boot w/ the dev-dist build

Question

boot w/ the dev-dist build

ylxxwx opened this issue 2 years ago · 7 comments

ylxxwx commented 2 years ago

I build w/ dev-dist. The boot stuck.

Expected Behaviour

Expect boot successful and see shell.

Current Behaviour

Stuck in boot. Pls see the attached picture. it stuck after init

Possible Solution

Steps to Reproduce (for bugs)

build dev-dist
put the vmlinuxz and initramfs into current dir
boot client
client stuck

Context

Your Environment

Operating System and version (e.g. Linux, Windows, MacOS):
How are you running Tinkerbell? Using Vagrant & VirtualBox, Vagrant & Libvirt, on Packet using Terraform, or give details:
Link to your project or a code example to reproduce issue:

Answer 1 · 2022-04-27T08:25:31.000Z

Same issue here; running on macOS with vagrant-virtualbox.

I tracked this down in the tink-docker container where you can find this:

{"level":"info","ts":1651047221.0680003,"caller":"cmd/root.go:45"
*msg": "starting","service":"github.com/tinkerbell/tink","version": "2h87714"}
Error: worker Finished with error: failed to get workflow context: rpc error:
code = Unavailable desc = connection error:
desc = "transport: authentication handshake failed: x509: certificate signed
by unknown authority"
Usage:
  tink-worker [flags]
 <more usage() stripped>

I tried several permutations in /etc/docker/certs.d - to no avail. Debugging certs via calling that directly, so from
the hook getty shell:
ctr -n services.linuxkit task exec -t --exec-id testit docker sh
docker login ...
docker run 192.168.56.4/tink-worker -i 1 -r 192.168.56.4 -u admin -p Admin1234 --tinkerbell-grpc-authority 192.168.56.4:42113

Also tried by storing the presented server cert on 192.168.56.4:443 in /etc/docker/certs.d under 192.168.56.4 and 192.168.56.4:443 to no avail.

Answer 2 · 2022-04-27T09:35:10.000Z

ok, this is gRPC and has nothing along docker certs. the ca.pem needs to be added to the tink-worker container FS (/etc/ssl/certs/ca-certificates.crt or extra /etc/ssl/certs/myveryca.pem -- both work).
Fiddling on how to build such an image....

Answer 3 · 2022-04-27T12:13:35.000Z

fallout from tinkerbell/tink#584

Answer 4 · 2022-05-03T15:36:50.000Z

fallout from tinkerbell/tink#584

Caused by that PR, or resolved by it?

Answer 5 · 2022-05-03T15:42:44.000Z

Caused.. I was able to rollback the image hashes used in the sandbox and there it works. More bits of diagnose and blister help in this issue tinkerbell/playground#133

Answer 6 · 2023-01-28T22:05:06.000Z

Hey @ylxxwx, quite a bit of change to Hook since you reported this. Mind trying with the latest commit?

Answer 7 · 2023-08-25T22:21:28.000Z

Please reopen if the issue still exists in the latest hook, thanks.