Bug 2002197
| Summary: | Pass down proxy env to operands failed for helm type operator | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Fan Jia <jfan> |
| Component: | Operator SDK | Assignee: | amacdona <austin> |
| Status: | CLOSED ERRATA | QA Contact: | Fan Jia <jfan> |
| Severity: | urgent | Docs Contact: | |
| Priority: | urgent | ||
| Version: | 4.9 | CC: | aos-bugs, jesusr, marobrie |
| Target Milestone: | --- | ||
| Target Release: | 4.9.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-10-18 17:51:28 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Fan Jia
2021-09-08 08:39:04 UTC
This should work as you did it, except that the helm chart doesn't support these vars yet.
Add the var in helmcharts/nginx/values.yaml
```
proxy:
httpProxy: ""
```
Use the var in the helmcharts/nginx/templates/deployment.yaml
```
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: http_proxy
value: "{{ .Values.httpProxy }}"
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
```
You will also need to add the value to a template.
Edit helm-charts/ginx/templates/deployment.yaml
```
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: http_proxy
value: "{{ .Values.proxy.http }}"
```
You can also have a look at the docs PR to verify this https://github.com/operator-framework/operator-sdk/pull/5204 verified.
test env:
1. operator-sdk version: "v1.10.1-ocp", commit: "972fd59bb3a4cdb2e5102fc37fc3afa32f6c066f", kubernetes version: "v1.21", go version: "go1.16.5", GOOS: "linux", GOARCH: "amd64"
2. cv:4.9.0-0.nightly-2021-09-10-170926
3. add the http_proxy message to the helm operator
1) watches.yaml
- group: demo.example.com
version: v1alpha1
kind: Nginx
chart: helm-charts/nginx
overrideValues:
proxy.http: $HTTP_PROXY
2)helmcharts/nginx/Values.yaml
proxy:
http: ""
https: ""
no_proxy: ""
3)helm-charts/nginx/templates/deployment.yaml
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: http_proxy
value: "{{ .Values.proxy.http }}"
4)config/manager/manager.yaml
containers:
- args:
- --leader-elect
- --leader-election-id=helm-proxy-demo
image: controller:latest
name: manager
env:
- name: "HTTP_PROXY"
value: $CLUSTER_HTTP_PROXY
5)Makefile
deploy: kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
$(KUSTOMIZE) build config/default | CLUSTER_HTTP_PROXY=$(shell kubectl get proxies.config.openshift.io cluster -o json | jq '.spec.httpProxy') envsubst | kubectl apply -f -
test result:
CR created success and env is passed to operand
1)$ oc create -f config/samples/helmdemo_v1_nginx.yaml -n nginx-system
nginx.helmdemo.example.com/nginx-sample created
2)$oc get deployment nginx-sample -o=jsonpath={.spec.template.spec.containers[0].env}
[{"name":"http_proxy","value":"http://proxy-user1:JYgU8qRZV4DY4PXxxxxK@ec2-18-188-xxxxxx.us-xxxx-2.compute.amazonaws.com:3128"}]
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759 |