Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When starting or creating a pipeline, the kubesphere alarm prompt 404 #1038

Open
poet123 opened this issue Apr 7, 2024 · 2 comments
Open

When starting or creating a pipeline, the kubesphere alarm prompt 404 #1038

poet123 opened this issue Apr 7, 2024 · 2 comments
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@poet123
Copy link

poet123 commented Apr 7, 2024
edited
Loading

What is version of KubeSphere DevOps has the issue?

devops-apiserver:ks-v3.4.1 ks-jenkins:v3.4.0-2.319.3-1

How did you install the Kubernetes? Or what is the Kubernetes distribution?

My kubesphere has been upgraded to 3.4.1 after installing 3.3.1

What happened?

Today, a colleague gave feedback that the assembly line could not run. I checked the logs on devops and found that the certificate had expired. Then, I tried to update the certificate for k8s (kubeadm certificates renew all), but it did not take effect. Then, I tried to upgrade kubeshee, but it still couldn't solve the problem. I went to the developer community to check( https://ask.kubesphere.io/forum/d/23239-kubesphere-jing-xiang-gou-jian-qi-s2ifu-wu-zheng-shu-guo-qi-wen-ti
Fixed the issue of certificate expiration, but when operating on the watermark, it prompted the following message:
image
Then I checked the logs of devops-apiserver and kept prompting the following content:
image
Then I checked the logs of devops Jenkins and found that the user wukai1 does not exist:

image
But there is no user wukai1 in kubeshpere,

image
image

Relevant log output

2024-04-07 14:40:13.390+0000 [id=143]	WARNING	h.i.i.InstallUncaughtExceptionHandler#handleException: Caught unhandled exception with ID 6d1c45c0-a747-44b8-b37a-0074f07ab25e

 org.acegisecurity.userdetails.UsernameNotFoundException: User wukai1 not found in directory.

 	at org.acegisecurity.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:126)

 	at hudson.security.LDAPSecurityRealm$LDAPUserDetailsService.loadUserByUsername(LDAPSecurityRealm.java:1320)

 	at hudson.security.LDAPSecurityRealm$LDAPUserDetailsService.loadUserByUsername(LDAPSecurityRealm.java:1273)

 	at org.acegisecurity.userdetails.UserDetailsService.lambda$toSpring$1(UserDetailsService.java:52)

 Caused: org.springframework.security.core.userdetails.UsernameNotFoundException

 	at org.acegisecurity.userdetails.UsernameNotFoundException.toSpring(UsernameNotFoundException.java:51)

 	at org.acegisecurity.userdetails.UsernameNotFoundException.toSpring(UsernameNotFoundException.java:34)

 	at org.acegisecurity.userdetails.UserDetailsService.lambda$toSpring$1(UserDetailsService.java:54)

 	at jenkins.security.ImpersonatingUserDetailsService2.loadUserByUsername(ImpersonatingUserDetailsService2.java:29)

 	at hudson.model.User.getUserDetailsForImpersonation2(User.java:406)

 	at hudson.model.User.getUserDetailsForImpersonation(User.java:429)

 Caused: org.acegisecurity.userdetails.UsernameNotFoundException: org.springframework.security.core.userdetails.UsernameNotFoundException: org.acegisecurity.userdetails.UsernameNotFoundException: User wukai1 not found in directory.; nested exception is org.springframework.security.core.userdetails.UsernameNotFoundException: org.acegisecurity.userdetails.UsernameNotFoundException: User wukai1 not found in directory.

 	at org.acegisecurity.userdetails.UsernameNotFoundException.fromSpring(UsernameNotFoundException.java:58)

 	at org.acegisecurity.AuthenticationException.fromSpring(AuthenticationException.java:98)

 	at hudson.model.User.getUserDetailsForImpersonation(User.java:431)

 	at io.kubesphere.jenkins.devops.auth.KubesphereApiTokenAuthenticator.authenticate(KubesphereApiTokenAuthenticator.java:47)

 Caused: javax.servlet.ServletException

 	at io.kubesphere.jenkins.devops.auth.KubesphereApiTokenAuthenticator.authenticate(KubesphereApiTokenAuthenticator.java:54)

 	at jenkins.security.BasicHeaderAuthenticator.authenticate2(BasicHeaderAuthenticator.java:43)

