Author : MD TAREQ HASSAN | Updated : 2021/04/24
Ingress is not working after enabling AGIC Add-on
Possible cause: kubelet identity might need role assignment
Solution: assign “Network Contributor” role to kubelet identity at scope Application Gateway
Helm Error rendered manifests contain a resource that already exists
Error message
Error: rendered manifests contain a resource that already exists.
Unable to continue with install: ClusterRole "strimzi-cluster-operator-namespaced" in namespace "" exists and
cannot be imported into the current release: invalid ownership metadata;
label validation error: missing key "app.kubernetes.io/managed-by": must be set to "Helm";
annotation validation error: missing key "meta.helm.sh/release-name": must be set to "strimzi-kafka-release";
annotation validation error: missing key "meta.helm.sh/release-namespace": must be set to "kafka"
Check CRDs
helm list --all
helm list --all --all-namespaces
kubectl get crd
kubectl get crd --namespace xyz
kubectl get crd --all-namespaces
# example commands
kubectl get crd | grep strimzi
kubectl get crd --namespace xyz | grep strimzi
Reason
- Deployment was initially done using helm, but deleted by using kubctl command
- The chart release no longer exists (for whatever reason) and resources are left behind in the cluster
- Some CRDs are left behind and causing problem during re-installation
Solution: Remove CRDs
helm template <NAME> <CHART> --namespace <NAMESPACE> | kubectl delete -f -
helm template strimzi/strimzi-kafka-operator --namespace kafka | kubectl delete -f -
See: https://stackoverflow.com/questions/59443834/helm-3-install-for-resouces-that-exist
If above did not work
# get CRDs
kubectl get crd
# now delete one by one
kubectl delete crd <crd_1>
kubectl delete crd <crd_2>
kubectl delete crd <crd_2>
... ... ...
# or delete in one command -> CRDs are seperated by space
kubectl delete crd crd_1 crd_2 crd_3 ...
In case of Strimzi, command to delete CRDs
kubectl delete crd healthstates.azmon.container.insights kafkabridges.kafka.strimzi.io kafkaconnectors.kafka.strimzi.io kafkaconnects.kafka.strimzi.io kafkaconnects2is.kafka.strimzi.io kafkamirrormaker2s.kafka.strimzi.io kafkamirrormakers.kafka.strimzi.io kafkarebalances.kafka.strimzi.io kafkas.kafka.strimzi.io kafkatopics.kafka.strimzi.io kafkausers.kafka.strimzi.io
Evicted Pods
What is it?
- Eviction is the process of proactively terminating one or more Pods on resource-starved Nodes
- Evicted pods will hang around indefinitely, it’s by design behavior of Kubernetes
- Why? : Keeping the evicted pods pods around allows you to view the logs of those pods to check for errors, warnings, or other diagnostic output
- https://stackoverflow.com/questions/46419163/what-will-happen-to-evicted-pods-in-kubernetes
Delete all evicted pods (https://stackoverflow.com/a/64540704/4802664)
kubectl get pods -A | grep Evicted | awk '{print $2 " -n " $1}' | xargs -n 3 kubectl delete pod