Installation Error in percona postgres sql

PostgreSQL
,
1

We are tring to install v1.2.0 percona postgres operator in kops cluster.While installing we getting error on pgo-deploy job.

Image used in job is perconalab/percona-postgresql-operator:main-pgo-deployer

Error in pgo-deploy pod.

nss_wrapper: user exists
nss_wrapper: group exists
nss_wrapper: environment configured
> ERROR: ld.so: object '/usr/lib64/libnss_wrapper.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
> ERROR: ld.so: object '/usr/lib64/libnss_wrapper.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
Process install dependency map
ERROR: ld.so: object '/usr/lib64/libnss_wrapper.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
Starting collection install process
Installing 'community.kubernetes:2.0.1' to '/tmp/.ansible/collections/ansible_collections/community/kubernetes'
Installing 'kubernetes.core:2.3.2' to '/tmp/.ansible/collections/ansible_collections/kubernetes/core'
> ERROR: ld.so: object '/usr/lib64/libnss_wrapper.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
> ERROR: ld.so: object '/usr/lib64/libnss_wrapper.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
> ERROR: ld.so: object '/usr/lib64/libnss_wrapper.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
|
PLAY [Deploy Crunchy PostgreSQL Operator] **************************************

TASK [Gathering Facts] *********************************************************
ok: [localhost]

TASK [pgo-preflight : include_tasks] *******************************************
included: /ansible/postgres-operator/roles/pgo-preflight/tasks/vars.yml for localhost

TASK [pgo-preflight : Check for "/conf/values.yaml"] ***************************
ok: [localhost]

TASK [pgo-preflight : fail] ****************************************************
skipping: [localhost]

TASK [pgo-preflight : include_vars] ********************************************
ok: [localhost]

TASK [pgo-preflight : fail] ****************************************************
skipping: [localhost]

TASK [pgo-preflight : Check Operating System] **********************************
changed: [localhost]

TASK [pgo-preflight : assert] **************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [pgo-preflight : assert] **************************************************
skipping: [localhost]

TASK [pgo-preflight : assert] **************************************************
skipping: [localhost]

TASK [pgo-preflight : assert] **************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [pgo-preflight : include_tasks] *******************************************
skipping: [localhost]

TASK [pgo-preflight : include_tasks] *******************************************
included: /ansible/postgres-operator/roles/pgo-preflight/tasks/check_kubernetes.yml for localhost

TASK [pgo-preflight : Check if the kubectl command is installed] ***************
changed: [localhost]

TASK [pgo-preflight : Ensure kubectl is installed] *****************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [pgo-preflight : include_tasks] *******************************************
included: /ansible/postgres-operator/roles/pgo-preflight/tasks/check_vars.yml for localhost

TASK [pgo-preflight : Check if mandatory variables are defined] ****************
skipping: [localhost] => (item=pgo_operator_namespace) 
skipping: [localhost] => (item=pgo_installation_name) 
skipping: [localhost] => (item=pgo_admin_username) 
skipping: [localhost] => (item=pgo_admin_role_name) 
skipping: [localhost] => (item=pgo_admin_perms) 
skipping: [localhost] => (item=ccp_image_prefix) 
skipping: [localhost] => (item=ccp_image_tag) 
skipping: [localhost] => (item=pgo_image_prefix) 
skipping: [localhost] => (item=pgo_image_tag) 
skipping: [localhost] => (item=disable_auto_failover) 
skipping: [localhost] => (item=badger) 
skipping: [localhost] => (item=metrics) 
skipping: [localhost] => (item=archive_mode) 
skipping: [localhost] => (item=archive_timeout) 
skipping: [localhost] => (item=db_password_length) 
skipping: [localhost] => (item=create_rbac) 
skipping: [localhost] => (item=db_port) 
skipping: [localhost] => (item=db_replicas) 
skipping: [localhost] => (item=db_user) 
skipping: [localhost] => (item=backrest_storage) 
skipping: [localhost] => (item=backup_storage) 
skipping: [localhost] => (item=primary_storage) 
skipping: [localhost] => (item=replica_storage) 
skipping: [localhost] => (item=pgo_client_version) 
skipping: [localhost] => (item=pgbadgerport) 
skipping: [localhost] => (item=exporterport) 
skipping: [localhost] => (item=scheduler_timeout) 
skipping: [localhost] => (item=namespace_mode) 
skipping: [localhost] => (item=reconcile_rbac) 