 	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:83)

 	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97)

 	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)

 	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)

 	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:62)

 	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97)

 	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:109)

 	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)

 	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)

 	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)

 	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:51)

 	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)

 	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)

 	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:85)

 	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)

 	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)

 	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)

 	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)

 	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)

 	at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:39)

 	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)

 	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)

 	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)

 	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)

 	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:578)

 	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)

 	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)

 	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)

 	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)

 	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)

 	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)

 	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)

 	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)

 	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)

 	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)

 	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)

 	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)

 	at org.eclipse.jetty.server.Server.handle(Server.java:516)

 	at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:388)

 	at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:633)

 	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:380)

 	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)

 	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)

 	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)

 	at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)

 	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)

 	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)

 	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)

 	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)

 	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:386)

 	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)

 	at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)

 	at java.base/java.lang.Thread.run(Thread.java:829)

Additional information

Kubernetes:v1.22.12
kubesphere: 3.4.1(member:3.3.1)
devops-apiserver:ks-v3.4.1
ks-jenkins:v3.4.0-2.319.3-1
other:dex:v2.29.0(Connected to Gilab and logged into Kubeshpere through Gilab account)
@poet123 poet123 added the kind/bug Categorizes issue or PR as related to a bug. label Apr 7, 2024
@poet123
Copy link
Author

poet123 commented Apr 8, 2024

Log in to Jenkins through the console and receive a username and password error message. The response log for devops Jenkins is as follows:
2024-04-08 01:34:23.748+0000 [id=3836] WARNING o.a.p.l.a.BindAuthenticator2#handleBindException: Failed to bind to LDAP: userDnuid=admin,ou=Users,dc=kubesphere,dc=io username=admin

javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]

at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3259)

at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)

at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2991)

at java.naming/com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2905)

at java.naming/com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348)

at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:262)

at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:226)

at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:280)

at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:185)

at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:115)

at java.naming/javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:730)

at java.naming/javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:305)

at java.naming/javax.naming.InitialContext.init(InitialContext.java:236)

at java.naming/javax.naming.InitialContext.<init>(InitialContext.java:208)

at java.naming/javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:101)

at org.acegisecurity.ldap.DefaultInitialDirContextFactory.connect(DefaultInitialDirContextFactory.java:180)

at org.acegisecurity.ldap.DefaultInitialDirContextFactory.newInitialDirContext(DefaultInitialDirContextFactory.java:261)

at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:123)

at org.acegisecurity.ldap.LdapTemplate.retrieveEntry(LdapTemplate.java:165)

at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator.bindWithDn(BindAuthenticator.java:87)

at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator.authenticate(BindAuthenticator.java:72)

at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator2.authenticate(BindAuthenticator2.java:49)

at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:233)

at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider$1.retrieveUser(AbstractUserDetailsAuthenticationProvider.java:52)

at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:133)

at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:66)

at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200)

at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47)

at hudson.security.LDAPSecurityRealm$LDAPAuthenticationManager.authenticate(LDAPSecurityRealm.java:1019)

at org.acegisecurity.AuthenticationManager.lambda$toSpring$1(AuthenticationManager.java:48)

at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:85)

at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:222)

at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97)

at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97)

at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)

at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)

at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:62)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97)

at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:109)

at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)

at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)

at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)

at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:51)

at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)

at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)

at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:85)

at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)

at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)

at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)

at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)

at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)

at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:39)

at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)

at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)

at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)

at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)

at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:578)

at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)

at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)

at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)

at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)

at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)

at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)

at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)

at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)

at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)

at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)

at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)

at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)

at org.eclipse.jetty.server.Server.handle(Server.java:516)

at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:388)

at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:633)

at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:380)

at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)

at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)

at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)

at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)

at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)

at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)

at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)

at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)

at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:386)

at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)

at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)

at java.base/java.lang.Thread.run(Thread.java:829)

@yudong2015
Copy link
Collaborator

Please check if there is user 'wukai1' in KubeSphere Console ?If exist, try to update password of user 'wukai1' ;

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yudong2015 @poet123