cedricmckinnie
commented
1 year ago @raffaelespazzoli Does this one seem like a good addition?
Closed cedricmckinnie closed 1 year ago
cedricmckinnie
commented
1 year ago @raffaelespazzoli Does this one seem like a good addition?
raffaelespazzoli
commented
1 year ago I am not familiar with apparmor. That said disabling security by default does not seem like a good idea to me. Why don't you add a chart variable to disable arm and then put those two annotation under a conditional.
cedricmckinnie
commented
1 year ago That's fair. I'll add an extra value to the CRD so it works even without helm.
cedricmckinnie
commented
1 year ago Added an extra property and tested. Ready for re-review.
raffaelespazzoli
commented
1 year ago Instead of modeling this feature this was, can you add a generic annotations field. Those annotations will be applied verbatim to the keepalived pod?
cedricmckinnie
commented
1 year ago @raffaelespazzoli smart. Ready for re-review.
cedricmckinnie
commented
1 year ago Ready for re-review
cedricmckinnie
commented
1 year ago @raffaelespazzoli just checking in. Look good to you?
raffaelespazzoli
commented
1 year ago this is till going to fail there are no annotations. the empty annotations: will make it fail. it should look like what helm generates by default:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}That worked actually. Please review. Thanks!
raffaelespazzoli
commented
1 year ago @cedricmckinnie please let me know if you need me to cut a new release
cedricmckinnie
commented
1 year ago @raffaelespazzoli Please do. Thanks!
raffaelespazzoli
commented
1 year ago v1.5.1 is on its way
cedricmckinnie
commented
1 year ago @raffaelespazzoli https://github.com/redhat-cop/keepalived-operator/issues/103
I ran into "permission denied" errors within some of the daemon pod containers even when running them as root. I found that disabling AppArmor on the config-reloader and keepalived containers resolved the issue. What do you think?