Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kube-vault-deploy container used by stim throws errors if tools.helm.version isn't defined #69

Open
medavisjr opened this issue Oct 2, 2020 · 0 comments
Open

kube-vault-deploy container used by stim throws errors if tools.helm.version isn't defined #69

medavisjr opened this issue Oct 2, 2020 · 0 comments

Comments

@medavisjr
Copy link
Collaborator

medavisjr commented Oct 2, 2020
edited

When running stim in a situation where Helm is not needed and is not being used in the deployment process, one would expect that you wouldn't need to configure a value for tools.helm.version in the stim deployment config YAML. You don't need stim to run Helm, so why define it? An example would be in deploying software that uses its own client to deploy to k8s, like Istio.

Take this config for example:

# stim.deploy.yaml
deployment:
  container:
    tag: 0.3.4
global:
  spec:
    tools:
      kubectl: {}
    kubernetes:
      serviceAccount: cluster-admin
    env:
      - name: NAMESPACE
        value: istio-system
      - name: ISTIO_VERSION
        value: 1.7.3
      - name: CONFIG_PROFILE
        value: default
      - name: ACCESS_LOG_ENCODING
        value: JSON
        # determines whether Istio proxies allow traffic to services without entry in the service registry
        # Options are "ALLOW_ANY" or "REGISTRY_ONLY"
      - name: OUTBOUND_TRAFFIC_POLICY
        value: ALLOW_ANY
environments:
  - name: dev
    instances:
      - name: caramel
        spec:
          kubernetes:
            cluster: caramel.y.icekube.net

---
# deploy. sh

#!/bin/bash
set -eu -o pipefail

# Exit if not running with `stim deploy`
if [ ! ${STIM_DEPLOY x} ]; then echo "Must be run with 'stim deploy'"; exit 1; fi

curl -L https://istio.io/downloadIstio | ISTIO_VERSION=${ISTIO_VERSION} TARGET_ARCH=x86_64 sh -
cd istio-${ISTIO_VERSION}
export PATH=$PWD/bin:$PATH

istioctl install
  --set profile=${CONFIG_PROFILE} \
  --set revision="${ISTIO_VERSION//./-}" \
  --set meshConfig.accessLogFile=/dev/stdout \
  --set meshConfig.accessLogEncoding=${ACCESS_LOG_ENCODING} \
  --set meshConfig.outboundTrafficPolicy.mode=${OUTBOUND_TRAFFIC_POLICY}

Running this with stim deploy -e dev -i caramel results in an unknown flag error from the kube-vault-deploy container run by stim:

2020-09-30 15:58:26.9601824     [ INFO  ]       --- START Stim deploy - Docker container logs ---
Installing Vault version 1.5.0 to match server
vault version 1.5.0 exists in bin-cache, linking.
INFO[0010] Fetching secret: secret/kubernetes/caramel.y.icekube.net/cluster-admin/kube-config
Generating kube-config for https://api.caramel.y.icekube.net based on environment variables credentials...
Cluster "default" set.
User "default" set.
Context "default" created.
Switched to context "default".
Installing kubectl version 1.18.8 to match server
kubectl version 1.18.8 exists in bin-cache, linking.
Error: unknown shorthand flag: 's' in -s
Error: Getting Helm Tiller version from remote K8s server
2020-09-30 15:58:40.9985015     [ INFO  ]       --- END Stim deploy - Docker container logs ---

However, if you add a Helm version to the tools spec in the stim config, all is well:

# stim.deploy.yaml
deployment:
  container:
    tag: 0.3.4
global:
  spec:
    tools:
      helm:                    # added this line
        version: v3.3.1        # and this line
      kubectl: {}
    kubernetes:
      serviceAccount: cluster-admin

Container logs with deploy.sh running as expected:

2020-09-30 16:15:08.8562114     [ INFO  ]       --- START Stim deploy - Docker container logs ---
Installing Vault version 1.5.0 to match server
vault version 1.5.0 exists in bin-cache, linking.
INFO[0010] Fetching secret: secret/kubernetes/caramel.y.icekube.net/cluster-admin/kube-config
Generating kube-config for https://api.caramel.y.icekube.net based on environment variables credentials...
Cluster "default" set.
User "default" set.
Context "default" created.
Switched to context "default".
Installing kubectl version 1.18.8 to match server
kubectl version 1.18.8 exists in bin-cache, linking.
Installing custom Helm version 3.3.1
helm version 3.3.1 exists in container, linking.
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   102  100   102    0     0    334      0 --:--:-- --:--:-- --:--:--   335
100  4277  100  4277    0     0   6490      0 --:--:-- --:--:-- --:--:-- 77763

Downloading istio-1.7.3 from https://github.com/istio/istio/releases/download/1.7.3/istio-1.7.3-linux-amd64.tar.gz ...

Istio 1.7.3 Download Complete!

Istio has been successfully downloaded into the istio-1.7.3 folder on your system.

Next Steps:
See https://istio.io/latest/docs/setup/install/ to add Istio to your Kubernetes cluster.

To configure the istioctl client tool for your workstation,
add the /scripts/istio-1.7.3/bin directory to your environment path variable with:
         export PATH="$PATH:/scripts/istio-1.7.3/bin"

Begin the Istio pre-installation check by running:
         istioctl x precheck

Need more information? Visit https://istio.io/latest/docs/setup/install/
✔ Istio core installed for Istio core.
✔ Istiod installedrces for Istiod. Waiting for Deployment/istio-system/istiod-1-7-3
✔ Ingress gateways installedngress gateways. Waiting for Deployment/istio-system/istio-ingressgateway
✔ Installation completerces
2020-09-30 16:16:30.7390391     [ INFO  ]       --- END Stim deploy - Docker container logs ---
@medavisjr medavisjr changed the title kube-value-deploy container used by stim throws errors if tools.helm.version isn't defined kube-vault-deploy container used by stim throws errors if tools.helm.version isn't defined Oct 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@medavisjr