helm: cilium kvstore clustermesh failing without clustermesh-apiserver-remote-cert
in 1.15
#32122
Open
2 of 3 tasks
Labels
area/clustermesh
Relates to multi-cluster routing functionality in Cilium.
kind/bug
This is a bug in the Cilium logic.
kind/community-report
This was reported by a user in the Cilium community, eg via Slack.
sig/agent
Cilium agent related.
Is there an existing issue for this?
What happened?
After upgrade from 1.14.8 to 1.15.3 Cilium is failing to connect to remote etcd with:
Possible cause:
common-etcd-client-ca.crt
is supposed to be included viaclustermesh-secrets
fromclustermesh-apiserver-remote-cert
:cilium/install/kubernetes/cilium/templates/cilium-agent/daemonset.yaml
Lines 863 to 893 in a758d21
clustermesh-apiserver-remote-cert
is created only whenclustermesh.useAPIServer
is set totrue
cilium/install/kubernetes/cilium/templates/clustermesh-apiserver/tls-provided/remote-secret.yaml
Lines 1 to 5 in a758d21
kvstore
can't be used together withclustermesh.useAPIServer
, otherwise helm chart is failing with:Cilium Version
1.15.3
Kernel Version
NA
Kubernetes Version
N/A
Regression
1.14.8
Sysdump
No response
Relevant log output
Anything else?
No response
Cilium Users Document
Code of Conduct
The text was updated successfully, but these errors were encountered: