Fix for CI: adding chart museum ingress #5337
Conversation
Signed-off-by: Rafa Castelblanque <rcastelblanq@vmware.com>
Signed-off-by: Rafa Castelblanque <rcastelblanq@vmware.com>
Signed-off-by: Rafa Castelblanque <rcastelblanq@vmware.com>
Signed-off-by: Rafa Castelblanque <rcastelblanq@vmware.com>
Signed-off-by: Rafa Castelblanque <rcastelblanq@vmware.com>
✅ Deploy Preview for kubeapps-dev canceled.
|
Signed-off-by: Rafa Castelblanque <rcastelblanq@vmware.com>
script/chart-museum.sh
Outdated
| @@ -107,9 +109,6 @@ spec: | |||
| pathType: ImplementationSpecific | |||
| EOF | |||
|
|
|||
| # Add Ingress IP to hosts file | |||
| sudo echo "${DEX_IP} ${CHARTMUSEUM_HOSTNAME}" >> /etc/hosts | |||
There was a problem hiding this comment.
Mmm, so it was a kind of a race condition because of the hostname not being set timely? Thanks for addressing it!
There was a problem hiding this comment.
Not really. That line was a test I did, but I didn't remember that the whole script must be run with sudo, which is not a good option. Finally went with sending the Host header and going to the IP directly.
However, it still fails and I can't replicate it locally. Whenever I have time I'll continue debugging in CircleCI directly.
There was a problem hiding this comment.
Feel free to jump in if you see the cause of the current error.
| nginx.ingress.kubernetes.io/connection-proxy-header: keep-alive | ||
| nginx.ingress.kubernetes.io/proxy-read-timeout: "600" | ||
| nginx.ingress.kubernetes.io/proxy-buffer-size: "8k" | ||
| nginx.ingress.kubernetes.io/proxy-buffers: "4.0" |
There was a problem hiding this comment.
not sure we really need these annotations here, no?
There was a problem hiding this comment.
We are using those annotations in the other Ingress definition we use, so I just copy-pasted. Happy to remove them.
| path: / | ||
| pathType: ImplementationSpecific | ||
| EOF | ||
| sleep 20 |
There was a problem hiding this comment.
Why this manual sleep here? Maybe it's for giving some time to the ingress controller to become available? If so, why not just sth like: kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=120s
There was a problem hiding this comment.
That sleep is the key that was missing. Before that, Ingress wasn't ready by the time it was used some instructions after. I thought about adding the kubectl wait, but that is for the nginx controller itself which is ready way before (when the cluster is installed).
It seems that it takes some time for the route to be processed by the Nginx controller?
Description of the change
CI E2E runs are constantly failing due to problems with the
port-forwarddone in the chart-museum part.Whenever a chart is needed to be pushed to chart-museum, there is a port-forward done to the service.
That solution is weak and error prone, this PR removes that and adds an ingress setup for Chart museum so that there is no port-forward used anymore.
Ingress is only used from the scripts to push charts. From the E2E tests, the same internal service locator is used (
http://chartmuseum.${CHARTMUSEUM_NS}.svc.cluster.local:8080/).Benefits
It should bring more reliability.
Possible drawbacks
N/A
Applicable issues
N/A