search

istio-ecosystem / sail-operator

The Sail Operator is able to install and manage the lifecycle of the Istio control plane in an Kubernetes & OpenShift cluster.
Apache License 2.0
37 stars 28 forks source link

[BUG] OperatorHub.io deployment should not default to the "openshift" profile #351

Closed jmazzitelli closed 3 weeks ago

jmazzitelli commented 1 month ago

Is this the right place to submit this?

Bug Description

Install the Sail operator from OperatorHub.io.

Now look at the operator's arguments and look at the default profile:

$ kubectl get deployment -n operators sail-operator -ojsonpath={..containers[1].args} | jq
[
  "--health-probe-bind-address=:8081",
  "--metrics-bind-address=127.0.0.1:8080",
  "--default-profile=openshift"
]

Notice the CSV defines the default-profile as "openshift". Since 99% of the time, users of the OperatorHub.io operator will not be on OpenShift, the default profile should be different.

It should be one of these (default is probably the best choice): https://istio.io/latest/docs/setup/additional-setup/config-profiles/

Operator Version

0.1.0

Link to Gist with Logs

No response

Additional Information

No response

jmazzitelli commented 1 month ago

Side note: adding values.profile to default in the Istio CR results in this error (as shown in the IstioRevision CR):

$ kubectl get istio default -ojsonpath='{.spec.values}' |jq
{
  "global": {
    "platform": ""
  },
  "meshConfig": {
    "defaultConfig": {
      "tracing": {
        "zipkin": {
          "address": "tempo-tempo-distributor.tempo:9411"
        }
      }
    }
  },
  "profile": "default"
}

$ kubectl get istiorevisions.sailoperator.io -ojsonpath='{..status.conditions[0]}'|jq
{
  "lastTransitionTime": "2024-09-20T13:22:24Z",
  "message": "error reconciling resource: failed to install/update Helm chart \"istiod\": failed to update helm chart istiod: execution error at (istiod/templates/zzz_profile.yaml:26:3): unknown profile default",
  "reason": "ReconcileError",
  "status": "False",
  "type": "Reconciled"
}

If I set profile to demo, it works:

$ kubectl get istio default -ojsonpath='{.spec.values}' |jq
{
  "global": {
    "platform": ""
  },
  "meshConfig": {
    "defaultConfig": {
      "tracing": {
        "zipkin": {
          "address": "tempo-tempo-distributor.tempo:9411"
        }
      }
    }
  },
  "profile": "demo"
}

$ kubectl get istiorevisions.sailoperator.io 
NAME              TYPE    READY   STATUS    IN USE   VERSION   AGE
default-v1-23-0   Local   True    Healthy   False    v1.23.0   44m
dgn commented 1 month ago

We should probably add some detection logic that will do the following if it detects you're running OCP: