Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

create AKS cluster in China North2 failed due to downloading azure-acr-credential-provider binary failure #5942

Open
andyzhangx opened this issue Feb 27, 2025 · 0 comments
Open

create AKS cluster in China North2 failed due to downloading azure-acr-credential-provider binary failure #5942

andyzhangx opened this issue Feb 27, 2025 · 0 comments
Assignees
@mainred

Comments

@andyzhangx
Copy link
Collaborator

What happened:
azure-acr-credential-provider binary should be downloaded from https://acs-mirror.azureedge.net/cloud-provider-azure/ instead of mirror.azk8s.cn

ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: C=CN; ST=Shanghai; O=Shanghai Blue Cloud Technology Co., Ltd.; CN=*.azk8s.cn
*  start date: Sep  4 00:00:00 2024 GMT
*  expire date: Sep  4 23:59:59 2025 GMT
*  subjectAltName: host "mirror.azk8s.cn" matched cert's "*.azk8s.cn"
*  issuer: C=US; O=DigiCert Inc; CN=DigiCert Basic RSA CN CA G2
*  SSL certificate verify ok.
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
} [5 bytes data]
> GET /cloud-provider-azure/v1.30.0/binaries/azure-acr-credential-provider-linux-amd64-v1.30.0.tar.gz HTTP/1.1^M
> Host: mirror.azk8s.cn^M
> User-Agent: curl/7.81.0^M
> Accept: */*^M
> ^M
* TLSv1.2 (IN), TLS header, Supplemental data (23):
{ [5 bytes data]
* Mark bundle as not supporting multiuse
< HTTP/1.1 404 Not Found^M
< Server: nginx/1.14.0 (Ubuntu)^M
< Date: Thu, 27 Feb 2025 12:20:30 GMT^M
< Content-Type: text/html; charset=utf-8^M
< Content-Length: 178^M
< Connection: keep-alive^M
* The requested URL returned error: 404
* Closing connection 0
* TLSv1.2 (OUT), TLS header, Unknown (21):
} [5 bytes data]
* TLSv1.2 (OUT), TLS alert, close notify (256):
} [2 bytes data]
curl: (22) The requested URL returned error: 404
+ sleep 5
+ for i in $(seq 1 $tar_retries)
+ tar -tzf /opt/credentialprovider/downloads/azure-acr-credential-provider-linux-amd64-v1.30.0.tar.gz
tar (child): /opt/credentialprovider/downloads/azure-acr-credential-provider-linux-amd64-v1.30.0.tar.gz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
+ '[' 120 -eq 120 ']'
+ return 1
+ exit 205

curl -fsSLv https://mirror.azk8s.cn/cloud-provider-azure/v1.30.0/binaries/azure-acr-credential-provider-linux-amd64-v1.30.0.tar.gz
*   Trying 40.73.24.51:443...
* Connected to mirror.azk8s.cn (40.73.24.51) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: C=CN; ST=Shanghai; O=Shanghai Blue Cloud Technology Co., Ltd.; CN=*.azk8s.cn
*  start date: Sep  4 00:00:00 2024 GMT
*  expire date: Sep  4 23:59:59 2025 GMT
*  subjectAltName: host "mirror.azk8s.cn" matched cert's "*.azk8s.cn"
*  issuer: C=US; O=DigiCert Inc; CN=DigiCert Basic RSA CN CA G2
*  SSL certificate verify ok.
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /cloud-provider-azure/v1.30.0/binaries/azure-acr-credential-provider-linux-amd64-v1.30.0.tar.gz HTTP/1.1
> Host: mirror.azk8s.cn
> User-Agent: curl/7.81.0
> Accept: */*
> 
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Mark bundle as not supporting multiuse
< HTTP/1.1 404 Not Found
< Server: nginx/1.14.0 (Ubuntu)
< Date: Thu, 27 Feb 2025 13:11:31 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 178
< Connection: keep-alive
* The requested URL returned error: 404
* Closing connection 0
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.2 (OUT), TLS alert, close notify (256):
curl: (22) The requested URL returned error: 404

What you expected to happen:

How to reproduce it:

Anything else we need to know?:

Environment:

  • AgentBaker version:
  • Kubernetes version (use kubectl version):
  • OS (e.g. from /etc/os-release):
  • Kernel (e.g. uname -a):
  • Install tools:
  • Others:
@andyzhangx andyzhangx changed the title create cluster in China North2 failed due to downloading azure-acr-credential-provider binary failure create AKS cluster in China North2 failed due to downloading azure-acr-credential-provider binary failure Feb 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mainred mainred

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mainred @andyzhangx