trust-manager icon indicating copy to clipboard operation
trust-manager copied to clipboard
verified publisher icon cert-manager

Install in openshift with existing cert-manager operator install

Open indiealexh opened this issue 2 years ago • 5 comments

I am attempting to install trust-manager into openshift with an existing cert-manager install that was installed via the operator hub.

bash-4.4 ~ $ helm upgrade -i -n openshift-operators trust-manager jetstack/trust-manager --set app.trust.namespace=openshift-operators --set app.webhook.tls.approverPolicy.certManagerNamespace=openshift-operators  --wait --dry-run --debug
history.go:56: [debug] getting history for release trust-manager
upgrade.go:142: [debug] preparing upgrade for trust-manager
Killed

Despite already having cert-manager, so I need to deploy an instance into a cert-manager namespace like the docs state, or should I be able to use the one I have?

indiealexh avatar Aug 29 '23 22:08 indiealexh

I think you should be able to use any namespace. However given cert-manager was installed by RedHat operator, perhaps it does something to prevent other installations in the same namespace?

Did you install the RedHat or the Community cert-manager marketplace offering?

hawksight avatar Sep 01 '23 09:09 hawksight

Did you install the RedHat or the Community cert-manager marketplace offering?

It was labeled as community, but seeing as how it comes from a red hat mirror I don't know how community it actually is.

Is there a way to get more logs out to understand why it died?

indiealexh avatar Sep 01 '23 14:09 indiealexh

@indiealexh Is cert-manager really installed in the openshift-operators namespace in your OpenShift cluster? It seems a bit strange. In our OpenShift cluster this namespace typically contains operators (for operators). So cert-manager-operator (an operator provisioning cert-manager) would be installed there, but not cert-manager.

/priority awaiting-more-evidence

erikgb avatar Jul 16 '24 19:07 erikgb

@indiealexh Is cert-manager really installed in the openshift-operators namespace in your OpenShift cluster?

Yes, it was the default location suggested by the Openshift UI.

Cert Manager Instance: image

Cert Manager Operator Subscription image

indiealexh avatar Jul 16 '24 21:07 indiealexh

Thanks! Yes, it seems like OpenShift recommends openshift-operators namespace for cluster-scoped operators, ref. OpenShift docs.

Are you able to reproduce the trust-manager installation issue? To me, it seems like Helm is bugging out here. ~~Maybe you can add the --debug flag to the Helm command to get more output?~~ I see you already did. 🤔

Which version of Helm are you using?

erikgb avatar Jul 16 '24 21:07 erikgb