search

GoogleCloudPlatform / deploymentmanager-samples

Deployment Manager samples and templates.
Apache License 2.0
939 stars 717 forks source link

Custom resource type not found GKE #466

Closed christopherdbull closed 5 years ago

christopherdbull commented 5 years ago

I'm following the gke example but trying to use it to set secrets instead, however despite creating the types successfully - verified in the console - it always returns with (slightly opaque) error below:

- code: RESOURCE_NOT_FOUND
  message: The type [first-cluster-stitched-cluster-type:/api/v1/namespaces/default/secrets]
    was not found.

This is my manifest:

imports:
- path: cluster.jinja
  name: cluster.jinja
- path: cloudsql.jinja
  name: cloudsql.jinja
- path: support/password.py
  name: password.py
- path: kube-secret.jinja
  name: kube-secret.jinja

resources:
- name: my-cluster
  type: cluster.jinja
  properties:
    zone: europe-west2-a
    nodeCount: 3
  metadata:
    dependsOn:
      - my-db
- name: stitched-db
  type: cloudsql.jinja
  metadata:
    dependsOn:
      - db-password
      - db-user
  properties:
    cloudsql:
      dataDiskSizeGb: 20
      zone: europe-west2-a
      region: europe-west2
      databaseVersion: POSTGRES_11
      tier: db-custom-2-7680
    failover: false
    database:
      name: production
    dbUser:
      name: $(ref.db-user.password)
      password: $(ref.db-password.password)
- name: db-password
  type: password.py
  properties:
    length: 16
    includeSymbols: false
- name: db-user
  type: password.py
  properties:
    length: 8 
    includeSymbols: false
- name: db-secret
  type: kube-secret.jinja
  properties:
    clusterName: $(ref.my-cluster.clusterName)
    name: db-secret
    secretValues:
      dbPassword: $(ref.db-password.password)
      dbUsername: $(ref.db-user.password)

This is where the type is created: 

{% set CLUSTER_NAME = env['deployment'] + '-' + env['name'] %}
{% set TYPE_NAME = CLUSTER_NAME + '-type' %}
{% set K8S_ENDPOINTS = {'': 'api/v1', '-apps': 'apis/apps/v1beta1', '-v1beta1-extensions': 'apis/extensions/v1beta1'} %}

resources:
- name: {{ CLUSTER_NAME }}
  type: container.v1.cluster
  properties:
    zone: {{ properties["zone"] }}
    cluster:
      initialClusterVersion: "1.13"
      nodePools:
      - initialNodeCount: {{ properties['nodeCount'] }}
        name: pool1
        config:
          oauthScopes:
          - https://www.googleapis.com/auth/compute
          - https://www.googleapis.com/auth/devstorage.read_only
          - https://www.googleapis.com/auth/logging.write
          - https://www.googleapis.com/auth/monitoring

{% for typeSuffix, endpoint in K8S_ENDPOINTS.iteritems() %}
- name: {{ TYPE_NAME }}{{ typeSuffix }}
  type: deploymentmanager.v2beta.typeProvider
  properties:
    options:
      validationOptions:
        # Kubernetes API accepts ints, in fields they annotate with string.
        # This validation will show as warning rather than failure for
        # Deployment Manager.
        # https://github.com/kubernetes/kubernetes/issues/2971
        schemaValidation: IGNORE_WITH_WARNINGS
      # According to kubernetes spec, the path parameter 'name'
      # should be the value inside the metadata field
      # https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md
      # This mapping specifies that
      inputMappings:
      - fieldName: name
        location: PATH
        methodMatch: ^(GET|DELETE|PUT)$
        value: $.ifNull($.resource.properties.metadata.name, $.resource.name)
      - fieldName: metadata.name
        location: BODY
        methodMatch: ^(PUT|POST)$
        value: $.ifNull($.resource.properties.metadata.name, $.resource.name)
      - fieldName: Authorization
        location: HEADER
        value: >
          $.concat("Bearer ", $.googleOauth2AccessToken())
    descriptorUrl: https://$(ref.{{ CLUSTER_NAME }}.endpoint)/swaggerapi/{{ endpoint }}
{% endfor %}

outputs:
{% for typeSuffix, endpoint in K8S_ENDPOINTS.iteritems() %}
- name: clusterType{{ typeSuffix }}
  value: {{ TYPE_NAME }}{{ typeSuffix }}
{% endfor %}
- name: clusterName
  value: $(ref.{{ CLUSTER_NAME }}.name)

and this is the secrets.jinja file:

{% set CLUSTER_TYPE = properties['clusterName'] + '-type' %}

{% set SECRETS_COLLECTION_PREFIX = '/api/v1/namespaces/default/' %}
{% set SECRETS_COLLECTION = SECRETS_COLLECTION_PREFIX + 'secrets' %}

resources:
- name: {{ properties['clusterName'] }}-secrets
  type: {{ CLUSTER_TYPE }}:{{ SECRETS_COLLECTION }}
  properties:
    apiVersion: v1
    kind: Secret
    type: Opaque
    metadata:
      name: {{ properties['name']}}
    stringData:
      {% for key, value in properties['secretValues'].iteritems() %}
      {{ key }}: {{ value }}
      {% endfor %}

Any help is much appreciated, the API is reachable from the gcloud cloud shell console.

christopherdbull commented 5 years ago

I can't delete this, so closing as have just given up and switched to Terraform