This PR introduces change to allow upgrading existing node groups for
tenant Kubernetes cluster:
This fixes the error:
```
Status: Failed (UpgradeFailed: Helm upgrade failed for release tenant-test0/kubernetes-test0 with chart kubernetes@0.3.0: cannot patch "kubernetes-test0-md0" with kind KubevirtMachineTemplate: admission webhook "validation.kubevirtmachinetemplate.infrastructure.cluster.x-k8s.io" denied the request: KubevirtMachineTemplateSpec is immutable)
```
This is done by generating unique names for KubevirtMachineTemplate
based on hash from spec. Old KubevirtMachineTemplates keep existing in
the cluster until some MachineSet continues using them.
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
I don't understand why "true" value isn't accepted here, but I have seen
this before. The `--enable-ssl-passthrough` parameter is not supposed to
accept any value, it's a stand-alone argument.
With this change I get my traffic appropriately passed through to
backend ingress on a kubevirt cluster that enabled TLS
Without it (the change is made on the addon ingress, which is very
strange, because that one isn't even configured to use a passthrough
annotation... the root ingress controller doesn't seem to care) I get
this error:
> 400 Bad Request
> The plain HTTP request was sent to HTTPS port
> ---
> nginx
Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
The error manifests as:
W0705 16:07:35.694677 7 configmap.go:431] unexpected error merging
defaults: 2 error(s) decoding:
* cannot parse 'proxy-connect-timeout' as int: strconv.ParseInt: parsing
"10s": invalid syntax
* cannot parse 'proxy-read-timeout' as int: strconv.ParseInt: parsing
"10s": invalid syntax
I came across this trying to understand why my nginx ingress addon
config isn't working, (this didn't help, but at least the warning is
gone now.)
I'll continue to try to debug, but I think this can merge any time
Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
image to test:
```
ghcr.io/aenix-io/cozystack/cozystack:v0.8.0@sha256:48e9f676f4eca5f7036648a56767c31beb0aca8fdc6d6798bd65de74886ed1ef
```
this PR should fix a problem of upgrading from older cozystack version
```
make: Leaving directory '/cozystack/packages/core/platform'
deployment.apps/source-controller condition met
deployment.apps/helm-controller condition met
Error from server (NotFound): helmreleases.helm.toolkit.fluxcd.io "fluxcd" not found
NAME CREATED AT
helmreleases.helm.toolkit.fluxcd.io 2024-05-29T11:00:16Z
helmrepositories.source.toolkit.fluxcd.io 2024-05-29T11:00:17Z
make: Entering directory '/cozystack/packages/system/fluxcd-operator'
kubectl patch hr -n cozy-fluxcd fluxcd-operator -p '{"spec": {"suspend": true}}' --type=merge --field-manager=flux-client-side-apply
Error from server (NotFound): helmreleases.helm.toolkit.fluxcd.io "fluxcd-operator" not found
make: *** [../../../scripts/package-system.mk:20: suspend] Error 1
make: Leaving directory '/cozystack/packages/system/fluxcd-operator'
time="2024-07-04T12:50:05Z" level=fatal msg="failed to run" err="exit status 2"
```
Fix#195
Don't set the `interval` so short on HelmReleases, with this many
HelmReleases that really hamstrings the control plane.
Also, copy the install/upgrade remediation config from system packages
to the Kubernetes templates for addon packages (cilium, flux, ingress) -
in my testing the ingress-nginx chart fails every time the first time.
Maybe that should be filed as a separate issue, I haven't looked into
detail, it is some issue related to a secret not being created, I think
it said something related to an admission controller.
Looks as though it's a conflict with being installed at the same time as
the cert-manager addon.
Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
I am testing install with this PR #183 and I had some issues, these
should help
---------
Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
This cumulative PR includes the following changes:
- Migrate from fluxcd-community charts to Flux-Operator #166
- Upgrade to Flux 2.3.x #167
- Refactor Flux 2.3 update #172
- Update flux plugin for dashboard #171
- Flux Operator 0.6 #178
This PR upgrades to Flux-Operator 0.6 released this morning, also includes:
* #170
which is an aggregate PR, so #171#172 etc. I think this PR now basically subsumes #170 and can replace it.
I have at least 80% confidence there are no errors in this PR. It also restores the networkPolicy default and the deleted cozy-dashboard network policy, which we will see fixed (restored to install NetworkPolicy resources by default) in the next `flux-operator` release.
Ref: https://github.com/controlplaneio-fluxcd/flux-operator/pull/52
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
