Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Furyctl validated correctly but furyctl apply reports missing values #211

Open
FedericoAntoniazzi opened this issue Apr 18, 2024 · 4 comments
Open

Furyctl validated correctly but furyctl apply reports missing values #211

FedericoAntoniazzi opened this issue Apr 18, 2024 · 4 comments

Comments

@FedericoAntoniazzi
Copy link
Member

Scenario

I have a furyctl.yaml file for an OnPremises installation, which currently needs the CNI only:

apiVersion: kfd.sighup.io/v1alpha2
kind: OnPremises
metadata:
  name: fury-poc
spec:
  distributionVersion: v1.27.3
  ...
  distribution:
    modules:
      networking:
        type: "calico"
      ingress:
        baseDomain: internal.example.dev
        nginx:
          type: none
      logging:
        type: none
      monitoring:
        type: none
      ...

I made sure everything was okay by validating the config

furyctl validate config
INFO Downloading distribution...                  
INFO Compatibility patches applied for v1.27.3    
INFO configuration file validation succeeded      
INFO There is a newer release available: v0.28.0

But then, when running the apply, I got the following error:

furyctl apply --phase distribution --skip-nodes-upgrade --force upgrades
INFO Downloading distribution...                  
INFO Compatibility patches applied for v1.27.3    
INFO Validating configuration file...             
INFO Downloading dependencies...                  
INFO There is a newer release available: v0.28.0  
INFO Validating dependencies...                   
INFO Running preflight checks                     
INFO Checking that the cluster is reachable...    
INFO Preflight checks completed successfully      
INFO Running preupgrade phase...                  
INFO Preupgrade phase completed successfully      
INFO Installing Kubernetes Fury Distribution...   
INFO Checking that the cluster is reachable...    
INFO Checking storage classes...                  
WARN No storage classes found in the cluster. logging module (if enabled), tracing module (if enabled), dr module (if enabled) and prometheus-operated package installation will be skipped. You need to install a StorageClass and re-run furyctl to install the missing components. 
ERRO error while creating cluster: error while executing distribution phase: error while executing phase: error preparing distribution phase: error copying from template: error generating from template files: error applying templates: error processing template: template: cert-manager-clusterissuer.yml.tpl:40:17: executing "cert-manager-clusterissuer.yml.tpl" at <.spec.distribution.modules.ingress.certManager.clusterIssuer.solvers>: map has no entry for key "solvers" filePath: /var/folders/mf/vblq1rpx01571403sbmyb6m40000gn/T/furyctl-3210227887/data/templates/distribution/manifests/ingress/resources/cert-manager-clusterissuer.yml.tpl

I also tried setting the parameter --force all but the error persists.
@nutellinoit
Copy link
Member

nutellinoit commented Apr 18, 2024
edited

You are using an outaded distro and furyctl version, you should update to the latest.

Apart from that, in the ingress module certManager must be configured, even if the nginx is none.

      ingress:
        baseDomain: internal.example.dev
        # configurations for the nginx ingress controller package
        nginx:
          # type defines if the nginx should be configured as single or dual (internal + external) or none, with none no ingress controller will be deployed and also no ingress resource will be created
          type: none
          # the tls section defines how the tls for the ingresses should be managed
          tls:
            # provider can be certManager, secret
            provider: certManager
        # configuration for the cert-manager package
        certManager:
          # the configuration for the clusterIssuer that will be created
          clusterIssuer:
            # the name of the clusterIssuer
            name: letsencrypt-fury
            # the email used during issuing procedures
            email: example@sighup.io
            # you can configure the clusterIssuer by specifing type (can be only http01) or custom solvers
            type: http01

@nutellinoit
Copy link
Member

The fury version should be v1.27.5 and the furyctl version should be 0.28.0

@FedericoAntoniazzi
Copy link
Member Author

Hi Samuele,

In this scenario, I'm operating in a cluster that may not have internet connectivity in the future and no ports exposed on the internet.
Is it possible to disable the default issuer in favor of a self-signed one?

@FedericoAntoniazzi
Copy link
Member Author

Back to the original issue, spec.distribution.modules.ingress.certManager is not marked as mandatory in the schema

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nutellinoit @FedericoAntoniazzi