Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow disabling of all allocator secrets in helm chart #2177

Merged
merged 2 commits into from
Jul 12, 2021
Merged

Allow disabling of all allocator secrets in helm chart #2177

merged 2 commits into from
Jul 12, 2021

Conversation

sudermanjr
Copy link
Contributor

@sudermanjr sudermanjr commented Jul 9, 2021
edited
Loading

Signed-off-by: Andrew Suderman andrew@sudermanjr.com

What type of PR is this?
/kind feature

What this PR does / Why we need it:
Provide a flag to completely disable allocator certificate generation

Which issue(s) this PR fixes:

Closes #2175

TODO:

  • Add documentation

@google-cla google-cla bot added the cla: yes label Jul 9, 2021
@agones-bot
Copy link
Collaborator

Build Succeeded 👏

Build Id: 74b74d67-1fde-4e8a-974e-787eba50eae0

The following development artifacts have been built, and will exist for the next 30 days:

A preview of the website (the last 30 builds are retained):

To install this version:

  • git fetch https://github.com/googleforgames/agones.git pull/2177/head:pr_2177 && git checkout pr_2177
  • helm install ./install/helm/agones --namespace agones-system --name agones --set agones.image.tag=1.16.0-edbfa8a

@sudermanjr sudermanjr changed the title Allow disabling of all allocator certificates Allow disabling of all allocator certificates in helm chart Jul 9, 2021
@sudermanjr sudermanjr changed the title Allow disabling of all allocator certificates in helm chart Allow disabling of all allocator secrets in helm chart Jul 9, 2021
@agones-bot
Copy link
Collaborator

Build Succeeded 👏

Build Id: b4bd1e74-5b0c-428c-9024-c0e07fceaef5

The following development artifacts have been built, and will exist for the next 30 days:

A preview of the website (the last 30 builds are retained):

To install this version:

  • git fetch https://github.com/googleforgames/agones.git pull/2177/head:pr_2177 && git checkout pr_2177
  • helm install ./install/helm/agones --namespace agones-system --name agones --set agones.image.tag=1.16.0-339801c

@agones-bot
Copy link
Collaborator

Build Succeeded 👏

Build Id: 3ca45bad-6a3f-4428-8326-5037dfdaf730

The following development artifacts have been built, and will exist for the next 30 days:

A preview of the website (the last 30 builds are retained):

To install this version:

  • git fetch https://github.com/googleforgames/agones.git pull/2177/head:pr_2177 && git checkout pr_2177
  • helm install ./install/helm/agones --namespace agones-system --name agones --set agones.image.tag=1.16.0-250e19b

@agones-bot
Copy link
Collaborator

Build Succeeded 👏

Build Id: 7db121a5-7b88-4306-9fe0-e8aac41e6e7e

The following development artifacts have been built, and will exist for the next 30 days:

A preview of the website (the last 30 builds are retained):

To install this version:

  • git fetch https://github.com/googleforgames/agones.git pull/2177/head:pr_2177 && git checkout pr_2177
  • helm install ./install/helm/agones --namespace agones-system --name agones --set agones.image.tag=1.16.0-cc2ea02

@agones-bot
Copy link
Collaborator

Build Succeeded 👏

Build Id: 662220df-7a24-4794-9fb8-91408bdaf2d2

The following development artifacts have been built, and will exist for the next 30 days:

A preview of the website (the last 30 builds are retained):

To install this version:

  • git fetch https://github.com/googleforgames/agones.git pull/2177/head:pr_2177 && git checkout pr_2177
  • helm install ./install/helm/agones --namespace agones-system --name agones --set agones.image.tag=1.16.0-9c46efc

