Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Istio: failed to download artifact from source-controller: 503 service unavailable #598

Closed
Edblakejitsuin opened this issue Dec 14, 2020 · 6 comments
Closed

Istio: failed to download artifact from source-controller: 503 service unavailable #598

Edblakejitsuin opened this issue Dec 14, 2020 · 6 comments

Comments

@Edblakejitsuin
Copy link

Running:

flux create kustomization flux-system
--source=flux-system
--path="./clusters/my-cluster"
--prune=true
--interval=10m

Get the error:

faild to download artifact from http://source-controller.flux-system.svc.cluster.local./gitrepository/flux-system/flux-system/7759744efeeaf1823e07e5f911f192beb0a08c97.tar.gz, status: 503 Service Unavailable

flux check reports:

► checking prerequisites
✔ kubectl 1.18.12 >=1.18.0
✔ Kubernetes 1.17.13 >=1.16.0
► checking controllers
✔ source-controller is healthy
► regsitry/fluxcd/source-controller:v0.5.4
✔ kustomize-controller is healthy
► regsitry/fluxcd/kustomize-controller:v0.5.0
✔ helm-controller is healthy
► regsitry/fluxcd/helm-controller:v0.4.3
✔ notification-controller is healthy
► regsitry/fluxcd/notification-controller:v0.5.0
✔ all checks passed
@hiddeco
Copy link
Member

hiddeco commented Dec 14, 2020
edited
Loading

We assume a default cluster domain since v0.5.x (cluster.local), but this likely does not match your cluster configuration. You can configure your cluster domain using flux bootstrap --cluster-domain your.domain [..].

@Edblakejitsuin
Copy link
Author

I am using the default cluster.local domain...
noticed there is a perod after cluster.local in the URL, could this be the problem?

http://source-controller.flux-system.svc.cluster.local./gitrepository

@Edblakejitsuin
Copy link
Author

removing the period from the source controller deployment setting --storage-adv-addr and in gotk-components.yaml allowed me to create the kustomization - presumably a bug?

@hiddeco
Copy link
Member

hiddeco commented Dec 14, 2020

The period after the cluster domain is to prevent an additional DNS lookup, and should work fine.

Are you able to curl to the given URL from another pod? If not, are you able to curl to e.g. http://source-controller.flux-system/gitrepository/flux-system/flux-system/7759744efeeaf1823e07e5f911f192beb0a08c97.tar.gz?

@Edblakejitsuin
Copy link
Author

I think this was related to my flux-system namespace having istio sidecar injection enabled. I can apply the kustomization with the default URL and injection disabled.

@MichaelHudgins
Copy link

For anyone who runs into this and doesn't want to disable injection the following virtual service should fix the resolving issue until istio can fix FQDN with . at the end. Modify cluster.local if you need:

apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: source-controller-fqdn-fix
  namespace: flux-system
spec:
  hosts:
  - source-controller.flux-system.svc.cluster.local.
  http:
  - route:
    - destination:
        host: source-controller.flux-system.svc.cluster.local

@stefanprodan stefanprodan changed the title faild to download artifact from source-controller: 503 service unavailable Istio: failed to download artifact from source-controller: 503 service unavailable Jan 11, 2021
ybelleguic pushed a commit to ybelleguic/flux2 that referenced this issue Jan 9, 2023
@hiddeco
Merge pull request fluxcd#598 from fluxcd/azure-blob-bucket-provider
ccadce6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hiddeco @MichaelHudgins @Edblakejitsuin