Stevenpc3
commented
4 months ago I have forked and created a local way to set this for testing by updating deployment.yaml container section to have
- name: WATCH_NAMESPACE
value: "{{ .Values.watchNamespace }}"and adding the following to values.yaml
# -- Namespaces to watch as comma separated list i.e namespace-a,namespace-b. Empty will default to all namespaces.
watchNamespace: ""this is very ugly though as it requires a --set flag like this where the comma needs to be escaped, but is fine via a yaml file.
helm upgrade -i cnpg -n default charts/cnpg/ --set watchNamespace="namespace-a\,namespace-b"This works well for single namespace deploys though which is likely the most used case.
itay-grudev
Setting the WATCH_NAMESPACE env variable does not work via configmap as it is loaded after the operator starts and chooses namespaces to watch. Also there is not other way to set it currently.
In reference to the issue at https://github.com/cloudnative-pg/cloudnative-pg/issues/3649
The operator helm chart supports setting ENV via --set config.data and passing a list. You can use this as a file override. See here that mentions it in the values.yaml https://github.com/cloudnative-pg/charts/blob/main/charts/cloudnative-pg/values.yaml#L64 and here that passes in the ENV via a configmap https://github.com/cloudnative-pg/charts/blob/f7e6ddc2b3a1211588d07d723e9e3dfcb4f66485/charts/cloudnative-pg/templates/config.yaml#L29
I made an
override.yamlto pass in with the contentsthen I made two namespaces to match: namespace-a and namespace-b and one to ignore "ignoreme"
Then I deployed the operator using the helm chart https://github.com/cloudnative-pg/charts/tree/main/charts/cloudnative-pg to the default namespace
You can see in the logs that it watches ALL namespaces but the configuration was passed in to the operator.
The configmap has the correct values
I was unable to exec into the pod to verify the ENV values but you can at least see that the values listed in decribe pod do not include WATCH_NAMESPACE
If you check the logs above you can see that it prints "wathcing all namespaces" BEFORE it loads the configurations!!!
It might (for the helm charts process describe) at least be an order of operations thing. The operator should load configurations before deciding which namespace to watch.
I also tried various ways of passing this in as an additonalArg and it does not start or print errors to the log, but it does not appear that "watch-namespace" is any sort of valid commandline arg for the operator. Below is one of MANY ways I tried to pass this list in.
EDIT:
I did fork and update the helm chart to pass the ENV "WATCH_NAMESPACE" and that fixed the log output
It also detected the namespace in the logs but did not deploy the resources. Which is good.
Though the cluster still deployed in the namespace without pods and that is a bit confusing. I guess that will just ahve to be though since that is on the helm user and not the operator since the operator prevented pods from coming up and did its part.
Deploying to "namespace-a" worked as expected once the ENV in the chart was fixed.