Install in openshift with existing cert-manager operator install

cert-manager / trust-manager

trust-manager is an operator for distributing trust bundles across a Kubernetes cluster.

https://cert-manager.io/docs/projects/trust-manager/

Apache License 2.0

248 stars 66 forks source link

Install in openshift with existing cert-manager operator install #168

Open indiealexh opened 1 year ago

indiealexh commented 1 year ago

I am attempting to install trust-manager into openshift with an existing cert-manager install that was installed via the operator hub.

bash-4.4 ~ $ helm upgrade -i -n openshift-operators trust-manager jetstack/trust-manager --set app.trust.namespace=openshift-operators --set app.webhook.tls.approverPolicy.certManagerNamespace=openshift-operators  --wait --dry-run --debug
history.go:56: [debug] getting history for release trust-manager
upgrade.go:142: [debug] preparing upgrade for trust-manager
Killed

Despite already having cert-manager, so I need to deploy an instance into a cert-manager namespace like the docs state, or should I be able to use the one I have?

hawksight commented 1 year ago

I think you should be able to use any namespace. However given cert-manager was installed by RedHat operator, perhaps it does something to prevent other installations in the same namespace?

Did you install the RedHat or the Community cert-manager marketplace offering?

indiealexh commented 1 year ago

Did you install the RedHat or the Community cert-manager marketplace offering?

It was labeled as community, but seeing as how it comes from a red hat mirror I don't know how community it actually is.

Is there a way to get more logs out to understand why it died?

erikgb commented 2 months ago

@indiealexh Is cert-manager really installed in the openshift-operators namespace in your OpenShift cluster? It seems a bit strange. In our OpenShift cluster this namespace typically contains operators (for operators). So cert-manager-operator (an operator provisioning cert-manager) would be installed there, but not cert-manager.

/priority awaiting-more-evidence

indiealexh commented 2 months ago

@indiealexh Is cert-manager really installed in the openshift-operators namespace in your OpenShift cluster?

Yes, it was the default location suggested by the Openshift UI.

Cert Manager Instance:

Cert Manager Operator Subscription

erikgb commented 2 months ago

Thanks! Yes, it seems like OpenShift recommends openshift-operators namespace for cluster-scoped operators, ref. OpenShift docs.

Are you able to reproduce the trust-manager installation issue? To me, it seems like Helm is bugging out here. ~~Maybe you can add the --debug flag to the Helm command to get more output?~~ I see you already did. 🤔

Which version of Helm are you using?