-
Notifications
You must be signed in to change notification settings - Fork 188
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade controller to Kustomize v4 #343
Conversation
f01e64b
to
de0310e
Compare
The dependency tree that results in the
The problem here is that This does however raise the question how we can deal with this in the future, as we will be unable to make any upgrades of some packages till we can cut loose from the |
I ran into kubernetes-sigs/kustomize#3446 and echo the sentiment in kubernetes-sigs/kustomize#3446 (comment) It's basically the same use case as described in your report there, integer key for use in a HelmRelease triggers this issue -- my nginx ingress opens a TCP port 2222 to accommodate an extra service in the load balancer, ssh for
The output looks like this:
Basically no way I would have understood that error message without following the links, and I'm not sure of any way to work around it. This would block me from upgrading. |
@kingdonb try: values:
tcp:
"2222": "deis/deis-builder:2222" |
That sorted it for me, perfect 👍 no other issues at this time |
@kingdonb Given the nginx ingress popularity, I imagine this will impact many Flux users. Indeed that error doesn't say much, but now the Kubernetes object is embedded in the error message so at least you know exactly which object caused the issue. |
Thank you for the PR. Bootstrapping new cluster with this PR gives kustomize build failed error as raised under issue -308
Tried removing GitRepository object as per logs but didn't help out! |
@nitinpatil1992 do you use |
@stefanprodan I didn't patch/delete flux-system namespace.
Files from
The thing is bootstrap worked very well for the first time installation. |
So those errors have nothing to do with this PR, why comment here if you're testing out some repo structure? Also this is not a valid path:
Please check out the docs on how Flux Kustomization works: https://fluxcd.io/docs/components/kustomize/kustomization/ |
Apologies! But new structure lead to the similar issue of resource duplication which (I assume)was fixed in kyaml and hence in your new image.
|
@nitinpatil1992 Flux Kustomization does not accept a file as path, but a dir, please see the docs I posted above. |
Re. |
@ash2k thank you so much for this, I've switched to your PR and all tests are passing 🍻 |
FYI @stefanprodan the PR has been merged, so this one should be unblocked now. Cheers. |
8e0434e
to
a69d896
Compare
@ash2k I'm using the master branch and works great, I'll keep an eye on for the next cli-utils semver release. Thanks again for helping out with this, it would've been a major pain for us to maintain a fork of kstatus. |
a69d896
to
475f5ea
Compare
@stefanprodan I had the same issue and this patch resolved it for me as well. Any ETA on when it might land in prod? |
@bbriggs what issue are you referring to?
I'm waiting for controller-runtime v0.9 release. As documented in the PR I had to pin controller-runtime to |
the Kustomize panic when applying things with |
Thank you for your hard work on this! It was about to be a showstopper for us and publishing the workaround image in a PR allowed us to verify the bug and move past it so we could work on other problems. Not many folks do that, so we're very grateful 👍 🎉 |
e4dcee3
to
d0fc15d
Compare
- Upgrade sigs.k8s.io/kustomize/api from v0.7.4 to v0.8.9 - Upgrade sigs.k8s.io/cli-utils from v0.22.4 to v0.25.0 - Pin sigs.k8s.io/kustomize/kyaml to v0.10.17 (cli-utils compat) - Pin k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd (cli-utils compat) Signed-off-by: Stefan Prodan <[email protected]>
Serialize kustomize build runs to avoid kyaml OpenAPI concurrent map read/write panic kubernetes-sigs/kustomize#3659 Signed-off-by: Stefan Prodan <[email protected]>
- make kstatus work with the latest version of kyaml by using a forked version of cli-utils fluxcd/cli-utils#1 - update Kubernetes packages to v0.21.1 - update controller-runtime to v0.9.0-beta.5 due to breaking changes in client-go v0.21.1 Signed-off-by: Stefan Prodan <[email protected]>
Signed-off-by: Stefan Prodan <[email protected]>
Signed-off-by: Stefan Prodan <[email protected]>
- Upgrade sigs.k8s.io/kustomize/api from v0.7.4 to v0.8.9 - Upgrade sigs.k8s.io/cli-utils from v0.22.4 to v0.25.0 - Pin sigs.k8s.io/kustomize/kyaml to v0.10.17 (cli-utils compat) - Pin k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd (cli-utils compat) Signed-off-by: Stefan Prodan <[email protected]>
- make kstatus work with the latest version of kyaml by using a forked version of cli-utils fluxcd/cli-utils#1 - update Kubernetes packages to v0.21.1 - update controller-runtime to v0.9.0-beta.5 due to breaking changes in client-go v0.21.1 Signed-off-by: Stefan Prodan <[email protected]>
Signed-off-by: Stefan Prodan <[email protected]>
- Bump controller-runtime to v0.9.0 - Bump controller-gen to v0.5.0 - Use Environment.AddUser to generate the envtest cluster admin kubeconfig Signed-off-by: Stefan Prodan <[email protected]>
Signed-off-by: Stefan Prodan <[email protected]>
e91b2ac
to
ce4445f
Compare
Signed-off-by: Stefan Prodan <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thank you @stefanprodan 💯
Signed-off-by: Stefan Prodan <[email protected]>
Signed-off-by: Stefan Prodan <[email protected]>
041771f
to
1202cc1
Compare
This PR brings kustomize-controller on a par with Kustomize v4:
sigs.k8s.io/kustomize/api
fromv0.7.4
tov0.8.10
(fix: kustomize build failed: filter cannot create or delete objects #308)sigs.k8s.io/kustomize/kyaml
tov0.10.21
sigs.k8s.io/cli-utils
tov0.25.1-0.20210608181808-f3974341173a
sigs.k8s.io/controller-runtime
tov0.9.0
(ref: Update controller-runtime to v0.9 and Kubernetes API to v0.21 flux2#1486)k8s.io/client-go
to0.21.1
Breaking changes
The major breaking change in v4 is that the set of URLs accepted by kustomize in the
resources
filed is reduced to only file system paths or values compatible with git clone. This means you can no longer use resources from archives (zip, tgz, etc) nor S3, GCS, Minio, Mercurial, etc.More breaking changes here: fluxcd/flux2#918
Kustomize panic workaround
This PR comes with a workaround to a kyaml bug (fix: #341, fix: #310) by serialising the kustomize build runs to avoid the OpenAPI concurrent map read/write panic kubernetes-sigs/kustomize#3659.
Note that this workaround comes with a severe performance penalty.
Known Kustomize v4 bugs
After this upgrade the controller will be affected by these Kustomize bugs:
If you have non-ASCII characters (e.g. Chinese comments) in your YAMLs the kustomize-controller will panic and crash loopFixed in kustomize-controller by using a newer version of go-yamlkustomize build
cause the panic with non-ASCII characters kubernetes-sigs/kustomize#3605Test image
To test this PR please use the following image:
To upgrade kustomize-controller on an cluster bootstrapped with
flux
, add the followingimages
section to yourflux-system/kustomization.yaml
: