Open rbo opened 3 weeks ago
Skupper is installed on edge-gateway and data-center
$ oc new-project red-hat-service-interconnect-data-center
..
$ skupper version
client version 1.5.3-rh-5
transport version not-found
controller version not-found
config-sync version not-found
flow-collector version not-found
$ skupper init --enable-console --enable-flow-collector
Waiting for status...
Skupper is now installed in namespace 'red-hat-service-interconnect-data-center'. Use 'skupper status' to get more information.
$ skupper status
Skupper is enabled for namespace "red-hat-service-interconnect-data-center". It is not connected to any other sites. It has no exposed services.
The site console url is: https://skupper-red-hat-service-interconnect-data-center.apps.cluster-q2b82.q2b82.sandbox1272.opentlc.com
The credentials for internal console-auth mode are held in secret: 'skupper-console-users'
$ oc get cm skupper-site -o yaml
apiVersion: v1
data:
cluster-permissions: "false"
console: "true"
console-authentication: internal
console-password: ""
console-user: ""
enable-skupper-events: "true"
flow-collector: "true"
ingress: route
name: red-hat-service-interconnect-data-center
router-console: "false"
router-logging: ""
router-mode: interior
service-controller: "true"
service-sync: "true"
kind: ConfigMap
metadata:
creationTimestamp: "2024-06-24T07:38:59Z"
labels:
internal.skupper.io/site-controller-ignore: "true"
name: skupper-site
namespace: red-hat-service-interconnect-data-center
resourceVersion: "116810"
uid: 442d9fe7-0023-4003-add9-9de73e166d25
$ oc create -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
namespace: red-hat-service-interconnect-data-center
labels:
skupper.io/type: connection-token-request
name: edge-gateway
EOF
⚠️ : Secret / YAML don't work!!!
skupper token create edge-gateway
$ export KUBECONFIG=kubeconfig-edge-gateway
$ oc new-project red-hat-service-interconnect-edge-gateway
..
$ skupper init
Waiting for status...
Skupper is now installed in namespace 'red-hat-service-interconnect-edge-gateway'. Use 'skupper status' to get more information.
$ oc get cm skupper-site -o yaml
apiVersion: v1
data:
cluster-permissions: "false"
console: "false"
console-authentication: internal
console-password: ""
console-user: ""
enable-skupper-events: "true"
flow-collector: "false"
ingress: route
name: red-hat-service-interconnect-edge-gateway
router-console: "false"
router-logging: ""
router-mode: interior
service-controller: "true"
service-sync: "true"
kind: ConfigMap
metadata:
creationTimestamp: "2024-06-24T08:37:11Z"
labels:
internal.skupper.io/site-controller-ignore: "true"
name: skupper-site
namespace: red-hat-service-interconnect-edge-gateway
resourceVersion: "12090357"
uid: 14e08d0e-0a2a-4106-9c29-988ad2d5cda6
# Secret created via skupper token create
$ oc apply -f edge-gateway
secret/d46eeb98-3203-11ef-9708-8c47be0105c4 created
# skupper.io/proxy=http might be not needed
$ kubectl annotate service -n hub-controller hub-controller-live skupper.io/proxy=http
$ skupper expose --target-namespace hub-controller deployment hub-controller-live --port 8080
Error: Unable to create skupper service: Current site does not included needed permissions to expose targets in other namespaces
=> Need init with --enable-cluster-permissions
$ skupper delete
$ skupper init --enable-cluster-permissions
$ oc get configmap skupper-site -o yaml
apiVersion: v1
data:
cluster-permissions: "true"
console: "false"
console-authentication: internal
console-password: ""
console-user: ""
enable-skupper-events: "true"
flow-collector: "false"
ingress: route
name: red-hat-service-interconnect-edge-gateway
router-console: "false"
router-logging: ""
router-mode: interior
service-controller: "true"
service-sync: "true"
kind: ConfigMap
metadata:
creationTimestamp: "2024-06-24T09:12:18Z"
labels:
internal.skupper.io/site-controller-ignore: "true"
name: skupper-site
namespace: red-hat-service-interconnect-edge-gateway
resourceVersion: "12108221"
uid: 0145edd9-687f-4332-b505-6fcd60323c1e
$ oc apply -f edge-gateway
$ skupper expose --target-namespace hub-controller deployment hub-controller-live --port 8080
deployment hub-controller-live exposed as hub-controller-live
⚠️ : Secret / YAML don't work!!!
oc logs -n openshift-operators skupper-site-controller-699c8fbf9d-p8bb5 2024/06/24 13:20:50 Skupper site controller watching all namespaces 2024/06/24 13:20:50 Version: 1.5.3-rh-2 2024/06/24 13:20:50 Cluster role "skupper-service-controller-basic" created 2024/06/24 13:20:50 Starting the Skupper site controller informers 2024/06/24 13:20:50 Waiting for informer caches to sync 2024/06/24 13:20:50 Checking if sites need updates (1.5.3-rh-2) 2024/06/24 13:20:50 Starting workers 2024/06/24 13:20:50 Started workers 2024/06/24 13:43:39 Handling token request for red-hat-service-interconnect-data-center/edge-gateway 2024/06/24 13:43:39 Generating token for request edge-gateway... 2024/06/24 13:43:39 Failed to generate token for request edge-gateway: Skupper is not installed in openshift-operators E0624 13:43:39.729405 1 controller.go:204] Skupper is not installed in openshift-operators
Fixed in skupper version 1.5.4.
=> Update skupper.