Node-collector pods not running on master nodes #1947

xRTRx · 2024-03-26T10:30:22Z

xRTRx
Mar 26, 2024

I have deployed trivy-operator via argocd.

---
kind: Application
metadata:
  name: trivy-operator
  namespace: argocd
spec:
  project: default
  source:
    repoURL: 'https://aquasecurity.github.io/helm-charts/'
    targetRevision: 0.20.6
    helm:
      parameters:
        - name: compliance.cron
          value: '0 0 * * *'
        - name: compliance.reportType
          value: 'all'
        - name: service.headless
          value: 'false'
        - name: serviceMonitor.enabled
          value: 'true'
        - name: trivy.storageClassEnabled
          value: 'true'
        - name: trivy.storageClassName
          value: "openebs-hostpath"
        - name: trivy.storageSize
          value: "10Gi"
        - name: trivyOperator.scanJobTolerations
          value: '[{"key": "node-role.kubernetes.io/master", "operator": "Equal", "value": "master", "effect": "NoSchedule"}]'
    chart: trivy-operator
  destination:
    server: 'https://kubernetes.default.svc'
    namespace: trivy-system
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
      - CreateNamespace=true

I can see clusterinfraassessmentreports only for my worker nodes

kubectl get clusterinfraassessmentreports -o wide
NAME           SCANNER   AGE   CRITICAL   HIGH   MEDIUM   LOW
node-os01k-w   Trivy     13d   3          6      0        0
node-os03k-w   Trivy     13d   3          6      0        0
node-os04k-w   Trivy     13d   3          6      0        0

In the logs of the trivy-operator pod, I can see the following error:
2024-03-26T05:03:33.769136619Z {"level":"error","ts":"2024-03-26T05:03:33Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os01k-m"},"namespace":"","name":"os01k-m","reconcileID":"a6ea1bb7-2731-4e08-8bbc-0fbb77326a76","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}

I have a master node with these values, some values were hidden with the * sign.

Name:               os01k-m
Roles:              control-plane,master
Labels:             beta.kubernetes.io/arch=amd64
                    beta.kubernetes.io/os=linux
                    kubernetes.io/arch=amd64
                    kubernetes.io/hostname=os01k-m
                    kubernetes.io/os=linux
                    node-role.kubernetes.io/control-plane=
                    node-role.kubernetes.io/master=master
                    node.kubernetes.io/exclude-from-external-load-balancers=
Annotations:        kubeadm.alpha.kubernetes.io/cri-socket: unix:///var/run/containerd/containerd.sock
                    node.alpha.kubernetes.io/ttl: 0
                    projectcalico.org/IPv4Address: */24
                    projectcalico.org/IPv4VXLANTunnelAddr: *
                    volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp:  Fri, 27 Oct 2023 20:42:29 +0500
Taints:             node-role.kubernetes.io/control-plane:NoSchedule
                    node-role.kubernetes.io/master:NoSchedule
Unschedulable:      false
Lease:
  HolderIdentity:  os01k-m
  AcquireTime:     <unset>
  RenewTime:       Tue, 26 Mar 2024 14:59:21 +0500
Conditions:
  Type                 Status  LastHeartbeatTime                 LastTransitionTime                Reason                       Message
  ----                 ------  -----------------                 ------------------                ------                       -------
  NetworkUnavailable   False   Mon, 18 Mar 2024 16:51:30 +0500   Mon, 18 Mar 2024 16:51:30 +0500   CalicoIsUp                   Calico is running on this node
  MemoryPressure       False   Tue, 26 Mar 2024 14:59:26 +0500   Mon, 18 Mar 2024 16:51:13 +0500   KubeletHasSufficientMemory   kubelet has sufficient memory available
  DiskPressure         False   Tue, 26 Mar 2024 14:59:26 +0500   Mon, 18 Mar 2024 16:51:13 +0500   KubeletHasNoDiskPressure     kubelet has no disk pressure
  PIDPressure          False   Tue, 26 Mar 2024 14:59:26 +0500   Mon, 18 Mar 2024 16:51:13 +0500   KubeletHasSufficientPID      kubelet has sufficient PID available
  Ready                True    Tue, 26 Mar 2024 14:59:26 +0500   Mon, 18 Mar 2024 16:51:13 +0500   KubeletReady                 kubelet is posting ready status. AppArmor enabled
Addresses:
  InternalIP:  *
  Hostname:    os01k-m
Capacity:
  cpu:                4
  ephemeral-storage:  64319324Ki
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             4005408Ki
  pods:               110
Allocatable:
  cpu:                4
  ephemeral-storage:  59276688901
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             3903008Ki
  pods:               110
System Info:
  Machine ID:                 *
  System UUID:                *
  Boot ID:                    *
  Kernel Version:             5.15.0-100-generic
  OS Image:                   Ubuntu 22.04.3 LTS
  Operating System:           linux
  Architecture:               amd64
  Container Runtime Version:  containerd://1.7.11
  Kubelet Version:            v1.28.6
  Kube-Proxy Version:         v1.28.6
PodCIDR:                      */24
PodCIDRs:                     */24
Non-terminated Pods:          (7 in total)
  Namespace                   Name                                 CPU Requests  CPU Limits  Memory Requests  Memory Limits  Age
  ---------                   ----                                 ------------  ----------  ---------------  -------------  ---
  kube-system                 calico-node-vh22d                    150m (3%)     300m (7%)   64M (1%)         500M (12%)     33d
  kube-system                 kube-apiserver-os01k-m               250m (6%)     0 (0%)      0 (0%)           0 (0%)         33d
  kube-system                 kube-controller-manager-os01k-m      200m (5%)     0 (0%)      0 (0%)           0 (0%)         33d
  kube-system                 kube-proxy-2z4r8                     0 (0%)        0 (0%)      0 (0%)           0 (0%)         33d
  kube-system                 kube-scheduler-os01k-m               100m (2%)     0 (0%)      0 (0%)           0 (0%)         33d
  kube-system                 nodelocaldns-sqlpm                   100m (2%)     0 (0%)      70Mi (1%)        200Mi (5%)     33d
  monitoring                  vm-prometheus-node-exporter-r468k    0 (0%)        0 (0%)      0 (0%)           0 (0%)         14d
Allocated resources:
  (Total limits may be over 100 percent, i.e., overcommitted.)
  Resource           Requests        Limits
  --------           --------        ------
  cpu                800m (20%)      300m (7%)
  memory             137400320 (3%)  709715200 (17%)
  ephemeral-storage  0 (0%)          0 (0%)
  hugepages-1Gi      0 (0%)          0 (0%)
  hugepages-2Mi      0 (0%)          0 (0%)
Events:              <none>

The syntax of the tolerations field looks correct.
Thanks in advance for your help!

Answered by xRTRx

Apr 2, 2024

Thank you, that was the issue.
I couldn't correctly set the required value in the parameters section of the ArgoCD manifest, so moved it to the values section, now it works as expected, here is my updated manifest:

kind: Application
metadata:
  name: trivy-operator
  namespace: argocd
spec:
  project: default
  source:
    repoURL: 'https://aquasecurity.github.io/helm-charts/'
    targetRevision: 0.21.2
    helm:
      parameters:
        - name: compliance.cron
          value: '0 0 * * *'
        - name: compliance.reportType
          value: 'all'
        - name: service.headless
          value: 'false'
        - name: serviceMonitor.enabled
          value: 'true'
        - name: ope…

View full answer

xRTRx · 2024-03-26T10:33:17Z

xRTRx
Mar 26, 2024
Author

I also noticed that PVC was not created for trivy-operator.

3 replies

xRTRx Mar 26, 2024
Author

After editing scanJobTolerations

- name: trivyOperator.scanJobTolerations
  value: '[{"key": "node-role.kubernetes.io/control-plane", "operator": "Equal", "value": "true", "effect": "NoSchedule"}, {"key": "node-role.kubernetes.io/master", "operator": "Equal", "value": "true", "effect": "NoSchedule"}, {"key": "node-taint.kubernetes.io/ingress", "operator": "Equal", "value": "ingress", "effect": "NoSchedule"}]'

I got Reconciler error for every controller

chen-keinan Apr 1, 2024

is the error is the one mention above ,"error":"getting job tolerations: json: cannot unmarshal string into Go value of type or else ?

xRTRx Apr 1, 2024
Author

No, not only one.
Here are the recent logs:

