search

onedr0p / cluster-template

A template for deploying a Talos Kubernetes cluster including Flux for GitOps
MIT License
1.85k stars 267 forks source link

Cert manager does not support release v1.27.1 of Kubernetes #714

Closed cyrilghali closed 1 year ago

cyrilghali commented 1 year ago

Hello,

According to actual cert manager documentation. Kubernetes v1.27.1 is not supported.

image

I think this pr should be reverted.

I'm using the latest release of flux-cluster-template (v3.16.0) I got an issue myself because cert-manager won't start. Here is the output I got when doing task cluster:resources


task: [cluster:nodes] kubectl get nodes -o wide
NAME    STATUS   ROLES                       AGE   VERSION        INTERNAL-IP     EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION      CONTAINER-RUNTIME
k8s-1   Ready    control-plane,etcd,master   63m   v1.27.1+k3s1   192.168.1.151   <none>        Ubuntu 22.04.2 LTS   5.15.0-71-generic   containerd://1.6.19-k3s1
k8s-2   Ready    control-plane,etcd,master   62m   v1.27.1+k3s1   192.168.1.152   <none>        Ubuntu 22.04.2 LTS   5.15.0-71-generic   containerd://1.6.19-k3s1
k8s-3   Ready    control-plane,etcd,master   62m   v1.27.1+k3s1   192.168.1.153   <none>        Ubuntu 22.04.2 LTS   5.15.0-71-generic   containerd://1.6.19-k3s1
k8s-4   Ready    <none>                      62m   v1.27.1+k3s1   192.168.1.154   <none>        Ubuntu 22.04.2 LTS   5.15.0-71-generic   containerd://1.6.19-k3s1
task: [cluster:kustomizations] kubectl get kustomizations -A
NAMESPACE     NAME                                      AGE   READY   STATUS
flux-system   cluster                                   58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps                              58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-cert-manager                 58m   False   Health check failed after 3m0.029659391s: timeout waiting for: [HelmRelease/cert-manager/cert-manager status: 'InProgress']
flux-system   cluster-apps-cert-manager-issuers         58m   False   dependency 'flux-system/cluster-apps-cert-manager' is not ready
flux-system   cluster-apps-cloudflare-ddns              58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-echo-server                  58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-external-dns                 58m   False   Health check failed after 3m0.029307932s: timeout waiting for: [HelmRelease/networking/external-dns status: 'InProgress']
flux-system   cluster-apps-flux-webhooks                58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-hajimari                     58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-ingress-nginx                58m   False   dependency 'flux-system/cluster-apps-ingress-nginx-certificates' is not ready
flux-system   cluster-apps-ingress-nginx-certificates   58m   False   dependency 'flux-system/cluster-apps-cert-manager-issuers' is not ready
flux-system   cluster-apps-k8s-gateway                  58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-kube-vip                     58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-kubernetes-dashboard         58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-local-path-provisioner       58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-metallb                      58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-metallb-config               58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-metrics-server               58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-reloader                     58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   cluster-apps-weave-gitops                 58m   True    Applied revision: main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403
flux-system   flux                                      58m   True    Applied revision: v2.0.0-rc.1@sha256:c3c253bcbb928c64c519d26e39bbc57074eae7f6309bb901269bf1b3edc6574c
task: [cluster:helmreleases] kubectl get helmreleases -A
NAMESPACE      NAME                     AGE   READY   STATUS
cert-manager   cert-manager             58m   False   HelmChart 'flux-system/cert-manager-cert-manager' is not ready
default        echo-server              58m   True    Release reconciliation succeeded
default        hajimari                 57m   True    Release reconciliation succeeded
flux-system    weave-gitops             57m   True    Release reconciliation succeeded
kube-system    local-path-provisioner   57m   True    Release reconciliation succeeded
kube-system    metrics-server           57m   True    Release reconciliation succeeded
kube-system    reloader                 57m   True    Release reconciliation succeeded
monitoring     kubernetes-dashboard     57m   True    Release reconciliation succeeded
networking     cloudflare-ddns          58m   True    Release reconciliation succeeded
networking     external-dns             57m   False   HelmChart 'flux-system/networking-external-dns' is not ready
networking     k8s-gateway              56m   True    Release reconciliation succeeded
networking     metallb                  57m   True    Release reconciliation succeeded
task: [cluster:helmrepositories] kubectl get helmrepositories -A
NAMESPACE     NAME                   URL                                                AGE   READY   STATUS
flux-system   bitnami                https://charts.bitnami.com/bitnami                 58m   True    stored artifact: revision 'sha256:e09f8dfecb68411845ad6d79ef3243ae7edf930798531dd8004dad0895f04cf6'
flux-system   bjw-s                  https://bjw-s.github.io/helm-charts/               58m   True    stored artifact: revision 'sha256:630c2243ba75e98bab40b5e77df59e2e999f68b640e37a9e19e6688c1f3160d2'
flux-system   external-dns           https://kubernetes-sigs.github.io/external-dns     58m   True    stored artifact: revision 'sha256:1306bc29b2de1a874db51e3efdb1358ccd147835b9422201d2565e27f5a440d3'
flux-system   hajimari               https://hajimari.io                                58m   True    stored artifact: revision 'sha256:ba9498af5dcb01ce1ccfe5df0238497529fa84ea1ed9c53b4bdb9bb0d9db40fd'
flux-system   ingress-nginx          https://kubernetes.github.io/ingress-nginx         58m   True    stored artifact: revision 'sha256:2aae73323475f862170065e9fbd2a10925964bb9aed2aa78f6bc12569f2953dd'
flux-system   jetstack               https://charts.jetstack.io/                        58m   True    stored artifact: revision 'sha256:bbe9d3cccc2d30ee4f58ce8f7909ec648b9806e0fbd433615023761c74a96f6f'
flux-system   k8s-gateway            https://ori-edge.github.io/k8s_gateway/            58m   True    stored artifact: revision 'sha256:ce12759887329ca7c9d18e639187f2691849780900bd49c8d650dd12a5fb136b'
flux-system   kubernetes-dashboard   https://kubernetes.github.io/dashboard/            58m   True    stored artifact: revision 'sha256:de9f7e68ccfd6f98beb13808b4ea4586312ba9e71f8f6f3257d3fa2e2c14308d'
flux-system   metallb                https://metallb.github.io/metallb                  58m   True    stored artifact: revision 'sha256:434ae373a76e9a9a2804677f9e3e0f36f41043ad71756721ee9af945c810e906'
flux-system   metrics-server         https://kubernetes-sigs.github.io/metrics-server   58m   True    stored artifact: revision 'sha256:e9f523294955f69fa52b26770770ce9772d0e6c211d282233c87b02476787e6c'
flux-system   stakater               https://stakater.github.io/stakater-charts         58m   True    stored artifact: revision 'sha256:2b2629ed1a838efee2ac48ccdb761304ea0bf622fe060fd62e4c1b4b671a8717'
flux-system   weave-gitops           https://helm.gitops.weave.works                    58m   True    stored artifact: revision 'sha256:b3bd87b87b54bde315cc0205a517d8a6400a4e30071044784e5a11db29c33557'
task: [cluster:gitrepositories] kubectl get gitrepositories -A
NAMESPACE     NAME                     URL                                                 AGE   READY   STATUS
flux-system   home-kubernetes          https://github.com/cyrilghali/home-ops              58m   True    stored artifact for revision 'main@sha1:95ccb4ffd63ec71ea2922dac0a7fa26c7a060403'
flux-system   local-path-provisioner   https://github.com/rancher/local-path-provisioner   58m   True    stored artifact for revision 'v0.0.24@sha1:97e0501428f0a5bcac49ecd0bfdb051797c4a6c5'
task: [cluster:certificates] kubectl get certificates -A
error: the server doesn't have a resource type "certificates"
task: Failed to run task "cluster:resources": task: Failed to run task "cluster:certificates": exit status 1
task: Failed to run task "cluster:resources": task: Failed to run task "cluster:certificates": exit status 1```
onedr0p commented 1 year ago

Interestingly I upgraded from 1.26.4 to 1.27.1 without an issue. I'm curious about any more information you can find or provide. Maybe only fresh installs are affected :/

cyrilghali commented 1 year ago

Indeed, it's my first time using this template, and my machines are fresh install of Ubuntu 22.04. I think I'm gonna test the previous release of this template and I'll let you know !

