helm's People
helm's Issues
Operator does not successfully reconcile with default Helm deployment
Helm must not be creating ControlPlane CR correctly because Operator fails to reconcile, resulting in crashloop of Port Manager.
Operator error:
{
"level": "error",
"ts": 1606345101.8369243,
"logger": "controller-runtime.controller",
"msg": "Reconciler error",
"controller": "control-plane-controller",
"request": "iofog-helm-ci-10860/iofog",
"error": "Reconcile Router failed: Missing Proxy.Router data for non LoadBalancer Router service\nUnexpected HTTP response\nReceived 400 from POST http://controller:51121/api/v3/user/signup\n{\"name\":\"ValidationError\",\"message\":\"Field firstName does not meet minimum length of 3\"}",
"stacktrace": "github.com/go-logr/zapr.(*zapLogger).Error\n\t/operator/vendor/github.com/go-logr/zapr/zapr.go:128\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/operator/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:258\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/operator/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:232\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).worker\n\t/operator/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:211\nk8s.io/apimachinery/pkg/util/wait.JitterUntil.func1\n\t/operator/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:152\nk8s.io/apimachinery/pkg/util/wait.JitterUntil\n\t/operator/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:153\nk8s.io/apimachinery/pkg/util/wait.Until\n\t/operator/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:88"
}
Helm charts for 3.0.0-alpha1 reference CRD v3 but deploys v2
The Helm charts for ioFog 3.0.0-alpha1 deploy a CRD version v2:
Lines 38 to 42 in 7fc0f71
But reference a version v3:
helm/iofog/templates/control_plane.yml
Lines 1 to 2 in 7fc0f71
This means, using the Helm charts is not possible.
CRDs still use apiextensions.k8s.io/v1beta1
The CRDs still use v1beta1, which is deprecated in Kubernetes 1.16 and removed in 1.22+ โฆ
Meaning: You can no longer install ioFog on the most recent Kubernetes version!
Missing RBAC rules
It looks like there are some permission missing in the most recent change:
0:48:36.670Z INFO controller-runtime.metrics metrics server is starting to listen {"addr": ":8080"}
2021-09-24T10:48:36.670Z INFO setup starting manager
2021-09-24T10:48:36.670Z INFO controller-runtime.manager starting metrics server {"path": "/metrics"}
2021-09-24T10:48:36.671Z INFO controller Starting EventSource {"reconcilerGroup": "iofog.org", "reconcilerKind": "Application", "controller": "application", "source": "kind source: /, Kind="}
2021-09-24T10:48:36.671Z INFO controller Starting EventSource {"reconcilerGroup": "iofog.org", "reconcilerKind": "ControlPlane", "controller": "controlplane", "source": "kind source: /, Kind="}
E0924 10:48:36.673407 1 reflector.go:127] sigs.k8s.io/controller-runtime/pkg/cache/internal/informers_map.go:225: Failed to watch *v3.Application: failed to list *v3.Application: applications.iofog.org is forbidden: User "system:serviceaccount:default:iofog-operator" cannot list resource "applications" in API group "iofog.org" in the namespace "default"
2021-09-24T10:48:36.772Z INFO controller Starting Controller {"reconcilerGroup": "iofog.org", "reconcilerKind": "ControlPlane", "controller": "controlplane"}
E0924 10:48:38.009559 1 reflector.go:127] sigs.k8s.io/controller-runtime/pkg/cache/internal/informers_map.go:225: Failed to watch *v3.Application: failed to list *v3.Application: applications.iofog.org is forbidden: User "system:serviceaccount:default:iofog-operator" cannot list resource "applications" in API group "iofog.org" in the namespace "default"
E0924 10:48:40.295749 1 reflector.go:127] sigs.k8s.io/controller-runtime/pkg/cache/internal/informers_map.go:225: Failed to watch *v3.Application: failed to list *v3.Application: applications.iofog.org is forbidden: User "system:serviceaccount:default:iofog-operator" cannot list resource "applications" in API group "iofog.org" in the namespace "default"
E0924 10:48:45.700595 1 reflector.go:127] sigs.k8s.io/controller-runtime/pkg/cache/internal/informers_map.go:225: Failed to watch *v3.Application: failed to list *v3.Application: applications.iofog.org is forbidden: User "system:serviceaccount:default:iofog-operator" cannot list resource "applications" in API group "iofog.org" in the namespace "default"
Fail to pull from docker.io
Installing ioFog fails due to pull rate limits on docker.io:
Please consider https://quay.io or https://ghcr.io
Allow installing without being cluster-admin
Currently the Helm chart binds the service account of the ioFog operator to the role cluster-admin
. That sounds overly excessive to me:
helm/iofog/templates/operator.yml
Lines 60 to 63 in 120560f
The operator only watches a single namespace, so I would understand why it needs permissions for this single namespace.
Installing CRDs requires more access. However you can --skip-crds
in Helm, or/and install the CRDs with an alternate user. The operator service account does not need access to that either.
I think it would be good to have an explicit list of permissions that are required, rather than "give me all".
Helm 3.0 format not supported.
When I try to apply iofog helm on kubernetes using Helm 3.0.2 it returns
manifest_sorter.go:175: info: skipping unknown hook: "crd-install"
I fixed the issue by changing crd-install
to pre-install in templates/crds.yml and replacing apiVersion: apiextensions.k8s.io/v1beta1
by apiVersion: batch/v1
but still there is an issue with the Chart.yml telling helm.go:76: [debug] validation: chart.metadata is required
.
would you please suggest a fix or work around for this issue?
Helm charts fail to deploy
Using the most recent change from develop
I get:
Error: failed to install CRD crds/crds.yml: CustomResourceDefinition.apiextensions.k8s.io "applications.iofog.org" is invalid: [spec.validation.openAPIV3Schema.properties[spec].properties[microservices].items.properties[agent].properties[config].properties[changeFrequency].type: Required value: must not be empty for specified object fields, spec.validation.openAPIV3Schema.properties[spec].properties[microservices].items.properties[agent].properties[config].properties[deviceScanFrequency].type: Required value: must not be empty for specified object fields, spec.validation.openAPIV3Schema.properties[spec].properties[microservices].items.properties[agent].properties[config].properties[statusFrequency].type: Required value: must not be empty for specified object fields, spec.validation.openAPIV3Schema.properties[spec].properties[microservices].items.properties[config].type: Required value: must not be empty for specified object fields, spec.validation.openAPIV3Schema.properties[spec].properties[microservices].items.properties[container].properties[ports].items.properties[external].type: Required value: must not be empty for specified object fields, spec.validation.openAPIV3Schema.properties[spec].properties[microservices].items.properties[container].properties[ports].items.properties[internal].type: Required value: must not be empty for specified object fields, spec.validation.openAPIV3Schema.properties[spec].properties[microservices].items.properties[container].properties[ports].items.properties[publicPort].type: Required value: must not be empty for specified object fields, spec.validation.openAPIV3Schema.properties[spec].properties[microservices].items.properties[container].properties[rootHostAccess].type: Required value: must not be empty for specified object fields, spec.validation.openAPIV3Schema.properties[spec].properties[microservices].items.properties[rebuild].type: Required value: must not be empty for specified object fields]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.