Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLS documentation is not correct (or authorino not working as intended) #243

Closed
OperationalDev opened this issue Apr 6, 2022 · 1 comment · Fixed by #244
Closed

TLS documentation is not correct (or authorino not working as intended) #243

OperationalDev opened this issue Apr 6, 2022 · 1 comment · Fixed by #244
Assignees
@guicassolato
Labels
kind/bug Something isn't working

Comments

@OperationalDev
Copy link
Contributor

OperationalDev commented Apr 6, 2022
edited
Loading

Describe the bug
When running through the getting started tutorial using TLS, the authorino operator panics.

Help us Reproduce it
To reproduce follow the tutorial steps:

  1. Install operator: kubectl apply -f https://raw.githubusercontent.com/Kuadrant/authorino-operator/main/config/deploy/manifests.yaml
  2. Create namespace: kubectl create namespace authorino
  3. Setup cert-manager: kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.4.0/cert-manager.yaml
  4. Create certs: curl -sSL https://raw.githubusercontent.com/Kuadrant/authorino/main/deploy/certs.yaml | sed "s/$(AUTHORINO_INSTANCE)/authorino/g;s/$(NAMESPACE)/authorino/g" | kubectl -n authorino apply -f -
  5. Deploy Authorino with TLS
kubectl -n authorino apply -f -<<EOF
apiVersion: operator.authorino.kuadrant.io/v1beta1
kind: Authorino
metadata:
  name: authorino
spec:
  image: quay.io/3scale/authorino:v0.5.0
  replicas: 1
  clusterWide: true
  listener:
    tls:
      certSecretRef:
        name: authorino-server-cert
  oidcServer:
    tls:
      certSecretRef:
        name: authorino-oidc-server-cert
EOF

Expected behavior
Authorino instance should be created.

Actual behavior
Operator panics.

[bob@workstation example]$ k logs -f deployment/authorino-operator-controller-manager -c manager -n authorino-operator
2022-04-06T11:35:18.332Z        INFO    controller-runtime.metrics      metrics server is starting to listen    {"addr": "127.0.0.1:8080"}
2022-04-06T11:35:18.334Z        INFO    setup   starting manager
I0406 11:35:18.334570       1 leaderelection.go:243] attempting to acquire leader lease authorino-operator/aac3a15d.authorino.kuadrant.io...
2022-04-06T11:35:18.334Z        INFO    controller-runtime.manager      starting metrics server {"path": "/metrics"}
I0406 11:35:33.776897       1 leaderelection.go:253] successfully acquired lease authorino-operator/aac3a15d.authorino.kuadrant.io
2022-04-06T11:35:33.776Z        DEBUG   controller-runtime.manager.events       Normal  {"object": {"kind":"ConfigMap","namespace":"authorino-operator","name":"aac3a15d.authorino.kuadrant.io","uid":"8dafc1e5-b6da-4c4b-b7fc-35cfadda7d59","apiVersion":"v1","resourceVersion":"36445045"}, "reason": "LeaderElection", "message": "authorino-operator-controller-manager-d4ccf5478-zxmmw_41a63594-323f-477d-9e52-e6490c5f7611 became leader"}
2022-04-06T11:35:33.777Z        DEBUG   controller-runtime.manager.events       Normal  {"object": {"kind":"Lease","namespace":"authorino-operator","name":"aac3a15d.authorino.kuadrant.io","uid":"beecf777-33bc-4cf1-81e8-f44256d46893","apiVersion":"coordination.k8s.io/v1","resourceVersion":"36445046"}, "reason": "LeaderElection", "message": "authorino-operator-controller-manager-d4ccf5478-zxmmw_41a63594-323f-477d-9e52-e6490c5f7611 became leader"}
2022-04-06T11:35:33.777Z        INFO    controller-runtime.manager.controller.authorino Starting EventSource    {"reconciler group": "operator.authorino.kuadrant.io", "reconciler kind": "Authorino", "source": "kind source: /, Kind="}
2022-04-06T11:35:33.777Z        INFO    controller-runtime.manager.controller.authorino Starting Controller     {"reconciler group": "operator.authorino.kuadrant.io", "reconciler kind": "Authorino"}
2022-04-06T11:35:33.877Z        INFO    controller-runtime.manager.controller.authorino Starting workers        {"reconciler group": "operator.authorino.kuadrant.io", "reconciler kind": "Authorino", "worker count": 1}
2022-04-06T11:35:33.877Z        DEBUG   authorino-operator.controller.Authorino Found an instance of authorino  {"authorino": "hello-world/authorino", "authorinoInstanceName": "authorino"}
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x15040d9]

goroutine 257 [running]:
github.com/kuadrant/authorino-operator/controllers.(*AuthorinoReconciler).installationPreflightCheck(0xc0005808a0, 0xc0000ee000, 0x1e, 0xc000416a00)
        /workspace/controllers/authorino_controller.go:677 +0x239
github.com/kuadrant/authorino-operator/controllers.(*AuthorinoReconciler).Reconcile(0xc0005808a0, 0x1a05578, 0xc000514f30, 0xc000627b10, 0xb, 0xc000627af0, 0x9, 0xc000514f30, 0xc000030000, 0x16cd6c0, ...)
        /workspace/controllers/authorino_controller.go:100 +0x28b
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler(0xc000550b40, 0x1a054d0, 0xc0003dac00, 0x1693a20, 0xc000416980)
        /go/pkg/mod/sigs.k8s.io/controller-runtime@v0.9.2/pkg/internal/controller/controller.go:298 +0x30d
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem(0xc000550b40, 0x1a054d0, 0xc0003dac00, 0xc0003c3700)
        /go/pkg/mod/sigs.k8s.io/controller-runtime@v0.9.2/pkg/internal/controller/controller.go:253 +0x205
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2(0xc000626b50, 0xc000550b40, 0x1a054d0, 0xc0003dac00)
        /go/pkg/mod/sigs.k8s.io/controller-runtime@v0.9.2/pkg/internal/controller/controller.go:214 +0x6b
created by sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2
        /go/pkg/mod/sigs.k8s.io/controller-runtime@v0.9.2/pkg/internal/controller/controller.go:210 +0x425

Environment (please complete the following information):

  • Cluster version: v1.23.1
  • Authorino version: latest

Additional context
To fix this, I changed my config as follows:

kubectl -n authorino apply -f -<<EOF
apiVersion: operator.authorino.kuadrant.io/v1beta1
kind: Authorino
metadata:
  name: authorino
spec:
  image: quay.io/3scale/authorino:v0.5.0
  replicas: 1
  clusterWide: true
  listener:
    tls:
      enabled: true
      certSecretRef:
        name: authorino-server-cert
  oidcServer:
    tls:
      enabled: true
      certSecretRef:
        name: authorino-oidc-server-cert
EOF
@guicassolato guicassolato mentioned this issue Apr 6, 2022
Merged
2 tasks
@guicassolato
Copy link
Collaborator

Thanks for reporting this, @OperationalDev! I've sent a PR to fix in the docs.
It looks like we also need to do fix this for real in https://github.com/kuadrant/authorino-operator.

@guicassolato guicassolato self-assigned this Apr 6, 2022
@guicassolato guicassolato added the kind/bug Something isn't working label Apr 6, 2022
@guicassolato guicassolato mentioned this issue Apr 6, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@guicassolato guicassolato

Labels
kind/bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[docs] Small fixes in Getting Started user guide Kuadrant/authorino
2 participants
@guicassolato @OperationalDev