franTarkenton
commented
3 years ago Hey @yhfreeman, I think I mentioned this on the call, but am typing it in here so that you have a record of what I believe the problem is...
Originally when the helm charts were built we were using aporeto network security policies to define the network rules for the namespace. I'm not sure why, but the platform services team moved away from aporeto to the built in network policies of the openshift (and I believe underlying Kubernetes) platform. I can't remember how the network policies in prod got set up, (could have been me with an emergency cludge after I left the team, or could have been someone else).
I'd recommend taking a quick look at what was set up in PROD to see if it makes sense, then modify the chart and run against the lower env's.
Hope this is helpful, feel free to ping me on teams if there is anything I can do to assist, and apologies if I'm jumping into something I shouldn't.
Cheers
Kevin
yhfreeman
Describe the issue Currently dev, test instance on openshift are down: https://kirk-rt-65d6a6-dev.apps.silver.devops.gov.bc.ca/ https://kirk-rt-65d6a6-test.apps.silver.devops.gov.bc.ca/
Additional context Deployment config pods can't seem to pass readiness probe.
Definition of done When dev, test instance are back and ready to be used as part of testing for the following dependency upgrade: https://github.com/bcgov/kirk/pull/52 https://github.com/bcgov/kirk/pull/54 https://github.com/bcgov/kirk/pull/58