-
Notifications
You must be signed in to change notification settings - Fork 564
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[doc] Recommended way of handling non conventional install such as cert-manager #538
Comments
@victornoel Hey!
I believe this can be achieved by deploying incubator/raw chart as suggested in #494 (comment)
In the case that it's ok to create a dedicated, new namespace with the desired labels, I believe you can use incubator/raw chart here as well. Otherwise, I'd suggest using a prepare hook. With that, you can inject any command, including
I think so too! Where would you like to have some documentation for this in? |
@mumoshu thanks for the fast answer (and for helmfile to have all the needed features already ;). For the hook, I should have read in more details, so no need to add more doc, but maybe if there is a best practice documentation, the use of the raw chart could be a good information to add. Also, how sure are we of the order of execution of the release? Are they following the order of declaration in the file? I suppose it is the case, right? |
@victornoel My pleasure :) We do have a best-practices doc in the docs dir! Happy to add there. I'd also appreciate it if you could submit a PR. Regarding the exec order, you should use sub-helmfies, so that helmfile execs sub-helmfiles in the order of definitions. Note that you'll see helmfile executes "releases" in the order of definitions, but that's not always. Setting So you'd write your helmfile.yaml like this: helmfiles:
- prereqs/cert-manager-crd.yaml
releases:
- name: labeled-ns
chart: incubator/raw
values:
- resources:
# or
# templates:
# ...
- name: cert-manager
chart: stable?/cert-manager
#snip |
@mumoshu one more question: is the hook executed even if calling helmfile with I will see how I end up using the raw chart and will get back to you about a potential doc PR :) |
Using a
but we did run into an issue with linting the file after adding hooks. I'll file a bug on that later today. |
@patrickmslatteryvt, what version of |
|
Let's use See #552 for more info. |
I successfully deployed cert-manager using Worth to mention I've got tillerless enabled. |
|
@andrewnazarov Good point! That's probably due to that So my best bet is that you should use
So that |
For the record, I have successfuly solved my problem both with the It looks as follow. The only small drawback I find with this is that I have to transform the crd resources file provided by cert-manager (https://raw.githubusercontent.com/jetstack/cert-manager/release-0.8/deploy/manifests/00-crds.yaml) into an array of resources in the helmfile. Maybe I'm missing a way to directly inject the file as-is with helmfile? cert-manager-crds.helmfile.yaml repositories:
- name: incubator
url: https://kubernetes-charts-incubator.storage.googleapis.com/
releases:
- name: cert-manager-crds
namespace: proxy
chart: incubator/raw
version: 0.2.3
values:
- resources:
- ... resources here ... helmfile.yaml repositories:
- name: jetstack
url: https://charts.jetstack.io
helmfiles:
- path: cert-manager-crds.helmfile.yaml
releases:
- name: cert-manager
namespace: proxy
version: v0.8.1
chart: jetstack/cert-manager
hooks:
- events: ["presync"]
command: "kubectl"
args: ["label", "--overwrite", "namespace", "{{`{{.Release.Namespace}}`}}", "certmanager.k8s.io/disable-validation=true"] |
@victornoel Thanks for sharing your solution. Want you to know I'm going to try something similar. The most displeasurable thing about cert-manager, in my view, is the requirement for CRDs. So I think this is an interesting solution. I'm assuming this same technique of using the Will try it out edit this comment with any feedback. |
I find tricky deploy it with raw... at the end its a helm chart with the values resources on one yaml file inside templates.. so I am using a local chart crd-cert-manager with a single yaml file (crds.yaml) and my helmfile to make it deploy in order and it works just perfect :) here is:
crds-helmfile.yaml
and inside ./certs-cert-manager:
|
Update: here is all you need https://github.com/zakkg3/cert-manager-installer |
Final Update :D |
@zakkg3 Awesome! Thanks for sharing it |
I ran in the the same issues around the same time and came up with the same solution. It works but it forces you to double your support surface area (in a manner). It works but just feels wrong :) |
@zloeber in terms of support you only need to bump version time to time and update the CRD's. i guess its what you mean... |
Fwiw, here's how we've been deploying https://github.com/cloudposse/helmfiles/blob/master/releases/cert-manager.yaml |
@osterman is it working for |
HI,
When reading the process to install the cert-manager chart (https://hub.helm.sh/charts/jetstack/cert-manager), you can see two steps before installing the chart:
How is this handled with helmfile? Is there any way to automatize both of those step?
Some documentation on this would be great also :)
The text was updated successfully, but these errors were encountered: