Kube-proxy wrong credentials

[stefkampen]

I'm getting the following error in my logs (running 1.13.2 on Azure Kubernetes Service):
ts=2019-07-17T07:25:29.323056544Z caller=images.go:107 resource=kube-system:daemonset/kube-proxy err="decoded credential has wrong number of fields (expected 2, got 1)"

Is there anything I can do to prevent this error? As far as I can see it does not affect the functionality in any way.

[squaremo]

It looks like this problem: #1596. Any chance that the credentials were created by a kubectl v1.13.1?

[Sleepy-GH]

I'm actually running into the same problem running 1.13.5 on AKS. I think it's the way Azure Kubernetes Service provisions the cluster or something. When I check out the secret for kube-proxy (kubectl get secret emptyacrsecret -n kube-system -o=yaml) it gives me this piece of json:
{"auths":{"aksrepos.azurecr.io":{"Username":"","Password":"","Email":""}}}
This is missing the Auth field as described in the issue you're referencing.

[GODBS]

I am having the same issue all of a sudden and i am running Azure Kubernetes Service. However, in my case, the docker images don't update. I get an access forbidden when trying to access the tag/list

[gldraphael]

Same here.

ts=2019-08-19T09:02:59.793453534Z caller=images.go:107 resource=kube-system:deployment/coredns err="decoded credential has wrong number of fields (expected 2, got 1)"
ts=2019-08-19T09:03:59.884186393Z caller=images.go:107 resource=kube-system:daemonset/kube-proxy err="decoded credential has wrong number of fields (expected 2, got 1)"
ts=2019-08-19T09:04:59.793592236Z caller=images.go:107 resource=kube-system:daemonset/kube-proxy err="decoded credential has wrong number of fields (expected 2, got 1)"

kubectl version returns:

Client Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.3", GitCommit:"5e53fd6bc17c0dec8434817e69b04a25d8ae0ff0", GitTreeState:"clean", BuildDate:"2019-06-06T01:44:30Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"windows/amd64"}
Server Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.5", GitCommit:"0e9fcb426b100a2aea5ed5c25b3d8cfbb01a8acf", GitTreeState:"clean", BuildDate:"2019-08-05T09:13:08Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}

(I'm using the kubectl bundled with Docker for Windows.)

In my case this is only an issue when using private ACR. Flux is not able to deploy images from ACR. I've assigned the Reader and AcrPull roles to the AKS cluster's service-principal, and performed the installation with registry.acr.enabled=true. I also execed into the pod to check /etc/kubernetes/azure.json, and it had the correct credentials of the service principal.

I'm able to reproduce this reliably and can provide detailed steps if needed.

[gldraphael]

Update: the reason flux wasn't able to deploy images is unrelated to this issue.
In my case, the git url format was git@github.com:org/repo.git instead of ssh://git@github.com/org/repo.git -- fixing the url makes deployments work but the warning still remains.

kubectl version returns:

Client Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.6", GitCommit:"96fac5cd13a5dc064f7d9f4f23030a6aeface6cc", GitTreeState:"clean", BuildDate:"2019-08-19T11:13:49Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"windows/amd64"}
Server Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.6", GitCommit:"96fac5cd13a5dc064f7d9f4f23030a6aeface6cc", GitTreeState:"clean", BuildDate:"2019-08-19T11:05:16Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}

[elzapp]

I have the same warning. It is annoying, but it doesn't seem to have any consequences. Everything works nicely, but the logs are full of these warnings