TASK [pgo-operator : Set output directory fact] ********************************
ok: [localhost]

TASK [pgo-operator : Ensure output directory exists] ***************************
changed: [localhost]

TASK [pgo-operator : include_tasks] ********************************************
skipping: [localhost] => (item=openshift_auth.yml) 
skipping: [localhost] => (item=openshift.yml) 

TASK [pgo-operator : include_tasks] ********************************************
included: /ansible/postgres-operator/roles/pgo-operator/tasks/kubernetes_auth.yml for localhost
included: /ansible/postgres-operator/roles/pgo-operator/tasks/kubernetes.yml for localhost

TASK [pgo-operator : Set the Kubernetes Context] *******************************
skipping: [localhost]

TASK [pgo-operator : Get Namespace Details] ************************************
changed: [localhost]

TASK [pgo-operator : Create PGO Namespace] *************************************
skipping: [localhost]

TASK [pgo-operator : Use kubectl or oc] ****************************************
ok: [localhost]

TASK [pgo-operator : include_tasks] ********************************************
included: /ansible/postgres-operator/roles/pgo-operator/tasks/namespace.yml for localhost

TASK [pgo-operator : Namespace List] *******************************************
ok: [localhost]

TASK [pgo-operator : Create Watched Namespaces] ********************************
skipping: [localhost] => (item=pgo) 

TASK [pgo-operator : Create Watched Namespaces (Reconcile RBAC)] ***************
changed: [localhost] => (item=pgo)

TASK [pgo-operator : Label Watched Namespaces (Reconcile RBAC)] ****************
changed: [localhost] => (item=pgo)

> TASK [pgo-operator : Cleanup Local Namespace Target RBAC] **********************
> failed: [localhost] (item=pgo) => {"ansible_loop_var": "item", "changed": true, "cmd": ["kubectl", "delete", "role,rolebinding", "pgo-target-role", "-n", "pgo"], "delta": "0:00:00.553534", "end": "2022-06-24 18:23:19.240439", "item": "pgo", "msg": "non-zero return code", "rc": 1, "start": "2022-06-24 18:23:18.686905", "stderr": "Error from server (NotFound): roles.rbac.authorization.k8s.io \"pgo-target-role\" not found\nError from server (NotFound): rolebindings.rbac.authorization.k8s.io \"pgo-target-role\" not found", "stderr_lines": ["Error from server (NotFound): roles.rbac.authorization.k8s.io \"pgo-target-role\" not found", "Error from server (NotFound): rolebindings.rbac.authorization.k8s.io \"pgo-target-role\" not found"], "stdout": "", "stdout_lines": []}
> ...ignoring

TASK [pgo-operator : Create Local Namespace Target RBAC] ***********************
changed: [localhost] => (item=pgo)

TASK [pgo-operator : Template Local Namespace RBAC] ****************************
changed: [localhost]

> TASK [pgo-operator : Cleanup Local Namespace Reconcile RBAC] *******************
> failed: [localhost] (item=pgo) => {"ansible_loop_var": "item", "changed": true, "cmd": ["kubectl", "delete", "-f", "/tmp/.pgo/pgo/output/local-namespace-rbac.yaml", "-n", "pgo"], "delta": "0:00:00.209049", "end": "2022-06-24 18:23:25.248515", "item": "pgo", "msg": "non-zero return code", "rc": 1, "start": "2022-06-24 18:23:25.039466", "stderr": "Error from server (NotFound): error when deleting \"/tmp/.pgo/pgo/output/local-namespace-rbac.yaml\": roles.rbac.authorization.k8s.io \"pgo-local-ns\" not found\nError from server (NotFound): error when deleting \"/tmp/.pgo/pgo/output/local-namespace-rbac.yaml\": rolebindings.rbac.authorization.k8s.io \"pgo-local-ns\" not found\nError from server (NotFound): error when deleting \"/tmp/.pgo/pgo/output/local-namespace-rbac.yaml\": rolebindings.rbac.authorization.k8s.io \"pgo-target-role-binding\" not found", "stderr_lines": ["Error from server (NotFound): error when deleting \"/tmp/.pgo/pgo/output/local-namespace-rbac.yaml\": roles.rbac.authorization.k8s.io \"pgo-local-ns\" not found", "Error from server (NotFound): error when deleting \"/tmp/.pgo/pgo/output/local-namespace-rbac.yaml\": rolebindings.rbac.authorization.k8s.io \"pgo-local-ns\" not found", "Error from server (NotFound): error when deleting \"/tmp/.pgo/pgo/output/local-namespace-rbac.yaml\": rolebindings.rbac.authorization.k8s.io \"pgo-target-role-binding\" not found"], "stdout": "", "stdout_lines": []}
...ignoring

TASK [pgo-operator : Create Local Namespace Reconcile RBAC] ********************
changed: [localhost] => (item=pgo)

TASK [pgo-operator : include_tasks] ********************************************
included: /ansible/postgres-operator/roles/pgo-operator/tasks/crds.yml for localhost

TASK [pgo-operator : Check if PGCluster CRD Is Installed] **********************
changed: [localhost]

TASK [pgo-operator : Create PGClusters CRD] ************************************
skipping: [localhost]

TASK [pgo-operator : Check if PGPolicies CRD Is Installed] *********************
changed: [localhost]

TASK [pgo-operator : Create PGPolicies CRD] ************************************
skipping: [localhost]

TASK [pgo-operator : Check if PGReplicas CRD Is Installed] *********************
changed: [localhost]

TASK [pgo-operator : Create PGReplicas CRD] ************************************
skipping: [localhost]

TASK [pgo-operator : Check if PGTasks CRD Is Installed] ************************
changed: [localhost]

TASK [pgo-operator : Create PGTasks CRD] ***************************************
skipping: [localhost]

> TASK [pgo-operator : Create PerconaPGClusters CRD] *****************************
> fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to get client due to HTTPSConnectionPool(host='100.64.0.1', port=443): Max retries exceeded with url: /version (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)'),))"}

PLAY RECAP *********************************************************************
localhost                  : ok=31   changed=15   unreachable=0    failed=1    skipped=14   rescued=0    ignored=2

Failed task in ansible script.
Task name :

  1. Create PerconaPGClusters CRD
  2. Cleanup Local Namespace Target RBAC
  3. Cleanup Local Namespace Reconcile RBAC

Ansbile Task : Create PerconaPGClusters CRD
It’s trying to connect 100.64.0.1 but it’s not able to connect.

Script location of Create PerconaPGClusters CRD percona-postgresql-operator/crds.yml at main · percona/percona-postgresql-operator · GitHub

2 Likes
2

I am getting the same error in a kops cluster.

1 Like
3

I only get this error in v1.2.0. I do not get the error in v1.1.0.

TASK [pgo-operator : Create PerconaPGClusters CRD] *****************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to get client due to HTTPSConnectionPool(host='100.64.0.1', port=443): Max retries exceeded with url: /version (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)'),))"}
1 Like
4

Here’s the ansible change that broke it.

I fixed this error by installing the crds myself and removing the crds from the deployer. I created a new docker image that skips the step of installing the crds and it works.

registry.gitlab.com/risserlabs/community/images/pgo-deployer:1.2.0

2 Likes