Uploaded image for project: 'Couchbase Kubernetes'
  1. Couchbase Kubernetes
  2. K8S-1900

Upgrade errors with Helm 2.1 when TLS enabled

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 2.1.0
    • None
    • helm, kubernetes
    • None
    • 18: PE/Tasks/Docs
    • 1

    Description

      The Helm Chart upgrade from 2.0.x to 2.1 encounters the following error:

      {"level":"error","ts":1610489073.7747614,"logger":"controller-runtime.controller","msg":"Reconciler error","controller":"couchbase-
      		 
      controller","request":"default/cb-test-couchbase-cluster","error":"secrets \"cb-test-couchbase-cluster\" already exists","stacktrac
      		 
      e":"github.com/go-logr/zapr.(*zapLogger)

      *Steps to Reproduce*

      1) helm install cb-test couchbase/couchbase-operator --version 2.0.2
      this will install the standard default

      2) then:

      kubectl replace -f crd.yaml
      kubectl create -f crd.yaml

      3) then upgrade the chart:

      helm upgrade cb-test couchbase/couchbase-operator

      We will hit the error above.

      In addition, If we have the following set to true in the values.yaml

        # TLS Certs that will be used to encrypt traffic between operator and couchbase
      		 
        tls:
      		 
          # enable to auto create certs
      		 
          generate: false
      		 
          # Expiry time of CA in days for generated certs
      		 
          expiration: 365

      Then upgrading to 2.1 operator from previous version will encounter the following error:

      {"level":"error","ts":1611102051.5212724,"logger":"cluster","msg":"Reconciliation failed","cluster":"default/demo","error":"certificate cannot be verified for zone: x509: certificate is valid for localhost, *.demo-couchbase-cluster.default.svc, *.demo-couchbase-cluster.default, *.demo-couchbase-cluster, *.demo-couchbase-cluster-srv.default.svc, *.demo-couchbase-cluster-srv.default, *.demo-couchbase-cluster-srv, demo-couchbase-cluster-srv.default.svc, demo-couchbase-cluster-srv.default, demo-couchbase-cluster-srv, *.demo-couchbase-cluster-srv.default.svc.cluster.local, host.demo-couchbase-cluster.default.svc.cluster.local, not host.demo

      Attachments

        Issue Links

          relates to

          Page - A new page either standalone or within a series of pages must be added K8S-1955 Document Helm 2.1 upgrade process with tls.generate=true

          • Major - Major loss of function.
          • Closed

          Page - A new page either standalone or within a series of pages must be added K8S-2321 Document renaming secrets in helm upgrade process

          • Major - Major loss of function.
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              patrick.stephens Patrick Stephens (Inactive)
              tin.tran Tin Tran (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty