pulp-operator
pulp-operator copied to clipboard
pulp
ingress_annotations does not propagate from Pulp CR to created Ingress resource.
Version pulp-operator-0.1.0 1.0.1-beta.4 - installed using helm.
Describe the bug
ingress_annotations does not pass to ingress object.
I try to add some ingress annotations like enable_cors and other annotations.
According to the code it should be passed down to the ingress resource generated by pulp operator.
I do see the annotations i pass in the CR are passed to the spec.ingress_annotations, for example:
apiVersion: repo-manager.pulpproject.org/v1beta2
kind: Pulp
...
spec:
...
ingress_annotations:
cert-manager.io/cluster-issuer: letsencrypt-dynu-cluster-issuer-prod
kubernetes.io/ingress.class: pulp04-access-nginx-ingress
nginx.ingress.kubernetes.io/cors-allow-headers: Content-Type, Authorization
nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS
nginx.ingress.kubernetes.io/cors-allow-origin: http://localhost:8002
nginx.ingress.kubernetes.io/enable-cors: "true"
But when i look at the created ingress i don't see the values i passed, for example:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/proxy-connect-timeout: 120s
nginx.ingress.kubernetes.io/proxy-read-timeout: 120s
nginx.ingress.kubernetes.io/proxy-send-timeout: 120s
nginx.org/client-max-body-size: 4096m
web: "false"
labels:
app.kubernetes.io/managed-by: pulp-operator
app.kubernetes.io/part-of: pulp
pulp_cr: pulp04
name: pulp04
namespace: pulp
ownerReferences:
- apiVersion: repo-manager.pulpproject.org/v1beta2
blockOwnerDeletion: true
controller: true
kind: Pulp
name: pulp04
uid: 3cb2176f-cf72-460d-af69-d67169e96988
resourceVersion: "249382"
from this part of the code
I see that the annotations assingment code is there but it is not working.
Additionally i can see that if i try to patch the ingress myself the operator will "fix" it and override my settings, for example:
kubectl patch -n pulp ingress pulp04 --type=merge -p '{"metadata": { "annotations": { "nginx.ingress.kubernetes.io/cors-allow-origin": "http://localhost:8002" } }}'
ingress.networking.k8s.io/pulp04 patched
kubectl get -n pulp ingress pulp04 -oyaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/cors-allow-origin: http://localhost:8002
In the operator log i can see that it detected the change and "fixed" it:
controllers/utils.go:651 The Metadata from pulp resource pulp04 has been modified! Reconciling ...
What i'm trying to do is adding CORS headers so i can connect from the pulp-ui to my pulp instance, but i have to enable these annotations to be able to connect.
To Reproduce
Try to add spec.ingress_annotations to pulp resource and see that it is passed to the created ingress instance.
Expected behavior I expect all annotations defined on the pulp instance will be propagated to the Ingress instance created.
Hi @yogev-lb
We added support for custom ingress annotations in https://github.com/pulp/pulp-operator/pull/1340, but we didn't update our helm installation to deploy pulp-operator 1.0.0-beta.5 yet.
Thank you for the quick fix,
I still see the same behavior
i took the latest image quay.io/pulp/pulp-operator:v1.0.0-beta.5
but i don't know if this image indeed includes this fix
how can i use this fix? should i build my own image in order to test it? should i wait for the next release? when will that be?
but i don't know if this image indeed includes this fix
Yes, pulp-operator:v1.0.0-beta.5 should include the fix.
how can i use this fix?
If you are already running pulp-operator:v1.0.0-beta.5, you can update/change Pulp CR with your desired annotations, for example:
spec:
...
ingress_type: ingress
ingress_class_name: nginx
is_nginx_ingress: true
ingress_host: <my_ingress_host>
ingress_annotations:
cert-manager.io/cluster-issuer: letsencrypt-dynu-cluster-issuer-prod
kubernetes.io/ingress.class: pulp04-access-nginx-ingress
nginx.ingress.kubernetes.io/cors-allow-headers: Content-Type, Authorization
nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS
nginx.ingress.kubernetes.io/cors-allow-origin: http://localhost:8002
nginx.ingress.kubernetes.io/enable-cors: "true"
...
after updating the CR, the operator should automatically update your Ingress with the new annotations, but if even after that the annotations are not getting added, please, provide the logs of the operator so we can check if an error is occurring or something else.