envoyproxy
Installation fails on vanilla cluster using the latest release
Description: Create a kind cluster and then apply the latest envoy gateway - it will fail
Repro steps:
$ kind create cluster
$ kubectl apply -f https://github.com/envoyproxy/gateway/releases/download/latest/install.yaml..
customresourcedefinition.apiextensions.k8s.io/backendtlspolicies.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/gatewayclasses.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/gateways.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/grpcroutes.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/httproutes.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/referencegrants.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/tcproutes.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/tlsroutes.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/udproutes.gateway.networking.k8s.io created
customresourcedefinition.apiextensions.k8s.io/backendtrafficpolicies.gateway.envoyproxy.io created
customresourcedefinition.apiextensions.k8s.io/clienttrafficpolicies.gateway.envoyproxy.io created
customresourcedefinition.apiextensions.k8s.io/envoyextensionpolicies.gateway.envoyproxy.io created
customresourcedefinition.apiextensions.k8s.io/envoypatchpolicies.gateway.envoyproxy.io created
customresourcedefinition.apiextensions.k8s.io/securitypolicies.gateway.envoyproxy.io created
namespace/envoy-gateway-system created
serviceaccount/envoy-gateway created
configmap/envoy-gateway-config created
clusterrole.rbac.authorization.k8s.io/eg-gateway-helm-envoy-gateway-role created
clusterrolebinding.rbac.authorization.k8s.io/eg-gateway-helm-envoy-gateway-rolebinding created
role.rbac.authorization.k8s.io/eg-gateway-helm-infra-manager created
role.rbac.authorization.k8s.io/eg-gateway-helm-leader-election-role created
rolebinding.rbac.authorization.k8s.io/eg-gateway-helm-infra-manager created
rolebinding.rbac.authorization.k8s.io/eg-gateway-helm-leader-election-rolebinding created
service/envoy-gateway created
deployment.apps/envoy-gateway created
serviceaccount/eg-gateway-helm-certgen created
role.rbac.authorization.k8s.io/eg-gateway-helm-certgen created
rolebinding.rbac.authorization.k8s.io/eg-gateway-helm-certgen created
job.batch/eg-gateway-helm-certgen created
The CustomResourceDefinition "envoyproxies.gateway.envoyproxy.io" is invalid: metadata.annotations: Too long: must have at most 262144 bytes
Note: If there are privacy concerns, sanitize the data prior to sharing.
Environment: kind v0.22.0 go1.21.6 darwin/arm64 kindest/node:v1.29.2
Logs:
Include the access logs and the Envoy logs.
quick peek and the size doesn't seem too big, so maybe the error string is incorrect
15365 apiVersion: apiextensions.k8s.io/v1
15366 kind: CustomResourceDefinition
15367 metadata:
15368 annotations:
15369 controller-gen.kubebuilder.io/version: v0.14.0
15370 name: envoyproxies.gateway.envoyproxy.io
workaround for now would be to use helm
helm install eg oci://docker.io/envoyproxy/gateway-helm --version v0.0.0-latest -n envoy-gateway-system --create-namespace
looks like the issue is tied to size specifically to what's appended to kubectl.kubernetes.io/last-applied-configuration
more in https://medium.com/pareture/kubectl-install-crd-failed-annotations-too-long-2ebc91b40c7d
server side apply fixes this
kubectl apply --server-side -f https://github.com/envoyproxy/gateway/releases/download/latest/install.yaml
we need to update our docs to make sure we highlight kubectl apply --server-side -f <> everywhere