istio.io icon indicating copy to clipboard operation
istio.io copied to clipboard

Published 20 hours ago verified publisher icon istio

GKE cniBinDir documentation removed

Open howardjohn opened this issue 1 year ago • 2 comments

https://github.com/istio/istio/issues/53849#issuecomment-2520841621 -- refactoring removed any documentation of cniBinDir setting for GKE. https://istio.io/latest/docs/ambient/install/platform-prerequisites/#google-kubernetes-engine-gke is missing it and https://istio.io/latest/docs/setup/additional-setup/cni/ links only there

cc @bleggett

howardjohn avatar Dec 05 '24 16:12 howardjohn

This is already fixed (the right way) in https://github.com/istio/istio.io/pull/16035 but wasn't backported.

I'll do a 1.24 only tweak docs backport that will be superceded in the next release with the platform profile anyway - that will automatically also cover this case (which only happens today if you aren't using either of the two recommended install methods of istioctl or helm)

bleggett avatar Dec 05 '24 17:12 bleggett

There are probably other template-install-only gotchas we have, but we do not and have not ever really consistently documented them.

bleggett avatar Dec 05 '24 17:12 bleggett

we encountered a related issue where cni pods throws permission denied on the default cniBinDir /opt/cni/bin. we use gke and argocd (argocd uses helm template) setting the cni.cniBinDir to /home/kubernetes/bin fixed the issue

side question: why do we need to set cni.cniBinDir, instead of just cniBinDir, when using helm template on the cni chart? also, I think adding that as a comment right beside the cniBinDir helm values would help. e.g.

$ helm show values istio/cni
...
  # set `cni.cniBinDir` if using `helm template`
  cniBinDir: /opt/cni/bin

gojanpaolo avatar Jun 17 '25 13:06 gojanpaolo