" | |
- name: kope.io/k8s-1.7-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.7.0 <1.8.0" | |
- name: kope.io/k8s-1.8-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.8.0 <1.9.0" | |
- name: kope.io/k8s-1.9-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.9.0 <1.10.0" | |
- name: kope.io/k8s-1.10-debian-jessie-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.10.0 <1.11.0" | |
# Stretch is the default for 1.11 (for nvme) | |
- name: kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17 | |
providerID: aws | |
kubernetesVersion: ">=1.11.0" | |
- providerID: gce | |
name: "cos-cloud/cos-stable-65-10323-99-0" | |
cluster: | |
kubernetesVersion: v1.5.8 | |
networking: | |
kubenet: {} | |
kubernetesVersions: | |
- range: ">=1.11.0" | |
recommendedVersion: 1.11.6 | |
requiredVersion: 1.11.0 | |
- range: ">=1.10.0" | |
recommendedVersion: 1.10.12 | |
requiredVersion: 1.10.0 | |
- range: ">=1.9.0" | |
recommendedVersion: 1.9.11 | |
requiredVersion: 1.9.0 | |
- range: ">=1.8.0" | |
recommendedVersion: 1.8.15 | |
requiredVersion: 1.8.0 | |
- range: ">=1.7.0" | |
recommendedVersion: 1.7.16 | |
requiredVersion: 1.7.0 | |
- range: ">=1.6.0" | |
recommendedVersion: 1.6.13 | |
requiredVersion: 1.6.0 | |
- range: ">=1.5.0" | |
recommendedVersion: 1.5.8 | |
requiredVersion: 1.5.1 | |
- range: "<1.5.0" | |
recommendedVersion: 1.4.12 | |
requiredVersion: 1.4.2 | |
kopsVersions: | |
- range: ">=1.11.0-alpha.1" | |
#recommendedVersion: "1.11.0" | |
#requiredVersion: 1.11.0 | |
kubernetesVersion: 1.11.6 | |
- range: ">=1.10.0-alpha.1" | |
recommendedVersion: "1.10.0" | |
#requiredVersion: 1.10.0 | |
kubernetesVersion: 1.10.12 | |
- range: ">=1.9.0-alpha.1" | |
recommendedVersion: 1.9.2 | |
#requiredVersion: 1.9.0 | |
kubernetesVersion: 1.9.11 | |
- range: ">=1.8.0-alpha.1" | |
recommendedVersion: 1.8.1 | |
requiredVersion: 1.7.1 | |
kubernetesVersion: 1.8.15 | |
- range: ">=1.7.0-alpha.1" | |
recommendedVersion: 1.8.1 | |
requiredVersion: 1.7.1 | |
kubernetesVersion: 1.7.16 | |
- range: ">=1.6.0-alpha.1" | |
recommendedVersion: 1.8.1 | |
requiredVersion: 1.7.1 | |
kubernetesVersion: 1.6.13 | |
- range: ">=1.5.0-alpha1" | |
recommendedVersion: 1.8.1 | |
requiredVersion: 1.7.1 | |
kubernetesVersion: 1.5.8 | |
- range: "<1.5.0" | |
recommendedVersion: 1.8.1 | |
requiredVersion: 1.7.1 | |
kubernetesVersion: 1.4.12 | |
I0219 15:05:23.713184 48632 populate_cluster_spec.go:370] Defaulted KubeControllerManager.ClusterCIDR to 100.96.0.0/11 | |
I0219 15:05:23.713215 48632 populate_cluster_spec.go:377] Defaulted ServiceClusterIPRange to 100.64.0.0/13 | |
I0219 15:05:23.713237 48632 aws_cloud.go:1094] Querying EC2 for all valid zones in region "us-east-1" | |
I0219 15:05:23.713305 48632 request_logger.go:45] AWS request: ec2/DescribeAvailabilityZones | |
I0219 15:05:23.751882 48632 subnets.go:49] All subnets have CIDRs; skipping assignment logic | |
I0219 15:05:23.751954 48632 defaults.go:213] Not setting up Proxy Excludes | |
I0219 15:05:23.752025 48632 aws_cloud.go:1094] Querying EC2 for all valid zones in region "us-east-1" | |
I0219 15:05:23.752124 48632 request_logger.go:45] AWS request: ec2/DescribeAvailabilityZones | |
I0219 15:05:23.852883 48632 tagbuilder.go:91] tags: [_aws _k8s_1_6] | |
I0219 15:05:23.853234 48632 options_loader.go:130] executing builder *components.DefaultsOptionsBuilder | |
I0219 15:05:23.853273 48632 options_loader.go:130] executing builder *components.EtcdOptionsBuilder | |
I0219 15:05:23.853289 48632 options_loader.go:130] executing builder *etcdmanager.EtcdManagerOptionsBuilder | |
I0219 15:05:23.853297 48632 options_loader.go:130] executing builder *nodeauthorizer.OptionsBuilder | |
I0219 15:05:23.853305 48632 options_loader.go:130] executing builder *components.KubeAPIServerOptionsBuilder | |
I0219 15:05:23.853337 48632 options_loader.go:130] executing builder *components.DockerOptionsBuilder | |
I0219 15:05:23.853348 48632 options_loader.go:130] executing builder *components.NetworkingOptionsBuilder | |
I0219 15:05:23.853358 48632 options_loader.go:130] executing builder *components.KubeDnsOptionsBuilder | |
I0219 15:05:23.853368 48632 options_loader.go:130] executing builder *components.KubeletOptionsBuilder | |
I0219 15:05:23.853381 48632 kubelet.go:156] Cloud Provider: aws | |
I0219 15:05:23.853393 48632 options_loader.go:130] executing builder *components.KubeControllerManagerOptionsBuilder | |
I0219 15:05:23.853406 48632 kubecontrollermanager.go:74] Kubernetes version "1.11.6" supports AttachDetachReconcileSyncPeriod; will configure | |
I0219 15:05:23.853416 48632 kubecontrollermanager.go:79] AttachDetachReconcileSyncPeriod is not set; will set to default 1m0s | |
I0219 15:05:23.853430 48632 options_loader.go:130] executing builder *components.KubeSchedulerOptionsBuilder | |
I0219 15:05:23.853441 48632 options_loader.go:130] executing builder *components.KubeProxyOptionsBuilder | |
I0219 15:05:23.853722 48632 options_loader.go:130] executing builder *components.DefaultsOptionsBuilder | |
I0219 15:05:23.853734 48632 options_loader.go:130] executing builder *components.EtcdOptionsBuilder | |
I0219 15:05:23.853744 48632 options_loader.go:130] executing builder *etcdmanager.EtcdManagerOptionsBuilder | |
I0219 15:05:23.853752 48632 options_loader.go:130] executing builder *nodeauthorizer.OptionsBuilder | |
I0219 15:05:23.853759 48632 options_loader.go:130] executing builder *components.KubeAPIServerOptionsBuilder | |
I0219 15:05:23.853781 48632 options_loader.go:130] executing builder *components.DockerOptionsBuilder | |
I0219 15:05:23.853791 48632 options_loader.go:130] executing builder *components.NetworkingOptionsBuilder | |
I0219 15:05:23.853800 48632 options_loader.go:130] executing builder *components.KubeDnsOptionsBuilder | |
I0219 15:05:23.853807 48632 options_loader.go:130] executing builder *components.KubeletOptionsBuilder | |
I0219 15:05:23.853818 48632 kubelet.go:156] Cloud Provider: aws | |
I0219 15:05:23.853828 48632 options_loader.go:130] executing builder *components.KubeControllerManagerOptionsBuilder | |
I0219 15:05:23.853837 48632 kubecontrollermanager.go:74] Kubernetes version "1.11.6" supports AttachDetachReconcileSyncPeriod; will configure | |
I0219 15:05:23.853850 48632 options_loader.go:130] executing builder *components.KubeSchedulerOptionsBuilder | |
I0219 15:05:23.853859 48632 options_loader.go:130] executing builder *components.KubeProxyOptionsBuilder | |
I0219 15:05:23.854241 48632 spec_builder.go:49] options: { | |
"channel": "stable", | |
"configBase": "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local", | |
"cloudProvider": "aws", | |
"kubernetesVersion": "1.11.6", | |
"subnets": [ | |
{ | |
"name": "us-east-1a", | |
"cidr": "172.20.32.0/19", | |
"zone": "us-east-1a", | |
"type": "Public" | |
} | |
], | |
"masterPublicName": "api.vault-cluster.k8s.local", | |
"masterInternalName": "api.internal.vault-cluster.k8s.local", | |
"networkCIDR": "172.20.0.0/16", | |
"topology": { | |
"masters": "public", | |
"nodes": "public", | |
"dns": { | |
"type": "Public" | |
} | |
}, | |
"secretStore": "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets", | |
"keyStore": "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki", | |
"configStore": "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local", | |
"clusterDNSDomain": "cluster.local", | |
"serviceClusterIPRange": "100.64.0.0/13", | |
"nonMasqueradeCIDR": "100.64.0.0/10", | |
"sshAccess": [ | |
"0.0.0.0/0" | |
], | |
"kubernetesApiAccess": [ | |
"0.0.0.0/0" | |
], | |
"etcdClusters": [ | |
{ | |
"name": "main", | |
"provider": "Legacy", | |
"etcdMembers": [ | |
{ | |
"name": "a", | |
"instanceGroup": "master-us-east-1a" | |
} | |
], | |
"version": "2.2.1", | |
"image": "k8s.gcr.io/etcd:2.2.1" | |
}, | |
{ | |
"name": "events", | |
"provider": "Legacy", | |
"etcdMembers": [ | |
{ | |
"name": "a", | |
"instanceGroup": "master-us-east-1a" | |
} | |
], | |
"version": "2.2.1", | |
"image": "k8s.gcr.io/etcd:2.2.1" | |
} | |
], | |
"docker": { | |
"ipMasq": false, | |
"ipTables": false, | |
"logDriver": "json-file", | |
"logLevel": "warn", | |
"logOpt": [ | |
"max-size=10m", | |
"max-file=5" | |
], | |
"storage": "overlay2,overlay,aufs", | |
"version": "17.03.2" | |
}, | |
"kubeDNS": { | |
"cacheMaxSize": 1000, | |
"cacheMaxConcurrent": 150, | |
"domain": "cluster.local", | |
"replicas": 2, | |
"serverIP": "100.64.0.10" | |
}, | |
"kubeAPIServer": { | |
"image": "k8s.gcr.io/kube-apiserver:v1.11.6", | |
"logLevel": 2, | |
"cloudProvider": "aws", | |
"securePort": 443, | |
"insecurePort": 8080, | |
"bindAddress": "0.0.0.0", | |
"insecureBindAddress": "127.0.0.1", | |
"enableAdmissionPlugins": [ | |
"Initializers", | |
"NamespaceLifecycle", | |
"LimitRanger", | |
"ServiceAccount", | |
"PersistentVolumeLabel", | |
"DefaultStorageClass", | |
"DefaultTolerationSeconds", | |
"MutatingAdmissionWebhook", | |
"ValidatingAdmissionWebhook", | |
"NodeRestriction", | |
"ResourceQuota" | |
], | |
"serviceClusterIPRange": "100.64.0.0/13", | |
"etcdServers": [ | |
"http://127.0.0.1:4001" | |
], | |
"etcdServersOverrides": [ | |
"/events#http://127.0.0.1:4002" | |
], | |
"allowPrivileged": true, | |
"apiServerCount": 1, | |
"anonymousAuth": false, | |
"kubeletPreferredAddressTypes": [ | |
"InternalIP", | |
"Hostname", | |
"ExternalIP" | |
], | |
"storageBackend": "etcd2", | |
"authorizationMode": "RBAC", | |
"requestheaderUsernameHeaders": [ | |
"X-Remote-User" | |
], | |
"requestheaderGroupHeaders": [ | |
"X-Remote-Group" | |
], | |
"requestheaderExtraHeaderPrefixes": [ | |
"X-Remote-Extra-" | |
], | |
"requestheaderAllowedNames": [ | |
"aggregator" | |
], | |
"etcdQuorumRead": false | |
}, | |
"kubeControllerManager": { | |
"logLevel": 2, | |
"image": "k8s.gcr.io/kube-controller-manager:v1.11.6", | |
"cloudProvider": "aws", | |
"clusterName": "vault-cluster.k8s.local", | |
"clusterCIDR": "100.96.0.0/11", | |
"allocateNodeCIDRs": true, | |
"configureCloudRoutes": true, | |
"leaderElection": { | |
"leaderElect": true | |
}, | |
"attachDetachReconcileSyncPeriod": "1m0s", | |
"useServiceAccountCredentials": true | |
}, | |
"kubeScheduler": { | |
"logLevel": 2, | |
"image": "k8s.gcr.io/kube-scheduler:v1.11.6", | |
"leaderElection": { | |
"leaderElect": true | |
} | |
}, | |
"kubeProxy": { | |
"image": "k8s.gcr.io/kube-proxy:v1.11.6", | |
"cpuRequest": "100m", | |
"logLevel": 2, | |
"clusterCIDR": "100.96.0.0/11", | |
"hostnameOverride": "@aws" | |
}, | |
"kubelet": { | |
"anonymousAuth": false, | |
"kubeconfigPath": "/var/lib/kubelet/kubeconfig", | |
"logLevel": 2, | |
"podManifestPath": "/etc/kubernetes/manifests", | |
"hostnameOverride": "@aws", | |
"podInfraContainerImage": "k8s.gcr.io/pause-amd64:3.0", | |
"allowPrivileged": true, | |
"enableDebuggingHandlers": true, | |
"clusterDomain": "cluster.local", | |
"clusterDNS": "100.64.0.10", | |
"networkPluginName": "kubenet", | |
"cloudProvider": "aws", | |
"cgroupRoot": "/", | |
"nonMasqueradeCIDR": "100.64.0.0/10", | |
"networkPluginMTU": 9001, | |
"evictionHard": "memory.available\u003c100Mi,nodefs.available\u003c10%,nodefs.inodesFree\u003c5%,imagefs.available\u003c10%,imagefs.inodesFree\u003c5%", | |
"featureGates": { | |
"ExperimentalCriticalPodAnnotation": "true" | |
} | |
}, | |
"masterKubelet": { | |
"anonymousAuth": false, | |
"kubeconfigPath": "/var/lib/kubelet/kubeconfig", | |
"logLevel": 2, | |
"podManifestPath": "/etc/kubernetes/manifests", | |
"hostnameOverride": "@aws", | |
"podInfraContainerImage": "k8s.gcr.io/pause-amd64:3.0", | |
"allowPrivileged": true, | |
"enableDebuggingHandlers": true, | |
"clusterDomain": "cluster.local", | |
"clusterDNS": "100.64.0.10", | |
"networkPluginName": "kubenet", | |
"cloudProvider": "aws", | |
"cgroupRoot": "/", | |
"registerSchedulable": false, | |
"nonMasqueradeCIDR": "100.64.0.0/10", | |
"networkPluginMTU": 9001, | |
"evictionHard": "memory.available\u003c100Mi,nodefs.available\u003c10%,nodefs.inodesFree\u003c5%,imagefs.available\u003c10%,imagefs.inodesFree\u003c5%", | |
"featureGates": { | |
"ExperimentalCriticalPodAnnotation": "true" | |
} | |
}, | |
"networking": { | |
"kubenet": {} | |
}, | |
"api": { | |
"loadBalancer": { | |
"type": "Public" | |
} | |
}, | |
"authorization": { | |
"rbac": {} | |
}, | |
"iam": { | |
"legacy": false, | |
"allowContainerRegistry": true | |
} | |
} | |
I0219 15:05:23.854390 48632 channel.go:150] VersionRecommendationSpec does not specify RecommendedVersion | |
I0219 15:05:23.854403 48632 channel.go:190] VersionRecommendationSpec does not specify RequiredVersion | |
I0219 15:05:23.854418 48632 channel.go:142] RecommendedVersion="1.11.6", Have="1.11.6". No upgrade needed. | |
I0219 15:05:23.854430 48632 channel.go:182] RequiredVersion="1.11.0", Have="1.11.6". No upgrade needed. | |
I0219 15:05:23.854487 48632 context.go:159] Performing HTTP request: GET https://storage.googleapis.com/kubernetes-release/release/v1.11.6/bin/linux/amd64/kubelet.sha1 | |
I0219 15:05:23.880318 48632 builder.go:301] Found hash "a006b4680640e5c88742e22b904623a77257f416" for "https://storage.googleapis.com/kubernetes-release/release/v1.11.6/bin/linux/amd64/kubelet" | |
I0219 15:05:23.880427 48632 builder.go:234] adding file: &{FileURL:https://storage.googleapis.com/kubernetes-release/release/v1.11.6/bin/linux/amd64/kubelet CanonicalFileURL:<nil> SHAValue:a006b4680640e5c88742e22b904623a77257f416} | |
I0219 15:05:23.880549 48632 context.go:159] Performing HTTP request: GET https://storage.googleapis.com/kubernetes-release/release/v1.11.6/bin/linux/amd64/kubectl.sha1 | |
I0219 15:05:23.884167 48632 builder.go:301] Found hash "c3f7fbab5ba39e3ec20b32f0e7bcad6cc0704792" for "https://storage.googleapis.com/kubernetes-release/release/v1.11.6/bin/linux/amd64/kubectl" | |
I0219 15:05:23.884250 48632 builder.go:234] adding file: &{FileURL:https://storage.googleapis.com/kubernetes-release/release/v1.11.6/bin/linux/amd64/kubectl CanonicalFileURL:<nil> SHAValue:c3f7fbab5ba39e3ec20b32f0e7bcad6cc0704792} | |
I0219 15:05:23.884359 48632 networking.go:163] Adding default CNI asset for k8s 1.9.x and higher: https://storage.googleapis.com/kubernetes-release/network-plugins/cni-plugins-amd64-v0.6.0.tgz | |
I0219 15:05:23.884392 48632 urls.go:61] Using default base url: "https://kubeupv2.s3.amazonaws.com/kops/1.11.0/" | |
I0219 15:05:23.884407 48632 context.go:159] Performing HTTP request: GET https://kubeupv2.s3.amazonaws.com/kops/1.11.0/linux/amd64/utils.tar.gz.sha1 | |
I0219 15:05:23.919913 48632 builder.go:301] Found hash "b16b5367e05bad082f416f786c7f8813f7794630" for "https://kubeupv2.s3.amazonaws.com/kops/1.11.0/linux/amd64/utils.tar.gz" | |
I0219 15:05:23.919968 48632 builder.go:234] adding file: &{FileURL:https://kubeupv2.s3.amazonaws.com/kops/1.11.0/linux/amd64/utils.tar.gz CanonicalFileURL:<nil> SHAValue:b16b5367e05bad082f416f786c7f8813f7794630} | |
I0219 15:05:23.920079 48632 urls.go:53] Using cached kopsBaseUrl url: "https://kubeupv2.s3.amazonaws.com/kops/1.11.0/" | |
I0219 15:05:23.920096 48632 context.go:159] Performing HTTP request: GET https://kubeupv2.s3.amazonaws.com/kops/1.11.0/linux/amd64/nodeup.sha1 | |
I0219 15:05:23.927450 48632 builder.go:301] Found hash "6ee282d77600c47ed7744435400e163fa34ee17e" for "https://kubeupv2.s3.amazonaws.com/kops/1.11.0/linux/amd64/nodeup" | |
I0219 15:05:23.927492 48632 builder.go:234] adding file: &{FileURL:https://kubeupv2.s3.amazonaws.com/kops/1.11.0/linux/amd64/nodeup CanonicalFileURL:<nil> SHAValue:6ee282d77600c47ed7744435400e163fa34ee17e} | |
I0219 15:05:23.927584 48632 urls.go:115] Using default nodeup location: "https://kubeupv2.s3.amazonaws.com/kops/1.11.0/linux/amd64/nodeup" | |
I0219 15:05:23.927598 48632 urls.go:53] Using cached kopsBaseUrl url: "https://kubeupv2.s3.amazonaws.com/kops/1.11.0/" | |
I0219 15:05:23.927612 48632 context.go:159] Performing HTTP request: GET https://kubeupv2.s3.amazonaws.com/kops/1.11.0/images/protokube.tar.gz.sha1 | |
I0219 15:05:23.934417 48632 builder.go:301] Found hash "725c2de47755544a9aa349e27ed9900d195f0ceb" for "https://kubeupv2.s3.amazonaws.com/kops/1.11.0/images/protokube.tar.gz" | |
I0219 15:05:23.934474 48632 builder.go:234] adding file: &{FileURL:https://kubeupv2.s3.amazonaws.com/kops/1.11.0/images/protokube.tar.gz CanonicalFileURL:<nil> SHAValue:725c2de47755544a9aa349e27ed9900d195f0ceb} | |
I0219 15:05:23.934567 48632 urls.go:152] Using default protokube location: "https://kubeupv2.s3.amazonaws.com/kops/1.11.0/images/protokube.tar.gz" | |
I0219 15:05:23.934611 48632 aws_cloud.go:1094] Querying EC2 for all valid zones in region "us-east-1" | |
I0219 15:05:23.934709 48632 request_logger.go:45] AWS request: ec2/DescribeAvailabilityZones | |
I0219 15:05:23.969684 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/ssh/public/admin/" | |
I0219 15:05:23.986320 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/ssh/public/admin: [s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/ssh/public/admin/3b70fbe4dd730e672c715904333e658a] | |
I0219 15:05:23.986348 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/ssh/public/admin/3b70fbe4dd730e672c715904333e658a" | |
I0219 15:05:23.998085 48632 apply_cluster.go:542] Gossip DNS: skipping DNS validation | |
I0219 15:05:23.998113 48632 tagbuilder.go:91] tags: [_aws _k8s_1_6] | |
I0219 15:05:23.998297 48632 templates.go:80] loading (templated) resource "addons/dns-controller.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:23.998343 48632 templates.go:80] loading (templated) resource "addons/dns-controller.addons.k8s.io/pre-k8s-1.6.yaml" | |
I0219 15:05:23.998401 48632 templates.go:88] loading resource "addons/external-dns.addons.k8s.io/README.md" | |
I0219 15:05:23.998456 48632 templates.go:80] loading (templated) resource "addons/external-dns.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:23.998499 48632 templates.go:80] loading (templated) resource "addons/external-dns.addons.k8s.io/pre-k8s-1.6.yaml" | |
I0219 15:05:23.998543 48632 templates.go:88] loading resource "addons/limit-range.addons.k8s.io/v1.5.0.yaml" | |
I0219 15:05:23.998616 48632 templates.go:88] loading resource "addons/limit-range.addons.k8s.io/addon.yaml" | |
I0219 15:05:23.998708 48632 templates.go:80] loading (templated) resource "addons/networking.romana/k8s-1.7.yaml" | |
I0219 15:05:23.998814 48632 templates.go:80] loading (templated) resource "addons/node-authorizer.addons.k8s.io/k8s-1.10.yaml" | |
I0219 15:05:23.998904 48632 templates.go:88] loading resource "addons/scheduler.addons.k8s.io/v1.7.0.yaml" | |
I0219 15:05:23.999098 48632 templates.go:80] loading (templated) resource "addons/networking.cilium.io/k8s-1.7.yaml" | |
I0219 15:05:23.999189 48632 templates.go:80] loading (templated) resource "addons/networking.kuberouter/k8s-1.6.yaml" | |
I0219 15:05:23.999228 48632 templates.go:88] loading resource "addons/storage-aws.addons.k8s.io/v1.6.0.yaml" | |
I0219 15:05:23.999273 48632 templates.go:88] loading resource "addons/storage-aws.addons.k8s.io/v1.7.0.yaml" | |
I0219 15:05:23.999389 48632 templates.go:80] loading (templated) resource "addons/networking.weave/k8s-1.8.yaml" | |
I0219 15:05:23.999461 48632 templates.go:80] loading (templated) resource "addons/networking.weave/pre-k8s-1.6.yaml" | |
I0219 15:05:23.999587 48632 templates.go:80] loading (templated) resource "addons/networking.weave/k8s-1.6.yaml" | |
I0219 15:05:23.999683 48632 templates.go:80] loading (templated) resource "addons/networking.weave/k8s-1.7.yaml" | |
I0219 15:05:23.999752 48632 templates.go:88] loading resource "addons/authentication.aws/k8s-1.10.yaml" | |
I0219 15:05:23.999827 48632 templates.go:88] loading resource "addons/authentication.kope.io/k8s-1.8.yaml" | |
I0219 15:05:23.999879 48632 templates.go:80] loading (templated) resource "addons/networking.amazon-vpc-routed-eni/k8s-1.10.yaml" | |
I0219 15:05:23.999972 48632 templates.go:80] loading (templated) resource "addons/networking.amazon-vpc-routed-eni/k8s-1.7.yaml" | |
I0219 15:05:24.000047 48632 templates.go:80] loading (templated) resource "addons/networking.amazon-vpc-routed-eni/k8s-1.8.yaml" | |
I0219 15:05:24.000108 48632 templates.go:80] loading (templated) resource "addons/networking.flannel/k8s-1.6.yaml" | |
I0219 15:05:24.000199 48632 templates.go:80] loading (templated) resource "addons/networking.flannel/pre-k8s-1.6.yaml" | |
I0219 15:05:24.000266 48632 templates.go:88] loading resource "addons/networking.kope.io/k8s-1.6.yaml" | |
I0219 15:05:24.000314 48632 templates.go:88] loading resource "addons/networking.kope.io/pre-k8s-1.6.yaml" | |
I0219 15:05:24.000452 48632 templates.go:80] loading (templated) resource "addons/networking.projectcalico.org/k8s-1.6.yaml" | |
I0219 15:05:24.000620 48632 templates.go:80] loading (templated) resource "addons/networking.projectcalico.org/k8s-1.7-v3.yaml" | |
I0219 15:05:24.000774 48632 templates.go:80] loading (templated) resource "addons/networking.projectcalico.org/k8s-1.7.yaml" | |
I0219 15:05:24.000955 48632 templates.go:80] loading (templated) resource "addons/networking.projectcalico.org/pre-k8s-1.6.yaml" | |
I0219 15:05:24.001106 48632 templates.go:80] loading (templated) resource "addons/networking.projectcalico.org.canal/k8s-1.12.yaml" | |
I0219 15:05:24.001228 48632 templates.go:80] loading (templated) resource "addons/networking.projectcalico.org.canal/k8s-1.6.yaml" | |
I0219 15:05:24.001383 48632 templates.go:80] loading (templated) resource "addons/networking.projectcalico.org.canal/k8s-1.8.yaml" | |
I0219 15:05:24.001543 48632 templates.go:80] loading (templated) resource "addons/networking.projectcalico.org.canal/k8s-1.9.yaml" | |
I0219 15:05:24.001757 48632 templates.go:80] loading (templated) resource "addons/networking.projectcalico.org.canal/pre-k8s-1.6.yaml" | |
I0219 15:05:24.001802 48632 templates.go:88] loading resource "addons/rbac.addons.k8s.io/k8s-1.8.yaml" | |
I0219 15:05:24.001853 48632 templates.go:80] loading (templated) resource "addons/spotinst-kubernetes-cluster-controller.addons.k8s.io/v1.8.0.yaml" | |
I0219 15:05:24.001908 48632 templates.go:80] loading (templated) resource "addons/spotinst-kubernetes-cluster-controller.addons.k8s.io/v1.9.0.yaml" | |
I0219 15:05:24.001983 48632 templates.go:88] loading resource "addons/core.addons.k8s.io/addon.yaml" | |
I0219 15:05:24.002079 48632 templates.go:80] loading (templated) resource "addons/core.addons.k8s.io/k8s-1.7.yaml" | |
I0219 15:05:24.002114 48632 templates.go:88] loading resource "addons/core.addons.k8s.io/v1.4.0.yaml" | |
I0219 15:05:24.002224 48632 templates.go:80] loading (templated) resource "addons/coredns.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:24.002306 48632 templates.go:80] loading (templated) resource "addons/digitalocean-cloud-controller.addons.k8s.io/k8s-1.8.yaml" | |
I0219 15:05:24.002427 48632 templates.go:80] loading (templated) resource "addons/kube-dns.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:24.002521 48632 templates.go:80] loading (templated) resource "addons/kube-dns.addons.k8s.io/pre-k8s-1.6.yaml" | |
I0219 15:05:24.002569 48632 templates.go:80] loading (templated) resource "addons/podsecuritypolicy.addons.k8s.io/k8s-1.10.yaml" | |
I0219 15:05:24.002621 48632 templates.go:80] loading (templated) resource "addons/podsecuritypolicy.addons.k8s.io/k8s-1.9.yaml" | |
I0219 15:05:24.002653 48632 templates.go:88] loading resource "addons/storage-gce.addons.k8s.io/v1.6.0.yaml" | |
I0219 15:05:24.002679 48632 templates.go:88] loading resource "addons/storage-gce.addons.k8s.io/v1.7.0.yaml" | |
I0219 15:05:24.002719 48632 tree_walker.go:98] visit "cloudup/resources" | |
I0219 15:05:24.002736 48632 tree_walker.go:98] visit "cloudup/resources/addons" | |
I0219 15:05:24.002777 48632 tree_walker.go:98] visit "cloudup/resources/addons/podsecuritypolicy.addons.k8s.io" | |
I0219 15:05:24.002795 48632 tree_walker.go:98] visit "cloudup/resources/addons/podsecuritypolicy.addons.k8s.io/k8s-1.9.yaml.template" | |
I0219 15:05:24.002849 48632 loader.go:354] loading (templated) resource "addons/podsecuritypolicy.addons.k8s.io/k8s-1.9.yaml" | |
I0219 15:05:24.002860 48632 tree_walker.go:98] visit "cloudup/resources/addons/podsecuritypolicy.addons.k8s.io/k8s-1.10.yaml.template" | |
I0219 15:05:24.002901 48632 loader.go:354] loading (templated) resource "addons/podsecuritypolicy.addons.k8s.io/k8s-1.10.yaml" | |
I0219 15:05:24.002914 48632 tree_walker.go:98] visit "cloudup/resources/addons/storage-gce.addons.k8s.io" | |
I0219 15:05:24.002927 48632 tree_walker.go:98] visit "cloudup/resources/addons/storage-gce.addons.k8s.io/v1.6.0.yaml" | |
I0219 15:05:24.002958 48632 loader.go:362] loading resource "addons/storage-gce.addons.k8s.io/v1.6.0.yaml" | |
I0219 15:05:24.002968 48632 tree_walker.go:98] visit "cloudup/resources/addons/storage-gce.addons.k8s.io/v1.7.0.yaml" | |
I0219 15:05:24.002998 48632 loader.go:362] loading resource "addons/storage-gce.addons.k8s.io/v1.7.0.yaml" | |
I0219 15:05:24.003008 48632 tree_walker.go:98] visit "cloudup/resources/addons/core.addons.k8s.io" | |
I0219 15:05:24.003021 48632 tree_walker.go:98] visit "cloudup/resources/addons/core.addons.k8s.io/addon.yaml" | |
I0219 15:05:24.003050 48632 loader.go:362] loading resource "addons/core.addons.k8s.io/addon.yaml" | |
I0219 15:05:24.003059 48632 tree_walker.go:98] visit "cloudup/resources/addons/core.addons.k8s.io/k8s-1.7.yaml.template" | |
I0219 15:05:24.003131 48632 loader.go:354] loading (templated) resource "addons/core.addons.k8s.io/k8s-1.7.yaml" | |
I0219 15:05:24.003144 48632 tree_walker.go:98] visit "cloudup/resources/addons/core.addons.k8s.io/v1.4.0.yaml" | |
I0219 15:05:24.003183 48632 loader.go:362] loading resource "addons/core.addons.k8s.io/v1.4.0.yaml" | |
I0219 15:05:24.003196 48632 tree_walker.go:98] visit "cloudup/resources/addons/coredns.addons.k8s.io" | |
I0219 15:05:24.003208 48632 tree_walker.go:98] visit "cloudup/resources/addons/coredns.addons.k8s.io/k8s-1.6.yaml.template" | |
I0219 15:05:24.003268 48632 loader.go:354] loading (templated) resource "addons/coredns.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:24.003282 48632 tree_walker.go:98] visit "cloudup/resources/addons/digitalocean-cloud-controller.addons.k8s.io" | |
I0219 15:05:24.003295 48632 tree_walker.go:98] visit "cloudup/resources/addons/digitalocean-cloud-controller.addons.k8s.io/k8s-1.8.yaml.template" | |
I0219 15:05:24.003345 48632 loader.go:354] loading (templated) resource "addons/digitalocean-cloud-controller.addons.k8s.io/k8s-1.8.yaml" | |
I0219 15:05:24.003359 48632 tree_walker.go:98] visit "cloudup/resources/addons/kube-dns.addons.k8s.io" | |
I0219 15:05:24.003372 48632 tree_walker.go:98] visit "cloudup/resources/addons/kube-dns.addons.k8s.io/k8s-1.6.yaml.template" | |
I0219 15:05:24.003480 48632 loader.go:354] loading (templated) resource "addons/kube-dns.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:24.003495 48632 tree_walker.go:98] visit "cloudup/resources/addons/kube-dns.addons.k8s.io/pre-k8s-1.6.yaml.template" | |
I0219 15:05:24.003596 48632 loader.go:354] loading (templated) resource "addons/kube-dns.addons.k8s.io/pre-k8s-1.6.yaml" | |
I0219 15:05:24.003611 48632 tree_walker.go:98] visit "cloudup/resources/addons/node-authorizer.addons.k8s.io" | |
I0219 15:05:24.003624 48632 tree_walker.go:98] visit "cloudup/resources/addons/node-authorizer.addons.k8s.io/k8s-1.10.yaml.template" | |
I0219 15:05:24.003689 48632 loader.go:354] loading (templated) resource "addons/node-authorizer.addons.k8s.io/k8s-1.10.yaml" | |
I0219 15:05:24.003700 48632 tree_walker.go:98] visit "cloudup/resources/addons/scheduler.addons.k8s.io" | |
I0219 15:05:24.003715 48632 tree_walker.go:98] visit "cloudup/resources/addons/scheduler.addons.k8s.io/v1.7.0.yaml" | |
I0219 15:05:24.003752 48632 loader.go:362] loading resource "addons/scheduler.addons.k8s.io/v1.7.0.yaml" | |
I0219 15:05:24.003762 48632 tree_walker.go:98] visit "cloudup/resources/addons/dns-controller.addons.k8s.io" | |