2024-04-01T09:46:57.522586478Z {"level":"error","ts":"2024-04-01T09:46:57Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os05k-w-i"},"namespace":"","name":"os05k-w-i","reconcileID":"edb67ef9-78f7-4b60-b396-772f4453c809","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:46:59.301423865Z {"level":"error","ts":"2024-04-01T09:46:59Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os01k-w"},"namespace":"","name":"os01k-w","reconcileID":"19bb21af-07b0-47bf-836f-61b771fed090","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:46:59.732523078Z {"level":"error","ts":"2024-04-01T09:46:59Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os02k-m"},"namespace":"","name":"os02k-m","reconcileID":"2ed48689-d401-4deb-b21b-187376a6512a","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:01.394311777Z {"level":"error","ts":"2024-04-01T09:47:01Z","msg":"Reconciler error","controller":"replicaset","controllerGroup":"apps","controllerKind":"ReplicaSet","ReplicaSet":{"name":"dns-autoscaler-57dd6f8494","namespace":"kube-system"},"namespace":"kube-system","name":"dns-autoscaler-57dd6f8494","reconcileID":"ae85fc07-5ed0-4af4-88cf-fc844cb53674","error":"getting scan job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:02.523392789Z {"level":"error","ts":"2024-04-01T09:47:02Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os06k-w-i"},"namespace":"","name":"os06k-w-i","reconcileID":"860801e6-4dec-4cb5-be1b-c9703e757277","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:03.604738627Z {"level":"error","ts":"2024-04-01T09:47:03Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os01k-m"},"namespace":"","name":"os01k-m","reconcileID":"fe298290-5c79-4313-91d4-c021efbeb930","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:04.224570371Z {"level":"error","ts":"2024-04-01T09:47:04Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os03k-m"},"namespace":"","name":"os03k-m","reconcileID":"251c11f5-52ee-480c-809e-8bcfe61742b5","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:07.903194084Z {"level":"error","ts":"2024-04-01T09:47:07Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os05k-w-i"},"namespace":"","name":"os05k-w-i","reconcileID":"1e311298-29c7-4153-9e73-4aace4ec7a2a","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:09.457650682Z {"level":"error","ts":"2024-04-01T09:47:09Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os01k-w"},"namespace":"","name":"os01k-w","reconcileID":"fa03e92c-2306-4e3c-8f12-4abc10da4b93","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:10.125475923Z {"level":"error","ts":"2024-04-01T09:47:10Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os02k-m"},"namespace":"","name":"os02k-m","reconcileID":"2bbc3f0b-4144-4582-9553-aa95e5907cc0","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:12.915163599Z {"level":"error","ts":"2024-04-01T09:47:12Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os06k-w-i"},"namespace":"","name":"os06k-w-i","reconcileID":"e2b5384f-7266-4e2e-9c77-f48ecb5f1411","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:14.010577753Z {"level":"error","ts":"2024-04-01T09:47:14Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os01k-m"},"namespace":"","name":"os01k-m","reconcileID":"b767146b-f12b-4455-b462-125b2564f4a2","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:14.284549222Z {"level":"error","ts":"2024-04-01T09:47:14Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os03k-m"},"namespace":"","name":"os03k-m","reconcileID":"c7456394-8fe7-438d-a0fb-6001120d83a6","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:18.170369744Z {"level":"error","ts":"2024-04-01T09:47:18Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os05k-w-i"},"namespace":"","name":"os05k-w-i","reconcileID":"9aa1919a-7134-4743-8247-454bb2b82c9c","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:19.678137163Z {"level":"error","ts":"2024-04-01T09:47:19Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os01k-w"},"namespace":"","name":"os01k-w","reconcileID":"fb691115-70d2-4aae-87e9-2a8afb10c0a9","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:20.467212900Z {"level":"error","ts":"2024-04-01T09:47:20Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os02k-m"},"namespace":"","name":"os02k-m","reconcileID":"8d99369d-83ca-4266-a6ac-0cbb96161d28","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:23.319044783Z {"level":"error","ts":"2024-04-01T09:47:23Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os06k-w-i"},"namespace":"","name":"os06k-w-i","reconcileID":"b13459db-046c-4c45-af64-a4104b6c20bc","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:24.280380784Z {"level":"error","ts":"2024-04-01T09:47:24Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os01k-m"},"namespace":"","name":"os01k-m","reconcileID":"76a84632-26f9-4d4e-b8c7-d171f4972723","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:24.318367424Z {"level":"error","ts":"2024-04-01T09:47:24Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os03k-m"},"namespace":"","name":"os03k-m","reconcileID":"cfb9a5a6-500f-4027-b6cd-d7cbe05be93a","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:28.449512608Z {"level":"error","ts":"2024-04-01T09:47:28Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os05k-w-i"},"namespace":"","name":"os05k-w-i","reconcileID":"fd038f7b-e192-433a-b31d-8383816e6314","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:29.994331671Z {"level":"error","ts":"2024-04-01T09:47:29Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os01k-w"},"namespace":"","name":"os01k-w","reconcileID":"546e2fa2-68c1-4ab6-93ef-dbb37063c6af","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:30.644148396Z {"level":"error","ts":"2024-04-01T09:47:30Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os02k-m"},"namespace":"","name":"os02k-m","reconcileID":"1a3b644b-2c3f-4aec-9eac-016acfbb0845","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:33.617479094Z {"level":"error","ts":"2024-04-01T09:47:33Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os06k-w-i"},"namespace":"","name":"os06k-w-i","reconcileID":"17e042ec-2503-4877-b5bc-d660de7e8d36","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:34.328848648Z {"level":"error","ts":"2024-04-01T09:47:34Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os01k-m"},"namespace":"","name":"os01k-m","reconcileID":"e8d4ee1b-6f1f-454d-bde5-cd94649fcc28","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:34.612440787Z {"level":"error","ts":"2024-04-01T09:47:34Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os03k-m"},"namespace":"","name":"os03k-m","reconcileID":"809a72ad-98f7-4eeb-98cc-68b4ed4fc8b2","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:36.212652145Z {"level":"error","ts":"2024-04-01T09:47:36Z","msg":"Reconciler error","controller":"daemonset","controllerGroup":"apps","controllerKind":"DaemonSet","DaemonSet":{"name":"nodelocaldns","namespace":"kube-system"},"namespace":"kube-system","name":"nodelocaldns","reconcileID":"6ed5a0b9-f5a8-4a77-ac31-88fa7d18f8f1","error":"getting scan job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:38.650798291Z {"level":"error","ts":"2024-04-01T09:47:38Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os05k-w-i"},"namespace":"","name":"os05k-w-i","reconcileID":"0375377b-90c1-4fdf-8401-0d9a178f15b4","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:40.022452978Z {"level":"error","ts":"2024-04-01T09:47:40Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os01k-w"},"namespace":"","name":"os01k-w","reconcileID":"88c4c728-8aee-4099-a9e4-8ba8ec4d79e9","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:40.905081081Z {"level":"error","ts":"2024-04-01T09:47:40Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os02k-m"},"namespace":"","name":"os02k-m","reconcileID":"b0781ce9-bd9b-4c85-80fa-70f7a632c867","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:43.992768273Z {"level":"error","ts":"2024-04-01T09:47:43Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os06k-w-i"},"namespace":"","name":"os06k-w-i","reconcileID":"50741515-7eb7-4cad-9484-9afef4890811","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:44.402290997Z {"level":"error","ts":"2024-04-01T09:47:44Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os01k-m"},"namespace":"","name":"os01k-m","reconcileID":"ad19578a-2049-4fe9-8369-2d54d7047818","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}
2024-04-01T09:47:44.934791092Z {"level":"error","ts":"2024-04-01T09:47:44Z","msg":"Reconciler error","controller":"node","controllerGroup":"","controllerKind":"Node","Node":{"name":"os03k-m"},"namespace":"","name":"os03k-m","reconcileID":"0e999b96-79b4-46f2-9731-b408a6a295b8","error":"getting job tolerations: json: cannot unmarshal string into Go value of type []v1.Toleration","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.17.0/pkg/internal/controller/controller.go:227"}

chen-keinan · 2024-03-27T12:01:40Z

chen-keinan
Mar 27, 2024

@xRTRx can you please share how this value, scanJob.tolerations , look in trivy-operator cm, example :
scanJob.tolerations: "[{\"effect\":\"NoSchedule\",\"key\":\"key1\",\"operator\":\"Equal\",\"value\":\"value1\"}]"

3 replies

xRTRx Mar 28, 2024
Author

scanJob.tolerations: '"[{\"key\": \"node-role.kubernetes.io/control-plane\", \"operator\": \"Equal\", \"value\": \"true\", \"effect\": \"NoSchedule\"}, {\"key\": \"node-role.kubernetes.io/master\", \"operator\": \"Equal\", \"value\": \"true\", \"effect\": \"NoSchedule\"}, {\"key\": \"node-taint.kubernetes.io/ingress\", \"operator\": \"Equal\", \"value\": \"ingress\", \"effect\": \"NoSchedule\"}]"'

xRTRx Mar 28, 2024
Author

Ingress nodes weren't scanned either.
Ingress node taints:
Taints: node-taint.kubernetes.io/ingress=ingress:NoSchedule

xRTRx Apr 1, 2024
Author

@chen-keinan any suggestions or updates for this?

chen-keinan · 2024-04-01T12:22:51Z

chen-keinan
Apr 1, 2024

@xRTRx I think I found the issue, its the additional apostrophe at the beginning and at the end of the toleration:
it shoud look like this :

scanJob.tolerations: "[{\"key\": \"node-role.kubernetes.io/control-plane\", \"operator\": \"Equal\", \"value\": \"true\", \"effect\": \"NoSchedule\"}, {\"key\": \"node-role.kubernetes.io/master\", \"operator\": \"Equal\", \"value\": \"true\", \"effect\": \"NoSchedule\"}, {\"key\": \"node-taint.kubernetes.io/ingress\", \"operator\": \"Equal\", \"value\": \"ingress\", \"effect\": \"NoSchedule\"}]"

1 reply

xRTRx Apr 2, 2024
Author

Thank you, that was the issue.
I couldn't correctly set the required value in the parameters section of the ArgoCD manifest, so moved it to the values section, now it works as expected, here is my updated manifest:

kind: Application
metadata:
  name: trivy-operator
  namespace: argocd
spec:
  project: default
  source:
    repoURL: 'https://aquasecurity.github.io/helm-charts/'
    targetRevision: 0.21.2
    helm:
      parameters:
        - name: compliance.cron
          value: '0 0 * * *'
        - name: compliance.reportType
          value: 'all'
        - name: service.headless
          value: 'false'
        - name: serviceMonitor.enabled
          value: 'true'
        - name: operator.metricsClusterComplianceInfo
          value: 'true'
        - name: operator.metricsConfigAuditInfo
          value: 'true'
        - name: operator.metricsExposedSecretInfo
          value: 'true'
        - name: operator.metricsFindingsEnabled
          value: 'true'
        - name: operator.metricsImageInfo
          value: 'true'
        - name: operator.metricsInfraAssessmentInfo
          value: 'true'
        - name: operator.metricsRbacAssessmentInfo
          value: 'true'
        - name: operator.metricsVulnIdEnabled
          value: 'true'
        - name: operator.clusterSbomCacheEnabled
          value: 'true'
        - name: trivy.storageClassEnabled
          value: 'true'
        - name: trivy.storageClassName
          value: "openebs-hostpath"
        - name: trivy.storageSize
          value: "10Gi"
      values: |
        trivyOperator:
          scanJobTolerations:
            - key: "node-role.kubernetes.io/control-plane"
              operator: "Exists"
              effect: "NoSchedule"
            - key: "node-role.kubernetes.io/master"
              operator: "Exists"
              effect: "NoSchedule"
            - key: "node-taint.kubernetes.io/ingress"
              operator: "Equal"
              value: "ingress"
              effect: "NoSchedule"
    chart: trivy-operator
  destination:
    server: 'https://kubernetes.default.svc'
    namespace: trivy-system
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
      - CreateNamespace=true
      - ApplyOutOfSyncOnly=true

Answer selected by xRTRx

chen-keinan · 2024-04-02T09:25:59Z

chen-keinan
Apr 2, 2024

@xRTRx thanks for this update, can we close this issue ?

2 replies

xRTRx Apr 2, 2024
Author

What about PVC not being created?
or open in another topic?

chen-keinan Apr 2, 2024

please open another issue

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Node-collector pods not running on master nodes #1947

{{title}}

Replies: 4 comments 9 replies

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Select a reply

Node-collector pods not running on master nodes #1947

xRTRx Mar 26, 2024

Replies: 4 comments · 9 replies

xRTRx Mar 26, 2024 Author

xRTRx Mar 26, 2024 Author

chen-keinan Apr 1, 2024

xRTRx Apr 1, 2024 Author

chen-keinan Mar 27, 2024

xRTRx Mar 28, 2024 Author

xRTRx Mar 28, 2024 Author

xRTRx Apr 1, 2024 Author

chen-keinan Apr 1, 2024

xRTRx Apr 2, 2024 Author

chen-keinan Apr 2, 2024

xRTRx Apr 2, 2024 Author

chen-keinan Apr 2, 2024

xRTRx
Mar 26, 2024

Replies: 4 comments 9 replies

xRTRx
Mar 26, 2024
Author

xRTRx Mar 26, 2024
Author

xRTRx Apr 1, 2024
Author

chen-keinan
Mar 27, 2024

xRTRx Mar 28, 2024
Author

xRTRx Mar 28, 2024
Author

xRTRx Apr 1, 2024
Author

chen-keinan
Apr 1, 2024

xRTRx Apr 2, 2024
Author

chen-keinan
Apr 2, 2024

xRTRx Apr 2, 2024
Author