Here is more info, if you want something specific I'll be happy to look for it! Running kubectl -n cert-manager describe hr cert-manager gave me the following events

Events:
  Type     Reason             Age    From                  Message
  ----     ------             ----   ----                  -------
  Warning  HealthCheckFailed  60m    kustomize-controller  Health check failed after 3m0.02700668s: timeout waiting for: [HelmRelease/cert-manager/cert-manager status: 'InProgress']
  Warning  HealthCheckFailed  56m    kustomize-controller  Health check failed after 3m0.028837988s: timeout waiting for: [HelmRelease/cert-manager/cert-manager status: 'InProgress']
  Warning  HealthCheckFailed  52m    kustomize-controller  Health check failed after 3m0.028696185s: 
....
  Warning  Progressing        29m    kustomize-controller  failed to update status, error: context canceled
....
  Warning  HealthCheckFailed  10m    kustomize-controller  Health check failed after 3m0.029659391s: timeout waiting for: [HelmRelease/cert-manager/cert-manager status: 'InProgress']
  Warning  HealthCheckFailed  6m25s  kustomize-controller  Health check failed after 3m0.026903284s: timeout waiting for: [HelmRelease/cert-manager/cert-manager status: 'InProgress']
  Warning  HealthCheckFailed  2m24s  kustomize-controller  Health check failed after 3m0.028983581s: timeout waiting for: [HelmRelease/cert-manager/cert-manager status: 'InProgress']

and kubectl -n flux-system describe hr cert-manager give me the following event

Events:
  Type    Reason  Age   From             Message
  ----    ------  ----  ----             -------
  Normal  info    36m   helm-controller  HelmChart 'flux-system/cert-manager-cert-manager' is not ready

But I don't see any ressource / helm chart called 'flux-system/cert-manager-cert-manager'

Also I did get an error on my github actions, I don't know if I should have configured something / acces for flux? It might be unrelated to this issue.

image

As I said, I'm gonna test the previous release and I'll let you know ! It's time to task ansible:nuke my cluster ;))

onedr0p commented 1 year ago

Do the cert-manager pods appear? If so are there anything in the pod logs? If the previous version doesn't work then it might be a configuration issue.

cyrilghali commented 1 year ago

No they didn't But I did revert kubernetes to v1.26.3, and here is my output. Everything seems okay as for now


task: [cluster:nodes] kubectl get nodes -o wide
NAME    STATUS   ROLES                       AGE   VERSION        INTERNAL-IP     EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION      CONTAINER-RUNTIME
k8s-1   Ready    control-plane,etcd,master   25m   v1.26.3+k3s1   192.168.1.151   <none>        Ubuntu 22.04.2 LTS   5.15.0-71-generic   containerd://1.6.19-k3s1
k8s-2   Ready    control-plane,etcd,master   24m   v1.26.3+k3s1   192.168.1.152   <none>        Ubuntu 22.04.2 LTS   5.15.0-71-generic   containerd://1.6.19-k3s1
k8s-3   Ready    control-plane,etcd,master   23m   v1.26.3+k3s1   192.168.1.153   <none>        Ubuntu 22.04.2 LTS   5.15.0-71-generic   containerd://1.6.19-k3s1
k8s-4   Ready    <none>                      23m   v1.26.3+k3s1   192.168.1.154   <none>        Ubuntu 22.04.2 LTS   5.15.0-71-generic   containerd://1.6.19-k3s1
task: [cluster:kustomizations] kubectl get kustomizations -A
NAMESPACE     NAME                                      AGE   READY   STATUS
flux-system   cluster                                   21m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps                              20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-cert-manager                 20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-cert-manager-issuers         20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-cloudflare-ddns              20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-echo-server                  20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-external-dns                 20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-flux-webhooks                20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-hajimari                     20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-ingress-nginx                20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-ingress-nginx-certificates   20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-k8s-gateway                  20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-kube-vip                     20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-kubernetes-dashboard         20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-local-path-provisioner       20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-metallb                      20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-metallb-config               20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-metrics-server               20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-reloader                     20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   cluster-apps-weave-gitops                 20m   True    Applied revision: main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5
flux-system   flux                                      21m   True    Applied revision: v2.0.0-rc.1@sha256:c3c253bcbb928c64c519d26e39bbc57074eae7f6309bb901269bf1b3edc6574c
task: [cluster:helmreleases] kubectl get helmreleases -A
NAMESPACE      NAME                     AGE   READY   STATUS
cert-manager   cert-manager             20m   True    Release reconciliation succeeded
default        echo-server              20m   True    Release reconciliation succeeded
default        hajimari                 20m   True    Release reconciliation succeeded
flux-system    weave-gitops             20m   True    Release reconciliation succeeded
kube-system    local-path-provisioner   20m   True    Release reconciliation succeeded
kube-system    metrics-server           20m   True    Release reconciliation succeeded
kube-system    reloader                 20m   True    Release reconciliation succeeded
monitoring     kubernetes-dashboard     20m   True    Release reconciliation succeeded
networking     cloudflare-ddns          20m   True    Release reconciliation succeeded
networking     external-dns             20m   True    Release reconciliation succeeded
networking     ingress-nginx            12m   True    Release reconciliation succeeded
networking     k8s-gateway              19m   True    Release reconciliation succeeded
networking     metallb                  20m   True    Release reconciliation succeeded
task: [cluster:helmrepositories] kubectl get helmrepositories -A
NAMESPACE     NAME                   URL                                                AGE   READY   STATUS
flux-system   bitnami                https://charts.bitnami.com/bitnami                 20m   True    stored artifact: revision 'sha256:908547b56b26466f9f8a03f409348ccc258d7d7f9c2751fa48af7745eeed0c41'
flux-system   bjw-s                  https://bjw-s.github.io/helm-charts/               20m   True    stored artifact: revision 'sha256:630c2243ba75e98bab40b5e77df59e2e999f68b640e37a9e19e6688c1f3160d2'
flux-system   external-dns           https://kubernetes-sigs.github.io/external-dns     20m   True    stored artifact: revision 'sha256:1306bc29b2de1a874db51e3efdb1358ccd147835b9422201d2565e27f5a440d3'
flux-system   hajimari               https://hajimari.io                                20m   True    stored artifact: revision 'sha256:ba9498af5dcb01ce1ccfe5df0238497529fa84ea1ed9c53b4bdb9bb0d9db40fd'
flux-system   ingress-nginx          https://kubernetes.github.io/ingress-nginx         20m   True    stored artifact: revision 'sha256:2aae73323475f862170065e9fbd2a10925964bb9aed2aa78f6bc12569f2953dd'
flux-system   jetstack               https://charts.jetstack.io/                        20m   True    stored artifact: revision 'sha256:bbe9d3cccc2d30ee4f58ce8f7909ec648b9806e0fbd433615023761c74a96f6f'
flux-system   k8s-gateway            https://ori-edge.github.io/k8s_gateway/            20m   True    stored artifact: revision 'sha256:ce12759887329ca7c9d18e639187f2691849780900bd49c8d650dd12a5fb136b'
flux-system   kubernetes-dashboard   https://kubernetes.github.io/dashboard/            20m   True    stored artifact: revision 'sha256:de9f7e68ccfd6f98beb13808b4ea4586312ba9e71f8f6f3257d3fa2e2c14308d'
flux-system   metallb                https://metallb.github.io/metallb                  20m   True    stored artifact: revision 'sha256:434ae373a76e9a9a2804677f9e3e0f36f41043ad71756721ee9af945c810e906'
flux-system   metrics-server         https://kubernetes-sigs.github.io/metrics-server   20m   True    stored artifact: revision 'sha256:e9f523294955f69fa52b26770770ce9772d0e6c211d282233c87b02476787e6c'
flux-system   stakater               https://stakater.github.io/stakater-charts         20m   True    stored artifact: revision 'sha256:2b2629ed1a838efee2ac48ccdb761304ea0bf622fe060fd62e4c1b4b671a8717'
flux-system   weave-gitops           https://helm.gitops.weave.works                    20m   True    stored artifact: revision 'sha256:b3bd87b87b54bde315cc0205a517d8a6400a4e30071044784e5a11db29c33557'
task: [cluster:gitrepositories] kubectl get gitrepositories -A
NAMESPACE     NAME                     URL                                                 AGE   READY   STATUS
flux-system   home-kubernetes          https://github.com/cyrilghali/home-ops              21m   True    stored artifact for revision 'main@sha1:24fed9299b6b6f21ad640ad2ec3c52da978545f5'
flux-system   local-path-provisioner   https://github.com/rancher/local-path-provisioner   20m   True    stored artifact for revision 'v0.0.24@sha1:97e0501428f0a5bcac49ecd0bfdb051797c4a6c5'
task: [cluster:certificates] kubectl get certificates -A
NAMESPACE    NAME                       READY   SECRET                         AGE
monitoring   kubernetes-dashboard-tls   True    kubernetes-dashboard-tls       20m
networking   cyrilghali-fr-production   True    cyrilghali-fr-production-tls   20m
networking   cyrilghali-fr-staging      True    cyrilghali-fr-staging-tls      20m
task: [cluster:certificates] kubectl get certificaterequests -A
NAMESPACE    NAME                             APPROVED   DENIED   READY   ISSUER                   REQUESTOR                                         AGE
monitoring   kubernetes-dashboard-tls-7c2k4   True                True    letsencrypt-staging      system:serviceaccount:cert-manager:cert-manager   20m
networking   cyrilghali-fr-production-cmfvz   True                True    letsencrypt-production   system:serviceaccount:cert-manager:cert-manager   20m
networking   cyrilghali-fr-staging-h2ldd      True                True    letsencrypt-staging      system:serviceaccount:cert-manager:cert-manager   20m
task: [cluster:ingresses] kubectl get ingress -A
NAMESPACE     NAME                   CLASS   HOSTS                        ADDRESS         PORTS     AGE
default       echo-server            nginx   echo-server.cyrilghali.fr    192.168.1.221   80, 443   20m
default       hajimari               nginx   hajimari.cyrilghali.fr       192.168.1.221   80, 443   20m
flux-system   flux-webhook           nginx   flux-webhook.cyrilghali.fr   192.168.1.221   80, 443   20m
flux-system   weave-gitops           nginx   gitops.cyrilghali.fr         192.168.1.221   80, 443   20m
monitoring    kubernetes-dashboard   nginx   kubernetes.cyrilghali.fr     192.168.1.221   80, 443   20m
task: [cluster:pods] kubectl get pods -A
NAMESPACE         NAME                                            READY   STATUS      RESTARTS      AGE
calico-system     calico-kube-controllers-5d46b6b8b4-tjf2b        1/1     Running     0             24m
calico-system     calico-node-c79vh                               1/1     Running     0             24m
calico-system     calico-node-grp2v                               1/1     Running     0             23m
calico-system     calico-node-kxbpt                               1/1     Running     0             23m
calico-system     calico-node-mcwkf                               1/1     Running     0             24m
calico-system     calico-typha-7f84c86c6f-97xbp                   1/1     Running     0             23m
calico-system     calico-typha-7f84c86c6f-mjcch                   1/1     Running     0             24m
calico-system     csi-node-driver-848bg                           2/2     Running     0             23m
calico-system     csi-node-driver-9x44k                           2/2     Running     0             24m
calico-system     csi-node-driver-bl449                           2/2     Running     0             23m
calico-system     csi-node-driver-dd8wh                           2/2     Running     0             23m
cert-manager      cert-manager-5cbf6f44b7-wwhxk                   1/1     Running     0             20m
cert-manager      cert-manager-cainjector-9b44ddb68-vb659         1/1     Running     0             20m
cert-manager      cert-manager-webhook-776b65456-p75kk            1/1     Running     0             20m
default           echo-server-8894c78b5-fxgwh                     1/1     Running     0             20m
default           hajimari-cbcf6d556-8z4c8                        1/1     Running     0             20m
flux-system       helm-controller-6458d88d7-cbc8q                 1/1     Running     0             20m
flux-system       image-automation-controller-6bbc947558-8l5kp    1/1     Running     0             20m
flux-system       image-reflector-controller-7c49fdc68f-qkmft     1/1     Running     0             20m
flux-system       kustomize-controller-8485d6c6b8-mtjkx           1/1     Running     0             20m
flux-system       notification-controller-7bb6d7684d-5wh4b        1/1     Running     0             20m
flux-system       source-controller-789cbd8576-pzvdt              1/1     Running     0             20m
flux-system       weave-gitops-697dd4c8d9-vd8mc                   1/1     Running     0             20m
kube-system       coredns-7c444649cb-b5d62                        1/1     Running     0             24m
kube-system       kube-vip-7kg44                                  1/1     Running     0             24m
kube-system       kube-vip-lnfk2                                  1/1     Running     0             23m
kube-system       kube-vip-sqhnd                                  1/1     Running     1 (24m ago)   24m
kube-system       local-path-provisioner-6d78bf5cd6-9thft         1/1     Running     0             20m
kube-system       metrics-server-58f5cbcf79-w8vjq                 1/1     Running     0             20m
kube-system       reloader-66c4f967f7-h24mk                       1/1     Running     0             20m
monitoring        kubernetes-dashboard-79f4b4446d-tcq4f           2/2     Running     0             20m
networking        cloudflare-ddns-28049760-k99f6                  0/1     Completed   0             7m37s
networking        external-dns-7dbc89ccc6-45skn                   1/1     Running     0             20m
networking        ingress-nginx-controller-7b58444695-975kx       1/1     Running     0             11m
networking        ingress-nginx-defaultbackend-6c5d77b5cd-6sz4h   1/1     Running     0             11m
networking        k8s-gateway-66696d56c9-qz6gf                    1/1     Running     0             19m
networking        metallb-controller-777d84cdd5-762nw             1/1     Running     1 (19m ago)   20m
networking        metallb-speaker-78tz8                           1/1     Running     0             20m
networking        metallb-speaker-7hxb8                           1/1     Running     0             20m
networking        metallb-speaker-blp6f                           1/1     Running     0             20m
networking        metallb-speaker-xpf4r                           1/1     Running     0             20m
tigera-operator   tigera-operator-54b47459dd-tphtv                1/1     Running     1 (24m ago)   24m```
onedr0p commented 1 year ago

Well that's a bummer... I'll have to revert that PR then :(

Thanks for reporting, I'll keep this issue open to track it.

onedr0p commented 1 year ago

cert-manager pushed a new version which hopefully fixes this.

I've merged both PRs and we will see if anything pops up.

adampetrovic commented 1 year ago

Hi, new user here.

I'm running v1.27.2 on Ubuntu 22.04.4 LTS with the latest HEAD of this template.

After setting up the cluster, when I run task cluster:resources I get the same error as @cyrilghali 

error: the server doesn't have a resource type "certificates"
task: Failed to run task "cluster:resources": task: Failed to run task "cluster:certificates": exit status 1

Additionally:

➜ kubectl -n cert-manager describe hr cert-manager
Error from server (NotFound): namespaces "cert-manager" not found

Is the recommendation to downgrade to v1.26? I assumed this was fixed because the PR was merged

onedr0p commented 1 year ago

The Flux HR for cert manager would still show up in your cluster even if the version didn't work on 1.27.x

I suspect there's more going on here besides the cert manager version because I've witnessed other people bootstrapping this just fine on the recent changes. Maybe try to walk thru the steps one more time to see if there's something you might have missed?

adampetrovic commented 1 year ago

Thanks, the issue was that my repo was private. Making it public allowed everything to install properly.