Latest commit to helm template server-statefulsets.yaml breaks installation on docker for desktop installs #91
Comments
rodfrancisco
changed the title
|
Hi @rodfrancisco, thanks for bringing this to my attention. I can make this configurable to support your use case. Would this help? |
|
@jasonodonnell That works. Thanks for the quick turnaround. |
|
Why was this made to be configurable instead of removed altogether? This is flat-out invalid Kubernetes config, so even if you want to turn it on, it won't work. As indicated in the error message, @jasonodonnell - did you ever do a successful deployment with the field present? |
|
Hi @jemc , I've just deployed it successfully to multiple Kubernetes clusters without error. I'm wondering if Kube isn't validating the object and just disregarding it. I'll look into removing this and trying to understand why it's not showing up on my end or in the test clusters. Thanks |
|
@jemc @jasonodonnell Looking at the docs link it looks like this setting belongs in the container security context this line , not the global line we already removed it from.
|
We use the helm templates for vault to do local k8s testing of vault using docker-for-desktop. Commit change b41d36c introduced a change to server-statefulsets.yaml that causes it to fail installs on docker-for-desktop k8s cluster. Specifically we get the following error:
error: error validating “STDIN”: error validating data: ValidationError(StatefulSet.spec.template.spec.securityContext): unknown field “readOnlyRootFilesystem” in io.k8s.api.core.v1.PodSecurityContextThis is using Docker Desktop: v2.1.0.4 running kubernetes v1.14.7
Removing the line introduced here: b41d36c?diff=split#diff-60ca1594dfcfe4f0d22db67a9583d9feR44 fixes the issue.
To reproduce:
helm template vault-helm --name vault | kubectl apply -f -on the docker-desktop clusterThe text was updated successfully, but these errors were encountered: