search

vsphere-tmm / helm-charts

A repository of unofficial helm charts for vSphere components
https://vsphere-tmm.github.io/helm-charts/
21 stars 26 forks source link

vcenter config.vcenter is badly used by vsphere-csi #68

Open cdtzabra opened 8 months ago

cdtzabra commented 8 months ago

https://github.com/vsphere-tmm/helm-charts/blob/a210880c67c1738d96daf73c0926671885a994d5/charts/vsphere-csi/templates/secret.yaml#L24

When we set following helm values

global:
  config:
      vcenter:
        ovh:
            server: pcc-xxx-ovh.com
            user: myuser
            password: mypassword
            datacenters:
              - mydatacenter

the pod will try to connect to https://ovh instead of https://pcc-xxx-ovh.com

While this set up e works fine for vshpere-cpi.

As workaroud I renamed ovh as pcc-xxx-ovh.com to like

global:
  config:
      vcenter:
        pcc-xxx-ovh.com:
            server: pcc-xxx-ovh.com
            user: myuser
            password: mypassword
            datacenters:
              - mydatacenter

The big disadvantage of this is that I can no longer use the set of the helm_release provider, otherwise pcc-xxx-ovh.com is split into several subkeys because of the . As a result, I use a values file and this has another big drawback: I can no longer use the set_sentive for the username/password.

resource "helm_release" "vsphere-csi" {
  name             = "csi"

  # https://github.com/vsphere-tmm/helm-charts/tree/master/charts/vsphere-csi
  # https://artifacthub.io/packages/helm/vsphere-tmm/vsphere-csi
  repository       = var.vsphere_chart_repo
  chart            = var.vsphere_csi_chart_name
  version          = var.vsphere_csi_chart_version 
  namespace        = var.vsphere_csi_namespace
  create_namespace = true
  values = [
    templatefile(("${path.module}/files/vsphere-csi-values.yaml.tpl"),
      {
        vcenter_server      = var.vsphere_server
        vcenter_user        = var.vsphere_user
        vcenter_password    = var.vsphere_password
        vcenter_datacenters = yamlencode(var.vsphere_csi_datacenters)
      })
  ]

  depends_on       = [
    helm_release.vsphere-cpi
  ]
}

As i said above, it works fine with vsphere-cpi, to i can use set and set_sensitive

resource "helm_release" "vsphere-cpi" {
  name             = "cpi"

  # https://github.com/vsphere-tmm/helm-charts/tree/master/charts/vsphere-cpi
  # https://artifacthub.io/packages/helm/vsphere-tmm/vsphere-cpi
  repository       = var.vsphere_chart_repo
  chart            = var.vsphere_cpi_chart_name
  version          = var.vsphere_cpi_chart_version 
  namespace        = var.vsphere_cpi_namespace
  create_namespace = true

  set {
    name  = "global.config.vcenter.ovh.server"
    value = var.vsphere_server
  }

  set_sensitive {
    name  = "global.config.vcenter.ovh.user"
    value = var.vsphere_user
  }

  set_sensitive {
    name  = "global.config.vcenter.ovh.password"
    value = var.vsphere_password
  }

}

tf version: 1.6.0 vsphere-csi chart: 3.2.3

MaxRink commented 7 months ago

hmm, im not sure if that isnt just a quirk of vsphere csi in general :S