Affected versions
DKP 2.3.0, 2.3.1
Problem
When there is a need for modifications with the Kommander install, editing the generated kommander.yaml
file and attempting a reinstall via ./dkp install
kommander --installer-config kommander.yaml --kubeconfig=${CLUSTER_NAME}.conf
will make dex-k8s-authenticator
and traefik-forward-auth-mgmt
pods crashloop.
This behavior can be observed with the outputs of kubectl get pods -A --kubeconfig=${CLUSTER_NAME}.conf
and kubectl get hr -n kommander --kubeconfig=${CLUSTER_NAME}.conf`.
Investigating the dex-k8s-authenticator
pod would also show the following error:
kubectl logs -n kommander dex-k8s-authenticator-<hash> --kubeconfig=${CLUSTER_NAME}.conf
2022/09/30 15:41:43 Using config file: /app/configuration/config.yaml
2022/09/30 15:41:43 useClusterHostname: true
2022/09/30 15:41:43 Registered static assets handler at: /token/static/
2022/09/30 15:41:43 [GC: 0xc00052a7e0] starting garbage collector routine: interval: 60000000000
panic: runtime error: index out of range [0] with length 0
goroutine 1 [running]:
main.start_app(0xe5a960, 0x0, 0x0, 0xc000031080, 0x13, 0xc000032ba8, 0x6, 0x0, 0x0, 0x0, ...)
/home/runner/work/dex-k8s-authenticator/dex-k8s-authenticator/main.go:273 +0x1ec0
main.glob..func1(0xe35120, 0xc00000ca60, 0x0, 0x2)
/home/runner/work/dex-k8s-authenticator/dex-k8s-authenticator/main.go:356 +0x30d
github.com/spf13/cobra.(*Command).execute(0xe35120, 0xc00001e190, 0x2, 0x2, 0xe35120, 0xc00001e190)
/home/runner/.asdf/installs/golang/1.13.15/packages/pkg/mod/github.com/spf13/cobra@v1.4.0/command.go:860 +0x2aa
github.com/spf13/cobra.(*Command).ExecuteC(0xe35120, 0x1, 0xc0001abf50, 0x40574f)
/home/runner/.asdf/installs/golang/1.13.15/packages/pkg/mod/github.com/spf13/cobra@v1.4.0/command.go:974 +0x35a
github.com/spf13/cobra.(*Command).Execute(...)
/home/runner/.asdf/installs/golang/1.13.15/packages/pkg/mod/github.com/spf13/cobra@v1.4.0/command.go:902
main.main()
/home/runner/work/dex-k8s-authenticator/dex-k8s-authenticator/main.go:408 +0x31
This issue stems from the configmap in which the clusters
value should come from the overrides. HelmRelease does not take values from dex-k8s-authenticator-kommander-overrides
as it’s not in valuesFrom
list.
Solution
A fix is currently being implemented and this KB article shall be updated once a release version with the fix is available.
As a workaround, add the following to spec
sections of the corresponding appdeployments:
traefik-forward-auth-mgmt
clusterConfigOverrides:
- clusterSelector:
matchLabels:
kommander.d2iq.io/cluster-name: host-cluster
configMapName: traefik-forward-auth-mgmt-host-cluster
dex-k8s-authenticator
clusterConfigOverrides:
- clusterSelector:
matchExpressions:
- key: kommander.d2iq.io/cluster-name
operator: In
values:
- host-cluster
configMapName: dex-k8s-authenticator-kommander-overrides