Chart v0.32.+ : invalid config key "TransparentProxy" for proxy-defaults.yaml

[nikfot]

When filing a bug, please include the following headings if possible. Any example text in this template can be deleted.

Overview of the Issue

I following this guide to create a federation between two kubernetes clusters. One of the issues I came up across, was that the proxydefaults object would not get synced. If this is not a bug, but a configuration change, please update the corresponding guides.

Reproduction Steps

Steps to reproduce this issue, eg:

1. When running helm install with the following values.yml:

   
   global:
   datacenter: PERF
   imageEnvoy: "envoyproxy/envoy-alpine:v1.18.3"
   federation:
    enabled: true
    createFederationSecret: true
   image: "consul:1.9.6"
   gossipEncryption:
   secretName: "consul-gossip-encryption-key"
   secretKey: "key"
   acls:
   manageSystemACLs: false
   createReplicationToken: false
   tls:
   enabled: true
   verify: true
   httpsOnly: true
   enableAutoEncrypt: true
   serverAdditionalDNSSANs: ["consul.test"]
   serverAdditionalIPSANs: ["10.xxx.xxx.xxx"]
   ui:
   enabled: true
   service:
   type: 'ClusterIP'
   ingress:
   hosts:
     - consul.test
   annotations: |
    "some-annotations":"test"

meshGateway: enabled: true service: type: ClusterIP

connectInject: enabled: true

controller: enabled: true

client: enabled: true grpc: true updateStrategy: | type: OnDelete

dns: enabled: true

syncCatalog: enabled: true resources: requests: memory: "256Mi" cpu: "50m" limits: memory: "256Mi" cpu: "50m"

server: updatePartition: 3 replicas: 3 bootstrapExpect: 3 disruptionBudget: enabled: true maxUnavailable: 0 storageClass: somestorageclass resources: requests: memory: "256Mi" cpu: "100m" limits: memory: "256Mi" cpu: "100m"

service: name: perf-consul type: ClusterIP externalPort: 443 internalPort: 8501

Then I applied the proxydefaults.yaml:

apiVersion: consul.hashicorp.com/v1alpha1 kind: ProxyDefaults metadata: name: global spec: meshGateway: mode: local

### Logs
ProxyDefaults object description:

kubectl get proxydefaults -o json
{ "apiVersion": "v1", "items": [ { "apiVersion": "consul.hashicorp.com/v1alpha1", "kind": "ProxyDefaults", "metadata": { "annotations": { "kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"consul.hashicorp.com/v1alpha1\",\"kind\":\"ProxyDefaults\",\"metadata\":{\"annotations\":{},\"name\":\"global\",\"namespace\":\"service-discovery\"},\"spec\":{\"meshGateway\":{\"mode\":\"local\"}}}\n" }, "creationTimestamp": "2021-07-02T10:52:00Z", "finalizers": [ "finalizers.consul.hashicorp.com" ], "generation": 2, "name": "global", "namespace": "service-discovery", "resourceVersion": "86678649", "selfLink": "/apis/consul.hashicorp.com/v1alpha1/namespaces/service-discovery/proxydefaults/global", "uid": "024e8284-6f4c-4f4b-b53f-9586c2423000" }, "spec": { "expose": {}, "meshGateway": { "mode": "local" } }, "status": { "conditions": [ { "lastTransitionTime": "2021-07-02T10:53:51Z", "message": "writing config entry to consul: Unexpected response code: 400 (Bad request: Request decoding failed: 1 error occurred:\n\t* invalid config key \"TransparentProxy\"\n\n)", "reason": "ConsulAgentError", "status": "False", "type": "Synced" } ] } } ], "kind": "List", "metadata": { "resourceVersion": "", "selfLink": "" } }

### Workaround
I tried both chart versions 0.32.0+ and could not make it work. It worked using version 0.31.0.

[thisisnotashwin]

Hey @nikfot !! The required version for the latest proxy default is consul 1.10. Looks like there is a bug where the latest helm chart has a version of ProxyDefaults that isnt backwards compatible. Additionally, I dont think the version of envoy specified in the chart is supported. Here is our compatibility matrix for the supported versions.

[lemonit-eric-mao]

@thisisnotashwin Hello, the test I did in consumer version 1.10 created a federation between two kubernetes clusters, which also failed to connect. This is my test document https://github.com/hashicorp/consul-helm/issues/1027