Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue with installation via FluxCD #278

Closed
KosShutenko opened this issue Mar 30, 2022 · 3 comments
Closed

Issue with installation via FluxCD #278

KosShutenko opened this issue Mar 30, 2022 · 3 comments

Comments

@KosShutenko
Copy link

KosShutenko commented Mar 30, 2022
edited
Loading

I can install hazelcast via helm install command, but cannot via FluxCD.
When I am trying to install hazelcast via HelmRelease in FluxCD I am getting the following error:

Normal  error   37s (x7 over 38s)  helm-controller  Helm upgrade failed: error while running post render on files: map[string]interface {}(nil): yaml: unmarshal errors:
  line 83: mapping key "securityContext" already defined at line 33

I have the following HelmRelease:

--- 
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata: 
  name: hazelcast
  namespace: hazelcast
spec: 
  chart: 
    spec: 
      chart: hazelcast
      interval: 5m
      sourceRef: 
        kind: HelmRepository
        name: hazelcast
        namespace: flux-system
  interval: 5m
  values: 
    cluster: 
      memberCount: 2
    hazelcast: 
      enabled: true
    mancenter: 
      enabled: true
      service: 
        type: ClusterIP
      ingress: 
        enabled: true
        annotations: 
          cert-manager.io/cluster-issuer: letsencrypt-prod
          kubernetes.io/ingress.class: nginx
          nginx.ingress.kubernetes.io/rewrite-target: /
        hosts: 
          - hazelcast-mancenter.pp-misc.ls-g.net
        tls: 
          - 
            hosts: 
              - hazelcast-mancenter.pp-misc.ls-g.net
            secretName: tls-secret-hazelcast-mancenter-pp-misc-ls-g-net

If I set securityContext.enabled: false installation will be completed but mancenter cannot be running because of error with mounting /data folder:

Exception in thread "main" java.lang.Error: /data can not be created. Either make it writable, or set "hazelcast.mc.home" system property to a writable directory and restart.

Issue in mancenter-statefulset.yaml file. You have part with two securityContext sections:

       {{- if .Values.securityContext.enabled }}
        securityContext:
          runAsNonRoot: {{ if eq (int .Values.securityContext.runAsUser) 0 }}false{{ else }}true{{ end }}
          runAsUser: {{ .Values.securityContext.runAsUser }}
          runAsGroup: {{ .Values.securityContext.runAsGroup }}
          privileged: false
          readOnlyRootFilesystem: false
          allowPrivilegeEscalation: false
          capabilities:
            drop:
            - ALL
        {{- end }}
      {{- if .Values.securityContext.enabled }}
      securityContext:
        fsGroup: {{ .Values.securityContext.fsGroup }}
      {{- end }}

P.S. I found another Issue with such problem where explained why id doesn't work in FluxCD - fluxcd/helm-controller#283 (comment)
@martonsz
Copy link

martonsz commented May 4, 2022

I'm having the same issue when trying to build with Kustomize.

The following doesn't work:

# kustomization.yaml
helmCharts:
- name: hazelcast
  version: "5.4.0"
  repo: https://hazelcast-charts.s3.amazonaws.com
  releaseName: hazelcast
$> kustomize build --enable-helm .
Error: map[string]interface {}(nil): yaml: unmarshal errors:
  line 85: mapping key "securityContext" already defined at line 35

If I set securityContext.enabled: false it works:

# kustomization.yaml
helmCharts:
- name: hazelcast
  version: "5.4.0"
  repo: https://hazelcast-charts.s3.amazonaws.com
  releaseName: hazelcast
  valuesInline:
    securityContext:
      enabled: false
$> kustomize build --enable-helm .
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/instance: hazelcast
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: hazelcast
...

Versions

Chart version: 5.4.0
Kustomize: {Version:kustomize/v4.5.4 GitCommit:cf3a452ddd6f83945d39d582243b8592ec627ae3 BuildDate:2022-03-28T23:12:45Z GoOs:linux GoArch:amd64}
Helm: version.BuildInfo{Version:"v3.8.2", GitCommit:"6e3701edea09e5d55a8ca2aae03a68917630e91b", GitTreeState:"clean", GoVersion:"go1.17.5"}

@martonsz
Copy link

martonsz commented Jul 9, 2022

This is still an issue!

Now using chart version 5.4.2

kustomize version
{Version:kustomize/v4.5.5 GitCommit:daa3e5e2c2d3a4b8c94021a7384bfb06734bcd26 BuildDate:2022-05-20T20:25:40Z GoOs:linux GoArch:amd64}

helm version
version.BuildInfo{Version:"v3.9.0", GitCommit:"7ceeda6c585217a19a1131663d8cd1f7d641b2a7", GitTreeState:"clean", GoVersion:"go1.17.5"}

Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.5", GitCommit:"5c99e2ac2ff9a3c549d9ca665e7bc05a3e18f07e", GitTreeState:"clean", BuildDate:"2021-12-16T08:38:33Z", GoVersion:"go1.16.12", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.7", GitCommit:"b56e432f2191419647a6a13b9f5867801850f969", GitTreeState:"clean", BuildDate:"2022-03-06T21:07:35Z", GoVersion:"go1.16.14", Compiler:"gc", Platform:"linux/amd64"}

@semihbkgr semihbkgr mentioned this issue Jul 20, 2022
Merged
@semihbkgr
Copy link
Contributor

Hi @KosShutenko, @martonsz
Thanks for the issue.

I have changed the related part of the code that cause this error.
Simply put, duplicated fields in yaml file lead to error in kustomize.
#286

Now, it should be fixed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@martonsz @semihbkgr @KosShutenko