Pixie self hosted - Air gap - Missing secret

[shamoi-te]

Describe the bug https://docs.px.dev/installing-pixie/install-guides/airgap-pixie/

1. curl https://storage.googleapis.com/pixie-dev-public/cloud/latest/pixie_cloud.tar.gz | tar xj
2. There are secrets.yaml and vizier_metadata_persist_prod.yaml.

3. Deployment- name: vizier-cloud-connector

   • env:
     • name: PL_JWT_SIGNING_KEY valueFrom: secretKeyRef: key: jwt-signing-key name: pl-cluster-secrets

but jwt-signing-key doesn't exist in secrets.yaml

Expected behavior All the manifests should be self contained. or update the doc

[ddelnano]

@shamoi-te the jwt signing key is created as part of step 6 (source). The rest of the deploy process should template the yamls with the jwt key created from that script.

Did you follow the steps and run into an error or just visually inspect the yamls? Please provide all commands and logs.

[shamoi-te]

Thanks. I have it but it's not pl-cluster-secrets but cloud-auth-secrets. I ran into an error which the POD couldn't be initiated because the missing secret.

[ddelnano]

@shamoi-te the vizier-cloud-connector deployment is a component of Pixie's vizier, not Pixie cloud. The air gapped instructions explain the deployment of the latter component.

Please provide all of the commands you ran and the logs of each step.

[shamoi-te]

@ddelnano The issue is simple (which relevant to Pixie's vizier in the air gap installation)

vizier-cloud-connector , looks for secret:

valueFrom: secretKeyRef: key: jwt-signing-key name: pl-cluster-secrets

I don't see where you configure it . I see jwt-signing-key only in the cloud side . not the Vizier.