-
Notifications
You must be signed in to change notification settings - Fork 540
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
馃悰 Wait for cert-manager in make create-cluster-management
#1304
馃悰 Wait for cert-manager in make create-cluster-management
#1304
Conversation
Makefile
Outdated
@@ -315,7 +315,13 @@ create-cluster-management: $(CLUSTERCTL) ## Create a development Kubernetes clus | |||
# Apply provider-components. | |||
kubectl \ | |||
--kubeconfig=$$(kind get kubeconfig-path --name="clusterapi") \ | |||
create -f examples/_out/provider-components.yaml | |||
create -f examples/_out/provider-components.yaml || true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
create -f examples/_out/provider-components.yaml || true | |
create -f examples/_out/provider-components.yaml |
We should not continue if applying the provider components fails.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
currently cert-manager manifests are added to provider-components.yaml
. So should we deploy cert-manager first from capi/config/certmanager, wait for pods to be ready and then apply provider-components.yaml?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I believe that should be the correct ordering.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Then we get this error, cert-manager manifests already exists :|
namespace/capi-system created
customresourcedefinition.apiextensions.k8s.io/awsclusters.infrastructure.cluster.x-k8s.io created
customresourcedefinition.apiextensions.k8s.io/awsmachines.infrastructure.cluster.x-k8s.io created
customresourcedefinition.apiextensions.k8s.io/awsmachinetemplates.infrastructure.cluster.x-k8s.io created
customresourcedefinition.apiextensions.k8s.io/clusters.cluster.x-k8s.io created
customresourcedefinition.apiextensions.k8s.io/kubeadmconfigs.bootstrap.cluster.x-k8s.io created
customresourcedefinition.apiextensions.k8s.io/kubeadmconfigtemplates.bootstrap.cluster.x-k8s.io created
customresourcedefinition.apiextensions.k8s.io/machinedeployments.cluster.x-k8s.io created
customresourcedefinition.apiextensions.k8s.io/machines.cluster.x-k8s.io created
customresourcedefinition.apiextensions.k8s.io/machinesets.cluster.x-k8s.io created
role.rbac.authorization.k8s.io/capa-leader-election-role created
role.rbac.authorization.k8s.io/capi-leader-election-role created
clusterrole.rbac.authorization.k8s.io/capa-manager-role created
clusterrole.rbac.authorization.k8s.io/capa-proxy-role created
clusterrole.rbac.authorization.k8s.io/capi-manager-role created
rolebinding.rbac.authorization.k8s.io/capa-leader-election-rolebinding created
rolebinding.rbac.authorization.k8s.io/capi-leader-election-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/capa-manager-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/capa-proxy-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/capi-manager-rolebinding created
secret/capa-manager-bootstrap-credentials created
service/capa-controller-manager-metrics-service created
service/capa-webhook-service created
deployment.apps/capa-controller-manager created
deployment.apps/capi-controller-manager created
certificate.certmanager.k8s.io/capa-serving-cert created
issuer.certmanager.k8s.io/capa-selfsigned-issuer created
validatingwebhookconfiguration.admissionregistration.k8s.io/capa-validating-webhook-configuration created
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": namespaces "cert-manager" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": customresourcedefinitions.apiextensions.k8s.io "certificaterequests.certmanager.k8s.io" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": customresourcedefinitions.apiextensions.k8s.io "certificates.certmanager.k8s.io" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": customresourcedefinitions.apiextensions.k8s.io "challenges.certmanager.k8s.io" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": customresourcedefinitions.apiextensions.k8s.io "clusterissuers.certmanager.k8s.io" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": customresourcedefinitions.apiextensions.k8s.io "issuers.certmanager.k8s.io" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": customresourcedefinitions.apiextensions.k8s.io "orders.certmanager.k8s.io" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": mutatingwebhookconfigurations.admissionregistration.k8s.io "cert-manager-webhook" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": serviceaccounts "cert-manager" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": serviceaccounts "cert-manager-cainjector" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": serviceaccounts "cert-manager-webhook" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterroles.rbac.authorization.k8s.io "cert-manager-edit" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterroles.rbac.authorization.k8s.io "cert-manager-view" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterroles.rbac.authorization.k8s.io "cert-manager-webhook:webhook-requester" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterroles.rbac.authorization.k8s.io "cert-manager-cainjector" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterroles.rbac.authorization.k8s.io "cert-manager-controller-certificates" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterroles.rbac.authorization.k8s.io "cert-manager-controller-challenges" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterroles.rbac.authorization.k8s.io "cert-manager-controller-clusterissuers" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterroles.rbac.authorization.k8s.io "cert-manager-controller-ingress-shim" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterroles.rbac.authorization.k8s.io "cert-manager-controller-issuers" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterroles.rbac.authorization.k8s.io "cert-manager-controller-orders" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterroles.rbac.authorization.k8s.io "cert-manager-leaderelection" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": rolebindings.rbac.authorization.k8s.io "cert-manager-webhook:webhook-authentication-reader" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterrolebindings.rbac.authorization.k8s.io "cert-manager-cainjector" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterrolebindings.rbac.authorization.k8s.io "cert-manager-controller-certificates" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterrolebindings.rbac.authorization.k8s.io "cert-manager-controller-challenges" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterrolebindings.rbac.authorization.k8s.io "cert-manager-controller-clusterissuers" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterrolebindings.rbac.authorization.k8s.io "cert-manager-controller-ingress-shim" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterrolebindings.rbac.authorization.k8s.io "cert-manager-controller-issuers" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterrolebindings.rbac.authorization.k8s.io "cert-manager-controller-orders" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterrolebindings.rbac.authorization.k8s.io "cert-manager-leaderelection" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": clusterrolebindings.rbac.authorization.k8s.io "cert-manager-webhook:auth-delegator" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": services "cert-manager" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": services "cert-manager-webhook" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": deployments.apps "cert-manager" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": deployments.apps "cert-manager-cainjector" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": deployments.apps "cert-manager-webhook" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": apiservices.apiregistration.k8s.io "v1beta1.webhook.certmanager.k8s.io" already exists
Error from server (AlreadyExists): error when creating "examples/_out/provider-components.yaml": validatingwebhookconfigurations.admissionregistration.k8s.io "cert-manager-webhook" already exists
make: *** [Makefile:319: create-cluster-management] Error 1
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, this is because the target that is building the provider components is adding the cert manager manifests... I'm wondering if we should not use that target for this step and instead build the manifests with kustomize here instead?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where are these CRDs getting added?
5b44d40
to
1f23eb6
Compare
1f23eb6
to
bb0dcd3
Compare
--kubeconfig=$$(kind get kubeconfig-path --name="clusterapi") \ | ||
wait --for=condition=Ready --namespace=cert-manager --timeout=15m pods --all | ||
# Wait for webhook servers to be ready to take requests | ||
sleep 10 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This sleep is to avoid this error
Error from server (InternalError): error when creating "examples/_out/provider-components.yaml": Internal error occurred: failed calling webhook "webhook.cert-manager.io": the server is currently unable to handle the request
Error from server (InternalError): error when creating "examples/_out/provider-components.yaml": Internal error occurred: failed calling webhook "webhook.cert-manager.io": the server is currently unable to handle the request
@@ -304,7 +304,14 @@ create-cluster-management: $(CLUSTERCTL) ## Create a development Kubernetes clus | |||
kubectl \ | |||
--kubeconfig=$$(kind get kubeconfig-path --name="clusterapi") \ | |||
create -f https://github.com/jetstack/cert-manager/releases/download/v0.11.0/cert-manager.yaml | |||
# Wait for cert-manager pods to be created | |||
sleep 20 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This can probably be removed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this sleep is here as pods are not created instantly, kubectl wait complains that no pod found
# Wait for cert-manager pods to be ready.
kubectl \
--kubeconfig=$(kind get kubeconfig-path --name="clusterapi") \
wait --for=condition=Ready --namespace=cert-manager --timeout=15m pods --all
error: no matching resources found
/approve |
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dims, tahsinrahman, vincepri The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What this PR does / why we need it:
Fix this error
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Fixes #