-
Notifications
You must be signed in to change notification settings - Fork 289
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CSI controller crashes in deployments using current templates #2331
Comments
Hm that's not great. @chrischdi Didn't we use our normal templates for our tests with that combination of config? |
I thought we do not need the insecure flag when there is a thumbprint: https://github.com/kubernetes-sigs/cluster-api-provider-vsphere/blob/main/templates/cluster-template.yaml#L451 This was actually introduced to be like that in #1819 . |
I think we also used this cluster-template like this for our CAPI scale test where we setup a CAPV cluster? |
We may grab the config from the cluster to double check. |
I think I did see the same issue while running locally yesterday (did not have time though to invest). Wondering how the conformance tests work (or if they test pvc's). |
Probably don't test PVC's because they can't assume a CSI is deployed |
Maybe the old CSI driver version could explain it? IIRC current version is 3 something? I think we should upgrade that in any case and maybe that also solves the problem? |
Tried to bump the CSI driver to latest 3.1.0 and it solved the issue. |
/kind bug
What steps did you take and what happened:
CSI plugin needs
insecure-flag
to be set without trusted CA even when the thumbprint is provided.The templates in the CAPV source does not contain this flag.
What did you expect to happen:
Anything else you would like to add:
CAPV does not require the insecure flag when the thumbprint is provided.
This should be aligned in the future to avoid customer confusion.
Environment:
kubectl version
):/etc/os-release
):The text was updated successfully, but these errors were encountered: