Adding support for the old leader-elector #607
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adds the leader-elector container support that was removed in PR #568. The new vault-k8s uses an internal mechanism for leader determination, so this is just for backwards compatibility, and can be removed in the near future.
benashz
reviewed
Sep 7, 2021
| labels: | ||
| app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector | ||
| app.kubernetes.io/instance: {{ .Release.Name }} | ||
| app.kubernetes.io/managed-by: {{ .Release.Service }} |
There was a problem hiding this comment.
I wonder if adding an extra annotation denoting the deprecation of this container would be a good idea. Not sure if that would satisfy what @calvn requested w.r.t. facilitating debugging.
There was a problem hiding this comment.
Sure, something like deprecated: true?
I also added a change to the logging in hashicorp/vault-k8s#297 to make it easier to tell which leader elector scheme is in use.
via an annotation
Default to not deploying the old leader-elector container, unless injector.leaderElector.useContainer is `true`.
tvoran
changed the title
tomhjp
approved these changes
Sep 15, 2021
|
@tomhjp That sounds like a good idea; how about v0.18.0? https://github.com/hashicorp/vault-helm/blob/master/CHANGELOG.md |
|
@tvoran v0.18.0 sounds good to me, gives a nice amount of overlap and warning. |
dreamblack86
pushed a commit
to dreamblack86/vault-helm
that referenced
this pull request
Oct 27, 2021
The commit: Added webhook-certs volume mount to sidecar injector (hashicorp#545) had it fixed correctly in the past. But by the short-term decision to take the leader elector container out then back in has "probably" led to this circumstance during copy&paste that the volumemount has moved down again. see: Adding support for the old leader-elector (hashicorp#607)
dreamblack86
added a commit
to dreamblack86/vault-helm
that referenced
this pull request
Oct 27, 2021
The commit: d27121 Added webhook-certs volume mount to sidecar injector (hashicorp#545) had it fixed correctly in the past. But by the short-term decision to take the leader elector container out then back in has "probably" led to this circumstance during copy&paste that the volumemount has moved down again. see changes how it came to this small error. remove leader-elector: d31f94 Support vault-k8s internal leader election (hashicorp#568) bring leader-elector back: 5a864f Adding support for the old leader-elector (hashicorp#607)
illegalnumbers
pushed a commit
to streamnative/vault-helm
that referenced
this pull request
Mar 17, 2022
Adds the leader-elector container support that was removed in PR hashicorp#568. The new vault-k8s uses an internal mechanism for leader determination, so this is just for backwards compatibility, and can be removed in the near future. * mark the endpoint as deprecated * add a new useContainer option for leaderElector Default to not deploying the old leader-elector container, unless injector.leaderElector.useContainer is `true`.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds an option to deploy the old leader-elector container that was removed in PR #568. (The new vault-k8s uses an internal mechanism for leader determination, so this is just for backwards compatibility, and can be removed in the near future.)
Note that this defaults to not deploying the old leader-elector container and Endpoint, unless
injector.leaderElector.useContaineris set totrue.