@sudermanjr sudermanjr marked this pull request as ready for review July 9, 2021 17:11
roberthbailey
roberthbailey reviewed Jul 9, 2021
View reviewed changes
site/content/en/docs/Advanced/allocator-service.md Outdated
@@ -101,6 +101,10 @@ echo $TLS_CA_VALUE | base64 -d > ca.crt
# echo $TLS_CA_VALUE | base64 -D > ca.crt
```

### Bring Your Own Certificates (advanced)

If you would like to completely manage the tls secrets outside of helm, you can create them in the namespace where agones is going to be installed, and then set `agones.allocator.disableSecretCreation` to `true`. This method will also work with the cert-manager method, as long as your certificate and secret are created ahead of time, and you populate the `allocator-tls-ca` and `allocator-client-ca` yourself.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: "set the helm parameter ... to true"

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What happens during install if the secrets aren't already in place? Does the helm install fail? Or does the install succeed and agones is non functional?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you don't set the wait or atomic flags when using helm, the installation will succeed and the allocator pods will fail to start.

site/content/en/docs/Advanced/allocator-service.md Show resolved Hide resolved
@agones-bot
Copy link
Collaborator

Build Failed 😱

Build Id: 3513cf05-0a23-4c2b-bd34-e9fbb112cce4

To get permission to view the Cloud Build view, join the agones-discuss Google Group.

@agones-bot
Copy link
Collaborator

Build Succeeded 👏

Build Id: 0f3c228f-ad60-4d49-8022-7e97ce73fe9e

The following development artifacts have been built, and will exist for the next 30 days:

A preview of the website (the last 30 builds are retained):

To install this version:

  • git fetch https://github.com/googleforgames/agones.git pull/2177/head:pr_2177 && git checkout pr_2177
  • helm install ./install/helm/agones --namespace agones-system --name agones --set agones.image.tag=1.16.0-51587ad

Allow disabling of all allocator certificates and secrets in helm chart
ff54faa 
Signed-off-by: Andrew Suderman <andrew@sudermanjr.com>
@agones-bot
Copy link
Collaborator

Build Succeeded 👏

Build Id: c511c59d-09a0-4cf9-9770-2ca46cbabedd

The following development artifacts have been built, and will exist for the next 30 days:

A preview of the website (the last 30 builds are retained):

To install this version:

  • git fetch https://github.com/googleforgames/agones.git pull/2177/head:pr_2177 && git checkout pr_2177
  • helm install ./install/helm/agones --namespace agones-system --name agones --set agones.image.tag=1.16.0-ff54faa

@agones-bot
Copy link
Collaborator

Build Succeeded 👏

Build Id: 59a706bd-cf5b-4802-adcd-3c243a51abb9

The following development artifacts have been built, and will exist for the next 30 days:

A preview of the website (the last 30 builds are retained):

To install this version:

  • git fetch https://github.com/googleforgames/agones.git pull/2177/head:pr_2177 && git checkout pr_2177
  • helm install ./install/helm/agones --namespace agones-system --name agones --set agones.image.tag=1.16.0-8e4d7e8

fix helm table
41c2828 
Signed-off-by: Andrew Suderman <andrew@sudermanjr.com>
@agones-bot
Copy link
Collaborator

Build Succeeded 👏

Build Id: 9f014b2e-5e8b-4911-9a5e-24e3b6231001

The following development artifacts have been built, and will exist for the next 30 days:

A preview of the website (the last 30 builds are retained):

To install this version:

  • git fetch https://github.com/googleforgames/agones.git pull/2177/head:pr_2177 && git checkout pr_2177
  • helm install ./install/helm/agones --namespace agones-system --name agones --set agones.image.tag=1.16.0-41c2828

@google-oss-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: roberthbailey, sudermanjr

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@roberthbailey roberthbailey merged commit f1046e3 into googleforgames:main Jul 12, 2021
@roberthbailey roberthbailey added this to the 1.16.0 milestone Jul 13, 2021
@roberthbailey roberthbailey added kind/feature New features for Agones area/operations Installation, updating, metrics etc area/user-experience Pertaining to developers trying to use Agones, e.g. SDK, installation, etc labels Jul 13, 2021
@roberthbailey roberthbailey mentioned this pull request Sep 23, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@markmandel markmandel markmandel left review comments

@roberthbailey roberthbailey roberthbailey approved these changes

@aLekSer aLekSer Awaiting requested review from aLekSer

@EricFortin EricFortin Awaiting requested review from EricFortin

Assignees

@roberthbailey roberthbailey

Labels
approved area/operations Installation, updating, metrics etc area/user-experience Pertaining to developers trying to use Agones, e.g. SDK, installation, etc cla: yes kind/feature New features for Agones lgtm size/S
Projects
None yet
Milestone
1.16.0
Development

Successfully merging this pull request may close these issues.

Provide an easier way to bring your own certificates via helm chart installation
5 participants
@sudermanjr @agones-bot @google-oss-robot @markmandel @roberthbailey