I0219 15:05:24.003775 48632 tree_walker.go:98] visit "cloudup/resources/addons/dns-controller.addons.k8s.io/k8s-1.6.yaml.template" | |
I0219 15:05:24.003828 48632 loader.go:354] loading (templated) resource "addons/dns-controller.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:24.003839 48632 tree_walker.go:98] visit "cloudup/resources/addons/dns-controller.addons.k8s.io/pre-k8s-1.6.yaml.template" | |
I0219 15:05:24.003882 48632 loader.go:354] loading (templated) resource "addons/dns-controller.addons.k8s.io/pre-k8s-1.6.yaml" | |
I0219 15:05:24.003893 48632 tree_walker.go:98] visit "cloudup/resources/addons/external-dns.addons.k8s.io" | |
I0219 15:05:24.003909 48632 tree_walker.go:98] visit "cloudup/resources/addons/external-dns.addons.k8s.io/k8s-1.6.yaml.template" | |
I0219 15:05:24.003961 48632 loader.go:354] loading (templated) resource "addons/external-dns.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:24.003972 48632 tree_walker.go:98] visit "cloudup/resources/addons/external-dns.addons.k8s.io/pre-k8s-1.6.yaml.template" | |
I0219 15:05:24.004013 48632 loader.go:354] loading (templated) resource "addons/external-dns.addons.k8s.io/pre-k8s-1.6.yaml" | |
I0219 15:05:24.004025 48632 tree_walker.go:98] visit "cloudup/resources/addons/external-dns.addons.k8s.io/README.md" | |
I0219 15:05:24.004071 48632 loader.go:362] loading resource "addons/external-dns.addons.k8s.io/README.md" | |
I0219 15:05:24.004081 48632 tree_walker.go:98] visit "cloudup/resources/addons/limit-range.addons.k8s.io" | |
I0219 15:05:24.004094 48632 tree_walker.go:98] visit "cloudup/resources/addons/limit-range.addons.k8s.io/addon.yaml" | |
I0219 15:05:24.004122 48632 loader.go:362] loading resource "addons/limit-range.addons.k8s.io/addon.yaml" | |
I0219 15:05:24.004132 48632 tree_walker.go:98] visit "cloudup/resources/addons/limit-range.addons.k8s.io/v1.5.0.yaml" | |
I0219 15:05:24.004163 48632 loader.go:362] loading resource "addons/limit-range.addons.k8s.io/v1.5.0.yaml" | |
I0219 15:05:24.004173 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.romana" | |
I0219 15:05:24.004185 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.romana/k8s-1.7.yaml.template" | |
I0219 15:05:24.004258 48632 loader.go:354] loading (templated) resource "addons/networking.romana/k8s-1.7.yaml" | |
I0219 15:05:24.004274 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.cilium.io" | |
I0219 15:05:24.004287 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.cilium.io/k8s-1.7.yaml.template" | |
I0219 15:05:24.004412 48632 loader.go:354] loading (templated) resource "addons/networking.cilium.io/k8s-1.7.yaml" | |
I0219 15:05:24.004423 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.kuberouter" | |
I0219 15:05:24.004436 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.kuberouter/k8s-1.6.yaml.template" | |
I0219 15:05:24.004490 48632 loader.go:354] loading (templated) resource "addons/networking.kuberouter/k8s-1.6.yaml" | |
I0219 15:05:24.004503 48632 tree_walker.go:98] visit "cloudup/resources/addons/storage-aws.addons.k8s.io" | |
I0219 15:05:24.004516 48632 tree_walker.go:98] visit "cloudup/resources/addons/storage-aws.addons.k8s.io/v1.7.0.yaml" | |
I0219 15:05:24.004562 48632 loader.go:362] loading resource "addons/storage-aws.addons.k8s.io/v1.7.0.yaml" | |
I0219 15:05:24.004572 48632 tree_walker.go:98] visit "cloudup/resources/addons/storage-aws.addons.k8s.io/v1.6.0.yaml" | |
I0219 15:05:24.004610 48632 loader.go:362] loading resource "addons/storage-aws.addons.k8s.io/v1.6.0.yaml" | |
I0219 15:05:24.004620 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.kope.io" | |
I0219 15:05:24.004632 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.kope.io/pre-k8s-1.6.yaml" | |
I0219 15:05:24.004694 48632 loader.go:362] loading resource "addons/networking.kope.io/pre-k8s-1.6.yaml" | |
I0219 15:05:24.004705 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.kope.io/k8s-1.6.yaml" | |
I0219 15:05:24.004761 48632 loader.go:362] loading resource "addons/networking.kope.io/k8s-1.6.yaml" | |
I0219 15:05:24.004773 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.projectcalico.org" | |
I0219 15:05:24.004787 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.projectcalico.org/k8s-1.7-v3.yaml.template" | |
I0219 15:05:24.004953 48632 loader.go:354] loading (templated) resource "addons/networking.projectcalico.org/k8s-1.7-v3.yaml" | |
I0219 15:05:24.004979 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.projectcalico.org/k8s-1.7.yaml.template" | |
I0219 15:05:24.005160 48632 loader.go:354] loading (templated) resource "addons/networking.projectcalico.org/k8s-1.7.yaml" | |
I0219 15:05:24.005172 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.projectcalico.org/pre-k8s-1.6.yaml.template" | |
I0219 15:05:24.005279 48632 loader.go:354] loading (templated) resource "addons/networking.projectcalico.org/pre-k8s-1.6.yaml" | |
I0219 15:05:24.005290 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.projectcalico.org/k8s-1.6.yaml.template" | |
I0219 15:05:24.005444 48632 loader.go:354] loading (templated) resource "addons/networking.projectcalico.org/k8s-1.6.yaml" | |
I0219 15:05:24.005473 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.projectcalico.org.canal" | |
I0219 15:05:24.005492 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.projectcalico.org.canal/k8s-1.12.yaml.template" | |
I0219 15:05:24.005632 48632 loader.go:354] loading (templated) resource "addons/networking.projectcalico.org.canal/k8s-1.12.yaml" | |
I0219 15:05:24.005651 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.projectcalico.org.canal/k8s-1.6.yaml.template" | |
I0219 15:05:24.005760 48632 loader.go:354] loading (templated) resource "addons/networking.projectcalico.org.canal/k8s-1.6.yaml" | |
I0219 15:05:24.005771 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.projectcalico.org.canal/k8s-1.8.yaml.template" | |
I0219 15:05:24.005911 48632 loader.go:354] loading (templated) resource "addons/networking.projectcalico.org.canal/k8s-1.8.yaml" | |
I0219 15:05:24.005922 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.projectcalico.org.canal/k8s-1.9.yaml.template" | |
I0219 15:05:24.006053 48632 loader.go:354] loading (templated) resource "addons/networking.projectcalico.org.canal/k8s-1.9.yaml" | |
I0219 15:05:24.006073 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.projectcalico.org.canal/pre-k8s-1.6.yaml.template" | |
I0219 15:05:24.006450 48632 loader.go:354] loading (templated) resource "addons/networking.projectcalico.org.canal/pre-k8s-1.6.yaml" | |
I0219 15:05:24.006486 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.weave" | |
I0219 15:05:24.006520 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.weave/k8s-1.7.yaml.template" | |
I0219 15:05:24.006641 48632 loader.go:354] loading (templated) resource "addons/networking.weave/k8s-1.7.yaml" | |
I0219 15:05:24.006673 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.weave/k8s-1.8.yaml.template" | |
I0219 15:05:24.006788 48632 loader.go:354] loading (templated) resource "addons/networking.weave/k8s-1.8.yaml" | |
I0219 15:05:24.006829 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.weave/pre-k8s-1.6.yaml.template" | |
I0219 15:05:24.006925 48632 loader.go:354] loading (templated) resource "addons/networking.weave/pre-k8s-1.6.yaml" | |
I0219 15:05:24.006942 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.weave/k8s-1.6.yaml.template" | |
I0219 15:05:24.007049 48632 loader.go:354] loading (templated) resource "addons/networking.weave/k8s-1.6.yaml" | |
I0219 15:05:24.007076 48632 tree_walker.go:98] visit "cloudup/resources/addons/authentication.aws" | |
I0219 15:05:24.007097 48632 tree_walker.go:98] visit "cloudup/resources/addons/authentication.aws/k8s-1.10.yaml" | |
I0219 15:05:24.007180 48632 loader.go:362] loading resource "addons/authentication.aws/k8s-1.10.yaml" | |
I0219 15:05:24.007198 48632 tree_walker.go:98] visit "cloudup/resources/addons/authentication.kope.io" | |
I0219 15:05:24.007223 48632 tree_walker.go:98] visit "cloudup/resources/addons/authentication.kope.io/k8s-1.8.yaml" | |
I0219 15:05:24.007320 48632 loader.go:362] loading resource "addons/authentication.kope.io/k8s-1.8.yaml" | |
I0219 15:05:24.007335 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.amazon-vpc-routed-eni" | |
I0219 15:05:24.007355 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.amazon-vpc-routed-eni/k8s-1.10.yaml.template" | |
I0219 15:05:24.007437 48632 loader.go:354] loading (templated) resource "addons/networking.amazon-vpc-routed-eni/k8s-1.10.yaml" | |
I0219 15:05:24.007452 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.amazon-vpc-routed-eni/k8s-1.7.yaml.template" | |
I0219 15:05:24.007530 48632 loader.go:354] loading (templated) resource "addons/networking.amazon-vpc-routed-eni/k8s-1.7.yaml" | |
I0219 15:05:24.007546 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.amazon-vpc-routed-eni/k8s-1.8.yaml.template" | |
I0219 15:05:24.007634 48632 loader.go:354] loading (templated) resource "addons/networking.amazon-vpc-routed-eni/k8s-1.8.yaml" | |
I0219 15:05:24.007652 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.flannel" | |
I0219 15:05:24.007686 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.flannel/k8s-1.6.yaml.template" | |
I0219 15:05:24.007767 48632 loader.go:354] loading (templated) resource "addons/networking.flannel/k8s-1.6.yaml" | |
I0219 15:05:24.007813 48632 tree_walker.go:98] visit "cloudup/resources/addons/networking.flannel/pre-k8s-1.6.yaml.template" | |
I0219 15:05:24.008082 48632 loader.go:354] loading (templated) resource "addons/networking.flannel/pre-k8s-1.6.yaml" | |
I0219 15:05:24.008174 48632 tree_walker.go:98] visit "cloudup/resources/addons/rbac.addons.k8s.io" | |
I0219 15:05:24.008223 48632 tree_walker.go:98] visit "cloudup/resources/addons/rbac.addons.k8s.io/k8s-1.8.yaml" | |
I0219 15:05:24.008279 48632 loader.go:362] loading resource "addons/rbac.addons.k8s.io/k8s-1.8.yaml" | |
I0219 15:05:24.008291 48632 tree_walker.go:98] visit "cloudup/resources/addons/spotinst-kubernetes-cluster-controller.addons.k8s.io" | |
I0219 15:05:24.008307 48632 tree_walker.go:98] visit "cloudup/resources/addons/spotinst-kubernetes-cluster-controller.addons.k8s.io/v1.8.0.yaml.template" | |
I0219 15:05:24.008557 48632 loader.go:354] loading (templated) resource "addons/spotinst-kubernetes-cluster-controller.addons.k8s.io/v1.8.0.yaml" | |
I0219 15:05:24.008570 48632 tree_walker.go:98] visit "cloudup/resources/addons/spotinst-kubernetes-cluster-controller.addons.k8s.io/v1.9.0.yaml.template" | |
I0219 15:05:24.008623 48632 loader.go:354] loading (templated) resource "addons/spotinst-kubernetes-cluster-controller.addons.k8s.io/v1.9.0.yaml" | |
I0219 15:05:24.009582 48632 template_functions.go:190] watch-ingress=false set on dns-controller | |
I0219 15:05:24.009780 48632 visitor.go:40] float64 value at spec.replicas: 1.000000 | |
I0219 15:05:24.009806 48632 images.go:59] Consider image for re-mapping: "kope/dns-controller:1.11.0" | |
I0219 15:05:24.009821 48632 visitor.go:35] string value at spec.template.spec.hostNetwork: true | |
I0219 15:05:24.010196 48632 template_functions.go:190] watch-ingress=false set on dns-controller | |
I0219 15:05:24.010668 48632 visitor.go:40] float64 value at spec.replicas: 1.000000 | |
I0219 15:05:24.010686 48632 images.go:59] Consider image for re-mapping: "kope/dns-controller:1.11.0" | |
I0219 15:05:24.010701 48632 visitor.go:35] string value at spec.template.spec.hostNetwork: true | |
I0219 15:05:24.012208 48632 images.go:59] Consider image for re-mapping: "k8s.gcr.io/cluster-proportional-autoscaler-amd64:1.0.0" | |
I0219 15:05:24.012427 48632 visitor.go:40] float64 value at spec.strategy.rollingUpdate.maxUnavailable: 0.000000 | |
I0219 15:05:24.012444 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].ports.[0].containerPort: 10053.000000 | |
I0219 15:05:24.012454 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].ports.[1].containerPort: 10053.000000 | |
I0219 15:05:24.012463 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].ports.[2].containerPort: 10055.000000 | |
I0219 15:05:24.012472 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].readinessProbe.timeoutSeconds: 5.000000 | |
I0219 15:05:24.012482 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].readinessProbe.httpGet.port: 8081.000000 | |
I0219 15:05:24.012509 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].readinessProbe.initialDelaySeconds: 3.000000 | |
I0219 15:05:24.012519 48632 images.go:59] Consider image for re-mapping: "k8s.gcr.io/kubedns-amd64:1.9" | |
I0219 15:05:24.012544 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].livenessProbe.failureThreshold: 5.000000 | |
I0219 15:05:24.012574 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].livenessProbe.httpGet.port: 8080.000000 | |
I0219 15:05:24.012595 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].livenessProbe.initialDelaySeconds: 60.000000 | |
I0219 15:05:24.012603 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].livenessProbe.successThreshold: 1.000000 | |
I0219 15:05:24.012611 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].livenessProbe.timeoutSeconds: 5.000000 | |
I0219 15:05:24.012619 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].ports.[0].containerPort: 53.000000 | |
I0219 15:05:24.012628 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].ports.[1].containerPort: 53.000000 | |
I0219 15:05:24.012638 48632 images.go:59] Consider image for re-mapping: "k8s.gcr.io/k8s-dns-dnsmasq-amd64:1.14.10" | |
I0219 15:05:24.012647 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].livenessProbe.failureThreshold: 5.000000 | |
I0219 15:05:24.012656 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].livenessProbe.httpGet.port: 8080.000000 | |
I0219 15:05:24.012664 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].livenessProbe.initialDelaySeconds: 60.000000 | |
I0219 15:05:24.012671 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].livenessProbe.successThreshold: 1.000000 | |
I0219 15:05:24.012679 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].livenessProbe.timeoutSeconds: 5.000000 | |
I0219 15:05:24.012689 48632 images.go:59] Consider image for re-mapping: "k8s.gcr.io/dnsmasq-metrics-amd64:1.0" | |
I0219 15:05:24.012698 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].livenessProbe.timeoutSeconds: 5.000000 | |
I0219 15:05:24.012706 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].livenessProbe.failureThreshold: 5.000000 | |
I0219 15:05:24.012714 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].livenessProbe.httpGet.port: 10054.000000 | |
I0219 15:05:24.012722 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].livenessProbe.initialDelaySeconds: 60.000000 | |
I0219 15:05:24.012730 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].livenessProbe.successThreshold: 1.000000 | |
I0219 15:05:24.012753 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].ports.[0].containerPort: 10054.000000 | |
I0219 15:05:24.012763 48632 images.go:59] Consider image for re-mapping: "k8s.gcr.io/exechealthz-amd64:1.2" | |
I0219 15:05:24.012773 48632 visitor.go:40] float64 value at spec.template.spec.containers.[3].ports.[0].containerPort: 8080.000000 | |
I0219 15:05:24.013437 48632 visitor.go:40] float64 value at spec.ports.[0].port: 53.000000 | |
I0219 15:05:24.013452 48632 visitor.go:40] float64 value at spec.ports.[1].port: 53.000000 | |
I0219 15:05:24.014808 48632 images.go:59] Consider image for re-mapping: "k8s.gcr.io/cluster-proportional-autoscaler-amd64:1.1.2-r2" | |
I0219 15:05:24.015041 48632 visitor.go:40] float64 value at spec.strategy.rollingUpdate.maxUnavailable: 0.000000 | |
I0219 15:05:24.015100 48632 visitor.go:35] string value at spec.template.spec.volumes.[0].configMap.optional: true | |
I0219 15:05:24.015111 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].ports.[0].containerPort: 10053.000000 | |
I0219 15:05:24.015120 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].ports.[1].containerPort: 10053.000000 | |
I0219 15:05:24.015129 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].ports.[2].containerPort: 10055.000000 | |
I0219 15:05:24.015137 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].readinessProbe.httpGet.port: 8081.000000 | |
I0219 15:05:24.015145 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].readinessProbe.initialDelaySeconds: 3.000000 | |
I0219 15:05:24.015153 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].readinessProbe.timeoutSeconds: 5.000000 | |
I0219 15:05:24.015163 48632 images.go:59] Consider image for re-mapping: "k8s.gcr.io/k8s-dns-kube-dns-amd64:1.14.10" | |
I0219 15:05:24.015174 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].livenessProbe.successThreshold: 1.000000 | |
I0219 15:05:24.015182 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].livenessProbe.timeoutSeconds: 5.000000 | |
I0219 15:05:24.015190 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].livenessProbe.failureThreshold: 5.000000 | |
I0219 15:05:24.015199 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].livenessProbe.httpGet.port: 10054.000000 | |
I0219 15:05:24.015207 48632 visitor.go:40] float64 value at spec.template.spec.containers.[0].livenessProbe.initialDelaySeconds: 60.000000 | |
I0219 15:05:24.015217 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].ports.[0].containerPort: 53.000000 | |
I0219 15:05:24.015226 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].ports.[1].containerPort: 53.000000 | |
I0219 15:05:24.015238 48632 images.go:59] Consider image for re-mapping: "k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64:1.14.10" | |
I0219 15:05:24.015248 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].livenessProbe.failureThreshold: 5.000000 | |
I0219 15:05:24.015256 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].livenessProbe.httpGet.port: 10054.000000 | |
I0219 15:05:24.015264 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].livenessProbe.initialDelaySeconds: 60.000000 | |
I0219 15:05:24.015272 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].livenessProbe.successThreshold: 1.000000 | |
I0219 15:05:24.015279 48632 visitor.go:40] float64 value at spec.template.spec.containers.[1].livenessProbe.timeoutSeconds: 5.000000 | |
I0219 15:05:24.015288 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].ports.[0].containerPort: 10054.000000 | |
I0219 15:05:24.015298 48632 images.go:59] Consider image for re-mapping: "k8s.gcr.io/k8s-dns-sidecar-amd64:1.14.10" | |
I0219 15:05:24.015308 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].livenessProbe.initialDelaySeconds: 60.000000 | |
I0219 15:05:24.015316 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].livenessProbe.successThreshold: 1.000000 | |
I0219 15:05:24.015338 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].livenessProbe.timeoutSeconds: 5.000000 | |
I0219 15:05:24.015346 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].livenessProbe.failureThreshold: 5.000000 | |
I0219 15:05:24.015354 48632 visitor.go:40] float64 value at spec.template.spec.containers.[2].livenessProbe.httpGet.port: 10054.000000 | |
I0219 15:05:24.016111 48632 visitor.go:40] float64 value at spec.ports.[0].port: 53.000000 | |
I0219 15:05:24.016126 48632 visitor.go:40] float64 value at spec.ports.[1].port: 53.000000 | |
I0219 15:05:24.017052 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017073 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017083 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017091 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017101 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017110 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017123 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017132 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017140 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017148 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017156 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017168 48632 task.go:103] testing task "Keypair" | |
I0219 15:05:24.017180 48632 task.go:103] testing task "Secret" | |
I0219 15:05:24.017189 48632 task.go:103] testing task "Secret" | |
I0219 15:05:24.017197 48632 task.go:103] testing task "Secret" | |
I0219 15:05:24.017205 48632 task.go:103] testing task "Secret" | |
I0219 15:05:24.017213 48632 task.go:103] testing task "Secret" | |
I0219 15:05:24.017222 48632 task.go:103] testing task "Secret" | |
I0219 15:05:24.017231 48632 task.go:103] testing task "Secret" | |
I0219 15:05:24.017239 48632 task.go:103] testing task "Secret" | |
I0219 15:05:24.017247 48632 task.go:103] testing task "Secret" | |
I0219 15:05:24.017260 48632 task.go:103] testing task "MirrorSecrets" | |
I0219 15:05:24.017278 48632 task.go:103] testing task "MirrorKeystore" | |
I0219 15:05:24.017730 48632 task.go:103] testing task "EBSVolume" | |
I0219 15:05:24.018088 48632 task.go:103] testing task "EBSVolume" | |
I0219 15:05:24.018123 48632 task.go:103] testing task "LoadBalancer" | |
I0219 15:05:24.018559 48632 task.go:103] testing task "SecurityGroup" | |
I0219 15:05:24.018845 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.018906 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.018928 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.018943 48632 task.go:103] testing task "LoadBalancerAttachment" | |
I0219 15:05:24.018970 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.018980 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.018994 48632 task.go:103] testing task "SecurityGroup" | |
I0219 15:05:24.019003 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.019012 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.019025 48632 task.go:103] testing task "SecurityGroup" | |
I0219 15:05:24.019034 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.019043 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.019051 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.019631 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.019640 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.019649 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.019660 48632 task.go:103] testing task "SecurityGroupRule" | |
I0219 15:05:24.019690 48632 task.go:103] testing task "SSHKey" | |
I0219 15:05:24.019714 48632 task.go:103] testing task "VPC" | |
I0219 15:05:24.019728 48632 task.go:103] testing task "DHCPOptions" | |
I0219 15:05:24.019742 48632 task.go:103] testing task "VPCDHCPOptionsAssociation" | |
I0219 15:05:24.019757 48632 task.go:103] testing task "InternetGateway" | |
I0219 15:05:24.020141 48632 task.go:103] testing task "RouteTable" | |
I0219 15:05:24.020162 48632 task.go:103] testing task "Route" | |
I0219 15:05:24.020588 48632 network.go:193] applying subnet tags | |
I0219 15:05:24.020611 48632 task.go:103] testing task "Subnet" | |
I0219 15:05:24.020627 48632 task.go:103] testing task "RouteTableAssociation" | |
I0219 15:05:24.020658 48632 task.go:103] testing task "IAMRole" | |
I0219 15:05:24.020677 48632 iam.go:131] Task "DNSZone/" not found; won't set route53 permissions in IAM | |
I0219 15:05:24.020686 48632 task.go:103] testing task "IAMRolePolicy" | |
I0219 15:05:24.020717 48632 task.go:103] testing task "IAMInstanceProfile" | |
I0219 15:05:24.020742 48632 task.go:103] testing task "IAMInstanceProfileRole" | |
I0219 15:05:24.020753 48632 task.go:103] testing task "IAMRolePolicy" | |
I0219 15:05:24.020774 48632 task.go:103] testing task "IAMRole" | |
I0219 15:05:24.020786 48632 iam.go:131] Task "DNSZone/" not found; won't set route53 permissions in IAM | |
I0219 15:05:24.020794 48632 task.go:103] testing task "IAMRolePolicy" | |
I0219 15:05:24.020802 48632 task.go:103] testing task "IAMInstanceProfile" | |
I0219 15:05:24.020810 48632 task.go:103] testing task "IAMInstanceProfileRole" | |
I0219 15:05:24.020837 48632 task.go:103] testing task "IAMRolePolicy" | |
I0219 15:05:24.020918 48632 task.go:103] testing task "LaunchConfiguration" | |
I0219 15:05:24.020954 48632 task.go:103] testing task "AutoscalingGroup" | |
I0219 15:05:24.021025 48632 task.go:103] testing task "LaunchConfiguration" | |
I0219 15:05:24.021038 48632 task.go:103] testing task "AutoscalingGroup" | |
I0219 15:05:24.022768 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/cluster.spec" | |
I0219 15:05:24.022787 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/cluster.spec" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.064413 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/master-us-east-1a" | |
I0219 15:05:24.074512 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/master-us-east-1a" | |
I0219 15:05:24.074552 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/instancegroup/master-us-east-1a" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.101991 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/master-us-east-1a" | |
I0219 15:05:24.102031 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/instancegroup/master-us-east-1a" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.127357 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/nodes" | |
I0219 15:05:24.250515 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/nodes" | |
I0219 15:05:24.250558 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/instancegroup/nodes" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.294723 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/nodes" | |
I0219 15:05:24.294766 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/instancegroup/nodes" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.319913 48632 topological_sort.go:64] Dependencies: | |
I0219 15:05:24.319936 48632 topological_sort.go:66] MirrorKeystore/mirror-keystore: [Secret/system:monitoring Secret/system:logging Secret/kube Secret/kubelet Secret/system:dns Secret/kube-proxy Secret/system:scheduler Secret/system:controller_manager Secret/admin] | |
I0219 15:05:24.319951 48632 topological_sort.go:66] LoadBalancer/api.vault-cluster.k8s.local: [Subnet/us-east-1a.vault-cluster.k8s.local SecurityGroup/api-elb.vault-cluster.k8s.local] | |
I0219 15:05:24.319961 48632 topological_sort.go:66] IAMRolePolicy/nodes.vault-cluster.k8s.local: [IAMRole/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.319969 48632 topological_sort.go:66] LoadBalancerAttachment/api-master-us-east-1a: [LoadBalancer/api.vault-cluster.k8s.local AutoscalingGroup/master-us-east-1a.masters.vault-cluster.k8s.local] | |
I0219 15:05:24.319977 48632 topological_sort.go:66] SecurityGroupRule/all-master-to-node: [SecurityGroup/nodes.vault-cluster.k8s.local SecurityGroup/masters.vault-cluster.k8s.local] | |
I0219 15:05:24.319985 48632 topological_sort.go:66] LaunchConfiguration/master-us-east-1a.masters.vault-cluster.k8s.local: [SSHKey/kubernetes.vault-cluster.k8s.local-{{SSH_FINGERPRINT}} SecurityGroup/masters.vault-cluster.k8s.local IAMInstanceProfile/masters.vault-cluster.k8s.local] | |
I0219 15:05:24.319997 48632 topological_sort.go:66] IAMRolePolicy/additional.nodes.vault-cluster.k8s.local: [IAMRole/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.320010 48632 topological_sort.go:66] Secret/system:logging: [] | |
I0219 15:05:24.320022 48632 topological_sort.go:66] SecurityGroupRule/node-to-master-tcp-1-2379: [SecurityGroup/masters.vault-cluster.k8s.local SecurityGroup/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.320033 48632 topological_sort.go:66] SSHKey/kubernetes.vault-cluster.k8s.local-{{SSH_FINGERPRINT}}: [] | |
I0219 15:05:24.320040 48632 topological_sort.go:66] vault-cluster.k8s.local-addons-bootstrap: [] | |
I0219 15:05:24.320048 48632 topological_sort.go:66] InternetGateway/vault-cluster.k8s.local: [VPC/vault-cluster.k8s.local] | |
I0219 15:05:24.320056 48632 topological_sort.go:66] Keypair/kubecfg: [Keypair/ca] | |
I0219 15:05:24.320064 48632 topological_sort.go:66] Keypair/apiserver-aggregator: [Keypair/apiserver-aggregator-ca] | |
I0219 15:05:24.320071 48632 topological_sort.go:66] Secret/system:scheduler: [] | |
I0219 15:05:24.320079 48632 topological_sort.go:66] Secret/admin: [] | |
I0219 15:05:24.320086 48632 topological_sort.go:66] RouteTableAssociation/us-east-1a.vault-cluster.k8s.local: [RouteTable/vault-cluster.k8s.local Subnet/us-east-1a.vault-cluster.k8s.local] | |
I0219 15:05:24.320095 48632 topological_sort.go:66] SecurityGroupRule/node-to-master-udp-1-65535: [SecurityGroup/masters.vault-cluster.k8s.local SecurityGroup/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.320102 48632 topological_sort.go:66] SecurityGroupRule/https-elb-to-master: [SecurityGroup/masters.vault-cluster.k8s.local SecurityGroup/api-elb.vault-cluster.k8s.local] | |
I0219 15:05:24.320110 48632 topological_sort.go:66] EBSVolume/a.etcd-events.vault-cluster.k8s.local: [] | |
I0219 15:05:24.320118 48632 topological_sort.go:66] Keypair/master: [LoadBalancer/api.vault-cluster.k8s.local Keypair/ca] | |
I0219 15:05:24.320126 48632 topological_sort.go:66] SecurityGroupRule/node-to-master-tcp-4003-65535: [SecurityGroup/masters.vault-cluster.k8s.local SecurityGroup/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.320134 48632 topological_sort.go:66] Keypair/kubelet: [Keypair/ca] | |
I0219 15:05:24.320142 48632 topological_sort.go:66] vault-cluster.k8s.local-addons-dns-controller.addons.k8s.io-k8s-1.6: [] | |
I0219 15:05:24.320149 48632 topological_sort.go:66] vault-cluster.k8s.local-addons-kube-dns.addons.k8s.io-pre-k8s-1.6: [] | |
I0219 15:05:24.320157 48632 topological_sort.go:66] IAMInstanceProfile/masters.vault-cluster.k8s.local: [] | |
I0219 15:05:24.320164 48632 topological_sort.go:66] SecurityGroupRule/https-api-elb-0.0.0.0/0: [SecurityGroup/api-elb.vault-cluster.k8s.local] | |
I0219 15:05:24.320172 48632 topological_sort.go:66] Keypair/apiserver-aggregator-ca: [] | |
I0219 15:05:24.320181 48632 topological_sort.go:66] SecurityGroupRule/api-elb-egress: [SecurityGroup/api-elb.vault-cluster.k8s.local] | |
I0219 15:05:24.320190 48632 topological_sort.go:66] SecurityGroupRule/ssh-external-to-master-0.0.0.0/0: [SecurityGroup/masters.vault-cluster.k8s.local] | |
I0219 15:05:24.320197 48632 topological_sort.go:66] Keypair/kube-scheduler: [Keypair/ca] | |
I0219 15:05:24.320205 48632 topological_sort.go:66] SecurityGroup/nodes.vault-cluster.k8s.local: [VPC/vault-cluster.k8s.local] | |
I0219 15:05:24.320213 48632 topological_sort.go:66] SecurityGroupRule/all-master-to-master: [SecurityGroup/masters.vault-cluster.k8s.local SecurityGroup/masters.vault-cluster.k8s.local] | |
I0219 15:05:24.320221 48632 topological_sort.go:66] vault-cluster.k8s.local-addons-storage-aws.addons.k8s.io-v1.6.0: [] | |
I0219 15:05:24.320228 48632 topological_sort.go:66] Secret/kube: [] | |
I0219 15:05:24.320236 48632 topological_sort.go:66] Keypair/kube-controller-manager: [Keypair/ca] | |
I0219 15:05:24.320243 48632 topological_sort.go:66] vault-cluster.k8s.local-addons-kube-dns.addons.k8s.io-k8s-1.6: [] | |
I0219 15:05:24.320251 48632 topological_sort.go:66] EBSVolume/a.etcd-main.vault-cluster.k8s.local: [] | |
I0219 15:05:24.320258 48632 topological_sort.go:66] Secret/kube-proxy: [] | |
I0219 15:05:24.320266 48632 topological_sort.go:66] IAMRolePolicy/additional.masters.vault-cluster.k8s.local: [IAMRole/masters.vault-cluster.k8s.local] | |
I0219 15:05:24.320273 48632 topological_sort.go:66] Keypair/kube-proxy: [Keypair/ca] | |
I0219 15:05:24.320281 48632 topological_sort.go:66] Route/0.0.0.0/0: [RouteTable/vault-cluster.k8s.local InternetGateway/vault-cluster.k8s.local] | |
I0219 15:05:24.320289 48632 topological_sort.go:66] Keypair/ca: [] | |
I0219 15:05:24.320296 48632 topological_sort.go:66] vault-cluster.k8s.local-addons-storage-aws.addons.k8s.io-v1.7.0: [] | |
I0219 15:05:24.320304 48632 topological_sort.go:66] SecurityGroupRule/ssh-external-to-node-0.0.0.0/0: [SecurityGroup/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.320311 48632 topological_sort.go:66] AutoscalingGroup/master-us-east-1a.masters.vault-cluster.k8s.local: [Subnet/us-east-1a.vault-cluster.k8s.local LaunchConfiguration/master-us-east-1a.masters.vault-cluster.k8s.local] | |
I0219 15:05:24.320324 48632 topological_sort.go:66] Keypair/kops: [Keypair/ca] | |
I0219 15:05:24.320332 48632 topological_sort.go:66] SecurityGroupRule/all-node-to-node: [SecurityGroup/nodes.vault-cluster.k8s.local SecurityGroup/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.320340 48632 topological_sort.go:66] vault-cluster.k8s.local-addons-limit-range.addons.k8s.io: [] | |
I0219 15:05:24.320348 48632 topological_sort.go:66] Secret/system:dns: [] | |
I0219 15:05:24.320355 48632 topological_sort.go:66] VPC/vault-cluster.k8s.local: [] | |
I0219 15:05:24.320362 48632 topological_sort.go:66] Secret/system:controller_manager: [] | |
I0219 15:05:24.320370 48632 topological_sort.go:66] IAMRole/nodes.vault-cluster.k8s.local: [] | |
I0219 15:05:24.320377 48632 topological_sort.go:66] VPCDHCPOptionsAssociation/vault-cluster.k8s.local: [VPC/vault-cluster.k8s.local DHCPOptions/vault-cluster.k8s.local] | |
I0219 15:05:24.320385 48632 topological_sort.go:66] SecurityGroupRule/master-egress: [SecurityGroup/masters.vault-cluster.k8s.local] | |
I0219 15:05:24.320393 48632 topological_sort.go:66] IAMInstanceProfile/nodes.vault-cluster.k8s.local: [] | |
I0219 15:05:24.320401 48632 topological_sort.go:66] Keypair/apiserver-proxy-client: [Keypair/ca] | |
I0219 15:05:24.320408 48632 topological_sort.go:66] IAMInstanceProfileRole/masters.vault-cluster.k8s.local: [IAMInstanceProfile/masters.vault-cluster.k8s.local IAMRole/masters.vault-cluster.k8s.local] | |
I0219 15:05:24.320416 48632 topological_sort.go:66] SecurityGroupRule/node-egress: [SecurityGroup/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.320424 48632 topological_sort.go:66] IAMRole/masters.vault-cluster.k8s.local: [] | |
I0219 15:05:24.320431 48632 topological_sort.go:66] LaunchConfiguration/nodes.vault-cluster.k8s.local: [SSHKey/kubernetes.vault-cluster.k8s.local-{{SSH_FINGERPRINT}} SecurityGroup/nodes.vault-cluster.k8s.local IAMInstanceProfile/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.320441 48632 topological_sort.go:66] SecurityGroup/masters.vault-cluster.k8s.local: [VPC/vault-cluster.k8s.local] | |
I0219 15:05:24.320450 48632 topological_sort.go:66] AutoscalingGroup/nodes.vault-cluster.k8s.local: [Subnet/us-east-1a.vault-cluster.k8s.local LaunchConfiguration/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.320458 48632 topological_sort.go:66] vault-cluster.k8s.local-addons-core.addons.k8s.io: [] | |
I0219 15:05:24.320465 48632 topological_sort.go:66] Keypair/kubelet-api: [Keypair/ca] | |
I0219 15:05:24.320473 48632 topological_sort.go:66] vault-cluster.k8s.local-addons-rbac.addons.k8s.io-k8s-1.8: [] | |
I0219 15:05:24.320480 48632 topological_sort.go:66] vault-cluster.k8s.local-addons-dns-controller.addons.k8s.io-pre-k8s-1.6: [] | |
I0219 15:05:24.320488 48632 topological_sort.go:66] MirrorSecrets/mirror-secrets: [Secret/kube-proxy Secret/system:scheduler Secret/system:controller_manager Secret/admin Secret/system:monitoring Secret/system:logging Secret/kube Secret/kubelet Secret/system:dns] | |
I0219 15:05:24.320497 48632 topological_sort.go:66] RouteTable/vault-cluster.k8s.local: [VPC/vault-cluster.k8s.local] | |
I0219 15:05:24.320505 48632 topological_sort.go:66] DHCPOptions/vault-cluster.k8s.local: [] | |
I0219 15:05:24.320513 48632 topological_sort.go:66] IAMRolePolicy/masters.vault-cluster.k8s.local: [IAMRole/masters.vault-cluster.k8s.local] | |
I0219 15:05:24.320521 48632 topological_sort.go:66] Secret/system:monitoring: [] | |
I0219 15:05:24.320528 48632 topological_sort.go:66] Subnet/us-east-1a.vault-cluster.k8s.local: [VPC/vault-cluster.k8s.local] | |
I0219 15:05:24.320536 48632 topological_sort.go:66] Secret/kubelet: [] | |
I0219 15:05:24.320544 48632 topological_sort.go:66] SecurityGroupRule/node-to-master-tcp-2382-4000: [SecurityGroup/masters.vault-cluster.k8s.local SecurityGroup/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.320552 48632 topological_sort.go:66] IAMInstanceProfileRole/nodes.vault-cluster.k8s.local: [IAMInstanceProfile/nodes.vault-cluster.k8s.local IAMRole/nodes.vault-cluster.k8s.local] | |
I0219 15:05:24.320560 48632 topological_sort.go:66] SecurityGroup/api-elb.vault-cluster.k8s.local: [VPC/vault-cluster.k8s.local] | |
I0219 15:05:24.320609 48632 executor.go:103] Tasks: 0 done / 77 total; 30 can run | |
I0219 15:05:24.320683 48632 executor.go:178] Executing task "vault-cluster.k8s.local-addons-core.addons.k8s.io": *fitasks.ManagedFile {"Name":"vault-cluster.k8s.local-addons-core.addons.k8s.io","Lifecycle":"Sync","Location":"addons/core.addons.k8s.io/v1.4.0.yaml","Contents":{"Name":"","Resource":"apiVersion: v1\nkind: Namespace\nmetadata:\n name: kube-system\n"}} | |
I0219 15:05:24.320774 48632 executor.go:178] Executing task "vault-cluster.k8s.local-addons-rbac.addons.k8s.io-k8s-1.8": *fitasks.ManagedFile {"Name":"vault-cluster.k8s.local-addons-rbac.addons.k8s.io-k8s-1.8","Lifecycle":"Sync","Location":"addons/rbac.addons.k8s.io/k8s-1.8.yaml","Contents":{"Name":"","Resource":"apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n labels:\n addonmanager.kubernetes.io/mode: Reconcile\n k8s-addon: rbac.addons.k8s.io\n kubernetes.io/cluster-service: \"true\"\n name: kubelet-cluster-admin\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: system:node\nsubjects:\n- apiGroup: rbac.authorization.k8s.io\n kind: User\n name: kubelet\n"}} | |
I0219 15:05:24.320794 48632 executor.go:178] Executing task "vault-cluster.k8s.local-addons-dns-controller.addons.k8s.io-k8s-1.6": *fitasks.ManagedFile {"Name":"vault-cluster.k8s.local-addons-dns-controller.addons.k8s.io-k8s-1.6","Lifecycle":"Sync","Location":"addons/dns-controller.addons.k8s.io/k8s-1.6.yaml","Contents":{"Name":"","Resource":"apiVersion: extensions/v1beta1\nkind: Deployment\nmetadata:\n labels:\n k8s-addon: dns-controller.addons.k8s.io\n k8s-app: dns-controller\n version: v1.11.0\n name: dns-controller\n namespace: kube-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n k8s-app: dns-controller\n template:\n metadata:\n annotations:\n scheduler.alpha.kubernetes.io/critical-pod: \"\"\n scheduler.alpha.kubernetes.io/tolerations: '[{\"key\": \"dedicated\", \"value\":\n \"master\"}]'\n labels:\n k8s-addon: dns-controller.addons.k8s.io\n k8s-app: dns-controller\n version: v1.11.0\n spec:\n containers:\n - command:\n - /usr/bin/dns-controller\n - --watch-ingress=false\n - --dns=gossip\n - --gossip-seed=127.0.0.1:3999\n - --zone=*/*\n - -v=2\n image: kope/dns-controller:1.11.0\n name: dns-controller\n resources:\n requests:\n cpu: 50m\n memory: 50Mi\n dnsPolicy: Default\n hostNetwork: true\n nodeSelector:\n node-role.kubernetes.io/master: \"\"\n serviceAccount: dns-controller\n tolerations:\n - effect: NoSchedule\n key: node-role.kubernetes.io/master\n\n---\n\napiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n k8s-addon: dns-controller.addons.k8s.io\n name: dns-controller\n namespace: kube-system\n\n---\n\napiVersion: rbac.authorization.k8s.io/v1beta1\nkind: ClusterRole\nmetadata:\n labels:\n k8s-addon: dns-controller.addons.k8s.io\n name: kops:dns-controller\nrules:\n- apiGroups:\n - \"\"\n resources:\n - endpoints\n - services\n - pods\n - ingress\n - nodes\n verbs:\n - get\n - list\n - watch\n- apiGroups:\n - extensions\n resources:\n - ingresses\n verbs:\n - get\n - list\n - watch\n\n---\n\napiVersion: rbac.authorization.k8s.io/v1beta1\nkind: ClusterRoleBinding\nmetadata:\n labels:\n k8s-addon: dns-controller.addons.k8s.io\n name: kops:dns-controller\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: kops:dns-controller\nsubjects:\n- apiGroup: rbac.authorization.k8s.io\n kind: User\n name: system:serviceaccount:kube-system:dns-controller\n"}} | |
I0219 15:05:24.320670 48632 executor.go:178] Executing task "VPC/vault-cluster.k8s.local": *awstasks.VPC {"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}} | |
I0219 15:05:24.320949 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/rbac.addons.k8s.io/k8s-1.8.yaml" | |
I0219 15:05:24.320710 48632 executor.go:178] Executing task "vault-cluster.k8s.local-addons-storage-aws.addons.k8s.io-v1.6.0": *fitasks.ManagedFile {"Name":"vault-cluster.k8s.local-addons-storage-aws.addons.k8s.io-v1.6.0","Lifecycle":"Sync","Location":"addons/storage-aws.addons.k8s.io/v1.6.0.yaml","Contents":{"Name":"","Resource":"apiVersion: storage.k8s.io/v1beta1\nkind: StorageClass\nmetadata:\n labels:\n k8s-addon: storage-aws.addons.k8s.io\n name: default\nparameters:\n type: gp2\nprovisioner: kubernetes.io/aws-ebs\n\n---\n\napiVersion: storage.k8s.io/v1beta1\nkind: StorageClass\nmetadata:\n annotations:\n storageclass.beta.kubernetes.io/is-default-class: \"true\"\n labels:\n k8s-addon: storage-aws.addons.k8s.io\n name: gp2\nparameters:\n type: gp2\nprovisioner: kubernetes.io/aws-ebs\n"}} | |
I0219 15:05:24.320982 48632 executor.go:178] Executing task "vault-cluster.k8s.local-addons-dns-controller.addons.k8s.io-pre-k8s-1.6": *fitasks.ManagedFile {"Name":"vault-cluster.k8s.local-addons-dns-controller.addons.k8s.io-pre-k8s-1.6","Lifecycle":"Sync","Location":"addons/dns-controller.addons.k8s.io/pre-k8s-1.6.yaml","Contents":{"Name":"","Resource":"apiVersion: extensions/v1beta1\nkind: Deployment\nmetadata:\n labels:\n k8s-addon: dns-controller.addons.k8s.io\n k8s-app: dns-controller\n version: v1.11.0\n name: dns-controller\n namespace: kube-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n k8s-app: dns-controller\n template:\n metadata:\n annotations:\n scheduler.alpha.kubernetes.io/critical-pod: \"\"\n scheduler.alpha.kubernetes.io/tolerations: '[{\"key\": \"dedicated\", \"value\":\n \"master\"}]'\n labels:\n k8s-addon: dns-controller.addons.k8s.io\n k8s-app: dns-controller\n version: v1.11.0\n spec:\n containers:\n - command:\n - /usr/bin/dns-controller\n - --watch-ingress=false\n - --dns=gossip\n - --gossip-seed=127.0.0.1:3999\n - --zone=*/*\n - -v=2\n image: kope/dns-controller:1.11.0\n name: dns-controller\n resources:\n requests:\n cpu: 50m\n memory: 50Mi\n dnsPolicy: Default\n hostNetwork: true\n nodeSelector:\n kubernetes.io/role: master\n"}} | |
I0219 15:05:24.321088 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/dns-controller.addons.k8s.io/pre-k8s-1.6.yaml" | |
I0219 15:05:24.320687 48632 executor.go:178] Executing task "IAMInstanceProfile/masters.vault-cluster.k8s.local": *awstasks.IAMInstanceProfile {"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"Shared":false} | |
I0219 15:05:24.320968 48632 executor.go:178] Executing task "EBSVolume/a.etcd-events.vault-cluster.k8s.local": *awstasks.EBSVolume {"Name":"a.etcd-events.vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"AvailabilityZone":"us-east-1a","VolumeType":"gp2","SizeGB":20,"VolumeIops":null,"KmsKeyId":null,"Encrypted":false,"Tags":{"k8s.io/etcd/events":"a/a","k8s.io/role/master":"1","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}} | |
I0219 15:05:24.320748 48632 executor.go:178] Executing task "vault-cluster.k8s.local-addons-storage-aws.addons.k8s.io-v1.7.0": *fitasks.ManagedFile {"Name":"vault-cluster.k8s.local-addons-storage-aws.addons.k8s.io-v1.7.0","Lifecycle":"Sync","Location":"addons/storage-aws.addons.k8s.io/v1.7.0.yaml","Contents":{"Name":"","Resource":"apiVersion: storage.k8s.io/v1\nkind: StorageClass\nmetadata:\n labels:\n k8s-addon: storage-aws.addons.k8s.io\n name: default\nparameters:\n type: gp2\nprovisioner: kubernetes.io/aws-ebs\n\n---\n\napiVersion: storage.k8s.io/v1\nkind: StorageClass\nmetadata:\n annotations:\n storageclass.beta.kubernetes.io/is-default-class: \"true\"\n labels:\n k8s-addon: storage-aws.addons.k8s.io\n name: gp2\nparameters:\n type: gp2\nprovisioner: kubernetes.io/aws-ebs\n"}} | |
I0219 15:05:24.321197 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/storage-aws.addons.k8s.io/v1.7.0.yaml" | |
I0219 15:05:24.321077 48632 executor.go:178] Executing task "SSHKey/kubernetes.vault-cluster.k8s.local-{{SSH_FINGERPRINT}}": *awstasks.SSHKey {"Name":"kubernetes.vault-cluster.k8s.local-{{SSH_FINGERPRINT}}","Lifecycle":"Sync","PublicKey":{"Name":"","Resource":"ssh-rsa {{SSH_RSA_KEY}}\n"},"KeyFingerprint":null} | |
I0219 15:05:24.321239 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/storage-aws.addons.k8s.io/v1.6.0.yaml" | |
I0219 15:05:24.320975 48632 executor.go:178] Executing task "Secret/kubelet": *fitasks.Secret {"Name":"kubelet","Lifecycle":"Sync"} | |
I0219 15:05:24.321321 48632 sshkey.go:109] Computed SSH key fingerprint as "{{ANOTHER_KEY_FINGERPRINT}}" | |
I0219 15:05:24.321339 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kubelet" | |
I0219 15:05:24.321361 48632 request_logger.go:45] AWS request: ec2/DescribeVpcs | |
I0219 15:05:24.321509 48632 executor.go:178] Executing task "Secret/system:scheduler": *fitasks.Secret {"Name":"system:scheduler","Lifecycle":"Sync"} | |
I0219 15:05:24.321526 48632 request_logger.go:45] AWS request: ec2/DescribeKeyPairs | |
I0219 15:05:24.320657 48632 executor.go:178] Executing task "vault-cluster.k8s.local-addons-bootstrap": *fitasks.ManagedFile {"Name":"vault-cluster.k8s.local-addons-bootstrap","Lifecycle":"Sync","Location":"addons/bootstrap-channel.yaml","Contents":{"Name":"","Resource":"kind: Addons\nmetadata:\n creationTimestamp: null\n name: bootstrap\nspec:\n addons:\n - manifest: core.addons.k8s.io/v1.4.0.yaml\n name: core.addons.k8s.io\n selector:\n k8s-addon: core.addons.k8s.io\n version: 1.4.0\n - id: pre-k8s-1.6\n kubernetesVersion: \u003c1.6.0\n manifest: kube-dns.addons.k8s.io/pre-k8s-1.6.yaml\n name: kube-dns.addons.k8s.io\n selector:\n k8s-addon: kube-dns.addons.k8s.io\n version: 1.14.10\n - id: k8s-1.6\n kubernetesVersion: '\u003e=1.6.0'\n manifest: kube-dns.addons.k8s.io/k8s-1.6.yaml\n name: kube-dns.addons.k8s.io\n selector:\n k8s-addon: kube-dns.addons.k8s.io\n version: 1.14.10\n - id: k8s-1.8\n kubernetesVersion: '\u003e=1.8.0'\n manifest: rbac.addons.k8s.io/k8s-1.8.yaml\n name: rbac.addons.k8s.io\n selector:\n k8s-addon: rbac.addons.k8s.io\n version: 1.8.0\n - manifest: limit-range.addons.k8s.io/v1.5.0.yaml\n name: limit-range.addons.k8s.io\n selector:\n k8s-addon: limit-range.addons.k8s.io\n version: 1.5.0\n - id: pre-k8s-1.6\n kubernetesVersion: \u003c1.6.0\n manifest: dns-controller.addons.k8s.io/pre-k8s-1.6.yaml\n name: dns-controller.addons.k8s.io\n selector:\n k8s-addon: dns-controller.addons.k8s.io\n version: 1.11.0\n - id: k8s-1.6\n kubernetesVersion: '\u003e=1.6.0'\n manifest: dns-controller.addons.k8s.io/k8s-1.6.yaml\n name: dns-controller.addons.k8s.io\n selector:\n k8s-addon: dns-controller.addons.k8s.io\n version: 1.11.0\n - id: v1.7.0\n kubernetesVersion: '\u003e=1.7.0'\n manifest: storage-aws.addons.k8s.io/v1.7.0.yaml\n name: storage-aws.addons.k8s.io\n selector:\n k8s-addon: storage-aws.addons.k8s.io\n version: 1.7.0\n - id: v1.6.0\n kubernetesVersion: \u003c1.7.0\n manifest: storage-aws.addons.k8s.io/v1.6.0.yaml\n name: storage-aws.addons.k8s.io\n selector:\n k8s-addon: storage-aws.addons.k8s.io\n version: 1.7.0\n"}} | |
I0219 15:05:24.320687 48632 executor.go:178] Executing task "vault-cluster.k8s.local-addons-kube-dns.addons.k8s.io-pre-k8s-1.6": *fitasks.ManagedFile {"Name":"vault-cluster.k8s.local-addons-kube-dns.addons.k8s.io-pre-k8s-1.6","Lifecycle":"Sync","Location":"addons/kube-dns.addons.k8s.io/pre-k8s-1.6.yaml","Contents":{"Name":"","Resource":"apiVersion: extensions/v1beta1\nkind: Deployment\nmetadata:\n labels:\n k8s-addon: kube-dns.addons.k8s.io\n k8s-app: kube-dns-autoscaler\n kubernetes.io/cluster-service: \"true\"\n name: kube-dns-autoscaler\n namespace: kube-system\nspec:\n template:\n metadata:\n annotations:\n scheduler.alpha.kubernetes.io/critical-pod: \"\"\n scheduler.alpha.kubernetes.io/tolerations: '[{\"key\":\"CriticalAddonsOnly\",\n \"operator\":\"Exists\"}]'\n labels:\n k8s-app: kube-dns-autoscaler\n spec:\n containers:\n - command:\n - /cluster-proportional-autoscaler\n - --namespace=kube-system\n - --configmap=kube-dns-autoscaler\n - --mode=linear\n - --target=Deployment/kube-dns\n - --default-params={\"linear\":{\"coresPerReplica\":256,\"nodesPerReplica\":16,\"min\":2}}\n - --logtostderr=true\n - --v=2\n image: k8s.gcr.io/cluster-proportional-autoscaler-amd64:1.0.0\n name: autoscaler\n resources:\n requests:\n cpu: 20m\n memory: 10Mi\n\n---\n\napiVersion: extensions/v1beta1\nkind: Deployment\nmetadata:\n labels:\n k8s-addon: kube-dns.addons.k8s.io\n k8s-app: kube-dns\n kubernetes.io/cluster-service: \"true\"\n name: kube-dns\n namespace: kube-system\nspec:\n selector:\n matchLabels:\n k8s-app: kube-dns\n strategy:\n rollingUpdate:\n maxSurge: 10%\n maxUnavailable: 0\n template:\n metadata:\n annotations:\n scheduler.alpha.kubernetes.io/critical-pod: \"\"\n scheduler.alpha.kubernetes.io/tolerations: '[{\"key\":\"CriticalAddonsOnly\",\n \"operator\":\"Exists\"}]'\n labels:\n k8s-app: kube-dns\n spec:\n containers:\n - args:\n - --domain=cluster.local.\n - --dns-port=10053\n - --config-map=kube-dns\n - --v=2\n env:\n - name: PROMETHEUS_PORT\n value: \"10055\"\n image: k8s.gcr.io/kubedns-amd64:1.9\n livenessProbe:\n failureThreshold: 5\n httpGet:\n path: /healthz-kubedns\n port: 8080\n scheme: HTTP\n initialDelaySeconds: 60\n successThreshold: 1\n timeoutSeconds: 5\n name: kubedns\n ports:\n - containerPort: 10053\n name: dns-local\n protocol: UDP\n - containerPort: 10053\n name: dns-tcp-local\n protocol: TCP\n - containerPort: 10055\n name: metrics\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readiness\n port: 8081\n scheme: HTTP\n initialDelaySeconds: 3\n timeoutSeconds: 5\n resources:\n limits:\n memory: 170Mi\n requests:\n cpu: 100m\n memory: 70Mi\n - args:\n - --cache-size=1000\n - --dns-forward-max=150\n - --no-resolv\n - --server=127.0.0.1#10053\n - --log-facility=-\n image: k8s.gcr.io/k8s-dns-dnsmasq-amd64:1.14.10\n livenessProbe:\n failureThreshold: 5\n httpGet:\n path: /healthz-dnsmasq\n port: 8080\n scheme: HTTP\n initialDelaySeconds: 60\n successThreshold: 1\n timeoutSeconds: 5\n name: dnsmasq\n ports:\n - containerPort: 53\n name: dns\n protocol: UDP\n - containerPort: 53\n name: dns-tcp\n protocol: TCP\n resources:\n requests:\n cpu: 150m\n memory: 10Mi\n - args:\n - --v=2\n - --logtostderr\n image: k8s.gcr.io/dnsmasq-metrics-amd64:1.0\n livenessProbe:\n failureThreshold: 5\n httpGet:\n path: /metrics\n port: 10054\n scheme: HTTP\n initialDelaySeconds: 60\n successThreshold: 1\n timeoutSeconds: 5\n name: dnsmasq-metrics\n ports:\n - containerPort: 10054\n name: metrics\n protocol: TCP\n resources:\n requests:\n memory: 10Mi\n - args:\n - --cmd=nslookup kubernetes.default.svc.cluster.local 127.0.0.1 \u003e/dev/null\n - --url=/healthz-dnsmasq\n - --cmd=nslookup kubernetes.default.svc.cluster.local 127.0.0.1:10053 \u003e/dev/null\n - --url=/healthz-kubedns\n - --port=8080\n - --quiet\n image: k8s.gcr.io/exechealthz-amd64:1.2\n name: healthz\n ports:\n - containerPort: 8080\n protocol: TCP\n resources:\n limits:\n memory: 50Mi\n requests:\n cpu: 10m\n memory: 50Mi\n dnsPolicy: Default\n\n---\n\napiVersion: v1\nkind: Service\nmetadata:\n labels:\n k8s-addon: kube-dns.addons.k8s.io\n k8s-app: kube-dns\n kubernetes.io/cluster-service: \"true\"\n kubernetes.io/name: KubeDNS\n name: kube-dns\n namespace: kube-system\nspec:\n clusterIP: 100.64.0.10\n ports:\n - name: dns\n port: 53\n protocol: UDP\n - name: dns-tcp\n port: 53\n protocol: TCP\n selector:\n k8s-app: kube-dns\n"}} | |
I0219 15:05:24.320908 48632 executor.go:178] Executing task "Secret/kube": *fitasks.Secret {"Name":"kube","Lifecycle":"Sync"} | |
I0219 15:05:24.320966 48632 executor.go:178] Executing task "Secret/system:monitoring": *fitasks.Secret {"Name":"system:monitoring","Lifecycle":"Sync"} | |
I0219 15:05:24.320829 48632 executor.go:178] Executing task "IAMRole/nodes.vault-cluster.k8s.local": *awstasks.IAMRole {"ID":null,"Lifecycle":"Sync","Name":"nodes.vault-cluster.k8s.local","RolePolicyDocument":{"Name":"","Resource":{}},"ExportWithID":"nodes"} | |
I0219 15:05:24.320764 48632 executor.go:178] Executing task "Keypair/ca": *fitasks.Keypair {"Name":"ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=kubernetes","type":"ca","format":"v1alpha2"} | |
I0219 15:05:24.321657 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:monitoring" | |
I0219 15:05:24.321708 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml" | |
I0219 15:05:24.320644 48632 executor.go:178] Executing task "Keypair/apiserver-aggregator-ca": *fitasks.Keypair {"Name":"apiserver-aggregator-ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=apiserver-aggregator-ca","type":"ca","format":"v1alpha2"} | |
I0219 15:05:24.320699 48632 executor.go:178] Executing task "Secret/system:logging": *fitasks.Secret {"Name":"system:logging","Lifecycle":"Sync"} | |
I0219 15:05:24.321880 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/keyset.yaml" | |
I0219 15:05:24.321893 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:logging" | |
I0219 15:05:24.321996 48632 request_logger.go:45] AWS request: iam/GetRole | |
I0219 15:05:24.321375 48632 request_logger.go:45] AWS request: ec2/DescribeVolumes | |
I0219 15:05:24.321202 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/dns-controller.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:24.322162 48632 request_logger.go:45] AWS request: iam/GetInstanceProfile | |
I0219 15:05:24.320755 48632 executor.go:178] Executing task "EBSVolume/a.etcd-main.vault-cluster.k8s.local": *awstasks.EBSVolume {"Name":"a.etcd-main.vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"AvailabilityZone":"us-east-1a","VolumeType":"gp2","SizeGB":20,"VolumeIops":null,"KmsKeyId":null,"Encrypted":false,"Tags":{"k8s.io/etcd/main":"a/a","k8s.io/role/master":"1","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}} | |
I0219 15:05:24.320732 48632 executor.go:178] Executing task "Secret/system:dns": *fitasks.Secret {"Name":"system:dns","Lifecycle":"Sync"} | |
I0219 15:05:24.322288 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:dns" | |
I0219 15:05:24.321554 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:scheduler" | |
I0219 15:05:24.320835 48632 executor.go:178] Executing task "vault-cluster.k8s.local-addons-kube-dns.addons.k8s.io-k8s-1.6": *fitasks.ManagedFile {"Name":"vault-cluster.k8s.local-addons-kube-dns.addons.k8s.io-k8s-1.6","Lifecycle":"Sync","Location":"addons/kube-dns.addons.k8s.io/k8s-1.6.yaml","Contents":{"Name":"","Resource":"null\n\n---\n\napiVersion: extensions/v1beta1\nkind: Deployment\nmetadata:\n labels:\n k8s-addon: kube-dns.addons.k8s.io\n k8s-app: kube-dns-autoscaler\n kubernetes.io/cluster-service: \"true\"\n name: kube-dns-autoscaler\n namespace: kube-system\nspec:\n template:\n metadata:\n annotations:\n scheduler.alpha.kubernetes.io/critical-pod: \"\"\n scheduler.alpha.kubernetes.io/tolerations: '[{\"key\":\"CriticalAddonsOnly\",\n \"operator\":\"Exists\"}]'\n labels:\n k8s-app: kube-dns-autoscaler\n spec:\n containers:\n - command:\n - /cluster-proportional-autoscaler\n - --namespace=kube-system\n - --configmap=kube-dns-autoscaler\n - --target=Deployment/kube-dns\n - --default-params={\"linear\":{\"coresPerReplica\":256,\"nodesPerReplica\":16,\"preventSinglePointFailure\":true}}\n - --logtostderr=true\n - --v=2\n image: k8s.gcr.io/cluster-proportional-autoscaler-amd64:1.1.2-r2\n name: autoscaler\n resources:\n requests:\n cpu: 20m\n memory: 10Mi\n serviceAccountName: kube-dns-autoscaler\n tolerations:\n - key: CriticalAddonsOnly\n operator: Exists\n\n---\n\napiVersion: extensions/v1beta1\nkind: Deployment\nmetadata:\n labels:\n k8s-addon: kube-dns.addons.k8s.io\n k8s-app: kube-dns\n kubernetes.io/cluster-service: \"true\"\n name: kube-dns\n namespace: kube-system\nspec:\n selector:\n matchLabels:\n k8s-app: kube-dns\n strategy:\n rollingUpdate:\n maxSurge: 10%\n maxUnavailable: 0\n template:\n metadata:\n annotations:\n prometheus.io/port: \"10055\"\n prometheus.io/scrape: \"true\"\n scheduler.alpha.kubernetes.io/critical-pod: \"\"\n scheduler.alpha.kubernetes.io/tolerations: '[{\"key\":\"CriticalAddonsOnly\",\n \"operator\":\"Exists\"}]'\n labels:\n k8s-app: kube-dns\n spec:\n containers:\n - args:\n - --config-dir=/kube-dns-config\n - --dns-port=10053\n - --domain=cluster.local.\n - --v=2\n env:\n - name: PROMETHEUS_PORT\n value: \"10055\"\n image: k8s.gcr.io/k8s-dns-kube-dns-amd64:1.14.10\n livenessProbe:\n failureThreshold: 5\n httpGet:\n path: /healthcheck/kubedns\n port: 10054\n scheme: HTTP\n initialDelaySeconds: 60\n successThreshold: 1\n timeoutSeconds: 5\n name: kubedns\n ports:\n - containerPort: 10053\n name: dns-local\n protocol: UDP\n - containerPort: 10053\n name: dns-tcp-local\n protocol: TCP\n - containerPort: 10055\n name: metrics\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readiness\n port: 8081\n scheme: HTTP\n initialDelaySeconds: 3\n timeoutSeconds: 5\n resources:\n limits:\n memory: 170Mi\n requests:\n cpu: 100m\n memory: 70Mi\n volumeMounts:\n - mountPath: /kube-dns-config\n name: kube-dns-config\n - args:\n - -v=2\n - -logtostderr\n - -configDir=/etc/k8s/dns/dnsmasq-nanny\n - -restartDnsmasq=true\n - --\n - -k\n - --cache-size=1000\n - --dns-forward-max=150\n - --no-negcache\n - --log-facility=-\n - --server=/cluster.local/127.0.0.1#10053\n - --server=/in-addr.arpa/127.0.0.1#10053\n - --server=/in6.arpa/127.0.0.1#10053\n image: k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64:1.14.10\n livenessProbe:\n failureThreshold: 5\n httpGet:\n path: /healthcheck/dnsmasq\n port: 10054\n scheme: HTTP\n initialDelaySeconds: 60\n successThreshold: 1\n timeoutSeconds: 5\n name: dnsmasq\n ports:\n - containerPort: 53\n name: dns\n protocol: UDP\n - containerPort: 53\n name: dns-tcp\n protocol: TCP\n resources:\n requests:\n cpu: 150m\n memory: 20Mi\n volumeMounts:\n - mountPath: /etc/k8s/dns/dnsmasq-nanny\n name: kube-dns-config\n - args:\n - --v=2\n - --logtostderr\n - --probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.cluster.local,5,A\n - --probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.cluster.local,5,A\n image: k8s.gcr.io/k8s-dns-sidecar-amd64:1.14.10\n livenessProbe:\n failureThreshold: 5\n httpGet:\n path: /metrics\n port: 10054\n scheme: HTTP\n initialDelaySeconds: 60\n successThreshold: 1\n timeoutSeconds: 5\n name: sidecar\n ports:\n - containerPort: 10054\n name: metrics\n protocol: TCP\n resources:\n requests:\n cpu: 10m\n memory: 20Mi\n dnsPolicy: Default\n serviceAccountName: kube-dns\n volumes:\n - configMap:\n name: kube-dns\n optional: true\n name: kube-dns-config\n\n---\n\napiVersion: v1\nkind: Service\nmetadata:\n labels:\n k8s-addon: kube-dns.addons.k8s.io\n k8s-app: kube-dns\n kubernetes.io/cluster-service: \"true\"\n kubernetes.io/name: KubeDNS\n name: kube-dns\n namespace: kube-system\nspec:\n clusterIP: 100.64.0.10\n ports:\n - name: dns\n port: 53\n protocol: UDP\n - name: dns-tcp\n port: 53\n protocol: TCP\n selector:\n k8s-app: kube-dns\n\n---\n\napiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n k8s-addon: kube-dns.addons.k8s.io\n name: kube-dns-autoscaler\n namespace: kube-system\n\n---\n\napiVersion: rbac.authorization.k8s.io/v1beta1\nkind: ClusterRole\nmetadata:\n labels:\n k8s-addon: kube-dns.addons.k8s.io\n name: kube-dns-autoscaler\nrules:\n- apiGroups:\n - \"\"\n resources:\n - nodes\n verbs:\n - list\n- apiGroups:\n - \"\"\n resources:\n - replicationcontrollers/scale\n verbs:\n - get\n - update\n- apiGroups:\n - extensions\n resources:\n - deployments/scale\n - replicasets/scale\n verbs:\n - get\n - update\n- apiGroups:\n - \"\"\n resources:\n - configmaps\n verbs:\n - get\n - create\n\n---\n\napiVersion: rbac.authorization.k8s.io/v1beta1\nkind: ClusterRoleBinding\nmetadata:\n labels:\n k8s-addon: kube-dns.addons.k8s.io\n name: kube-dns-autoscaler\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: kube-dns-autoscaler\nsubjects:\n- kind: ServiceAccount\n name: kube-dns-autoscaler\n namespace: kube-system\n"}} | |
I0219 15:05:24.322442 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/kube-dns.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:24.320930 48632 executor.go:178] Executing task "vault-cluster.k8s.local-addons-limit-range.addons.k8s.io": *fitasks.ManagedFile {"Name":"vault-cluster.k8s.local-addons-limit-range.addons.k8s.io","Lifecycle":"Sync","Location":"addons/limit-range.addons.k8s.io/v1.5.0.yaml","Contents":{"Name":"","Resource":"apiVersion: v1\nkind: LimitRange\nmetadata:\n name: limits\n namespace: default\nspec:\n limits:\n - defaultRequest:\n cpu: 100m\n type: Container\n"}} | |
I0219 15:05:24.322513 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/limit-range.addons.k8s.io/v1.5.0.yaml" | |
I0219 15:05:24.320683 48632 executor.go:178] Executing task "DHCPOptions/vault-cluster.k8s.local": *awstasks.DHCPOptions {"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"DomainName":"ec2.internal","DomainNameServers":"AmazonProvidedDNS","Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}} | |
I0219 15:05:24.322681 48632 request_logger.go:45] AWS request: ec2/DescribeVolumes | |
I0219 15:05:24.321571 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/core.addons.k8s.io/v1.4.0.yaml" | |
I0219 15:05:24.322755 48632 request_logger.go:45] AWS request: ec2/DescribeDhcpOptions | |
I0219 15:05:24.320772 48632 executor.go:178] Executing task "Secret/system:controller_manager": *fitasks.Secret {"Name":"system:controller_manager","Lifecycle":"Sync"} | |
I0219 15:05:24.320649 48632 executor.go:178] Executing task "Secret/admin": *fitasks.Secret {"Name":"admin","Lifecycle":"Sync"} | |
I0219 15:05:24.321595 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/bootstrap-channel.yaml" | |
I0219 15:05:24.322866 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:controller_manager" | |
I0219 15:05:24.322885 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/admin" | |
I0219 15:05:24.320823 48632 executor.go:178] Executing task "Secret/kube-proxy": *fitasks.Secret {"Name":"kube-proxy","Lifecycle":"Sync"} | |
I0219 15:05:24.320723 48632 executor.go:178] Executing task "IAMRole/masters.vault-cluster.k8s.local": *awstasks.IAMRole {"ID":null,"Lifecycle":"Sync","Name":"masters.vault-cluster.k8s.local","RolePolicyDocument":{"Name":"","Resource":{}},"ExportWithID":"masters"} | |
I0219 15:05:24.322975 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kube-proxy" | |
I0219 15:05:24.321611 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/kube-dns.addons.k8s.io/pre-k8s-1.6.yaml" | |
I0219 15:05:24.323053 48632 request_logger.go:45] AWS request: iam/GetRole | |
I0219 15:05:24.321635 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kube" | |
I0219 15:05:24.320917 48632 executor.go:178] Executing task "IAMInstanceProfile/nodes.vault-cluster.k8s.local": *awstasks.IAMInstanceProfile {"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"Shared":false} | |
I0219 15:05:24.323964 48632 request_logger.go:45] AWS request: iam/GetInstanceProfile | |
I0219 15:05:24.331079 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/rbac.addons.k8s.io/k8s-1.8.yaml" | |
I0219 15:05:24.331113 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/addons/rbac.addons.k8s.io/k8s-1.8.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.361885 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/dns-controller.addons.k8s.io/pre-k8s-1.6.yaml" | |
I0219 15:05:24.361936 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/addons/dns-controller.addons.k8s.io/pre-k8s-1.6.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.370468 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/storage-aws.addons.k8s.io/v1.6.0.yaml" | |
I0219 15:05:24.370523 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/addons/storage-aws.addons.k8s.io/v1.6.0.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.379309 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:logging" | |
I0219 15:05:24.385185 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:logging" | |
I0219 15:05:24.387125 48632 iaminstanceprofile.go:113] Creating IAMInstanceProfile with Name:"nodes.vault-cluster.k8s.local" | |
I0219 15:05:24.387744 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/dns-controller.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:24.387776 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/addons/dns-controller.addons.k8s.io/k8s-1.6.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.387822 48632 request_logger.go:45] AWS request: iam/CreateInstanceProfile | |
I0219 15:05:24.387776 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kubelet" | |
I0219 15:05:24.388046 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kube-proxy" | |
I0219 15:05:24.388180 48632 iaminstanceprofile.go:113] Creating IAMInstanceProfile with Name:"masters.vault-cluster.k8s.local" | |
I0219 15:05:24.388243 48632 request_logger.go:45] AWS request: iam/CreateInstanceProfile | |
I0219 15:05:24.388664 48632 iamrole.go:144] Creating IAMRole with Name:"masters.vault-cluster.k8s.local" | |
I0219 15:05:24.388746 48632 request_logger.go:45] AWS request: iam/CreateRole | |
I0219 15:05:24.389827 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:monitoring" | |
I0219 15:05:24.390559 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/core.addons.k8s.io/v1.4.0.yaml" | |
I0219 15:05:24.390575 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:dns" | |
I0219 15:05:24.390582 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/addons/core.addons.k8s.io/v1.4.0.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.390916 48632 vpc.go:155] Creating VPC with CIDR: "172.20.0.0/16" | |
I0219 15:05:24.391658 48632 request_logger.go:45] AWS request: ec2/CreateVpc | |
I0219 15:05:24.391680 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/bootstrap-channel.yaml" | |
I0219 15:05:24.391702 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/addons/bootstrap-channel.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.391746 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/storage-aws.addons.k8s.io/v1.7.0.yaml" | |
I0219 15:05:24.391769 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/addons/storage-aws.addons.k8s.io/v1.7.0.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.391975 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/kube-dns.addons.k8s.io/k8s-1.6.yaml" | |
I0219 15:05:24.391997 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/addons/kube-dns.addons.k8s.io/k8s-1.6.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.392606 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/kube-dns.addons.k8s.io/pre-k8s-1.6.yaml" | |
I0219 15:05:24.392629 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/addons/kube-dns.addons.k8s.io/pre-k8s-1.6.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.393115 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:scheduler" | |
I0219 15:05:24.393235 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/keyset.yaml", falling back to directory-list method | |
I0219 15:05:24.393257 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/" | |
I0219 15:05:24.395040 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/admin" | |
I0219 15:05:24.396164 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:controller_manager" | |
I0219 15:05:24.396526 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml", falling back to directory-list method | |
I0219 15:05:24.396547 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/ca/" | |
I0219 15:05:24.397252 48632 iamrole.go:144] Creating IAMRole with Name:"nodes.vault-cluster.k8s.local" | |
I0219 15:05:24.397344 48632 request_logger.go:45] AWS request: iam/CreateRole | |
I0219 15:05:24.401520 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kube" | |
I0219 15:05:24.406674 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca: [] | |
I0219 15:05:24.406706 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/keyset.yaml" | |
I0219 15:05:24.407762 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca: [] | |
I0219 15:05:24.407784 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml" | |
I0219 15:05:24.409268 48632 request_logger.go:45] AWS request: iam/GetInstanceProfile | |
I0219 15:05:24.409359 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/limit-range.addons.k8s.io/v1.5.0.yaml" | |
I0219 15:05:24.409379 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/addons/limit-range.addons.k8s.io/v1.5.0.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.411836 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:logging" | |
I0219 15:05:24.411857 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/secrets/system:logging" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.412993 48632 request_logger.go:45] AWS request: iam/GetInstanceProfile | |
I0219 15:05:24.414153 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml", falling back to directory-list method | |
I0219 15:05:24.414173 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/ca/" | |
I0219 15:05:24.415245 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/keyset.yaml", falling back to directory-list method | |
I0219 15:05:24.415277 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/" | |
I0219 15:05:24.423235 48632 iaminstanceprofile.go:143] Found IAM instance profile "nodes.vault-cluster.k8s.local" | |
I0219 15:05:24.426528 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca: [] | |
I0219 15:05:24.426650 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:24.426663 48632 keypair.go:201] Creating PKI keypair "ca" | |
I0219 15:05:24.426677 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml" | |
I0219 15:05:24.427524 48632 iaminstanceprofile.go:143] Found IAM instance profile "masters.vault-cluster.k8s.local" | |
I0219 15:05:24.430858 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca: [] | |
I0219 15:05:24.430935 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:24.430947 48632 keypair.go:201] Creating PKI keypair "apiserver-aggregator-ca" | |
I0219 15:05:24.430961 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/keyset.yaml" | |
I0219 15:05:24.433952 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml", falling back to directory-list method | |
I0219 15:05:24.433975 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/ca/" | |
I0219 15:05:24.438930 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/keyset.yaml", falling back to directory-list method | |
I0219 15:05:24.438952 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/" | |
I0219 15:05:24.445757 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:logging" | |
I0219 15:05:24.445769 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kubelet" | |
I0219 15:05:24.447436 48632 dhcp_options.go:142] Creating DHCPOptions with Name:"vault-cluster.k8s.local" | |
I0219 15:05:24.449377 48632 request_logger.go:45] AWS request: ec2/CreateDhcpOptions | |
I0219 15:05:24.450794 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca: [] | |
I0219 15:05:24.450817 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/keyset.yaml" | |
I0219 15:05:24.453407 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kubelet" | |
I0219 15:05:24.453446 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/secrets/kubelet" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.454902 48632 ebsvolume.go:137] Creating PersistentVolume with Name:"a.etcd-events.vault-cluster.k8s.local" | |
I0219 15:05:24.455081 48632 request_logger.go:45] AWS request: ec2/CreateVolume | |
I0219 15:05:24.455472 48632 ebsvolume.go:137] Creating PersistentVolume with Name:"a.etcd-main.vault-cluster.k8s.local" | |
I0219 15:05:24.455562 48632 request_logger.go:45] AWS request: ec2/CreateVolume | |
I0219 15:05:24.458712 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca: [] | |
I0219 15:05:24.458758 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml" | |
I0219 15:05:24.459290 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/keyset.yaml", falling back to directory-list method | |
I0219 15:05:24.459313 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/" | |
I0219 15:05:24.463740 48632 sshkey.go:125] Creating SSHKey with Name:"kubernetes.vault-cluster.k8s.local-{{SSH_FINGERPRINT}}" | |
I0219 15:05:24.464195 48632 request_logger.go:45] AWS request: ec2/ImportKeyPair | |
I0219 15:05:24.466672 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml", falling back to directory-list method | |
I0219 15:05:24.466699 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/ca/" | |
I0219 15:05:24.471325 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca: [] | |
I0219 15:05:24.471363 48632 keypair.go:212] Creating privateKey "apiserver-aggregator-ca" | |
I0219 15:05:24.478806 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca: [] | |
I0219 15:05:24.478843 48632 keypair.go:212] Creating privateKey "ca" | |
I0219 15:05:24.489043 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kubelet" | |
I0219 15:05:24.489061 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:monitoring" | |
I0219 15:05:24.498260 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:monitoring" | |
I0219 15:05:24.498296 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/secrets/system:monitoring" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.540713 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:monitoring" | |
I0219 15:05:24.540723 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:dns" | |
I0219 15:05:24.551379 48632 vfs_castore.go:736] Issuing new certificate: "ca" | |
I0219 15:05:24.552446 48632 request_logger.go:45] AWS request: ec2/DescribeTags | |
I0219 15:05:24.553126 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:dns" | |
I0219 15:05:24.553149 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/secrets/system:dns" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.554144 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/ca/" | |
I0219 15:05:24.557218 48632 request_logger.go:45] AWS request: ec2/ModifyVpcAttribute | |
I0219 15:05:24.569131 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/ca: [] | |
I0219 15:05:24.569978 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/ca/keyset.yaml" | |
I0219 15:05:24.570002 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/ca/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.597391 48632 aws_cloud.go:783] adding tags to "dopt-0a6b7ca6a1aa7965c": map[kubernetes.io/cluster/vault-cluster.k8s.local:owned Name:vault-cluster.k8s.local KubernetesCluster:vault-cluster.k8s.local] | |
I0219 15:05:24.597503 48632 request_logger.go:45] AWS request: ec2/CreateTags | |
I0219 15:05:24.615114 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/ca/6659805170905791529473684723.key" | |
I0219 15:05:24.615149 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/ca/6659805170905791529473684723.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.642268 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/ca/" | |
I0219 15:05:24.655156 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca: [] | |
I0219 15:05:24.655423 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml" | |
I0219 15:05:24.655442 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/ca/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.669677 48632 vfs_castore.go:736] Issuing new certificate: "apiserver-aggregator-ca" | |
I0219 15:05:24.672460 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/" | |
I0219 15:05:24.690799 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/6659805170905791529473684723.crt" | |
I0219 15:05:24.690841 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/ca/6659805170905791529473684723.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.700605 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca: [] | |
I0219 15:05:24.701088 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/keyset.yaml" | |
I0219 15:05:24.701114 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.735684 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/6659805170905791529473684723.crt" | |
I0219 15:05:24.739760 48632 request_logger.go:45] AWS request: ec2/ModifyVpcAttribute | |
I0219 15:05:24.745505 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/6659805171413913748226014582.key" | |
I0219 15:05:24.745530 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/6659805171413913748226014582.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.748049 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:24.748123 48632 keypair.go:230] created certificate with cn=kubernetes | |
I0219 15:05:24.777070 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/" | |
I0219 15:05:24.788439 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:dns" | |
I0219 15:05:24.788452 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:scheduler" | |
I0219 15:05:24.793404 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca: [] | |
I0219 15:05:24.793663 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/keyset.yaml" | |
I0219 15:05:24.793681 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.811036 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:scheduler" | |
I0219 15:05:24.811063 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/secrets/system:scheduler" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.824761 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/6659805171413913748226014582.crt" | |
I0219 15:05:24.824788 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/6659805171413913748226014582.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.833634 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:scheduler" | |
I0219 15:05:24.833645 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/admin" | |
I0219 15:05:24.842354 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/admin" | |
I0219 15:05:24.842380 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/secrets/admin" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.850122 48632 request_logger.go:45] AWS request: ec2/DescribeTags | |
I0219 15:05:24.851983 48632 request_logger.go:45] AWS request: ec2/DescribeTags | |
I0219 15:05:24.868633 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/admin" | |
I0219 15:05:24.868664 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:controller_manager" | |
I0219 15:05:24.869769 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/6659805171413913748226014582.crt" | |
I0219 15:05:24.877138 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:controller_manager" | |
I0219 15:05:24.877183 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/secrets/system:controller_manager" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.883043 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:24.883137 48632 keypair.go:230] created certificate with cn=apiserver-aggregator-ca | |
I0219 15:05:24.910220 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/system:controller_manager" | |
I0219 15:05:24.910228 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kube" | |
I0219 15:05:24.916252 48632 request_logger.go:45] AWS request: ec2/DescribeTags | |
I0219 15:05:24.920012 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kube" | |
I0219 15:05:24.920049 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/secrets/kube" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.961272 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kube" | |
I0219 15:05:24.961292 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kube-proxy" | |
I0219 15:05:24.969825 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kube-proxy" | |
I0219 15:05:24.969864 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/secrets/kube-proxy" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:24.977063 48632 aws_cloud.go:783] adding tags to "vpc-06b31f5f4629a916f": map[kubernetes.io/cluster/vault-cluster.k8s.local:owned Name:vault-cluster.k8s.local KubernetesCluster:vault-cluster.k8s.local] | |
I0219 15:05:24.977404 48632 request_logger.go:45] AWS request: ec2/CreateTags | |
I0219 15:05:24.997138 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kube-proxy" | |
I0219 15:05:25.085214 48632 executor.go:103] Tasks: 30 done / 77 total; 24 can run | |
I0219 15:05:25.085275 48632 executor.go:178] Executing task "Keypair/kubelet": *fitasks.Keypair {"Name":"kubelet","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":{"Name":"ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=kubernetes","type":"ca","format":"v1alpha2"},"subject":"o=system:nodes,cn=kubelet","type":"client","format":"v1alpha2"} | |
I0219 15:05:25.085314 48632 executor.go:178] Executing task "Keypair/kube-proxy": *fitasks.Keypair {"Name":"kube-proxy","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":{"Name":"ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=kubernetes","type":"ca","format":"v1alpha2"},"subject":"cn=system:kube-proxy","type":"client","format":"v1alpha2"} | |
I0219 15:05:25.085329 48632 executor.go:178] Executing task "Keypair/kube-controller-manager": *fitasks.Keypair {"Name":"kube-controller-manager","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":{"Name":"ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=kubernetes","type":"ca","format":"v1alpha2"},"subject":"cn=system:kube-controller-manager","type":"client","format":"v1alpha2"} | |
I0219 15:05:25.085373 48632 executor.go:178] Executing task "Keypair/kubecfg": *fitasks.Keypair {"Name":"kubecfg","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":{"Name":"ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=kubernetes","type":"ca","format":"v1alpha2"},"subject":"o=system:masters,cn=kubecfg","type":"client","format":"v1alpha2"} | |
I0219 15:05:25.085388 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-proxy/keyset.yaml" | |
I0219 15:05:25.085417 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg/keyset.yaml" | |
I0219 15:05:25.085313 48632 executor.go:178] Executing task "Keypair/kubelet-api": *fitasks.Keypair {"Name":"kubelet-api","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":{"Name":"ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=kubernetes","type":"ca","format":"v1alpha2"},"subject":"cn=kubelet-api","type":"client","format":"v1alpha2"} | |
I0219 15:05:25.085361 48632 executor.go:178] Executing task "MirrorSecrets/mirror-secrets": *fitasks.MirrorSecrets {"Name":"mirror-secrets","Lifecycle":null,"MirrorPath":{}} | |
I0219 15:05:25.085487 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet-api/keyset.yaml" | |
I0219 15:05:25.085418 48632 executor.go:178] Executing task "VPCDHCPOptionsAssociation/vault-cluster.k8s.local": *awstasks.VPCDHCPOptionsAssociation {"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"DHCPOptions":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"dopt-0a6b7ca6a1aa7965c","DomainName":"ec2.internal","DomainNameServers":"AmazonProvidedDNS","Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}}} | |
I0219 15:05:25.085484 48632 executor.go:178] Executing task "MirrorKeystore/mirror-keystore": *fitasks.MirrorKeystore {"Name":"mirror-keystore","Lifecycle":null,"MirrorPath":{}} | |
I0219 15:05:25.085359 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet/keyset.yaml" | |
I0219 15:05:25.085402 48632 executor.go:178] Executing task "InternetGateway/vault-cluster.k8s.local": *awstasks.InternetGateway {"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}} | |
I0219 15:05:25.085416 48632 executor.go:178] Executing task "Subnet/us-east-1a.vault-cluster.k8s.local": *awstasks.Subnet {"Name":"us-east-1a.vault-cluster.k8s.local","ShortName":"us-east-1a","Lifecycle":"Sync","ID":null,"VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"AvailabilityZone":"us-east-1a","CIDR":"172.20.32.0/19","Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"us-east-1a.vault-cluster.k8s.local","SubnetType":"Public","kubernetes.io/cluster/vault-cluster.k8s.local":"owned","kubernetes.io/role/elb":"1"}} | |
