hetzner-kube icon indicating copy to clipboard operation
hetzner-kube copied to clipboard

Published 20 hours ago verified publisher icon xetys

Addon cert-manager fails

Open thomasletsch opened this issue 5 years ago • 5 comments

Hi, I just installed a new k8 cluster and came across an error when trying to add the cert-manager: 2019/03/15 11:09:09 installing addon cert-manager 2019/03/15 11:09:12 run failed command:helm install --name cert-manager --namespace ingress stable/cert-manager stdout:Error: validation failed: [unable to recognize "": no matches for kind "Certificate" in version "certmanager.k8s.io/v1alpha1", unable to recognize "": no matches for kind "Certificate" in version "certmanager.k8s.io/v1alpha1", unable to recognize "": no matches for kind "Issuer" in version "certmanager.k8s.io/v1alpha1", unable to recognize "": no matches for kind "Issuer" in version "certmanager.k8s.io/v1alpha1"]

Apparently this is caused by https://github.com/jetstack/cert-manager/issues/1255

Reading through the comments, I think it can be handled by following the "Steps" under https://docs.cert-manager.io/en/latest/getting-started/install.html#installing-with-helm especially

Install the CustomResourceDefinition resources separately kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.7/deploy/manifests/00-crds.yaml

Create the namespace for cert-manager kubectl create namespace cert-manager

Label the cert-manager namespace to disable resource validation kubectl label namespace cert-manager certmanager.k8s.io/disable-validation=true

Add the Jetstack Helm repository helm repo add jetstack https://charts.jetstack.io

Update your local Helm chart repository cache helm repo update

Install the cert-manager Helm chart

helm install \
  --name cert-manager \
  --namespace cert-manager \
  --version v0.7.0 \
  jetstack/cert-manager

The most important thing is probably applying the crds (first command)

thomasletsch avatar Mar 15 '19 10:03 thomasletsch

I have something similar:

hetzner-kube cluster addon install cert-manager --name my-cluster

2019/03/15 19:17:58 installing addon cert-manager
2019/03/15 19:18:02 run failed
command:helm install --name cert-manager --namespace ingress stable/cert-manager
stdout:Error: validation failed: [unable to recognize "": no matches for kind "Certificate" in version "certmanager.k8s.io/v1alpha1", unable to recognize "": no matches for kind "Certificate" in version "certmanager.k8s.io/v1alpha1", unable to recognize "": no matches for kind "Issuer" in version "certmanager.k8s.io/v1alpha1", unable to recognize "": no matches for kind "Issuer" in version "certmanager.k8s.io/v1alpha1"]

exocode avatar Mar 15 '19 18:03 exocode

Indeed. I am unsure about why the chart doesn't handle this itself, but automating the CRDs creation / destruction with a terraform custom resource isn't hard at all and until they fixit upstream a perfectly fine workaround.

marcelloromani avatar Mar 20 '19 11:03 marcelloromani

Current status:

2019/12/11 14:29:40 run failed
command:helm install --name cert-manager --namespace ingress stable/cert-manager
stdout:Error: validation failed: unable to recognize "": no matches for kind "Deployment" in version "apps/v1beta1"

err:Process exited with status 1

Kubernetes version:

Client Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.3", GitCommit:"b3cbbae08ec52a7fc73d334838e18d17e8512749", GitTreeState:"clean", BuildDate:"2019-11-14T04:24:29Z", GoVersion:"go1.12.13", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.3", GitCommit:"b3cbbae08ec52a7fc73d334838e18d17e8512749", GitTreeState:"clean", BuildDate:"2019-11-13T11:13:49Z", GoVersion:"go1.12.12", Compiler:"gc", Platform:"linux/amd64"}

tholu avatar Dec 11 '19 13:12 tholu

Yes it is a pity that it is no longer working. But on the other hand installing the cert manager with helm isn't that hard neither. The following is for cert manager v11: kubectl apply --validate=false -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.11/deploy/manifests/00-crds.yaml kubectl create namespace cert-manager helm repo add jetstack https://charts.jetstack.io helm repo update helm install --name cert-manager --namespace cert-manager --version v0.11.0 jetstack/cert-manager

thomasletsch avatar Dec 11 '19 14:12 thomasletsch

@thomasletsch Thanks! I guess my error is due to API compatibility changes in Kubernetes 1.16 and different to previous errors reported. With your suggestions, it should be trivial to fix the addon as well.

tholu avatar Dec 11 '19 17:12 tholu