search

carvel-dev / kapp

kapp is a simple deployment tool focused on the concept of "Kubernetes application" — a set of resources with the same label
https://carvel.dev/kapp
Apache License 2.0
921 stars 110 forks source link

kapp does not allow placing app resource into namespace resource belonging to the app #27

Open ademariag opened 5 years ago

ademariag commented 5 years ago

Relevant slack thread here: https://kubernetes.slack.com/archives/CH8KCCKA5/p1563362345098000

On a newly created cluster, with only default namespaces, I am attempting to install a new application in the demo namespace.

My workflow until now was to create a context pointing to the demo namespace and apply the resources. (i.e. DEMO_CONTEXT)

Example namespace resource

kind: Namespace
metadata:
  annotations: {}
  labels:
    name: demo
  name: demo

Error

When applying a simple namespace using kapp pointing to DEMO_CONTEXT, kapp fails with:

Error: Creating app: namespaces "demo" not found

Possible explanation

kapp seems unable to handle a context pointing to a yet-to-be-created namespace. Possibly because if needs to store some state there?

Workaround

using a context pointint to a different namespace, i.e. default, kapp is able to create the application successfully

Changes                                                                                                                                                                      

Namespace  Name  Kind       Conditions  Age  Changed  Ignored Reason     
-          demo  Namespace  -           -    add      -                                                              

1 add, 0 delete, 0 update, 0 keep                                                                                      

1 changes                                                                                                                 

2:44:26PM: --- applying changes                                                                                                              
2:44:26PM: add namespace/demo (v1) cluster                                               
2:44:26PM: waiting on add namespace/demo (v1) cluster                                                                                              
2:44:27PM: --- changes applied

Unfortunately, if after this bootstrap process we revert to using the original DEMO_CONTEXT, kapp finds a mismatch in the app ownership

cat  namespace.yml | kapp  deploy --kubeconfig-context demo_context -a pre-deploy -f - -y --tty    
Error: Ownership errors:                                                                                                                                                    
- Resource 'namespace/demo (v1) cluster' is associated with a different label value 'kapp.k14s.io/app=1563371065560753000'

The only solution then becomes to force import the app --dangerous-override-ownership-of-existing-resources

cppforlife commented 5 years ago

recorded gist of our conversation in faq: https://github.com/k14s/kapp/blob/develop/docs/faq.md#where-to-store-app-resources-ie-in-which-namespace

cppforlife commented 5 years ago

marking this as wontfix for now. may be we will circle back to this eventually.

DTTerastar commented 4 years ago

I still think this is one of the only real shortcomings of kapp. It should have an option to manage the namespace and create and destroy it automatically. It should destroy it when the last app in the namespace is destroyed.

DTTerastar commented 4 years ago

We also might need an annotation on the namespace as well and with the current setup I think you'd need to do that using kubectl.

cppforlife commented 3 years ago

related in a way: https://github.com/k14s/kapp/issues/112