I0219 15:05:25.085632 48632 executor.go:178] Executing task "Keypair/kube-scheduler": *fitasks.Keypair {"Name":"kube-scheduler","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":{"Name":"ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=kubernetes","type":"ca","format":"v1alpha2"},"subject":"cn=system:kube-scheduler","type":"client","format":"v1alpha2"} | |
I0219 15:05:25.085399 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-controller-manager/keyset.yaml" | |
I0219 15:05:25.085699 48632 executor.go:178] Executing task "Keypair/kops": *fitasks.Keypair {"Name":"kops","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":{"Name":"ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=kubernetes","type":"ca","format":"v1alpha2"},"subject":"o=system:masters,cn=kops","type":"client","format":"v1alpha2"} | |
I0219 15:05:25.085314 48632 executor.go:178] Executing task "RouteTable/vault-cluster.k8s.local": *awstasks.RouteTable {"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned","kubernetes.io/kops/role":"public"}} | |
I0219 15:05:25.085291 48632 executor.go:178] Executing task "IAMRolePolicy/additional.nodes.vault-cluster.k8s.local": *awstasks.IAMRolePolicy {"ID":null,"Lifecycle":"Sync","Name":"additional.nodes.vault-cluster.k8s.local","Role":{"ID":"AROAI64NJMZP43MOW2ECC","Lifecycle":"Sync","Name":"nodes.vault-cluster.k8s.local","RolePolicyDocument":{"Name":"","Resource":{}},"ExportWithID":"nodes"},"PolicyDocument":{"Name":"","Resource":""}} | |
I0219 15:05:25.085382 48632 executor.go:178] Executing task "IAMRolePolicy/nodes.vault-cluster.k8s.local": *awstasks.IAMRolePolicy {"ID":null,"Lifecycle":"Sync","Name":"nodes.vault-cluster.k8s.local","Role":{"ID":"AROAI64NJMZP43MOW2ECC","Lifecycle":"Sync","Name":"nodes.vault-cluster.k8s.local","RolePolicyDocument":{"Name":"","Resource":{}},"ExportWithID":"nodes"},"PolicyDocument":{"Builder":{"Cluster":{"metadata":{"name":"vault-cluster.k8s.local","creationTimestamp":"2019-02-19T20:05:23Z"},"spec":{"channel":"stable","configBase":"s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local","cloudProvider":"aws","kubernetesVersion":"1.11.6","subnets":[{"name":"us-east-1a","cidr":"172.20.32.0/19","zone":"us-east-1a","type":"Public"}],"masterPublicName":"api.vault-cluster.k8s.local","masterInternalName":"api.internal.vault-cluster.k8s.local","networkCIDR":"172.20.0.0/16","topology":{"masters":"public","nodes":"public","dns":{"type":"Public"}},"secretStore":"s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets","keyStore":"s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki","configStore":"s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local","clusterDNSDomain":"cluster.local","serviceClusterIPRange":"100.64.0.0/13","nonMasqueradeCIDR":"100.64.0.0/10","sshAccess":["0.0.0.0/0"],"kubernetesApiAccess":["0.0.0.0/0"],"etcdClusters":[{"name":"main","provider":"Legacy","etcdMembers":[{"name":"a","instanceGroup":"master-us-east-1a"}],"version":"2.2.1","image":"k8s.gcr.io/etcd:2.2.1"},{"name":"events","provider":"Legacy","etcdMembers":[{"name":"a","instanceGroup":"master-us-east-1a"}],"version":"2.2.1","image":"k8s.gcr.io/etcd:2.2.1"}],"docker":{"ipMasq":false,"ipTables":false,"logDriver":"json-file","logLevel":"warn","logOpt":["max-size=10m","max-file=5"],"storage":"overlay2,overlay,aufs","version":"17.03.2"},"kubeDNS":{"cacheMaxSize":1000,"cacheMaxConcurrent":150,"domain":"cluster.local","replicas":2,"serverIP":"100.64.0.10"},"kubeAPIServer":{"image":"k8s.gcr.io/kube-apiserver:v1.11.6","logLevel":2,"cloudProvider":"aws","securePort":443,"insecurePort":8080,"bindAddress":"0.0.0.0","insecureBindAddress":"127.0.0.1","enableAdmissionPlugins":["Initializers","NamespaceLifecycle","LimitRanger","ServiceAccount","PersistentVolumeLabel","DefaultStorageClass","DefaultTolerationSeconds","MutatingAdmissionWebhook","ValidatingAdmissionWebhook","NodeRestriction","ResourceQuota"],"serviceClusterIPRange":"100.64.0.0/13","etcdServers":["http://127.0.0.1:4001"],"etcdServersOverrides":["/events#http://127.0.0.1:4002"],"allowPrivileged":true,"apiServerCount":1,"anonymousAuth":false,"kubeletPreferredAddressTypes":["InternalIP","Hostname","ExternalIP"],"storageBackend":"etcd2","authorizationMode":"RBAC","requestheaderUsernameHeaders":["X-Remote-User"],"requestheaderGroupHeaders":["X-Remote-Group"],"requestheaderExtraHeaderPrefixes":["X-Remote-Extra-"],"requestheaderAllowedNames":["aggregator"],"etcdQuorumRead":false},"kubeControllerManager":{"logLevel":2,"image":"k8s.gcr.io/kube-controller-manager:v1.11.6","cloudProvider":"aws","clusterName":"vault-cluster.k8s.local","clusterCIDR":"100.96.0.0/11","allocateNodeCIDRs":true,"configureCloudRoutes":true,"leaderElection":{"leaderElect":true},"attachDetachReconcileSyncPeriod":"1m0s","useServiceAccountCredentials":true},"kubeScheduler":{"logLevel":2,"image":"k8s.gcr.io/kube-scheduler:v1.11.6","leaderElection":{"leaderElect":true}},"kubeProxy":{"image":"k8s.gcr.io/kube-proxy:v1.11.6","cpuRequest":"100m","logLevel":2,"clusterCIDR":"100.96.0.0/11","hostnameOverride":"@aws"},"kubelet":{"anonymousAuth":false,"kubeconfigPath":"/var/lib/kubelet/kubeconfig","logLevel":2,"podManifestPath":"/etc/kubernetes/manifests","hostnameOverride":"@aws","podInfraContainerImage":"k8s.gcr.io/pause-amd64:3.0","allowPrivileged":true,"enableDebuggingHandlers":true,"clusterDomain":"cluster.local","clusterDNS":"100.64.0.10","networkPluginName":"kubenet","cloudProvider":"aws","cgroupRoot":"/","nonMasqueradeCIDR":"100.64.0.0/10","networkPluginMTU":9001,"evictionHard":"memory.available\u003c100Mi,nodefs.available\u003c10%,nodefs.inodesFree\u003c5%,imagefs.available\u003c10%,imagefs.inodesFree\u003c5%","featureGates":{"ExperimentalCriticalPodAnnotation":"true"}},"masterKubelet":{"anonymousAuth":false,"kubeconfigPath":"/var/lib/kubelet/kubeconfig","logLevel":2,"podManifestPath":"/etc/kubernetes/manifests","hostnameOverride":"@aws","podInfraContainerImage":"k8s.gcr.io/pause-amd64:3.0","allowPrivileged":true,"enableDebuggingHandlers":true,"clusterDomain":"cluster.local","clusterDNS":"100.64.0.10","networkPluginName":"kubenet","cloudProvider":"aws","cgroupRoot":"/","registerSchedulable":false,"nonMasqueradeCIDR":"100.64.0.0/10","networkPluginMTU":9001,"evictionHard":"memory.available\u003c100Mi,nodefs.available\u003c10%,nodefs.inodesFree\u003c5%,imagefs.available\u003c10%,imagefs.inodesFree\u003c5%","featureGates":{"ExperimentalCriticalPodAnnotation":"true"}},"networking":{"kubenet":{}},"api":{"loadBalancer":{"type":"Public"}},"authorization":{"rbac":{}},"iam":{"legacy":false,"allowContainerRegistry":true}}},"HostedZoneID":"","KMSKeys":null,"Region":"us-east-1","ResourceARN":null,"Role":"Node"},"DNSZone":null}} | |
I0219 15:05:25.085750 48632 executor.go:178] Executing task "Keypair/apiserver-aggregator": *fitasks.Keypair {"Name":"apiserver-aggregator","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":{"Name":"apiserver-aggregator-ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=apiserver-aggregator-ca","type":"ca","format":"v1alpha2"},"subject":"cn=aggregator","type":"client","format":"v1alpha2"} | |
I0219 15:05:25.085357 48632 executor.go:178] Executing task "IAMInstanceProfileRole/masters.vault-cluster.k8s.local": *awstasks.IAMInstanceProfileRole {"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","InstanceProfile":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"AIPAI7SPO3UQMIWAEV45O","Shared":false},"Role":{"ID":"AROAJJYVXJ7ALFYSWWRV6","Lifecycle":"Sync","Name":"masters.vault-cluster.k8s.local","RolePolicyDocument":{"Name":"","Resource":{}},"ExportWithID":"masters"}} | |
I0219 15:05:25.085809 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator/keyset.yaml" | |
I0219 15:05:25.085829 48632 request_logger.go:45] AWS request: ec2/DescribeRouteTables | |
I0219 15:05:25.085846 48632 request_logger.go:45] AWS request: iam/GetRolePolicy | |
I0219 15:05:25.085686 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-scheduler/keyset.yaml" | |
I0219 15:05:25.085454 48632 executor.go:178] Executing task "IAMRolePolicy/masters.vault-cluster.k8s.local": *awstasks.IAMRolePolicy {"ID":null,"Lifecycle":"Sync","Name":"masters.vault-cluster.k8s.local","Role":{"ID":"AROAJJYVXJ7ALFYSWWRV6","Lifecycle":"Sync","Name":"masters.vault-cluster.k8s.local","RolePolicyDocument":{"Name":"","Resource":{}},"ExportWithID":"masters"},"PolicyDocument":{"Builder":{"Cluster":{"metadata":{"name":"vault-cluster.k8s.local","creationTimestamp":"2019-02-19T20:05:23Z"},"spec":{"channel":"stable","configBase":"s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local","cloudProvider":"aws","kubernetesVersion":"1.11.6","subnets":[{"name":"us-east-1a","cidr":"172.20.32.0/19","zone":"us-east-1a","type":"Public"}],"masterPublicName":"api.vault-cluster.k8s.local","masterInternalName":"api.internal.vault-cluster.k8s.local","networkCIDR":"172.20.0.0/16","topology":{"masters":"public","nodes":"public","dns":{"type":"Public"}},"secretStore":"s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets","keyStore":"s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki","configStore":"s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local","clusterDNSDomain":"cluster.local","serviceClusterIPRange":"100.64.0.0/13","nonMasqueradeCIDR":"100.64.0.0/10","sshAccess":["0.0.0.0/0"],"kubernetesApiAccess":["0.0.0.0/0"],"etcdClusters":[{"name":"main","provider":"Legacy","etcdMembers":[{"name":"a","instanceGroup":"master-us-east-1a"}],"version":"2.2.1","image":"k8s.gcr.io/etcd:2.2.1"},{"name":"events","provider":"Legacy","etcdMembers":[{"name":"a","instanceGroup":"master-us-east-1a"}],"version":"2.2.1","image":"k8s.gcr.io/etcd:2.2.1"}],"docker":{"ipMasq":false,"ipTables":false,"logDriver":"json-file","logLevel":"warn","logOpt":["max-size=10m","max-file=5"],"storage":"overlay2,overlay,aufs","version":"17.03.2"},"kubeDNS":{"cacheMaxSize":1000,"cacheMaxConcurrent":150,"domain":"cluster.local","replicas":2,"serverIP":"100.64.0.10"},"kubeAPIServer":{"image":"k8s.gcr.io/kube-apiserver:v1.11.6","logLevel":2,"cloudProvider":"aws","securePort":443,"insecurePort":8080,"bindAddress":"0.0.0.0","insecureBindAddress":"127.0.0.1","enableAdmissionPlugins":["Initializers","NamespaceLifecycle","LimitRanger","ServiceAccount","PersistentVolumeLabel","DefaultStorageClass","DefaultTolerationSeconds","MutatingAdmissionWebhook","ValidatingAdmissionWebhook","NodeRestriction","ResourceQuota"],"serviceClusterIPRange":"100.64.0.0/13","etcdServers":["http://127.0.0.1:4001"],"etcdServersOverrides":["/events#http://127.0.0.1:4002"],"allowPrivileged":true,"apiServerCount":1,"anonymousAuth":false,"kubeletPreferredAddressTypes":["InternalIP","Hostname","ExternalIP"],"storageBackend":"etcd2","authorizationMode":"RBAC","requestheaderUsernameHeaders":["X-Remote-User"],"requestheaderGroupHeaders":["X-Remote-Group"],"requestheaderExtraHeaderPrefixes":["X-Remote-Extra-"],"requestheaderAllowedNames":["aggregator"],"etcdQuorumRead":false},"kubeControllerManager":{"logLevel":2,"image":"k8s.gcr.io/kube-controller-manager:v1.11.6","cloudProvider":"aws","clusterName":"vault-cluster.k8s.local","clusterCIDR":"100.96.0.0/11","allocateNodeCIDRs":true,"configureCloudRoutes":true,"leaderElection":{"leaderElect":true},"attachDetachReconcileSyncPeriod":"1m0s","useServiceAccountCredentials":true},"kubeScheduler":{"logLevel":2,"image":"k8s.gcr.io/kube-scheduler:v1.11.6","leaderElection":{"leaderElect":true}},"kubeProxy":{"image":"k8s.gcr.io/kube-proxy:v1.11.6","cpuRequest":"100m","logLevel":2,"clusterCIDR":"100.96.0.0/11","hostnameOverride":"@aws"},"kubelet":{"anonymousAuth":false,"kubeconfigPath":"/var/lib/kubelet/kubeconfig","logLevel":2,"podManifestPath":"/etc/kubernetes/manifests","hostnameOverride":"@aws","podInfraContainerImage":"k8s.gcr.io/pause-amd64:3.0","allowPrivileged":true,"enableDebuggingHandlers":true,"clusterDomain":"cluster.local","clusterDNS":"100.64.0.10","networkPluginName":"kubenet","cloudProvider":"aws","cgroupRoot":"/","nonMasqueradeCIDR":"100.64.0.0/10","networkPluginMTU":9001,"evictionHard":"memory.available\u003c100Mi,nodefs.available\u003c10%,nodefs.inodesFree\u003c5%,imagefs.available\u003c10%,imagefs.inodesFree\u003c5%","featureGates":{"ExperimentalCriticalPodAnnotation":"true"}},"masterKubelet":{"anonymousAuth":false,"kubeconfigPath":"/var/lib/kubelet/kubeconfig","logLevel":2,"podManifestPath":"/etc/kubernetes/manifests","hostnameOverride":"@aws","podInfraContainerImage":"k8s.gcr.io/pause-amd64:3.0","allowPrivileged":true,"enableDebuggingHandlers":true,"clusterDomain":"cluster.local","clusterDNS":"100.64.0.10","networkPluginName":"kubenet","cloudProvider":"aws","cgroupRoot":"/","registerSchedulable":false,"nonMasqueradeCIDR":"100.64.0.0/10","networkPluginMTU":9001,"evictionHard":"memory.available\u003c100Mi,nodefs.available\u003c10%,nodefs.inodesFree\u003c5%,imagefs.available\u003c10%,imagefs.inodesFree\u003c5%","featureGates":{"ExperimentalCriticalPodAnnotation":"true"}},"networking":{"kubenet":{}},"api":{"loadBalancer":{"type":"Public"}},"authorization":{"rbac":{}},"iam":{"legacy":false,"allowContainerRegistry":true}}},"HostedZoneID":"","KMSKeys":null,"Region":"us-east-1","ResourceARN":null,"Role":"Master"},"DNSZone":null}} | |
I0219 15:05:25.085281 48632 executor.go:178] Executing task "SecurityGroup/masters.vault-cluster.k8s.local": *awstasks.SecurityGroup {"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}} | |
I0219 15:05:25.085777 48632 request_logger.go:45] AWS request: ec2/DescribeInternetGateways | |
I0219 15:05:25.085999 48632 request_logger.go:45] AWS request: iam/GetRolePolicy | |
I0219 15:05:25.086016 48632 request_logger.go:45] AWS request: iam/GetInstanceProfile | |
I0219 15:05:25.085444 48632 executor.go:178] Executing task "SecurityGroup/nodes.vault-cluster.k8s.local": *awstasks.SecurityGroup {"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}} | |
I0219 15:05:25.085434 48632 executor.go:178] Executing task "IAMInstanceProfileRole/nodes.vault-cluster.k8s.local": *awstasks.IAMInstanceProfileRole {"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","InstanceProfile":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"AIPAJMY5EUSYY77WI3NGA","Shared":false},"Role":{"ID":"AROAI64NJMZP43MOW2ECC","Lifecycle":"Sync","Name":"nodes.vault-cluster.k8s.local","RolePolicyDocument":{"Name":"","Resource":{}},"ExportWithID":"nodes"}} | |
I0219 15:05:25.085739 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kops/keyset.yaml" | |
I0219 15:05:25.086100 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:25.086140 48632 request_logger.go:45] AWS request: iam/GetInstanceProfile | |
I0219 15:05:25.085557 48632 aws_cloud.go:1006] Calling DescribeVPC for VPC "vpc-06b31f5f4629a916f" | |
I0219 15:05:25.085273 48632 executor.go:178] Executing task "IAMRolePolicy/additional.masters.vault-cluster.k8s.local": *awstasks.IAMRolePolicy {"ID":null,"Lifecycle":"Sync","Name":"additional.masters.vault-cluster.k8s.local","Role":{"ID":"AROAJJYVXJ7ALFYSWWRV6","Lifecycle":"Sync","Name":"masters.vault-cluster.k8s.local","RolePolicyDocument":{"Name":"","Resource":{}},"ExportWithID":"masters"},"PolicyDocument":{"Name":"","Resource":""}} | |
I0219 15:05:25.086143 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:25.086318 48632 request_logger.go:45] AWS request: iam/GetRolePolicy | |
I0219 15:05:25.085773 48632 request_logger.go:45] AWS request: ec2/DescribeSubnets | |
I0219 15:05:25.085848 48632 executor.go:178] Executing task "Keypair/apiserver-proxy-client": *fitasks.Keypair {"Name":"apiserver-proxy-client","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":{"Name":"ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=kubernetes","type":"ca","format":"v1alpha2"},"subject":"cn=apiserver-proxy-client","type":"client","format":"v1alpha2"} | |
I0219 15:05:25.086419 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/keyset.yaml" | |
I0219 15:05:25.085989 48632 request_logger.go:45] AWS request: iam/GetRolePolicy | |
I0219 15:05:25.086245 48632 request_logger.go:45] AWS request: ec2/DescribeVpcs | |
I0219 15:05:25.085766 48632 executor.go:178] Executing task "SecurityGroup/api-elb.vault-cluster.k8s.local": *awstasks.SecurityGroup {"Name":"api-elb.vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"Description":"Security group for api ELB","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=443"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"api-elb.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}} | |
I0219 15:05:25.086747 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:25.099149 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.099199 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kubecfg/" | |
I0219 15:05:25.099149 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet-api/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.099234 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kubelet-api/" | |
I0219 15:05:25.107532 48632 iam_builder.go:300] Ignoring location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/" because found parent "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.107574 48632 iam_builder.go:300] Ignoring location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/" because found parent "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.107591 48632 iam_builder.go:305] Found root location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.107864 48632 iam_builder.go:300] Ignoring location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/" because found parent "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.107886 48632 iam_builder.go:300] Ignoring location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/" because found parent "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.107899 48632 iam_builder.go:305] Found root location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.107961 48632 iamrolepolicy.go:147] Creating IAMRolePolicy | |
I0219 15:05:25.107971 48632 iamrolepolicy.go:175] PutRolePolicy RoleName=nodes.vault-cluster.k8s.local PolicyName=nodes.vault-cluster.k8s.local: { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"ec2:DescribeInstances", | |
"ec2:DescribeRegions" | |
], | |
"Resource": [ | |
"*" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"s3:GetBucketLocation", | |
"s3:GetEncryptionConfiguration", | |
"s3:ListBucket" | |
], | |
"Resource": [ | |
"arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"s3:Get*" | |
], | |
"Resource": [ | |
"arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/addons/*", | |
"arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/cluster.spec", | |
"arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/config", | |
"arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/*", | |
"arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/*", | |
"arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-proxy/*", | |
"arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet/*", | |
"arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/ssh/*", | |
"arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/dockerconfig" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"ecr:GetAuthorizationToken", | |
"ecr:BatchCheckLayerAvailability", | |
"ecr:GetDownloadUrlForLayer", | |
"ecr:GetRepositoryPolicy", | |
"ecr:DescribeRepositories", | |
"ecr:ListImages", | |
"ecr:BatchGetImage" | |
], | |
"Resource": [ | |
"*" | |
] | |
} | |
] | |
} | |
I0219 15:05:25.108712 48632 request_logger.go:45] AWS request: iam/PutRolePolicy | |
I0219 15:05:25.110662 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.110720 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kubelet/" | |
I0219 15:05:25.115846 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-proxy/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.115889 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kube-proxy/" | |
I0219 15:05:25.117570 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-scheduler/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.117595 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kube-scheduler/" | |
I0219 15:05:25.118224 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.118258 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/apiserver-aggregator/" | |
I0219 15:05:25.119351 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-controller-manager/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.119386 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kube-controller-manager/" | |
I0219 15:05:25.120526 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kops/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.120548 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kops/" | |
I0219 15:05:25.123925 48632 request_logger.go:45] AWS request: iam/AddRoleToInstanceProfile | |
I0219 15:05:25.125886 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet-api: [] | |
I0219 15:05:25.125916 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet-api/keyset.yaml" | |
I0219 15:05:25.127072 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet: [] | |
I0219 15:05:25.127096 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet/keyset.yaml" | |
I0219 15:05:25.129699 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-scheduler: [] | |
I0219 15:05:25.129727 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-scheduler/keyset.yaml" | |
I0219 15:05:25.130945 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-proxy: [] | |
I0219 15:05:25.130971 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-proxy/keyset.yaml" | |
I0219 15:05:25.130988 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator: [] | |
I0219 15:05:25.131014 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator/keyset.yaml" | |
I0219 15:05:25.131904 48632 iam_builder.go:300] Ignoring location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/" because found parent "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.131928 48632 iam_builder.go:300] Ignoring location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/" because found parent "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.131941 48632 iam_builder.go:305] Found root location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.132099 48632 iam_builder.go:300] Ignoring location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/" because found parent "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.132114 48632 iam_builder.go:300] Ignoring location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/" because found parent "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.132125 48632 iam_builder.go:305] Found root location "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/" | |
I0219 15:05:25.132231 48632 iamrolepolicy.go:147] Creating IAMRolePolicy | |
I0219 15:05:25.132242 48632 iamrolepolicy.go:175] PutRolePolicy RoleName=masters.vault-cluster.k8s.local PolicyName=masters.vault-cluster.k8s.local: { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"ec2:DescribeInstances", | |
"ec2:DescribeRegions", | |
"ec2:DescribeRouteTables", | |
"ec2:DescribeSecurityGroups", | |
"ec2:DescribeSubnets", | |
"ec2:DescribeVolumes" | |
], | |
"Resource": [ | |
"*" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"ec2:CreateSecurityGroup", | |
"ec2:CreateTags", | |
"ec2:CreateVolume", | |
"ec2:DescribeVolumesModifications", | |
"ec2:ModifyInstanceAttribute", | |
"ec2:ModifyVolume" | |
], | |
"Resource": [ | |
"*" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"ec2:AttachVolume", | |
"ec2:AuthorizeSecurityGroupIngress", | |
"ec2:CreateRoute", | |
"ec2:DeleteRoute", | |
"ec2:DeleteSecurityGroup", | |
"ec2:DeleteVolume", | |
"ec2:DetachVolume", | |
"ec2:RevokeSecurityGroupIngress" | |
], | |
"Resource": [ | |
"*" | |
], | |
"Condition": { | |
"StringEquals": { | |
"ec2:ResourceTag/KubernetesCluster": "vault-cluster.k8s.local" | |
} | |
} | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"autoscaling:DescribeAutoScalingGroups", | |
"autoscaling:DescribeLaunchConfigurations", | |
"autoscaling:DescribeTags" | |
], | |
"Resource": [ | |
"*" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"autoscaling:SetDesiredCapacity", | |
"autoscaling:TerminateInstanceInAutoScalingGroup", | |
"autoscaling:UpdateAutoScalingGroup" | |
], | |
"Resource": [ | |
"*" | |
], | |
"Condition": { | |
"StringEquals": { | |
"autoscaling:ResourceTag/KubernetesCluster": "vault-cluster.k8s.local" | |
} | |
} | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"elasticloadbalancing:AddTags", | |
"elasticloadbalancing:AttachLoadBalancerToSubnets", | |
"elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", | |
"elasticloadbalancing:CreateLoadBalancer", | |
"elasticloadbalancing:CreateLoadBalancerPolicy", | |
"elasticloadbalancing:CreateLoadBalancerListeners", | |
"elasticloadbalancing:ConfigureHealthCheck", | |
"elasticloadbalancing:DeleteLoadBalancer", | |
"elasticloadbalancing:DeleteLoadBalancerListeners", | |
"elasticloadbalancing:DescribeLoadBalancers", | |
"elasticloadbalancing:DescribeLoadBalancerAttributes", | |
"elasticloadbalancing:DetachLoadBalancerFromSubnets", | |
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer", | |
"elasticloadbalancing:ModifyLoadBalancerAttributes", | |
"elasticloadbalancing:RegisterInstancesWithLoadBalancer", | |
"elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer" | |
], | |
"Resource": [ | |
"*" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"ec2:DescribeVpcs", | |
"elasticloadbalancing:AddTags", | |
"elasticloadbalancing:CreateListener", | |
"elasticloadbalancing:CreateTargetGroup", | |
"elasticloadbalancing:DeleteListener", | |
"elasticloadbalancing:DeleteTargetGroup", | |
"elasticloadbalancing:DeregisterTargets", | |
"elasticloadbalancing:DescribeListeners", | |
"elasticloadbalancing:DescribeLoadBalancerPolicies", | |
"elasticloadbalancing:DescribeTargetGroups", | |
"elasticloadbalancing:DescribeTargetHealth", | |
"elasticloadbalancing:ModifyListener", | |
"elasticloadbalancing:ModifyTargetGroup", | |
"elasticloadbalancing:RegisterTargets", | |
"elasticloadbalancing:SetLoadBalancerPoliciesOfListener" | |
], | |
"Resource": [ | |
"*" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"iam:ListServerCertificates", | |
"iam:GetServerCertificate" | |
], | |
"Resource": [ | |
"*" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"s3:GetBucketLocation", | |
"s3:GetEncryptionConfiguration", | |
"s3:ListBucket" | |
], | |
"Resource": [ | |
"arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"s3:Get*" | |
], | |
"Resource": "arn:aws:s3:::{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/*" | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"ecr:GetAuthorizationToken", | |
"ecr:BatchCheckLayerAvailability", | |
"ecr:GetDownloadUrlForLayer", | |
"ecr:GetRepositoryPolicy", | |
"ecr:DescribeRepositories", | |
"ecr:ListImages", | |
"ecr:BatchGetImage" | |
], | |
"Resource": [ | |
"*" | |
] | |
} | |
] | |
} | |
I0219 15:05:25.132415 48632 request_logger.go:45] AWS request: iam/PutRolePolicy | |
I0219 15:05:25.132997 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet-api/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.133019 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kubelet-api/" | |
I0219 15:05:25.135942 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kops: [] | |
I0219 15:05:25.135965 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kops/keyset.yaml" | |
I0219 15:05:25.139638 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-proxy/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.139662 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg: [] | |
I0219 15:05:25.139695 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.139726 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/apiserver-aggregator/" | |
I0219 15:05:25.139702 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubecfg/keyset.yaml" | |
I0219 15:05:25.139666 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kube-proxy/" | |
I0219 15:05:25.139807 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-controller-manager: [] | |
I0219 15:05:25.139848 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-controller-manager/keyset.yaml" | |
I0219 15:05:25.139728 48632 request_logger.go:45] AWS request: ec2/DescribeRouteTables | |
I0219 15:05:25.139920 48632 request_logger.go:45] AWS request: iam/AddRoleToInstanceProfile | |
I0219 15:05:25.140076 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-scheduler/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.140104 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kube-scheduler/" | |
I0219 15:05:25.144218 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kops/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.144250 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kops/" | |
I0219 15:05:25.144998 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet-api: [] | |
I0219 15:05:25.145073 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:25.145086 48632 keypair.go:201] Creating PKI keypair "kubelet-api" | |
I0219 15:05:25.145098 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet-api/keyset.yaml" | |
I0219 15:05:25.150827 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator: [] | |
I0219 15:05:25.150868 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-controller-manager/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.150911 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kube-controller-manager/" | |
I0219 15:05:25.150915 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:25.150940 48632 keypair.go:201] Creating PKI keypair "apiserver-aggregator" | |
I0219 15:05:25.150954 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator/keyset.yaml" | |
I0219 15:05:25.151641 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubecfg/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.151668 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kubecfg/" | |
I0219 15:05:25.151836 48632 internetgateway.go:150] Creating InternetGateway | |
I0219 15:05:25.151915 48632 request_logger.go:45] AWS request: ec2/CreateInternetGateway | |
I0219 15:05:25.154634 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.154665 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kubelet/" | |
I0219 15:05:25.154647 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-proxy: [] | |
I0219 15:05:25.154737 48632 routetable.go:174] Creating RouteTable with VPC: "vpc-06b31f5f4629a916f" | |
I0219 15:05:25.154749 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:25.154810 48632 keypair.go:201] Creating PKI keypair "kube-proxy" | |
I0219 15:05:25.154835 48632 request_logger.go:45] AWS request: ec2/CreateRouteTable | |
I0219 15:05:25.154841 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-proxy/keyset.yaml" | |
I0219 15:05:25.157076 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.157107 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/" | |
I0219 15:05:25.158477 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-scheduler: [] | |
I0219 15:05:25.158499 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet-api/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.158527 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kubelet-api/" | |
I0219 15:05:25.158559 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:25.158572 48632 keypair.go:201] Creating PKI keypair "kube-scheduler" | |
I0219 15:05:25.158586 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-scheduler/keyset.yaml" | |
I0219 15:05:25.162228 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.162283 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/apiserver-aggregator/" | |
I0219 15:05:25.166156 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-controller-manager: [] | |
I0219 15:05:25.166159 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kops: [] | |
I0219 15:05:25.166253 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:25.166273 48632 keypair.go:201] Creating PKI keypair "kube-controller-manager" | |
I0219 15:05:25.166283 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:25.166290 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-controller-manager/keyset.yaml" | |
I0219 15:05:25.166300 48632 keypair.go:201] Creating PKI keypair "kops" | |
I0219 15:05:25.166322 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kops/keyset.yaml" | |
I0219 15:05:25.168037 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-scheduler/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.168078 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kube-scheduler/" | |
I0219 15:05:25.169423 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubecfg: [] | |
I0219 15:05:25.169536 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:25.169556 48632 keypair.go:201] Creating PKI keypair "kubecfg" | |
I0219 15:05:25.169576 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg/keyset.yaml" | |
I0219 15:05:25.169962 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet: [] | |
I0219 15:05:25.170024 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:25.170041 48632 keypair.go:201] Creating PKI keypair "kubelet" | |
I0219 15:05:25.170054 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet/keyset.yaml" | |
I0219 15:05:25.170363 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-proxy/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.170383 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kube-proxy/" | |
I0219 15:05:25.173936 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-proxy-client: [] | |
I0219 15:05:25.173966 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-proxy-client/keyset.yaml" | |
I0219 15:05:25.176113 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.176139 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kubecfg/" | |
I0219 15:05:25.176436 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.176459 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kubelet/" | |
I0219 15:05:25.177707 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-controller-manager/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.177730 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kube-controller-manager/" | |
I0219 15:05:25.183383 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-scheduler: [] | |
I0219 15:05:25.183420 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-scheduler/keyset.yaml" | |
I0219 15:05:25.186413 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-proxy: [] | |
I0219 15:05:25.186441 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-proxy/keyset.yaml" | |
I0219 15:05:25.187011 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet: [] | |
I0219 15:05:25.187034 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet/keyset.yaml" | |
I0219 15:05:25.187223 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kops/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.187253 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kops/" | |
I0219 15:05:25.187264 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg: [] | |
I0219 15:05:25.187313 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubecfg/keyset.yaml" | |
I0219 15:05:25.190350 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-controller-manager: [] | |
I0219 15:05:25.190374 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-controller-manager/keyset.yaml" | |
I0219 15:05:25.190678 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-scheduler/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.190700 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kube-scheduler/" | |
I0219 15:05:25.193483 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-proxy/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.193505 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kube-proxy/" | |
I0219 15:05:25.193666 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubecfg/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.193688 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kubecfg/" | |
I0219 15:05:25.195225 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-proxy-client/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.195252 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/apiserver-proxy-client/" | |
I0219 15:05:25.195724 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.195746 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kubelet/" | |
I0219 15:05:25.196373 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-controller-manager/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.196395 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kube-controller-manager/" | |
I0219 15:05:25.197285 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kops: [] | |
I0219 15:05:25.197310 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kops/keyset.yaml" | |
I0219 15:05:25.201630 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator: [] | |
I0219 15:05:25.201653 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator/keyset.yaml" | |
I0219 15:05:25.203795 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kops/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.203816 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kops/" | |
I0219 15:05:25.204482 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-proxy: [] | |
I0219 15:05:25.204504 48632 keypair.go:212] Creating privateKey "kube-proxy" | |
I0219 15:05:25.206716 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-proxy-client: [] | |
I0219 15:05:25.206786 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:25.206799 48632 keypair.go:201] Creating PKI keypair "apiserver-proxy-client" | |
I0219 15:05:25.206811 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/keyset.yaml" | |
I0219 15:05:25.206965 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-controller-manager: [] | |
I0219 15:05:25.206990 48632 keypair.go:212] Creating privateKey "kube-controller-manager" | |
I0219 15:05:25.207348 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubecfg: [] | |
I0219 15:05:25.207380 48632 keypair.go:212] Creating privateKey "kubecfg" | |
I0219 15:05:25.207445 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet: [] | |
I0219 15:05:25.207478 48632 keypair.go:212] Creating privateKey "kubelet" | |
I0219 15:05:25.208990 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-scheduler: [] | |
I0219 15:05:25.209014 48632 keypair.go:212] Creating privateKey "kube-scheduler" | |
I0219 15:05:25.213230 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kops: [] | |
I0219 15:05:25.213253 48632 keypair.go:212] Creating privateKey "kops" | |
I0219 15:05:25.213644 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.213672 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/apiserver-aggregator/" | |
I0219 15:05:25.216308 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.216334 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/" | |
I0219 15:05:25.223505 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet-api: [] | |
I0219 15:05:25.223539 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet-api/keyset.yaml" | |
I0219 15:05:25.224745 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator: [] | |
I0219 15:05:25.224768 48632 keypair.go:212] Creating privateKey "apiserver-aggregator" | |
I0219 15:05:25.233119 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet-api/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.233143 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kubelet-api/" | |
I0219 15:05:25.239342 48632 internetgateway.go:163] Creating InternetGatewayAttachment | |
I0219 15:05:25.245077 48632 request_logger.go:45] AWS request: ec2/AttachInternetGateway | |
I0219 15:05:25.248075 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-proxy-client: [] | |
I0219 15:05:25.248099 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-proxy-client/keyset.yaml" | |
I0219 15:05:25.251006 48632 request_logger.go:45] AWS request: ec2/DescribeTags | |
I0219 15:05:25.254950 48632 securitygroup.go:166] Creating SecurityGroup with Name:"nodes.vault-cluster.k8s.local" VPC:"vpc-06b31f5f4629a916f" | |
I0219 15:05:25.255039 48632 request_logger.go:45] AWS request: ec2/CreateSecurityGroup | |
I0219 15:05:25.258679 48632 securitygroup.go:166] Creating SecurityGroup with Name:"api-elb.vault-cluster.k8s.local" VPC:"vpc-06b31f5f4629a916f" | |
I0219 15:05:25.258776 48632 request_logger.go:45] AWS request: ec2/CreateSecurityGroup | |
I0219 15:05:25.258979 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-proxy-client/keyset.yaml", falling back to directory-list method | |
I0219 15:05:25.259006 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/apiserver-proxy-client/" | |
I0219 15:05:25.263292 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet-api: [] | |
I0219 15:05:25.263324 48632 keypair.go:212] Creating privateKey "kubelet-api" | |
I0219 15:05:25.274643 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-proxy-client: [] | |
I0219 15:05:25.274667 48632 keypair.go:212] Creating privateKey "apiserver-proxy-client" | |
I0219 15:05:25.287216 48632 securitygroup.go:166] Creating SecurityGroup with Name:"masters.vault-cluster.k8s.local" VPC:"vpc-06b31f5f4629a916f" | |
I0219 15:05:25.287351 48632 request_logger.go:45] AWS request: ec2/CreateSecurityGroup | |
I0219 15:05:25.297552 48632 changes.go:81] Field changed "DHCPOptions" actual="{<nil> <nil> 0xc4211c4f28 <nil> <nil> <nil> map[]}" expected="{0xc420913ed0 0xc420e07350 0xc42120dd68 0xc420913ef0 0xc420913ee0 0xc420dc65ad map[Name:vault-cluster.k8s.local KubernetesCluster:vault-cluster.k8s.local kubernetes.io/cluster/vault-cluster.k8s.local:owned]}" | |
I0219 15:05:25.297726 48632 vpc_dhcpoptions_association.go:89] calling EC2 AssociateDhcpOptions | |
I0219 15:05:25.297864 48632 request_logger.go:45] AWS request: ec2/AssociateDhcpOptions | |
I0219 15:05:25.301961 48632 aws_cloud.go:783] adding tags to "rtb-0be6d5ac1bb9fae81": map[Name:vault-cluster.k8s.local KubernetesCluster:vault-cluster.k8s.local kubernetes.io/cluster/vault-cluster.k8s.local:owned kubernetes.io/kops/role:public] | |
I0219 15:05:25.302099 48632 request_logger.go:45] AWS request: ec2/CreateTags | |
I0219 15:05:25.351662 48632 request_logger.go:45] AWS request: ec2/DescribeTags | |
I0219 15:05:25.356628 48632 vfs_castore.go:736] Issuing new certificate: "kubelet" | |
I0219 15:05:25.356780 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml" | |
I0219 15:05:25.357530 48632 subnet.go:181] Creating Subnet with CIDR: "172.20.32.0/19" | |
I0219 15:05:25.357691 48632 request_logger.go:45] AWS request: ec2/CreateSubnet | |
I0219 15:05:25.358008 48632 request_logger.go:45] AWS request: ec2/DescribeTags | |
I0219 15:05:25.358236 48632 request_logger.go:45] AWS request: ec2/DescribeTags | |
I0219 15:05:25.361169 48632 vfs_castore.go:736] Issuing new certificate: "kops" | |
I0219 15:05:25.377863 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.377976 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/ca/keyset.yaml" | |
I0219 15:05:25.395900 48632 aws_cloud.go:783] adding tags to "sg-0be9f175b564add80": map[kubernetes.io/cluster/vault-cluster.k8s.local:owned Name:api-elb.vault-cluster.k8s.local KubernetesCluster:vault-cluster.k8s.local] | |
I0219 15:05:25.396062 48632 request_logger.go:45] AWS request: ec2/CreateTags | |
I0219 15:05:25.398660 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.398769 48632 privatekey.go:176] Parsing pem block: "RSA PRIVATE KEY" | |
I0219 15:05:25.403895 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kubelet/" | |
I0219 15:05:25.406085 48632 aws_cloud.go:783] adding tags to "igw-063da9e7205a17faf": map[KubernetesCluster:vault-cluster.k8s.local kubernetes.io/cluster/vault-cluster.k8s.local:owned Name:vault-cluster.k8s.local] | |
I0219 15:05:25.406204 48632 request_logger.go:45] AWS request: ec2/CreateTags | |
I0219 15:05:25.408266 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kops/" | |
I0219 15:05:25.408578 48632 aws_cloud.go:783] adding tags to "sg-058d8bc98d20f7d61": map[Name:nodes.vault-cluster.k8s.local KubernetesCluster:vault-cluster.k8s.local kubernetes.io/cluster/vault-cluster.k8s.local:owned] | |
I0219 15:05:25.408695 48632 request_logger.go:45] AWS request: ec2/CreateTags | |
I0219 15:05:25.425530 48632 vfs_castore.go:736] Issuing new certificate: "kube-proxy" | |
I0219 15:05:25.426251 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kops: [] | |
I0219 15:05:25.427026 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kops/keyset.yaml" | |
I0219 15:05:25.427055 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kops/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.431076 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kube-proxy/" | |
I0219 15:05:25.434405 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet: [] | |
I0219 15:05:25.435023 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet/keyset.yaml" | |
I0219 15:05:25.435054 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kubelet/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.452666 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-proxy: [] | |
I0219 15:05:25.453334 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-proxy/keyset.yaml" | |
I0219 15:05:25.453366 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kube-proxy/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.473763 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kops/6659805174383848918282198502.key" | |
I0219 15:05:25.473812 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kops/6659805174383848918282198502.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.480372 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet/6659805174364335744919087822.key" | |
I0219 15:05:25.480407 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kubelet/6659805174364335744919087822.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.491128 48632 request_logger.go:45] AWS request: ec2/DescribeTags | |
I0219 15:05:25.508502 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-proxy/6659805174660267379531317056.key" | |
I0219 15:05:25.508551 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kube-proxy/6659805174660267379531317056.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.510150 48632 vfs_castore.go:736] Issuing new certificate: "apiserver-proxy-client" | |
I0219 15:05:25.511877 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kops/" | |
I0219 15:05:25.513061 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kubelet/" | |
I0219 15:05:25.514634 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/apiserver-proxy-client/" | |
I0219 15:05:25.525942 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet: [] | |
I0219 15:05:25.526342 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet/keyset.yaml" | |
I0219 15:05:25.526375 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kubelet/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.526670 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kops: [] | |
I0219 15:05:25.526751 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-proxy-client: [] | |
I0219 15:05:25.527008 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kops/keyset.yaml" | |
I0219 15:05:25.527033 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kops/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.527325 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-proxy-client/keyset.yaml" | |
I0219 15:05:25.527356 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/apiserver-proxy-client/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.528416 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:25.536830 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kube-proxy/" | |
I0219 15:05:25.539004 48632 aws_cloud.go:783] adding tags to "sg-030fed70709878ad9": map[Name:masters.vault-cluster.k8s.local KubernetesCluster:vault-cluster.k8s.local kubernetes.io/cluster/vault-cluster.k8s.local:owned] | |
I0219 15:05:25.539124 48632 request_logger.go:45] AWS request: ec2/CreateTags | |
I0219 15:05:25.541118 48632 request_logger.go:45] AWS request: ec2/DescribeTags | |
I0219 15:05:25.553396 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-proxy: [] | |
I0219 15:05:25.553684 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-proxy/keyset.yaml" | |
I0219 15:05:25.553707 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kube-proxy/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.565112 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kops/6659805174383848918282198502.crt" | |
I0219 15:05:25.565154 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kops/6659805174383848918282198502.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.566536 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet/6659805174364335744919087822.crt" | |
I0219 15:05:25.566566 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kubelet/6659805174364335744919087822.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.569882 48632 vfs_castore.go:736] Issuing new certificate: "apiserver-aggregator" | |
I0219 15:05:25.569905 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator-ca/keyset.yaml" | |
I0219 15:05:25.576088 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:25.586241 48632 aws_cloud.go:783] adding tags to "subnet-09ee255cd19ff0e36": map[SubnetType:Public kubernetes.io/role/elb:1 Name:us-east-1a.vault-cluster.k8s.local KubernetesCluster:vault-cluster.k8s.local kubernetes.io/cluster/vault-cluster.k8s.local:owned] | |
I0219 15:05:25.586397 48632 request_logger.go:45] AWS request: ec2/CreateTags | |
I0219 15:05:25.587049 48632 vfs_castore.go:736] Issuing new certificate: "kubecfg" | |
I0219 15:05:25.594259 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kops/6659805174383848918282198502.crt" | |
I0219 15:05:25.595505 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.595598 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator-ca/keyset.yaml" | |
I0219 15:05:25.599777 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-proxy-client/6659805175023713442660351312.key" | |
I0219 15:05:25.599820 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/apiserver-proxy-client/6659805175023713442660351312.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.603527 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.603661 48632 keypair.go:230] created certificate with cn=kops | |
I0219 15:05:25.607059 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.607164 48632 privatekey.go:176] Parsing pem block: "RSA PRIVATE KEY" | |
I0219 15:05:25.611496 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/apiserver-aggregator/" | |
I0219 15:05:25.611910 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kubecfg/" | |
I0219 15:05:25.623965 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator: [] | |
I0219 15:05:25.624396 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubecfg: [] | |
I0219 15:05:25.624818 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-proxy/6659805174660267379531317056.crt" | |
I0219 15:05:25.624848 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kube-proxy/6659805174660267379531317056.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.624896 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator/keyset.yaml" | |
I0219 15:05:25.624923 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/apiserver-aggregator/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.625246 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/" | |
I0219 15:05:25.625521 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet/6659805174364335744919087822.crt" | |
I0219 15:05:25.625795 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubecfg/keyset.yaml" | |
I0219 15:05:25.625820 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kubecfg/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.629229 48632 vfs_castore.go:736] Issuing new certificate: "kube-scheduler" | |
I0219 15:05:25.632589 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kube-scheduler/" | |
I0219 15:05:25.635466 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.635601 48632 keypair.go:230] created certificate with cn=kubelet | |
I0219 15:05:25.640408 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-proxy-client: [] | |
I0219 15:05:25.640702 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/keyset.yaml" | |
I0219 15:05:25.640725 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.651098 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/apiserver-aggregator/6659805175280268883503931949.key" | |
I0219 15:05:25.651145 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/apiserver-aggregator/6659805175280268883503931949.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.654925 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-scheduler: [] | |
I0219 15:05:25.655562 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-scheduler/keyset.yaml" | |
I0219 15:05:25.655592 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kube-scheduler/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.657944 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:25.660509 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubecfg/6659805175353998828332819453.key" | |
I0219 15:05:25.660559 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kubecfg/6659805175353998828332819453.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.663067 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-proxy/6659805174660267379531317056.crt" | |
I0219 15:05:25.664780 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/6659805175023713442660351312.crt" | |
I0219 15:05:25.664814 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/6659805175023713442660351312.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.673938 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.674049 48632 keypair.go:230] created certificate with cn=system:kube-proxy | |
I0219 15:05:25.686654 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-scheduler/6659805175535142947986255267.key" | |
I0219 15:05:25.686743 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kube-scheduler/6659805175535142947986255267.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.688080 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/apiserver-aggregator/" | |
I0219 15:05:25.690647 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kubecfg/" | |
I0219 15:05:25.700858 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator: [] | |
I0219 15:05:25.700970 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg: [] | |
I0219 15:05:25.701441 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg/keyset.yaml" | |
I0219 15:05:25.701468 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator/keyset.yaml" | |
I0219 15:05:25.701508 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/apiserver-aggregator/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.701479 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kubecfg/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.705830 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-proxy-client/6659805175023713442660351312.crt" | |
I0219 15:05:25.716019 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.716139 48632 keypair.go:230] created certificate with cn=apiserver-proxy-client | |
I0219 15:05:25.725505 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kube-scheduler/" | |
I0219 15:05:25.736235 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg/6659805175353998828332819453.crt" | |
I0219 15:05:25.736284 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kubecfg/6659805175353998828332819453.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.739157 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-scheduler: [] | |
I0219 15:05:25.739400 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-scheduler/keyset.yaml" | |
I0219 15:05:25.739418 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kube-scheduler/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.748348 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator/6659805175280268883503931949.crt" | |
