standardize the naming of karmada secrets in helm method #5426
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
karmada-bot
added
the
kind/cleanup
karmada-bot
added
the
size/L
chaosi-zju
force-pushed
the
secret-helm
branch
from
b39dc88
to
68cb3ed
Compare
|
Testv report: ➜ karmada git:(secret-helm) ✗ kubectl get pods -o wide -A
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
karmada-system etcd-0 1/1 Running 0 2m47s 10.201.0.16 karmada-host-control-plane <none> <none>
karmada-system karmada-aggregated-apiserver-5fd78cb75b-s7rnb 1/1 Running 0 2m47s 10.201.0.12 karmada-host-control-plane <none> <none>
karmada-system karmada-apiserver-69d969f8c6-pcpq7 1/1 Running 0 2m47s 172.18.0.3 karmada-host-control-plane <none> <none>
karmada-system karmada-controller-manager-69df9ffd7b-cxp7h 1/1 Running 0 2m47s 10.201.0.8 karmada-host-control-plane <none> <none>
karmada-system karmada-descheduler-c6554bc84-5zc55 1/1 Running 0 2m47s 10.201.0.15 karmada-host-control-plane <none> <none>
karmada-system karmada-descheduler-c6554bc84-xjt54 1/1 Running 0 2m47s 10.201.0.13 karmada-host-control-plane <none> <none>
karmada-system karmada-kube-controller-manager-7d589bf768-6jfqr 1/1 Running 0 2m47s 10.201.0.18 karmada-host-control-plane <none> <none>
karmada-system karmada-metrics-adapter-84cbcb4b89-bhtjj 1/1 Running 0 2m47s 10.201.0.6 karmada-host-control-plane <none> <none>
karmada-system karmada-scheduler-6558d5d5b8-sccp7 1/1 Running 0 2m47s 10.201.0.14 karmada-host-control-plane <none> <none>
karmada-system karmada-scheduler-estimator-member1-845b48bb77-gtj7w 1/1 Running 0 49s 10.201.0.19 karmada-host-control-plane <none> <none>
karmada-system karmada-scheduler-estimator-member2-67b6cdfd9-mdj57 1/1 Running 0 48s 10.201.0.21 karmada-host-control-plane <none> <none>
karmada-system karmada-scheduler-estimator-member3-fdc6755cc-sgrns 1/1 Running 0 49s 10.201.0.20 karmada-host-control-plane <none> <none>
karmada-system karmada-search-d786db495-d4ww6 1/1 Running 0 2m47s 10.201.0.11 karmada-host-control-plane <none> <none>
karmada-system karmada-search-d786db495-lrt8q 1/1 Running 0 2m47s 10.201.0.7 karmada-host-control-plane <none> <none>
karmada-system karmada-webhook-69d7cf77c7-hfq4v 1/1 Running 0 2m47s 10.201.0.9 karmada-host-control-plane <none> <none>
kube-system coredns-5d78c9869d-cbwkk 1/1 Running 0 4m30s 10.201.0.2 karmada-host-control-plane <none> <none>
kube-system coredns-5d78c9869d-jdh64 1/1 Running 0 4m30s 10.201.0.3 karmada-host-control-plane <none> <none>
kube-system etcd-karmada-host-control-plane 1/1 Running 0 4m45s 172.18.0.3 karmada-host-control-plane <none> <none>
kube-system kindnet-czblt 1/1 Running 0 4m31s 172.18.0.3 karmada-host-control-plane <none> <none>
kube-system kube-apiserver-karmada-host-control-plane 1/1 Running 0 4m45s 172.18.0.3 karmada-host-control-plane <none> <none>
kube-system kube-controller-manager-karmada-host-control-plane 1/1 Running 0 4m45s 172.18.0.3 karmada-host-control-plane <none> <none>
kube-system kube-proxy-jdp4w 1/1 Running 0 4m31s 172.18.0.3 karmada-host-control-plane <none> <none>
kube-system kube-scheduler-karmada-host-control-plane 1/1 Running 0 4m46s 172.18.0.3 karmada-host-control-plane <none> <none>
local-path-storage local-path-provisioner-6bc4bddd6b-8qdhf 1/1 Running 0 4m30s 10.201.0.4 karmada-host-control-plane <none> <none>
➜ karmada git:(secret-helm) ✗ kubectl --context karmada-apiserver get clusters
NAME VERSION MODE READY AGE
member1 v1.28.6 Push True 73s
member2 v1.28.6 Push True 69s
member3 v1.28.6 Pull True 63s |
|
Codecov ReportAll modified and coverable lines are covered by tests ✅
❗ Your organization needs to install the Codecov GitHub app to enable full functionality. Additional details and impacted files@@ Coverage Diff @@
## master #5426 +/- ##
==========================================
+ Coverage 33.93% 33.94% +0.01%
==========================================
Files 645 645
Lines 44857 44857
==========================================
+ Hits 15220 15225 +5
+ Misses 28479 28476 -3
+ Partials 1158 1156 -2
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
|
/cc @zhzhuang-zju |
|
/assign |
|
@chaosi-zju Can you remind me of the relationship between this PR and #5353? |
chaosi-zju
force-pushed
the
secret-helm
branch
2 times, most recently
from
e14c95c
to
e334c0c
Compare
karmada-bot
added
size/XL
chaosi-zju
force-pushed
the
secret-helm
branch
from
e334c0c
to
2877830
Compare
|
test report for latest code: $ kubectl get pods -o wide -A
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
karmada-system etcd-0 1/1 Running 0 2m42s 10.162.0.13 karmada-host-control-plane <none> <none>
karmada-system karmada-aggregated-apiserver-9bdfcc49b-v4n7l 1/1 Running 0 2m42s 10.162.0.12 karmada-host-control-plane <none> <none>
karmada-system karmada-apiserver-5b5546ff9f-42xht 1/1 Running 0 2m42s 172.18.0.2 karmada-host-control-plane <none> <none>
karmada-system karmada-controller-manager-7dc6c8789f-4lgck 1/1 Running 0 2m42s 10.162.0.14 karmada-host-control-plane <none> <none>
karmada-system karmada-descheduler-586d889b4d-vldp6 1/1 Running 0 2m42s 10.162.0.16 karmada-host-control-plane <none> <none>
karmada-system karmada-descheduler-586d889b4d-x2ntl 1/1 Running 0 2m42s 10.162.0.15 karmada-host-control-plane <none> <none>
karmada-system karmada-kube-controller-manager-d84c948d5-kzg87 1/1 Running 0 2m42s 10.162.0.6 karmada-host-control-plane <none> <none>
karmada-system karmada-metrics-adapter-69bfdf6cb4-jx4pt 1/1 Running 0 2m42s 10.162.0.9 karmada-host-control-plane <none> <none>
karmada-system karmada-scheduler-657b64f967-rrlgj 1/1 Running 0 2m42s 10.162.0.7 karmada-host-control-plane <none> <none>
karmada-system karmada-scheduler-estimator-member1-74dcb844d5-znvbz 1/1 Running 0 38s 10.162.0.18 karmada-host-control-plane <none> <none>
karmada-system karmada-scheduler-estimator-member2-86786fd997-pfr5w 1/1 Running 0 37s 10.162.0.20 karmada-host-control-plane <none> <none>
karmada-system karmada-scheduler-estimator-member3-54f8b8f45c-wz2kn 1/1 Running 0 38s 10.162.0.19 karmada-host-control-plane <none> <none>
karmada-system karmada-search-5654fd9dc9-44mkd 1/1 Running 0 2m42s 10.162.0.10 karmada-host-control-plane <none> <none>
karmada-system karmada-search-5654fd9dc9-zknx7 1/1 Running 0 2m42s 10.162.0.11 karmada-host-control-plane <none> <none>
karmada-system karmada-webhook-7b9c474f88-g257t 1/1 Running 0 2m42s 10.162.0.8 karmada-host-control-plane <none> <none>
kube-system coredns-5dd5756b68-sdlfc 1/1 Running 0 4m46s 10.162.0.3 karmada-host-control-plane <none> <none>
kube-system coredns-5dd5756b68-xdfzw 1/1 Running 0 4m46s 10.162.0.4 karmada-host-control-plane <none> <none>
kube-system etcd-karmada-host-control-plane 1/1 Running 0 5m 172.18.0.2 karmada-host-control-plane <none> <none>
kube-system kindnet-vzvb2 1/1 Running 0 4m47s 172.18.0.2 karmada-host-control-plane <none> <none>
kube-system kube-apiserver-karmada-host-control-plane 1/1 Running 0 5m 172.18.0.2 karmada-host-control-plane <none> <none>
kube-system kube-controller-manager-karmada-host-control-plane 1/1 Running 0 5m 172.18.0.2 karmada-host-control-plane <none> <none>
kube-system kube-proxy-xvrdf 1/1 Running 0 4m47s 172.18.0.2 karmada-host-control-plane <none> <none>
kube-system kube-scheduler-karmada-host-control-plane 1/1 Running 0 5m 172.18.0.2 karmada-host-control-plane <none> <none>
local-path-storage local-path-provisioner-7577fdbbfb-84fxf 1/1 Running 0 4m46s 10.162.0.2 karmada-host-control-plane <none> <none>
$ kubectl --context karmada-apiserver get clusters
NAME VERSION MODE READY AGE
member1 v1.28.6 Push True 67s
member2 v1.28.6 Push True 63s
member3 v1.28.6 Pull True 57s
$ kubectl get secret -n karmada-system
NAME TYPE DATA AGE
karmada-certs Opaque 14 4m35s
karmada-kubeconfig Opaque 1 4m35s
karmada-webhook-cert kubernetes.io/tls 2 4m35s
...
|
chaosi-zju
commented
Sep 5, 2024
chaosi-zju
force-pushed
the
secret-helm
branch
from
2877830
to
f1b11cc
Compare
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
chaosi-zju
force-pushed
the
secret-helm
branch
from
f1b11cc
to
1342cc7
Compare
Signed-off-by: chaosi-zju <chaosi@zju.edu.cn>
chaosi-zju
force-pushed
the
secret-helm
branch
from
1342cc7
to
93a7ea3
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind cleanup
What this PR does / why we need it:
In karmada, here are two important secrets, which is mount by most karmada components. One is karmada-cert, which contains a series of cert files like ca.crt, apiserver.crt and so on; another is karmada-kubeconfig, which contains a kubeconfig of karmada-apiserver.
However, in different installation methods, we used inconsistent secret naming or file path naming, which can potentially cause some unnecessary problems, detail refer to #5363.
This PR aims to standardize the naming of karmada secrets in helm installation method.
Which issue(s) this PR fixes:
Fixes part of #5363
Special notes for your reviewer:
In
helmmethod, if I install karmada byhelm install karmada-xxx ..., it will create a secret namingkarmada-xxx-cert. Then if I install the singlekarmada-scheduler-estimatorcomponent byhelm install karmada-scheduler-estimator-xxx --set installMode=component ..., the component will look for secret namingkarmada-scheduler-estimator-xxx-cert, the name is inconsistent. In this case, since we cannot reuse the same.Release.Namewhen executing helm install, so the secret name is not advised to be prefixed with.Release.Name.Does this PR introduce a user-facing change?: