eksctl icon indicating copy to clipboard operation
eksctl copied to clipboard

Published 20 hours ago verified publisher icon eksctl-io

[Feature] Install cert-manager when installing ADOT addon

Open emboss64 opened this issue 2 years ago • 7 comments

What feature/behavior/change do you want?

cert-manager is a prerequisite for the adot addon. If you try to include adot in an initial cluster config you receive the following error: cert-manager is not installed on this cluster. During preview, you are required to have previously installed cert-manager.

Just installing the base cert-manager chart is enough to make it work: kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.2/cert-manager.yaml

Why do you want this feature?

Simplify the provisioning process

emboss64 avatar Jan 17 '23 16:01 emboss64

@emboss64 Can you provide steps for how you are installing ADOT with eksctl? Are you following these instructions https://docs.aws.amazon.com/eks/latest/userguide/adot-manage.html#adot-install ?

Himangini avatar Feb 15 '23 09:02 Himangini

Yes. However what's missing to get the addon working with a fresh cluster would be the prereqs/cert-manager part (https://docs.aws.amazon.com/eks/latest/userguide/adot-reqts.html)

emboss64 avatar Feb 15 '23 10:02 emboss64

Allow me to interject.... @emboss64 I am not sure I understand your "Yes", or @Himangini the initial question, as the link you've added doesn't show any way to use eksctl to install add-ons.

Based on @emboss64 initial message they used eksctl to install the cluster and the add-ons. So the answer to the above question should be "No" as it requires you to use either AWS Console or AWS CLI to install add-ons separately from the cluster.

I mean, the word eksctl appears on that page in a single section -- on how to remove the add-on.

The following, today, doesn't work -- the cluster provision fails with a cryptic message:

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig

metadata:
  name: some-cluster
  region: eu-west-1
  version: '1.24'

... # skipping network setup

iam:
  withOIDC: true

... # skipping some irrelevant configuration, like node groups or fargate profiles

addons:
  - name: vpc-cni
  - name: kube-proxy
  - name: coredns
  - name: adot

If I remove name: adot it works, so the culprit is clear.

P.S. this is with eksctl version 0.131.0

dnutels avatar Mar 01 '23 18:03 dnutels

Sorry if you got confused. By "yes" I meant that that's what I follow to get it working. Not using eksctl to get adot working

As I said in my initial message and as @dnutels mentions when including the adot addon in the cluster config it fails. To see the actual error you have to check the addon status (and it's the lack of cert-manager)

emboss64 avatar Mar 01 '23 20:03 emboss64

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar Apr 01 '23 01:04 github-actions[bot]

This issue was closed because it has been stalled for 5 days with no activity.

github-actions[bot] avatar Apr 07 '23 01:04 github-actions[bot]

This feature request is still valid and should be kept open!

cnocula-peg avatar Nov 03 '23 12:11 cnocula-peg