grafana-operator: Edge route is not populated with cert and key when secret is specified
Describe the bug .spec.ingress.tlsEnabled: true .spec.ingress.tlsSecretName: grafana-tls The route that is created is not populated with the cert and key from grafana-tls secret
Version 4.8.0
Steps to reproduce the behavior: Go to ‘Operator Hub’ Install Grafana Operator Create a Grafana Custom Resource with .spec.ingress.enabled: true, .spec.ingress.tlsEnabled: true and .spec.ingress.tlsSecretName: grafana-tls Make sure grafana-tls is valid tls secret Route has edge TLS enabled but cert and key are not set
Expected behavior Expected a Route with TLS cert and key populated from the secret’s values
Suspect component/Location where the bug might be occurring Not sure…
Runtime (please complete the following information): Grafana Operator Version 4.8.0 Environment: OpenShift 4.11.4 Deployment type: Operator Deployment Other: [Other variables/things that might be relevant to this bug, versions of other services e.g. operator-sdk]
Additional context In the past a year ago, the route would be created with the cert and key populated. Ldap is enabled and functional
This is the yaml file I deploy:
kind: Grafana
apiVersion: integreatly.org/v1alpha1
metadata:
name: grafana
namespace: grafana
spec:
ingress:
enabled: true
hostname: grafana.mydomain.com
tlsEnabled: true
tlsSecretName: grafana-tls
configMaps:
- ldap-config
- ldap-cert
config:
auth:
disable_signout_menu: false
auth.anonymous:
enabled: true
auth.ldap:
enabled: true
config_file: /etc/grafana-configmaps/ldap-config/ldap.toml
log:
level: warn
mode: console
security:
admin_password: password
admin_user: admin
This is the error I can see from the ‘grafana-operator-controller-manager’
I1210 11:13:40.217443 1 request.go:601] Waited for 1.006950759s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/subresources.kubevirt.io/v1?timeout=32s
I1210 11:13:50.485594 1 request.go:601] Waited for 1.045665s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/autoscaling.openshift.io/v1?timeout=32s
I1210 11:14:00.793670 1 request.go:601] Waited for 1.046620633s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/apiextensions.k8s.io/v1?timeout=32s
1.670670926555046e+09 ERROR grafana-controller error processing GrafanaInstance {"name": "grafana", "namespace": "grafana", "error": "route not ready"}
github.com/grafana-operator/grafana-operator/v4/controllers/grafana.(*ReconcileGrafana).manageError
/workspace/controllers/grafana/grafana_controller.go:218
github.com/grafana-operator/grafana-operator/v4/controllers/grafana.(*ReconcileGrafana).Reconcile
/workspace/controllers/grafana/grafana_controller.go:201
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Reconcile
/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.12.3/pkg/internal/controller/controller.go:121
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler
/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.12.3/pkg/internal/controller/controller.go:320
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem
/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.12.3/pkg/internal/controller/controller.go:273
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2
/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.12.3/pkg/internal/controller/controller.go:234
1.6706709365978732e+09 ERROR grafana-controller error processing GrafanaInstance {"name": "grafana", "namespace": "grafana", "error": "deployment not ready"}
github.com/grafana-operator/grafana-operator/v4/controllers/grafana.(*ReconcileGrafana).manageError
/workspace/controllers/grafana/grafana_controller.go:218
github.com/grafana-operator/grafana-operator/v4/controllers/grafana.(*ReconcileGrafana).Reconcile
/workspace/controllers/grafana/grafana_controller.go:201
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Reconcile
/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.12.3/pkg/internal/controller/controller.go:121
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler
/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.12.3/pkg/internal/controller/controller.go:320
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem
/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.12.3/pkg/internal/controller/controller.go:273
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2
/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.12.3/pkg/internal/controller/controller.go:234
It repeats the last error a couple of time and it stays like that. Hard for me to know what is wrong…
If I try to remove the ingress section and create the route myself, the operator deletes it…
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Comments: 18
It’s fine, I’m not in a position to test it right now but it seems fine. Thanks!
@NissesSenap thanks for the feedback! I had a workaround that is working so there is no rush. I will gladly wait for V5 and test it again with that version.