I0219 15:05:25.748377 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/apiserver-aggregator/6659805175280268883503931949.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.756411 48632 vfs_castore.go:736] Issuing new certificate: "kubelet-api" | |
I0219 15:05:25.759078 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kubelet-api/" | |
I0219 15:05:25.761620 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-scheduler/6659805175535142947986255267.crt" | |
I0219 15:05:25.761664 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kube-scheduler/6659805175535142947986255267.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.764583 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg/6659805175353998828332819453.crt" | |
I0219 15:05:25.775103 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet-api: [] | |
I0219 15:05:25.775562 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet-api/keyset.yaml" | |
I0219 15:05:25.775587 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kubelet-api/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.776338 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.776410 48632 keypair.go:230] created certificate with cn=kubecfg | |
I0219 15:05:25.783184 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-scheduler/6659805175535142947986255267.crt" | |
I0219 15:05:25.783606 48632 vfs_castore.go:736] Issuing new certificate: "kube-controller-manager" | |
I0219 15:05:25.783717 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/apiserver-aggregator/6659805175280268883503931949.crt" | |
I0219 15:05:25.786115 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/kube-controller-manager/" | |
I0219 15:05:25.793252 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.793332 48632 keypair.go:230] created certificate with cn=aggregator | |
I0219 15:05:25.793846 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.793908 48632 keypair.go:230] created certificate with cn=system:kube-scheduler | |
I0219 15:05:25.798256 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-controller-manager: [] | |
I0219 15:05:25.798781 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-controller-manager/keyset.yaml" | |
I0219 15:05:25.798803 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kube-controller-manager/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.833586 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kube-controller-manager/6659805176198207020896051717.key" | |
I0219 15:05:25.833630 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kube-controller-manager/6659805176198207020896051717.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.859720 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kube-controller-manager/" | |
I0219 15:05:25.862790 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubelet-api/6659805176081399700383809066.key" | |
I0219 15:05:25.875868 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/kubelet-api/6659805176081399700383809066.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.887197 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-controller-manager: [] | |
I0219 15:05:25.887541 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-controller-manager/keyset.yaml" | |
I0219 15:05:25.887570 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kube-controller-manager/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.900869 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/kubelet-api/" | |
I0219 15:05:25.913494 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet-api: [] | |
I0219 15:05:25.913838 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet-api/keyset.yaml" | |
I0219 15:05:25.913863 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kubelet-api/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.929060 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-controller-manager/6659805176198207020896051717.crt" | |
I0219 15:05:25.929118 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kube-controller-manager/6659805176198207020896051717.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.957395 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet-api/6659805176081399700383809066.crt" | |
I0219 15:05:25.957442 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/kubelet-api/6659805176081399700383809066.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:25.970225 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kube-controller-manager/6659805176198207020896051717.crt" | |
I0219 15:05:25.979241 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:25.979328 48632 keypair.go:230] created certificate with cn=system:kube-controller-manager | |
I0219 15:05:26.079964 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubelet-api/6659805176081399700383809066.crt" | |
I0219 15:05:26.090934 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:26.091028 48632 keypair.go:230] created certificate with cn=kubelet-api | |
I0219 15:05:26.091060 48632 executor.go:103] Tasks: 54 done / 77 total; 19 can run | |
I0219 15:05:26.091094 48632 executor.go:178] Executing task "SecurityGroupRule/ssh-external-to-node-0.0.0.0/0": *awstasks.SecurityGroupRule {"Name":"ssh-external-to-node-0.0.0.0/0","Lifecycle":"Sync","SecurityGroup":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-058d8bc98d20f7d61","Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":"0.0.0.0/0","Protocol":"tcp","FromPort":22,"ToPort":22,"SourceGroup":null,"Egress":null} | |
I0219 15:05:26.091094 48632 executor.go:178] Executing task "SecurityGroupRule/ssh-external-to-master-0.0.0.0/0": *awstasks.SecurityGroupRule {"Name":"ssh-external-to-master-0.0.0.0/0","Lifecycle":"Sync","SecurityGroup":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":"0.0.0.0/0","Protocol":"tcp","FromPort":22,"ToPort":22,"SourceGroup":null,"Egress":null} | |
I0219 15:05:26.091110 48632 executor.go:178] Executing task "SecurityGroupRule/https-api-elb-0.0.0.0/0": *awstasks.SecurityGroupRule {"Name":"https-api-elb-0.0.0.0/0","Lifecycle":"Sync","SecurityGroup":{"Name":"api-elb.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-0be9f175b564add80","Description":"Security group for api ELB","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=443"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"api-elb.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":"0.0.0.0/0","Protocol":"tcp","FromPort":443,"ToPort":443,"SourceGroup":null,"Egress":null} | |
I0219 15:05:26.091159 48632 executor.go:178] Executing task "SecurityGroupRule/all-master-to-master": *awstasks.SecurityGroupRule {"Name":"all-master-to-master","Lifecycle":"Sync","SecurityGroup":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":null,"Protocol":null,"FromPort":null,"ToPort":null,"SourceGroup":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Egress":null} | |
I0219 15:05:26.091131 48632 executor.go:178] Executing task "LaunchConfiguration/nodes.vault-cluster.k8s.local": *awstasks.LaunchConfiguration {"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","UserData":{"Name":"","Resource":{}},"ImageID":"kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17","InstanceType":"t2.medium","SSHKey":{"Name":"kubernetes.vault-cluster.k8s.local-{{SSH_FINGERPRINT}}","Lifecycle":"Sync","PublicKey":{"Name":"","Resource":"ssh-rsa {{SSH_RSA_KEY}}\n"},"KeyFingerprint":"{{ANOTHER_KEY_FINGERPRINT}}"},"SecurityGroups":[{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-058d8bc98d20f7d61","Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}}],"AssociatePublicIP":true,"IAMInstanceProfile":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"AIPAJMY5EUSYY77WI3NGA","Shared":false},"InstanceMonitoring":null,"RootVolumeSize":128,"RootVolumeType":"gp2","RootVolumeIops":null,"RootVolumeOptimization":null,"SpotPrice":"","ID":null,"Tenancy":null} | |
I0219 15:05:26.091362 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.091384 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.091167 48632 executor.go:178] Executing task "SecurityGroupRule/https-elb-to-master": *awstasks.SecurityGroupRule {"Name":"https-elb-to-master","Lifecycle":"Sync","SecurityGroup":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":null,"Protocol":"tcp","FromPort":443,"ToPort":443,"SourceGroup":{"Name":"api-elb.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-0be9f175b564add80","Description":"Security group for api ELB","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=443"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"api-elb.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Egress":null} | |
I0219 15:05:26.091425 48632 request_logger.go:45] AWS request: autoscaling/DescribeLaunchConfigurations | |
I0219 15:05:26.091153 48632 executor.go:178] Executing task "SecurityGroupRule/api-elb-egress": *awstasks.SecurityGroupRule {"Name":"api-elb-egress","Lifecycle":"Sync","SecurityGroup":{"Name":"api-elb.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-0be9f175b564add80","Description":"Security group for api ELB","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=443"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"api-elb.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":"0.0.0.0/0","Protocol":null,"FromPort":null,"ToPort":null,"SourceGroup":null,"Egress":true} | |
I0219 15:05:26.091113 48632 executor.go:178] Executing task "LaunchConfiguration/master-us-east-1a.masters.vault-cluster.k8s.local": *awstasks.LaunchConfiguration {"Name":"master-us-east-1a.masters.vault-cluster.k8s.local","Lifecycle":"Sync","UserData":{"Name":"","Resource":{}},"ImageID":"kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17","InstanceType":"m3.medium","SSHKey":{"Name":"kubernetes.vault-cluster.k8s.local-{{SSH_FINGERPRINT}}","Lifecycle":"Sync","PublicKey":{"Name":"","Resource":"ssh-rsa {{SSH_RSA_KEY}}\n"},"KeyFingerprint":"{{ANOTHER_KEY_FINGERPRINT}}"},"SecurityGroups":[{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}}],"AssociatePublicIP":true,"IAMInstanceProfile":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"AIPAI7SPO3UQMIWAEV45O","Shared":false},"InstanceMonitoring":null,"RootVolumeSize":64,"RootVolumeType":"gp2","RootVolumeIops":null,"RootVolumeOptimization":null,"SpotPrice":"","ID":null,"Tenancy":null} | |
I0219 15:05:26.091101 48632 executor.go:178] Executing task "SecurityGroupRule/node-to-master-tcp-4003-65535": *awstasks.SecurityGroupRule {"Name":"node-to-master-tcp-4003-65535","Lifecycle":"Sync","SecurityGroup":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":null,"Protocol":"tcp","FromPort":4003,"ToPort":65535,"SourceGroup":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-058d8bc98d20f7d61","Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Egress":null} | |
I0219 15:05:26.091581 48632 request_logger.go:45] AWS request: autoscaling/DescribeLaunchConfigurations | |
I0219 15:05:26.091118 48632 executor.go:178] Executing task "RouteTableAssociation/us-east-1a.vault-cluster.k8s.local": *awstasks.RouteTableAssociation {"Name":"us-east-1a.vault-cluster.k8s.local","Lifecycle":"Sync","ID":null,"RouteTable":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"rtb-0be6d5ac1bb9fae81","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned","kubernetes.io/kops/role":"public"}},"Subnet":{"Name":"us-east-1a.vault-cluster.k8s.local","ShortName":"us-east-1a","Lifecycle":"Sync","ID":"subnet-09ee255cd19ff0e36","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"AvailabilityZone":"us-east-1a","CIDR":"172.20.32.0/19","Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"us-east-1a.vault-cluster.k8s.local","SubnetType":"Public","kubernetes.io/cluster/vault-cluster.k8s.local":"owned","kubernetes.io/role/elb":"1"}}} | |
I0219 15:05:26.091140 48632 executor.go:178] Executing task "SecurityGroupRule/node-to-master-udp-1-65535": *awstasks.SecurityGroupRule {"Name":"node-to-master-udp-1-65535","Lifecycle":"Sync","SecurityGroup":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":null,"Protocol":"udp","FromPort":1,"ToPort":65535,"SourceGroup":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-058d8bc98d20f7d61","Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Egress":null} | |
I0219 15:05:26.091715 48632 request_logger.go:45] AWS request: ec2/DescribeRouteTables | |
I0219 15:05:26.091144 48632 executor.go:178] Executing task "Route/0.0.0.0/0": *awstasks.Route {"Name":"0.0.0.0/0","Lifecycle":"Sync","RouteTable":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"rtb-0be6d5ac1bb9fae81","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned","kubernetes.io/kops/role":"public"}},"Instance":null,"CIDR":"0.0.0.0/0","InternetGateway":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"igw-063da9e7205a17faf","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"NatGateway":null} | |
I0219 15:05:26.091801 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.091126 48632 executor.go:178] Executing task "SecurityGroupRule/master-egress": *awstasks.SecurityGroupRule {"Name":"master-egress","Lifecycle":"Sync","SecurityGroup":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":"0.0.0.0/0","Protocol":null,"FromPort":null,"ToPort":null,"SourceGroup":null,"Egress":true} | |
I0219 15:05:26.091916 48632 request_logger.go:45] AWS request: ec2/DescribeRouteTables | |
I0219 15:05:26.091947 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.091362 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.091149 48632 executor.go:178] Executing task "SecurityGroupRule/all-node-to-node": *awstasks.SecurityGroupRule {"Name":"all-node-to-node","Lifecycle":"Sync","SecurityGroup":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-058d8bc98d20f7d61","Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":null,"Protocol":null,"FromPort":null,"ToPort":null,"SourceGroup":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-058d8bc98d20f7d61","Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Egress":null} | |
I0219 15:05:26.091119 48632 executor.go:178] Executing task "SecurityGroupRule/all-master-to-node": *awstasks.SecurityGroupRule {"Name":"all-master-to-node","Lifecycle":"Sync","SecurityGroup":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-058d8bc98d20f7d61","Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":null,"Protocol":null,"FromPort":null,"ToPort":null,"SourceGroup":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Egress":null} | |
I0219 15:05:26.091093 48632 executor.go:178] Executing task "SecurityGroupRule/node-egress": *awstasks.SecurityGroupRule {"Name":"node-egress","Lifecycle":"Sync","SecurityGroup":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-058d8bc98d20f7d61","Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":"0.0.0.0/0","Protocol":null,"FromPort":null,"ToPort":null,"SourceGroup":null,"Egress":true} | |
I0219 15:05:26.091530 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.091164 48632 executor.go:178] Executing task "SecurityGroupRule/node-to-master-tcp-1-2379": *awstasks.SecurityGroupRule {"Name":"node-to-master-tcp-1-2379","Lifecycle":"Sync","SecurityGroup":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":null,"Protocol":"tcp","FromPort":1,"ToPort":2379,"SourceGroup":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-058d8bc98d20f7d61","Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Egress":null} | |
I0219 15:05:26.092150 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.091528 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.091615 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.092207 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.091362 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.091115 48632 executor.go:178] Executing task "LoadBalancer/api.vault-cluster.k8s.local": *awstasks.LoadBalancer {"Name":"api.vault-cluster.k8s.local","Lifecycle":"Sync","LoadBalancerName":"api-vault-cluster-k8s-loc-mfnq7d","DNSName":null,"HostedZoneId":null,"Subnets":[{"Name":"us-east-1a.vault-cluster.k8s.local","ShortName":"us-east-1a","Lifecycle":"Sync","ID":"subnet-09ee255cd19ff0e36","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"AvailabilityZone":"us-east-1a","CIDR":"172.20.32.0/19","Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"us-east-1a.vault-cluster.k8s.local","SubnetType":"Public","kubernetes.io/cluster/vault-cluster.k8s.local":"owned","kubernetes.io/role/elb":"1"}}],"SecurityGroups":[{"Name":"api-elb.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-0be9f175b564add80","Description":"Security group for api ELB","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=443"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"api-elb.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}}],"Listeners":{"443":{"InstancePort":443,"SSLCertificateID":""}},"Scheme":null,"HealthCheck":{"Target":"SSL:443","HealthyThreshold":2,"UnhealthyThreshold":2,"Interval":10,"Timeout":5},"AccessLog":null,"ConnectionDraining":null,"ConnectionSettings":{"IdleTimeout":300},"CrossZoneLoadBalancing":null,"SSLCertificateID":""} | |
I0219 15:05:26.092279 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.091143 48632 executor.go:178] Executing task "SecurityGroupRule/node-to-master-tcp-2382-4000": *awstasks.SecurityGroupRule {"Name":"node-to-master-tcp-2382-4000","Lifecycle":"Sync","SecurityGroup":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"CIDR":null,"Protocol":"tcp","FromPort":2382,"ToPort":4000,"SourceGroup":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-058d8bc98d20f7d61","Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"Egress":null} | |
I0219 15:05:26.092317 48632 load_balancer.go:181] Listing all ELBs for findLoadBalancerByNameTag | |
I0219 15:05:26.092353 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.092413 48632 request_logger.go:45] AWS request: ec2/DescribeSecurityGroups | |
I0219 15:05:26.094168 48632 request_logger.go:45] AWS request: elasticloadbalancing/DescribeLoadBalancers | |
I0219 15:05:26.166037 48632 securitygrouprule.go:278] ssh-external-to-master-0.0.0.0/0: Calling EC2 AuthorizeSecurityGroupIngress (protocol=tcp fromPort=22 toPort=22 cidr=0.0.0.0/0) | |
I0219 15:05:26.166212 48632 request_logger.go:45] AWS request: ec2/AuthorizeSecurityGroupIngress | |
I0219 15:05:26.166238 48632 securitygrouprule.go:278] https-api-elb-0.0.0.0/0: Calling EC2 AuthorizeSecurityGroupIngress (protocol=tcp fromPort=443 toPort=443 cidr=0.0.0.0/0) | |
I0219 15:05:26.166368 48632 request_logger.go:45] AWS request: ec2/AuthorizeSecurityGroupIngress | |
I0219 15:05:26.167264 48632 securitygrouprule.go:278] node-to-master-tcp-4003-65535: Calling EC2 AuthorizeSecurityGroupIngress (protocol=tcp fromPort=4003 toPort=65535 sourceGroup=sg-058d8bc98d20f7d61) | |
I0219 15:05:26.167412 48632 request_logger.go:45] AWS request: ec2/AuthorizeSecurityGroupIngress | |
I0219 15:05:26.171481 48632 securitygrouprule.go:278] node-to-master-tcp-2382-4000: Calling EC2 AuthorizeSecurityGroupIngress (protocol=tcp fromPort=2382 toPort=4000 sourceGroup=sg-058d8bc98d20f7d61) | |
I0219 15:05:26.171585 48632 request_logger.go:45] AWS request: ec2/AuthorizeSecurityGroupIngress | |
I0219 15:05:26.175372 48632 routetableassociation.go:149] Checking for existing RouteTableAssociation to subnet | |
I0219 15:05:26.175430 48632 securitygrouprule.go:278] node-to-master-udp-1-65535: Calling EC2 AuthorizeSecurityGroupIngress (protocol=udp fromPort=1 toPort=65535 sourceGroup=sg-058d8bc98d20f7d61) | |
I0219 15:05:26.175514 48632 request_logger.go:45] AWS request: ec2/DescribeRouteTables | |
I0219 15:05:26.175552 48632 request_logger.go:45] AWS request: ec2/AuthorizeSecurityGroupIngress | |
I0219 15:05:26.177406 48632 securitygrouprule.go:278] ssh-external-to-node-0.0.0.0/0: Calling EC2 AuthorizeSecurityGroupIngress (protocol=tcp fromPort=22 toPort=22 cidr=0.0.0.0/0) | |
I0219 15:05:26.177492 48632 request_logger.go:45] AWS request: ec2/AuthorizeSecurityGroupIngress | |
I0219 15:05:26.178809 48632 securitygrouprule.go:278] node-to-master-tcp-1-2379: Calling EC2 AuthorizeSecurityGroupIngress (protocol=tcp fromPort=1 toPort=2379 sourceGroup=sg-058d8bc98d20f7d61) | |
I0219 15:05:26.178932 48632 request_logger.go:45] AWS request: ec2/AuthorizeSecurityGroupIngress | |
I0219 15:05:26.183446 48632 securitygrouprule.go:278] all-master-to-master: Calling EC2 AuthorizeSecurityGroupIngress (sourceGroup=sg-030fed70709878ad9) | |
I0219 15:05:26.183625 48632 request_logger.go:45] AWS request: ec2/AuthorizeSecurityGroupIngress | |
I0219 15:05:26.185737 48632 securitygrouprule.go:278] all-node-to-node: Calling EC2 AuthorizeSecurityGroupIngress (sourceGroup=sg-058d8bc98d20f7d61) | |
I0219 15:05:26.185814 48632 request_logger.go:45] AWS request: ec2/AuthorizeSecurityGroupIngress | |
I0219 15:05:26.189766 48632 route.go:174] Creating Route with RouteTable:"rtb-0be6d5ac1bb9fae81" CIDR:"0.0.0.0/0" | |
I0219 15:05:26.189840 48632 request_logger.go:45] AWS request: ec2/CreateRoute | |
I0219 15:05:26.198315 48632 securitygrouprule.go:278] https-elb-to-master: Calling EC2 AuthorizeSecurityGroupIngress (protocol=tcp fromPort=443 toPort=443 sourceGroup=sg-0be9f175b564add80) | |
I0219 15:05:26.198402 48632 request_logger.go:45] AWS request: ec2/AuthorizeSecurityGroupIngress | |
I0219 15:05:26.209223 48632 securitygrouprule.go:278] all-master-to-node: Calling EC2 AuthorizeSecurityGroupIngress (sourceGroup=sg-030fed70709878ad9) | |
I0219 15:05:26.209334 48632 request_logger.go:45] AWS request: ec2/AuthorizeSecurityGroupIngress | |
I0219 15:05:26.211301 48632 load_balancer.go:497] Creating ELB with Name:"api-vault-cluster-k8s-loc-mfnq7d" | |
I0219 15:05:26.211400 48632 request_logger.go:45] AWS request: elasticloadbalancing/CreateLoadBalancer | |
I0219 15:05:26.215684 48632 launchconfiguration.go:288] Creating AutoscalingLaunchConfiguration with Name:"master-us-east-1a.masters.vault-cluster.k8s.local-20190219200526" | |
I0219 15:05:26.215727 48632 aws_cloud.go:1037] Calling DescribeImages to resolve name "kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17" | |
I0219 15:05:26.215869 48632 request_logger.go:45] AWS request: ec2/DescribeImages | |
I0219 15:05:26.218855 48632 routetableassociation.go:172] Creating RouteTableAssociation | |
I0219 15:05:26.219022 48632 request_logger.go:45] AWS request: ec2/AssociateRouteTable | |
I0219 15:05:26.227632 48632 launchconfiguration.go:288] Creating AutoscalingLaunchConfiguration with Name:"nodes.vault-cluster.k8s.local-20190219200526" | |
I0219 15:05:26.227702 48632 aws_cloud.go:1037] Calling DescribeImages to resolve name "kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17" | |
I0219 15:05:26.227864 48632 request_logger.go:45] AWS request: ec2/DescribeImages | |
I0219 15:05:26.280978 48632 aws_cloud.go:1089] Resolved image "ami-03b850a018c8cd25e" | |
I0219 15:05:26.281020 48632 aws_cloud.go:1037] Calling DescribeImages to resolve name "kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17" | |
I0219 15:05:26.281115 48632 request_logger.go:45] AWS request: ec2/DescribeImages | |
I0219 15:05:26.309392 48632 aws_cloud.go:1089] Resolved image "ami-03b850a018c8cd25e" | |
I0219 15:05:26.309435 48632 aws_cloud.go:1037] Calling DescribeImages to resolve name "kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17" | |
I0219 15:05:26.309539 48632 request_logger.go:45] AWS request: ec2/DescribeImages | |
I0219 15:05:26.336533 48632 aws_cloud.go:1089] Resolved image "ami-03b850a018c8cd25e" | |
I0219 15:05:26.337443 48632 tagbuilder.go:91] tags: [_aws _k8s_1_6] | |
I0219 15:05:26.337468 48632 urls.go:142] Using cached protokube location: "https://kubeupv2.s3.amazonaws.com/kops/1.11.0/images/protokube.tar.gz" | |
I0219 15:05:26.337733 48632 launchconfiguration.go:367] AWS CreateLaunchConfiguration master-us-east-1a.masters.vault-cluster.k8s.local-20190219200526 | |
I0219 15:05:26.338813 48632 request_logger.go:45] AWS request: autoscaling/CreateLaunchConfiguration | |
I0219 15:05:26.364060 48632 launchconfiguration.go:379] got an error indicating that the IAM instance profile "masters.vault-cluster.k8s.local" is not ready: "Invalid IamInstanceProfile: masters.vault-cluster.k8s.local" | |
I0219 15:05:26.364094 48632 launchconfiguration.go:380] waiting for IAM instance profile "masters.vault-cluster.k8s.local" to be ready | |
I0219 15:05:26.369118 48632 aws_cloud.go:1089] Resolved image "ami-03b850a018c8cd25e" | |
I0219 15:05:26.369545 48632 tagbuilder.go:91] tags: [_aws _k8s_1_6] | |
I0219 15:05:26.369582 48632 urls.go:142] Using cached protokube location: "https://kubeupv2.s3.amazonaws.com/kops/1.11.0/images/protokube.tar.gz" | |
I0219 15:05:26.369839 48632 launchconfiguration.go:367] AWS CreateLaunchConfiguration nodes.vault-cluster.k8s.local-20190219200526 | |
I0219 15:05:26.370133 48632 request_logger.go:45] AWS request: autoscaling/CreateLaunchConfiguration | |
I0219 15:05:26.385946 48632 launchconfiguration.go:379] got an error indicating that the IAM instance profile "nodes.vault-cluster.k8s.local" is not ready: "Invalid IamInstanceProfile: nodes.vault-cluster.k8s.local" | |
I0219 15:05:26.385979 48632 launchconfiguration.go:380] waiting for IAM instance profile "nodes.vault-cluster.k8s.local" to be ready | |
I0219 15:05:27.026295 48632 request_logger.go:45] AWS request: elasticloadbalancing/DescribeLoadBalancers | |
I0219 15:05:27.065292 48632 request_logger.go:45] AWS request: elasticloadbalancing/DescribeTags | |
I0219 15:05:27.083765 48632 aws_apitarget.go:73] adding tags to "api-vault-cluster-k8s-loc-mfnq7d": map[Name:api.vault-cluster.k8s.local KubernetesCluster:vault-cluster.k8s.local] | |
I0219 15:05:27.083869 48632 request_logger.go:45] AWS request: elasticloadbalancing/AddTags | |
I0219 15:05:27.105195 48632 load_balancer.go:619] Configuring health checks on ELB "api-vault-cluster-k8s-loc-mfnq7d" | |
I0219 15:05:27.105380 48632 request_logger.go:45] AWS request: elasticloadbalancing/ConfigureHealthCheck | |
I0219 15:05:27.132287 48632 loadbalancer_attributes.go:170] Configuring ELB attributes for ELB "api-vault-cluster-k8s-loc-mfnq7d" | |
I0219 15:05:27.132404 48632 request_logger.go:45] AWS request: elasticloadbalancing/ModifyLoadBalancerAttributes | |
I0219 15:05:27.199039 48632 loadbalancer_attributes.go:177] modified ELB attributes for ELB "api-vault-cluster-k8s-loc-mfnq7d", response { | |
LoadBalancerAttributes: { | |
AccessLog: { | |
Enabled: false | |
}, | |
ConnectionDraining: { | |
Enabled: false, | |
Timeout: 300 | |
}, | |
ConnectionSettings: { | |
IdleTimeout: 300 | |
}, | |
CrossZoneLoadBalancing: { | |
Enabled: false | |
} | |
}, | |
LoadBalancerName: "api-vault-cluster-k8s-loc-mfnq7d" | |
} | |
I0219 15:05:36.365324 48632 launchconfiguration.go:367] AWS CreateLaunchConfiguration master-us-east-1a.masters.vault-cluster.k8s.local-20190219200526 | |
I0219 15:05:36.371780 48632 request_logger.go:45] AWS request: autoscaling/CreateLaunchConfiguration | |
I0219 15:05:36.386187 48632 launchconfiguration.go:367] AWS CreateLaunchConfiguration nodes.vault-cluster.k8s.local-20190219200526 | |
I0219 15:05:36.386651 48632 request_logger.go:45] AWS request: autoscaling/CreateLaunchConfiguration | |
I0219 15:05:36.869346 48632 request_logger.go:45] AWS request: autoscaling/DescribeLaunchConfigurations | |
I0219 15:05:36.885953 48632 request_logger.go:45] AWS request: autoscaling/DescribeLaunchConfigurations | |
I0219 15:05:36.965469 48632 executor.go:103] Tasks: 73 done / 77 total; 3 can run | |
I0219 15:05:36.965587 48632 executor.go:178] Executing task "Keypair/master": *fitasks.Keypair {"Name":"master","alternateNames":["kubernetes","kubernetes.default","kubernetes.default.svc","kubernetes.default.svc.cluster.local","api.vault-cluster.k8s.local","api.internal.vault-cluster.k8s.local","100.64.0.1","127.0.0.1"],"alternateNameTasks":[{"Name":"api.vault-cluster.k8s.local","Lifecycle":"Sync","LoadBalancerName":"api-vault-cluster-k8s-loc-mfnq7d","DNSName":"api-vault-cluster-k8s-{{ELB_STUFF}}.us-east-1.elb.amazonaws.com","HostedZoneId":"Z35SXDOTRQ7X7K","Subnets":[{"Name":"us-east-1a.vault-cluster.k8s.local","ShortName":"us-east-1a","Lifecycle":"Sync","ID":"subnet-09ee255cd19ff0e36","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"AvailabilityZone":"us-east-1a","CIDR":"172.20.32.0/19","Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"us-east-1a.vault-cluster.k8s.local","SubnetType":"Public","kubernetes.io/cluster/vault-cluster.k8s.local":"owned","kubernetes.io/role/elb":"1"}}],"SecurityGroups":[{"Name":"api-elb.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-0be9f175b564add80","Description":"Security group for api ELB","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=443"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"api-elb.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}}],"Listeners":{"443":{"InstancePort":443,"SSLCertificateID":""}},"Scheme":null,"HealthCheck":{"Target":"SSL:443","HealthyThreshold":2,"UnhealthyThreshold":2,"Interval":10,"Timeout":5},"AccessLog":null,"ConnectionDraining":null,"ConnectionSettings":{"IdleTimeout":300},"CrossZoneLoadBalancing":null,"SSLCertificateID":""}],"Lifecycle":"Sync","Signer":{"Name":"ca","alternateNames":null,"alternateNameTasks":null,"Lifecycle":"Sync","Signer":null,"subject":"cn=kubernetes","type":"ca","format":"v1alpha2"},"subject":"cn=kubernetes-master","type":"server","format":"v1alpha2"} | |
I0219 15:05:36.965712 48632 load_balancer.go:181] Listing all ELBs for findLoadBalancerByNameTag | |
I0219 15:05:36.965533 48632 executor.go:178] Executing task "AutoscalingGroup/master-us-east-1a.masters.vault-cluster.k8s.local": *awstasks.AutoscalingGroup {"Name":"master-us-east-1a.masters.vault-cluster.k8s.local","Lifecycle":"Sync","MinSize":1,"MaxSize":1,"Subnets":[{"Name":"us-east-1a.vault-cluster.k8s.local","ShortName":"us-east-1a","Lifecycle":"Sync","ID":"subnet-09ee255cd19ff0e36","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"AvailabilityZone":"us-east-1a","CIDR":"172.20.32.0/19","Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"us-east-1a.vault-cluster.k8s.local","SubnetType":"Public","kubernetes.io/cluster/vault-cluster.k8s.local":"owned","kubernetes.io/role/elb":"1"}}],"Tags":{"k8s.io/cluster-autoscaler/node-template/label/kops.k8s.io/instancegroup":"master-us-east-1a","k8s.io/role/master":"1"},"Granularity":"1Minute","Metrics":["GroupMinSize","GroupMaxSize","GroupDesiredCapacity","GroupInServiceInstances","GroupPendingInstances","GroupStandbyInstances","GroupTerminatingInstances","GroupTotalInstances"],"LaunchConfiguration":{"Name":"master-us-east-1a.masters.vault-cluster.k8s.local","Lifecycle":"Sync","UserData":{"Name":"","Resource":{}},"ImageID":"kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17","InstanceType":"m3.medium","SSHKey":{"Name":"kubernetes.vault-cluster.k8s.local-{{SSH_FINGERPRINT}}","Lifecycle":"Sync","PublicKey":{"Name":"","Resource":"ssh-rsa {{SSH_RSA_KEY}}\n"},"KeyFingerprint":"{{ANOTHER_KEY_FINGERPRINT}}"},"SecurityGroups":[{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}}],"AssociatePublicIP":true,"IAMInstanceProfile":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"AIPAI7SPO3UQMIWAEV45O","Shared":false},"InstanceMonitoring":null,"RootVolumeSize":64,"RootVolumeType":"gp2","RootVolumeIops":null,"RootVolumeOptimization":null,"SpotPrice":"","ID":"master-us-east-1a.masters.vault-cluster.k8s.local-20190219200526","Tenancy":null},"SuspendProcesses":[]} | |
I0219 15:05:36.965572 48632 executor.go:178] Executing task "AutoscalingGroup/nodes.vault-cluster.k8s.local": *awstasks.AutoscalingGroup {"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","MinSize":2,"MaxSize":2,"Subnets":[{"Name":"us-east-1a.vault-cluster.k8s.local","ShortName":"us-east-1a","Lifecycle":"Sync","ID":"subnet-09ee255cd19ff0e36","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"AvailabilityZone":"us-east-1a","CIDR":"172.20.32.0/19","Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"us-east-1a.vault-cluster.k8s.local","SubnetType":"Public","kubernetes.io/cluster/vault-cluster.k8s.local":"owned","kubernetes.io/role/elb":"1"}}],"Tags":{"k8s.io/cluster-autoscaler/node-template/label/kops.k8s.io/instancegroup":"nodes","k8s.io/role/node":"1"},"Granularity":"1Minute","Metrics":["GroupMinSize","GroupMaxSize","GroupDesiredCapacity","GroupInServiceInstances","GroupPendingInstances","GroupStandbyInstances","GroupTerminatingInstances","GroupTotalInstances"],"LaunchConfiguration":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","UserData":{"Name":"","Resource":{}},"ImageID":"kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17","InstanceType":"t2.medium","SSHKey":{"Name":"kubernetes.vault-cluster.k8s.local-{{SSH_FINGERPRINT}}","Lifecycle":"Sync","PublicKey":{"Name":"","Resource":"ssh-rsa {{SSH_RSA_KEY}}\n"},"KeyFingerprint":"{{ANOTHER_KEY_FINGERPRINT}}"},"SecurityGroups":[{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-058d8bc98d20f7d61","Description":"Security group for nodes","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"nodes.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}}],"AssociatePublicIP":true,"IAMInstanceProfile":{"Name":"nodes.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"AIPAJMY5EUSYY77WI3NGA","Shared":false},"InstanceMonitoring":null,"RootVolumeSize":128,"RootVolumeType":"gp2","RootVolumeIops":null,"RootVolumeOptimization":null,"SpotPrice":"","ID":"nodes.vault-cluster.k8s.local-20190219200526","Tenancy":null},"SuspendProcesses":[]} | |
I0219 15:05:36.965823 48632 request_logger.go:45] AWS request: elasticloadbalancing/DescribeLoadBalancers | |
I0219 15:05:36.972208 48632 request_logger.go:45] AWS request: autoscaling/DescribeAutoScalingGroups | |
I0219 15:05:36.972208 48632 request_logger.go:45] AWS request: autoscaling/DescribeAutoScalingGroups | |
I0219 15:05:37.019762 48632 load_balancer.go:266] Querying ELB tags for [api-vault-cluster-k8s-loc-mfnq7d] | |
I0219 15:05:37.019889 48632 request_logger.go:45] AWS request: elasticloadbalancing/DescribeTags | |
I0219 15:05:37.038220 48632 keypair.go:143] Resolved alternateName "api-vault-cluster-k8s-{{ELB_STUFF}}.us-east-1.elb.amazonaws.com" for "*awstasks.LoadBalancer {\"Name\":\"api.vault-cluster.k8s.local\",\"Lifecycle\":\"Sync\",\"LoadBalancerName\":\"api-vault-cluster-k8s-loc-mfnq7d\",\"DNSName\":\"api-vault-cluster-k8s-{{ELB_STUFF}}.us-east-1.elb.amazonaws.com\",\"HostedZoneId\":\"Z35SXDOTRQ7X7K\",\"Subnets\":[{\"Name\":\"us-east-1a.vault-cluster.k8s.local\",\"ShortName\":\"us-east-1a\",\"Lifecycle\":\"Sync\",\"ID\":\"subnet-09ee255cd19ff0e36\",\"VPC\":{\"Name\":\"vault-cluster.k8s.local\",\"Lifecycle\":\"Sync\",\"ID\":\"vpc-06b31f5f4629a916f\",\"CIDR\":\"172.20.0.0/16\",\"EnableDNSHostnames\":true,\"EnableDNSSupport\":true,\"Shared\":false,\"Tags\":{\"KubernetesCluster\":\"vault-cluster.k8s.local\",\"Name\":\"vault-cluster.k8s.local\",\"kubernetes.io/cluster/vault-cluster.k8s.local\":\"owned\"}},\"AvailabilityZone\":\"us-east-1a\",\"CIDR\":\"172.20.32.0/19\",\"Shared\":false,\"Tags\":{\"KubernetesCluster\":\"vault-cluster.k8s.local\",\"Name\":\"us-east-1a.vault-cluster.k8s.local\",\"SubnetType\":\"Public\",\"kubernetes.io/cluster/vault-cluster.k8s.local\":\"owned\",\"kubernetes.io/role/elb\":\"1\"}}],\"SecurityGroups\":[{\"Name\":\"api-elb.vault-cluster.k8s.local\",\"Lifecycle\":\"Sync\",\"ID\":\"sg-0be9f175b564add80\",\"Description\":\"Security group for api ELB\",\"VPC\":{\"Name\":\"vault-cluster.k8s.local\",\"Lifecycle\":\"Sync\",\"ID\":\"vpc-06b31f5f4629a916f\",\"CIDR\":\"172.20.0.0/16\",\"EnableDNSHostnames\":true,\"EnableDNSSupport\":true,\"Shared\":false,\"Tags\":{\"KubernetesCluster\":\"vault-cluster.k8s.local\",\"Name\":\"vault-cluster.k8s.local\",\"kubernetes.io/cluster/vault-cluster.k8s.local\":\"owned\"}},\"RemoveExtraRules\":[\"port=443\"],\"Shared\":null,\"Tags\":{\"KubernetesCluster\":\"vault-cluster.k8s.local\",\"Name\":\"api-elb.vault-cluster.k8s.local\",\"kubernetes.io/cluster/vault-cluster.k8s.local\":\"owned\"}}],\"Listeners\":{\"443\":{\"InstancePort\":443,\"SSLCertificateID\":\"\"}},\"Scheme\":null,\"HealthCheck\":{\"Target\":\"SSL:443\",\"HealthyThreshold\":2,\"UnhealthyThreshold\":2,\"Interval\":10,\"Timeout\":5},\"AccessLog\":null,\"ConnectionDraining\":null,\"ConnectionSettings\":{\"IdleTimeout\":300},\"CrossZoneLoadBalancing\":null,\"SSLCertificateID\":\"\"}" | |
I0219 15:05:37.038429 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/master/keyset.yaml" | |
I0219 15:05:37.085873 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/master/keyset.yaml", falling back to directory-list method | |
I0219 15:05:37.085936 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/master/" | |
I0219 15:05:37.102765 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/master: [] | |
I0219 15:05:37.102832 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/master/keyset.yaml" | |
I0219 15:05:37.111672 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/master/keyset.yaml", falling back to directory-list method | |
I0219 15:05:37.111740 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/master/" | |
I0219 15:05:37.117425 48632 autoscalinggroup.go:207] Creating autoscaling Group with Name:"master-us-east-1a.masters.vault-cluster.k8s.local" | |
I0219 15:05:37.119050 48632 request_logger.go:45] AWS request: autoscaling/CreateAutoScalingGroup | |
I0219 15:05:37.125238 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/master: [] | |
I0219 15:05:37.125347 48632 keypair.go:181] creating brand new certificate | |
I0219 15:05:37.125367 48632 keypair.go:201] Creating PKI keypair "master" | |
I0219 15:05:37.125390 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/master/keyset.yaml" | |
I0219 15:05:37.135667 48632 vfs_castore.go:384] no certificate bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/master/keyset.yaml", falling back to directory-list method | |
I0219 15:05:37.135722 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/master/" | |
I0219 15:05:37.146723 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/master: [] | |
I0219 15:05:37.146781 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/master/keyset.yaml" | |
I0219 15:05:37.156584 48632 vfs_castore.go:838] no private key bundle "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/master/keyset.yaml", falling back to directory-list method | |
I0219 15:05:37.156643 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/master/" | |
I0219 15:05:37.160795 48632 autoscalinggroup.go:207] Creating autoscaling Group with Name:"nodes.vault-cluster.k8s.local" | |
I0219 15:05:37.160951 48632 request_logger.go:45] AWS request: autoscaling/CreateAutoScalingGroup | |
I0219 15:05:37.169340 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/master: [] | |
I0219 15:05:37.169382 48632 keypair.go:212] Creating privateKey "master" | |
I0219 15:05:37.600528 48632 request_logger.go:45] AWS request: autoscaling/EnableMetricsCollection | |
I0219 15:05:37.692636 48632 request_logger.go:45] AWS request: autoscaling/EnableMetricsCollection | |
I0219 15:05:37.873765 48632 vfs_castore.go:736] Issuing new certificate: "master" | |
I0219 15:05:37.876721 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/private/master/" | |
I0219 15:05:37.900008 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/master: [] | |
I0219 15:05:37.900579 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/master/keyset.yaml" | |
I0219 15:05:37.900616 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/master/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:37.934316 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/master/6659805228124996840711691379.key" | |
I0219 15:05:37.934362 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/private/master/6659805228124996840711691379.key" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:37.963237 48632 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/pki/issued/master/" | |
I0219 15:05:37.980140 48632 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/master: [] | |
I0219 15:05:37.980551 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/master/keyset.yaml" | |
I0219 15:05:37.980586 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/master/keyset.yaml" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:38.003063 48632 s3fs.go:128] Writing file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/master/6659805228124996840711691379.crt" | |
I0219 15:05:38.003113 48632 s3fs.go:166] Calling S3 PutObject Bucket="{{CONFIG_BUCKET_REDACTED}}" Key="vault-cluster.k8s.local/pki/issued/master/6659805228124996840711691379.crt" SSE="DefaultBucketEncryption" ACL="" | |
I0219 15:05:38.046667 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/master/6659805228124996840711691379.crt" | |
I0219 15:05:38.058380 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:38.058554 48632 keypair.go:230] created certificate with cn=kubernetes-master | |
I0219 15:05:38.058592 48632 executor.go:103] Tasks: 76 done / 77 total; 1 can run | |
I0219 15:05:38.058621 48632 executor.go:178] Executing task "LoadBalancerAttachment/api-master-us-east-1a": *awstasks.LoadBalancerAttachment {"Name":"api-master-us-east-1a","Lifecycle":"Sync","LoadBalancer":{"Name":"api.vault-cluster.k8s.local","Lifecycle":"Sync","LoadBalancerName":"api-vault-cluster-k8s-loc-mfnq7d","DNSName":"api-vault-cluster-k8s-{{ELB_STUFF}}.us-east-1.elb.amazonaws.com","HostedZoneId":"Z35SXDOTRQ7X7K","Subnets":[{"Name":"us-east-1a.vault-cluster.k8s.local","ShortName":"us-east-1a","Lifecycle":"Sync","ID":"subnet-09ee255cd19ff0e36","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"AvailabilityZone":"us-east-1a","CIDR":"172.20.32.0/19","Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"us-east-1a.vault-cluster.k8s.local","SubnetType":"Public","kubernetes.io/cluster/vault-cluster.k8s.local":"owned","kubernetes.io/role/elb":"1"}}],"SecurityGroups":[{"Name":"api-elb.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-0be9f175b564add80","Description":"Security group for api ELB","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=443"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"api-elb.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}}],"Listeners":{"443":{"InstancePort":443,"SSLCertificateID":""}},"Scheme":null,"HealthCheck":{"Target":"SSL:443","HealthyThreshold":2,"UnhealthyThreshold":2,"Interval":10,"Timeout":5},"AccessLog":null,"ConnectionDraining":null,"ConnectionSettings":{"IdleTimeout":300},"CrossZoneLoadBalancing":null,"SSLCertificateID":""},"AutoscalingGroup":{"Name":"master-us-east-1a.masters.vault-cluster.k8s.local","Lifecycle":"Sync","MinSize":1,"MaxSize":1,"Subnets":[{"Name":"us-east-1a.vault-cluster.k8s.local","ShortName":"us-east-1a","Lifecycle":"Sync","ID":"subnet-09ee255cd19ff0e36","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"AvailabilityZone":"us-east-1a","CIDR":"172.20.32.0/19","Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"us-east-1a.vault-cluster.k8s.local","SubnetType":"Public","kubernetes.io/cluster/vault-cluster.k8s.local":"owned","kubernetes.io/role/elb":"1"}}],"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"master-us-east-1a.masters.vault-cluster.k8s.local","k8s.io/cluster-autoscaler/node-template/label/kops.k8s.io/instancegroup":"master-us-east-1a","k8s.io/role/master":"1"},"Granularity":"1Minute","Metrics":["GroupDesiredCapacity","GroupInServiceInstances","GroupMaxSize","GroupMinSize","GroupPendingInstances","GroupStandbyInstances","GroupTerminatingInstances","GroupTotalInstances"],"LaunchConfiguration":{"Name":"master-us-east-1a.masters.vault-cluster.k8s.local","Lifecycle":"Sync","UserData":{"Name":"","Resource":{}},"ImageID":"kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17","InstanceType":"m3.medium","SSHKey":{"Name":"kubernetes.vault-cluster.k8s.local-{{SSH_FINGERPRINT}}","Lifecycle":"Sync","PublicKey":{"Name":"","Resource":"ssh-rsa {{SSH_RSA_KEY}}\n"},"KeyFingerprint":"{{ANOTHER_KEY_FINGERPRINT}}"},"SecurityGroups":[{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"sg-030fed70709878ad9","Description":"Security group for masters","VPC":{"Name":"vault-cluster.k8s.local","Lifecycle":"Sync","ID":"vpc-06b31f5f4629a916f","CIDR":"172.20.0.0/16","EnableDNSHostnames":true,"EnableDNSSupport":true,"Shared":false,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}},"RemoveExtraRules":["port=22","port=443","port=2380","port=2381","port=4001","port=4002","port=4789","port=179"],"Shared":null,"Tags":{"KubernetesCluster":"vault-cluster.k8s.local","Name":"masters.vault-cluster.k8s.local","kubernetes.io/cluster/vault-cluster.k8s.local":"owned"}}],"AssociatePublicIP":true,"IAMInstanceProfile":{"Name":"masters.vault-cluster.k8s.local","Lifecycle":"Sync","ID":"AIPAI7SPO3UQMIWAEV45O","Shared":false},"InstanceMonitoring":null,"RootVolumeSize":64,"RootVolumeType":"gp2","RootVolumeIops":null,"RootVolumeOptimization":null,"SpotPrice":"","ID":"master-us-east-1a.masters.vault-cluster.k8s.local-20190219200526","Tenancy":null},"SuspendProcesses":[]},"Subnet":null,"Instance":null} | |
I0219 15:05:38.059328 48632 request_logger.go:45] AWS request: autoscaling/DescribeAutoScalingGroups | |
I0219 15:05:38.240502 48632 load_balancer_attachment.go:129] Attaching autoscaling group "master-us-east-1a.masters.vault-cluster.k8s.local" to ELB "api-vault-cluster-k8s-loc-mfnq7d" | |
I0219 15:05:38.240633 48632 request_logger.go:45] AWS request: autoscaling/AttachLoadBalancers | |
I0219 15:05:38.844507 48632 executor.go:103] Tasks: 77 done / 77 total; 0 can run | |
I0219 15:05:38.844547 48632 context.go:91] deleting temp dir: "/var/folders/92/4nb059bj69n74y0z5pr3hm_j48knc0/T/deploy639896962" | |
I0219 15:05:38.851115 48632 kubectl.go:131] Running command: kubectl config view --output json | |
I0219 15:05:39.144745 48632 kubectl.go:83] config = "{\n \"kind\": \"Config\",\n \"apiVersion\": \"v1\",\n \"preferences\": {},\n \"clusters\": [\n {\n \"name\": \"minikube\",\n \"cluster\": {\n \"server\": \"https://192.168.99.114:8443\",\n \"certificate-authority\": \"{{HOME}}/.minikube/ca.crt\"\n }\n }\n ],\n \"users\": [\n {\n \"name\": \"minikube\",\n \"user\": {\n \"client-certificate\": \"{{HOME}}/.minikube/client.crt\",\n \"client-key\": \"{{HOME}}/.minikube/client.key\"\n }\n }\n ],\n \"contexts\": [\n {\n \"name\": \"minikube\",\n \"context\": {\n \"cluster\": \"minikube\",\n \"user\": \"minikube\"\n }\n }\n ],\n \"current-context\": \"\"\n}" | |
I0219 15:05:39.145214 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg/keyset.yaml" | |
I0219 15:05:39.159097 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:39.159225 48632 update_cluster.go:290] Exporting kubecfg for cluster | |
I0219 15:05:39.159533 48632 aws_cloud.go:1094] Querying EC2 for all valid zones in region "us-east-1" | |
I0219 15:05:39.159679 48632 request_logger.go:45] AWS request: ec2/DescribeAvailabilityZones | |
I0219 15:05:39.199366 48632 load_balancer.go:181] Listing all ELBs for findLoadBalancerByNameTag | |
I0219 15:05:39.199922 48632 request_logger.go:45] AWS request: elasticloadbalancing/DescribeLoadBalancers | |
I0219 15:05:39.238184 48632 load_balancer.go:266] Querying ELB tags for [api-vault-cluster-k8s-loc-mfnq7d] | |
I0219 15:05:39.238303 48632 request_logger.go:45] AWS request: elasticloadbalancing/DescribeTags | |
I0219 15:05:39.261813 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml" | |
I0219 15:05:39.378059 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:39.378172 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/ca/keyset.yaml" | |
I0219 15:05:39.390766 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:39.390885 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/ca/keyset.yaml" | |
I0219 15:05:39.401780 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:39.401889 48632 privatekey.go:176] Parsing pem block: "RSA PRIVATE KEY" | |
I0219 15:05:39.402185 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/issued/kubecfg/keyset.yaml" | |
I0219 15:05:39.412680 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:39.412804 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/pki/private/kubecfg/keyset.yaml" | |
I0219 15:05:39.422866 48632 certificate.go:103] Parsing pem block: "CERTIFICATE" | |
I0219 15:05:39.422981 48632 privatekey.go:176] Parsing pem block: "RSA PRIVATE KEY" | |
I0219 15:05:39.423239 48632 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/secrets/kube" | |
I0219 15:05:39.437185 48632 loader.go:359] Config loaded from file {{HOME}}/.kube/config | |
I0219 15:05:39.438536 48632 loader.go:359] Config loaded from file {{HOME}}/.kube/config | |
I0219 15:05:39.438869 48632 loader.go:359] Config loaded from file {{HOME}}/.kube/config | |
I0219 15:05:39.439098 48632 loader.go:359] Config loaded from file {{HOME}}/.kube/config | |
I0219 15:05:39.441163 48632 loader.go:359] Config loaded from file {{HOME}}/.kube/config | |
I0219 15:05:39.442153 48632 loader.go:359] Config loaded from file {{HOME}}/.kube/config | |
I0219 15:05:39.443185 48632 loader.go:359] Config loaded from file {{HOME}}/.kube/config | |
I0219 15:05:39.444900 48632 loader.go:359] Config loaded from file {{HOME}}/.kube/config | |
kops has set your kubectl context to vault-cluster.k8s.local | |
Cluster is starting. It should be ready in a few minutes. | |
Suggestions: | |
* validate cluster: kops validate cluster | |
* list nodes: kubectl get nodes --show-labels | |
* ssh to the master: ssh -i ~/.ssh/id_rsa admin@api.vault-cluster.k8s.local | |
* the admin user is specific to Debian. If not using Debian please use the appropriate user based on your OS. | |
* read about installing addons at: https://github.com/kubernetes/kops/blob/master/docs/addons.md. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: kops/v1alpha2 | |
kind: Cluster | |
metadata: | |
creationTimestamp: 2019-02-19T19:33:49Z | |
name: vault-cluster.k8s.local | |
spec: | |
api: | |
loadBalancer: | |
type: Public | |
authorization: | |
rbac: {} | |
channel: stable | |
cloudProvider: aws | |
configBase: {{CONFIG_BUCKET_REDACTED}} | |
etcdClusters: | |
- etcdMembers: | |
- instanceGroup: master-us-east-1a | |
name: a | |
name: main | |
- etcdMembers: | |
- instanceGroup: master-us-east-1a | |
name: a | |
name: events | |
iam: | |
allowContainerRegistry: true | |
legacy: false | |
kubelet: | |
anonymousAuth: false | |
kubernetesApiAccess: | |
- 0.0.0.0/0 | |
kubernetesVersion: 1.11.6 | |
masterPublicName: api.vault-cluster.k8s.local | |
networkCIDR: 172.20.0.0/16 | |
networking: | |
kubenet: {} | |
nonMasqueradeCIDR: 100.64.0.0/10 | |
sshAccess: | |
- 0.0.0.0/0 | |
subnets: | |
- cidr: 172.20.32.0/19 | |
name: us-east-1a | |
type: Public | |
zone: us-east-1a | |
topology: | |
dns: | |
type: Public | |
masters: public | |
nodes: public | |
--- | |
apiVersion: kops/v1alpha2 | |
kind: InstanceGroup | |
metadata: | |
creationTimestamp: 2019-02-19T19:33:49Z | |
labels: | |
kops.k8s.io/cluster: vault-cluster.k8s.local | |
name: master-us-east-1a | |
spec: | |
image: kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17 | |
machineType: m3.medium | |
maxSize: 1 | |
minSize: 1 | |
nodeLabels: | |
kops.k8s.io/instancegroup: master-us-east-1a | |
role: Master | |
subnets: | |
- us-east-1a | |
--- | |
apiVersion: kops/v1alpha2 | |
kind: InstanceGroup | |
metadata: | |
creationTimestamp: 2019-02-19T19:33:49Z | |
labels: | |
kops.k8s.io/cluster: vault-cluster.k8s.local | |
name: nodes | |
spec: | |
image: kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17 | |
machineType: t2.medium | |
maxSize: 2 | |
minSize: 2 | |
nodeLabels: | |
kops.k8s.io/instancegroup: nodes | |
role: Node | |
subnets: | |
- us-east-1a |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kops validate cluster -v 10 using ☁️ · personal at 03:06:28 | |
I0219 15:39:19.188801 50085 loader.go:359] Config loaded from file {{HOME}}/.kube/config | |
Using cluster from kubectl context: vault-cluster.k8s.local | |
I0219 15:39:19.188869 50085 factory.go:68] state store s3://{{CONFIG_BUCKET_REDACTED}} | |
I0219 15:39:19.363885 50085 s3context.go:194] found bucket in region "us-east-1" | |
I0219 15:39:19.363949 50085 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/config" | |
I0219 15:39:19.553831 50085 s3fs.go:257] Listing objects in S3 bucket "{{CONFIG_BUCKET_REDACTED}}" with prefix "vault-cluster.k8s.local/instancegroup/" | |
I0219 15:39:19.614731 50085 s3fs.go:285] Listed files in s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup: [s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/master-us-east-1a s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/nodes] | |
I0219 15:39:19.614763 50085 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/master-us-east-1a" | |
I0219 15:39:19.665983 50085 s3fs.go:220] Reading file "s3://{{CONFIG_BUCKET_REDACTED}}/vault-cluster.k8s.local/instancegroup/nodes" | |
Validating cluster vault-cluster.k8s.local | |
I0219 15:39:19.699260 50085 validate_cluster.go:110] instance group: kops.InstanceGroupSpec{Role:"Master", Image:"kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17", MinSize:(*int32)(0xc421211cdc), MaxSize:(*int32)(0xc421211cd0), MachineType:"m3.medium", RootVolumeSize:(*int32)(nil), RootVolumeType:(*string)(nil), RootVolumeIops:(*int32)(nil), RootVolumeOptimization:(*bool)(nil), Subnets:[]string{"us-east-1a"}, Zones:[]string(nil), Hooks:[]kops.HookSpec(nil), MaxPrice:(*string)(nil), AssociatePublicIP:(*bool)(nil), AdditionalSecurityGroups:[]string(nil), CloudLabels:map[string]string(nil), NodeLabels:map[string]string{"kops.k8s.io/instancegroup":"master-us-east-1a"}, FileAssets:[]kops.FileAssetSpec(nil), Tenancy:"", Kubelet:(*kops.KubeletConfigSpec)(nil), Taints:[]string(nil), AdditionalUserData:[]kops.UserData(nil), SuspendProcesses:[]string(nil), ExternalLoadBalancers:[]kops.LoadBalancer(nil), DetailedInstanceMonitoring:(*bool)(nil), IAM:(*kops.IAMProfileSpec)(nil), SecurityGroupOverride:(*string)(nil)} | |
I0219 15:39:19.699329 50085 validate_cluster.go:110] instance group: kops.InstanceGroupSpec{Role:"Node", Image:"kope.io/k8s-1.11-debian-stretch-amd64-hvm-ebs-2018-08-17", MinSize:(*int32)(0xc42126825c), MaxSize:(*int32)(0xc421268250), MachineType:"t2.medium", RootVolumeSize:(*int32)(nil), RootVolumeType:(*string)(nil), RootVolumeIops:(*int32)(nil), RootVolumeOptimization:(*bool)(nil), Subnets:[]string{"us-east-1a"}, Zones:[]string(nil), Hooks:[]kops.HookSpec(nil), MaxPrice:(*string)(nil), AssociatePublicIP:(*bool)(nil), AdditionalSecurityGroups:[]string(nil), CloudLabels:map[string]string(nil), NodeLabels:map[string]string{"kops.k8s.io/instancegroup":"nodes"}, FileAssets:[]kops.FileAssetSpec(nil), Tenancy:"", Kubelet:(*kops.KubeletConfigSpec)(nil), Taints:[]string(nil), AdditionalUserData:[]kops.UserData(nil), SuspendProcesses:[]string(nil), ExternalLoadBalancers:[]kops.LoadBalancer(nil), DetailedInstanceMonitoring:(*bool)(nil), IAM:(*kops.IAMProfileSpec)(nil), SecurityGroupOverride:(*string)(nil)} | |
I0219 15:39:19.700416 50085 loader.go:359] Config loaded from file /Users/trigg/.kube/config | |
I0219 15:39:19.704868 50085 aws_cloud.go:1094] Querying EC2 for all valid zones in region "us-east-1" | |
I0219 15:39:19.705517 50085 request_logger.go:45] AWS request: ec2/DescribeAvailabilityZones | |
I0219 15:39:19.786615 50085 round_trippers.go:386] curl -k -v -XGET -H "Accept: application/json, */*" -H "User-Agent: kops/v0.0.0 (darwin/amd64) kubernetes/$Format" -H "Authorization: Basic {{BASIC_AUTH_TOKEN_OR_KEY}}" 'https://api-vault-cluster-k8s-{{ELB_STUFF}}.us-east-1.elb.amazonaws.com/api/v1/nodes' | |
I0219 15:39:29.809810 50085 round_trippers.go:405] GET https://api-vault-cluster-k8s-{{ELB_STUFF}}.us-east-1.elb.amazonaws.com/api/v1/nodes in 10023 milliseconds | |
I0219 15:39:29.809862 50085 round_trippers.go:411] Response Headers: | |
unexpected error during validation: error listing nodes: Get https://api-vault-cluster-k8s-{{ELB_STUFF}}.us-east-1.elb.amazonaws.com/api/v1/nodes: net/http: TLS handshake timeout |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment