Flink was installed using the provided Helm Chart. The chart installs 2 services with pod selector just one label. Problem is that this label is widely used:
selector:
control-plane: controller-manager
In our cluster we have OPE Gatekeeper installed, which uses among other labels, uses this one as well.
Using single label widely used label for selector is a problem, the selector for services should be as narrow as possible, e.g. using a combination of multiple labels and only select pods matching ALL labels. With single one it is prone to error.
Solution us to rebuild the helm chart and add additional labels to the deployment and the service selectors. This however will lead to other issues with the chart upgrade, like deleting the certificate in the webhook.
Flink was installed using the provided Helm Chart. The chart installs 2 services with pod selector just one label. Problem is that this label is widely used:
In our cluster we have OPE Gatekeeper installed, which uses among other labels, uses this one as well.
Using single label widely used label for selector is a problem, the selector for services should be as narrow as possible, e.g. using a combination of multiple labels and only select pods matching ALL labels. With single one it is prone to error.
Solution us to rebuild the helm chart and add additional labels to the deployment and the service selectors. This however will lead to other issues with the chart upgrade, like deleting the certificate in the webhook.