I'm trying to create a deployment on Kubernetes but getting this error;
http.paths[0].backend.service.port.name: Invalid value: \"<deployment-name>-service\": must be no more than 15 characters"
I don't have any chance to interfere to the port name directly, but deployment name. I have to pass long deployment name, but it's not possible right now. How can I solve this issue?
You can not disable or increase port name length in kubernetes . As #Sascha Doerdelmann mentioned, it's a k8s limitation that port names are 15 characters.
According to RFC 6335.
Valid service names are hereby normatively defined as follows:
MUST be at least 1 character and no more than 15 characters long.
MUST contain only US-ASCII [ANSI.X3.4-1986] letters 'A' - 'Z' and
'a' - 'z', digits '0' - '9', and hyphens ('-', ASCII 0x2D or
decimal 45).
MUST contain at least one letter ('A' - 'Z' or 'a' - 'z').
MUST NOT begin or end with a hyphen.
hyphens MUST NOT be adjacent to other hyphens.
you can truncate the value and set it to the limit that is allowed
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: {{ include "helm-chart.fullname" . | trunc 7 }}-service
helm-fuction-trunc
Related
I have an ansible playbook, which first initializes a fact using set_fact, and then a task that consumes the fact and generates a YAML file from it.
The playbook looks like this
- name: Test yaml output
hosts: localhost
become: true
tasks:
- name: set config
set_fact:
config:
A12345: '00000000000000000000000087895423'
A12352: '00000000000000000000000087565857'
A12353: '00000000000000000000000031200527'
- name : gen yaml file
copy:
dest: "a.yaml"
content: "{{ config | to_nice_yaml }}"
Actual Output
When I run the playbook, the output in a.yaml is
A12345: 00000000000000000000000087895423
A12352: 00000000000000000000000087565857
A12353: '00000000000000000000000031200527'
Notice only the last line has the value in quotes
Expected Output
The expected output is
A12345: '00000000000000000000000087895423'
A12352: '00000000000000000000000087565857'
A12353: '00000000000000000000000031200527'
All values should be quoted.
I cannot, for the life of me, figure out why only the last line has the value printed in single-quotes.
I've tried this with Ansible version 2.7.7, and version 2.11.12, both running against Python 3.7.3. The behavior is the same.
It's because 031200527 is an octal number, whereas 087895423 is not, thus, the octal scalar needs quoting but the other values do not because the leading zeros are interpreted in yaml exactly the same way 00hello would be -- just the ascii 0 followed by other ascii characters
If it really bothers you that much, and having quoted scalars is obligatory for some reason, to_nice_yaml accepts the same kwargs as does pyyaml.dump:
- debug:
msg: '{{ thing | to_nice_yaml(default_style=quote) }}'
vars:
quote: "'"
thing:
A1234: '008123'
A2345: '003123'
which in this case will also quote the keys, but unconditionally quotes the scalars
In my Helm chart, I need to set the following Java Spring parameter name:
company.sms.security.password#id(name):
secret:
name: mypasswd
key: mysecretkey
But when applying the template, I encounter a syntax issue.
oc apply -f template.yml
The Deployment "template" is invalid: spec.template.spec.containers[0].env[79].name: Invalid value: "company.sms.security.password#id(name)": a valid environment variable name must consist of alphabetic characters, digits, '_', '-', or '.', and must not start with a digit (e.g. 'my.env-name', or 'MY_ENV.NAME', or 'MyEnvName1', regex used for validation is '[-._a-zA-Z][-._a-zA-Z0-9]*')
What I would usually do is defining this variable at runtime like this:
JAVA_TOOL_OPTIONS:
-Dcompany.sms.security.password#id(name)=mypass
But since it's storing sensitive data, obviously I cannot log in clear the password.
So far I could only think about defining an Initcontainer as a workaround, changing the parameter name is not an option.
Edit: So the goal is to not log the password neither in the manifest nor in the application logs.
Edited:
Assign the value from your secret to one environment variable, and use it in the JAVA_TOOL_OPTIONS environment variable value. the way to expand the value of a previously defined variable VAR_NAME, is $(VAR_NAME).
For example:
- name: MY_PASSWORD
valueFrom:
secretKeyRef:
name: mypasswd
key: mysecretkey
- name: JAVA_TOOL_OPTIONS
value: "-Dcompany.sms.security.password#id(name)=$(MY_PASSWORD)"
Constrains
There are some conditions for kuberenetes in order to parse the $(VAR_NAME) correctly, otherwise $(VAR_NAME) will be parsed as a regular string:
The variable VAR_NAME should be defined before the one that uses it
The value of VAR_NAME must not be another variable, and must be defined.
If the value of VAR_NAME consists of other variables or is undefined, $(VAR_NAME) will be parsed as a string.
In the example above, if the secret mypasswd in the pod's namespace doesn't have a value for the key mysecretkey, $(MY_PASSWORD) will appear literally as a string and will not be parsed.
References:
Dependent environment variables
Use secret data in environment variables
I have an environment variable like as follows that works with docker-compose.yaml in relation to a springboot container:
- name: pool.config[0].Number
value: "2"
This works completely fine in docker-compose.yaml but not in yaml - it keeps giving error:
a valid environment variable name must consist of alphabetic characters, digits, '_', '-', or'.', and must not start with a digit (e.g. 'my.env-name', or 'MY_ENV.NAME', or 'MyEnvName1', regex used for validation is '[-._a-zA-Z][-._a-zA-Z0-9]*')
In docker-compose it's fine with the square brackets in the key name, but in kubernetes deployment spec it's not permitting. How can I work through this?
see here and here
You should be able to use following binding for your case: POOL_CONFIG_0__Number
I need to pass a private RSA key as ENV var to my deployment file, and I can't do it at the moment.
containers:
env:
- name: MY_PRIVATE_KEY
value: |+
{{ .Values.fpm.dot_env.MY_PRIVATE_KEY}}
I've tried with indent, without indent, using toYaml (there is no error with this but my env var start with |-)...
Any idea?
This is the error I get from that code:
Error: UPGRADE FAILED: YAML parse error on broker-api/templates/deployment.yaml: error converting YAML to JSON: yaml: line 59: could not find expected ':'
If you're trying to embed a multi-line string in a Kubernetes artifact in a Helm chart, the easiest recipe is
Use the YAML | block scalar form to preserve newlines;
Start the Go template {{ ... }} macro at the first column; and
Use the sprig indent function to indent every line of the block, including the first one.
(You frequently will see |- which trims the final newline; for this I can imagine wanting to keep the final newline |+ or just plain |; the difference between these last two is whether extra empty lines at the end are kept or not.)
containers:
env:
- name: MY_PRIVATE_KEY
value: |+
{{ .Values.fpm.dot_env.MY_PRIVATE_KEY | indent 12 }}
(Usually for actual secrets it's considered preferable to store them in Kubernetes Secret objects. Those values are base64 encoded in the Kubernetes API, so when you declare the Secret object in Helm you'd use ... | b64enc instead of this indent recipe.)
Finally I solved my problem b64encoding my key, and b64decoding it from my backend.
Thanks.
Following are some logs from ASA, I need to capture following group for IP address, seq number (3327 in this case) and user name (abcd_user.name).
I have tried following regex but the username is capturing with brackets.
https://regex101.com/r/NbyYyp/1
Feb 10 13:22:55 90.23.222.10 : %ASA-6-302020: Built inbound ICMP connection for faddr 10.34.27.20/0 gaddr 10.23.24.2/33327 laddr 10.23.24.2/33327
Feb 10 13:22:51 90.27.29.8 : %ASA-6-302020: Built inbound ICMP connection for faddr 90.23.40.16/1(LOCAL\abcd_user.name) gaddr 172.20.220.27/0 laddr 172.20.20.7/0 (abcd_user.name)
Feb 10 13:22:55 90.22.22.15 : %ASA-6-302020: Built inbound ICMP connection for faddr 10.34.27.2/0 gaddr 10.34.21.29/33327 laddr 10.34.21.29/33327
Your help is much appreciated.
You may use
302020: Built inbound.*faddr\s+([^\/]*)\/\d+(.*(gaddr\s+([^\/]+))\/(\d+) laddr([^\/]+)\/\d+)(?:\s*\(([^()]*)\))?
See the regex demo
The last (.*) capturing group just captured all text to the end of the line. I replaced it with (?:\s*\(([^()]*)\))?, an optional non-capturing group that matches 1 or 0 occurrences of
\s* - 0+ whitespaces
\( - a ( char
([^()]*) - Capturing group: any 0+ chars other than ( and )
\) - a ) char.