piraeus-operator icon indicating copy to clipboard operation
piraeus-operator copied to clipboard

Published 20 hours ago verified publisher icon piraeusdatastore

Helm chart with TLS does not create Issuer

Open OlivierMary opened this issue 1 year ago • 3 comments

Helm chart must create this Issuer


apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: piraeus-root
  namespace: piraeus-datastore
spec:
  selfSigned: { }

OlivierMary avatar Mar 01 '24 18:03 OlivierMary

Could you please elaborate? The current linstor-cluster chart creates all the needed certificate and issues if requested:

$ helm template linstor-cluster piraeus-charts/linstor-cluster --set createApiTLS=cert-manager | kubectl create --dry-run -f -
certificate.cert-manager.io/linstor-cluster-api-ca created (dry run)
issuer.cert-manager.io/linstor-cluster-api-ca created (dry run)
issuer.cert-manager.io/linstor-cluster-ca-bootstrapper created (dry run)
linstorcluster.piraeus.io/linstor-cluster created (dry run)

WanzenBug avatar Mar 04 '24 07:03 WanzenBug

Hello,

I followed this guide https://github.com/piraeusdatastore/piraeus-operator/blob/ab156e08509581b96b043a1b5e2dd7b98b612bea/docs/reference/linstorcluster.md

There is no mention of the need for createApiTLS in the helm installation.

And there is no mention of this createApiTLS in this repository until this issue,

I'm not talking about the piraeus-charts/linstor-cluster helm chart, but about that one https://github.com/piraeusdatastore/piraeus-operator/blob/ab156e08509581b96b043a1b5e2dd7b98b612bea/charts/piraeus/README.md in this repository, maybe I've missed something but I've never seen any mention of another helm chart in this repository...

Perhaps there should be more links between repositories, or all the charts in one repository.

I'm not blocked, I'm just pointing out that there's a lack or a problem with the documentation to get something running.

OlivierMary avatar Mar 04 '24 20:03 OlivierMary

Sure, the chart README should at least link to piraeus-charts/linstor-cluster, which is the one you actually want to configure all the LinstorCluster and LinstorSatelliteConfiguration resources.

So you need both the piraeus-operator and the linstor-cluster chart. That allows us to automatically update the CRDs needed by the Operator, which otherwise would be difficult with Helm.

Ideally, the Operator chart would also move to the piraeus-charts repository, we just need to do it in such a way that is does not go out-of-sync with the kustomize deployment. See #258 .

WanzenBug avatar Mar 05 '24 07:03 WanzenBug