search

canonical / cluster-api-bootstrap-provider-microk8s

This project offers a cluster API bootstrap provider controller that manages the node provision of a MicroK8s cluster.
https://microk8s.io
21 stars 14 forks source link

restart snapd after configuring proxy #112

Closed eaudetcobello closed 1 month ago

eaudetcobello commented 1 month ago

removes the need to restart from preRunCommands like in this example manifest:

apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
kind: MicroK8sConfigTemplate
metadata:
  name: microk8s-maas-md-0
  namespace: default
spec:
  template:
    spec:
      initConfiguration:
        preRunCommands:
        - |
          cat > /usr/local/share/ca-certificates/pcr_ca.crt << EOF
          ...
          EOF
          sudo update-ca-certificates
          curl -sL .../auth/store/assertions | snap ack /dev/stdin
          snap set core proxy.store=...
          sudo systemctl restart snapd

From what I've seen of users configurations they setup the proxy with https manually in preRunCommands, and the last command is a systemctl restart snapd. If they don't restart snapd after setting up certificates snap install fails with an SSL error.

Before 0.6.9 we hardcoded the proxy protocol as http, so we didn't encounter this SSL error, which is why we did not add systemctl restart snapd to the proxy configuration script.

ktsakalozos commented 1 month ago

LGTM +1