I can't load a Helm chart into IBM Cloud Private - kubernetes-helm

I'm trying to load a Helm chart into IBM Cloud Private. When I run the bx pr load-ppa-archive --archive command or the bx pr load-helm-chart --archive command, I get an error that says that it can't load my Helm chart:
FAILED
Post https://mycluster.icp:8443/helm-repo/import: Service Unavailable
How do I make this work?

If you're trying to load the Helm chart from a node in the IBM Cloud Private cluster, this error can be caused by your http_proxy or HTTP_PROXY settings. You can try two things:
1. Install the CLI on a computer that's not in the cluster and upload the chart from there.
2. Add mycluster and mycluster.icp to the NO_PROXY variable on the cluster node and try again.

Related

Creating a Jenkins X Kubernetes cluster with GKE throws exception: secrets "jenkins" not found

When I try to create a Jenkins X Kubernetes cluster with GKE using this command:
jx create cluster gke --skip-login
The following exeption is thrown at the end of installation:
error creating cluster configuring Jenkins: creating Jenkins API token: after 3 attempts, last error: creating Jenkins Auth configuration: secrets "jenkins" not found
During installation I select the default settings and provide my own github settings, including generated personal access token, but I don't think that the github token is the issue in this case (I'm pretty sure all my github settings are correct)
The problem has been solved by using --tekton flag:
jx create cluster gke --skip-login --tekton

Can we run sonobuoy to be k8s conformance on a Rancher cluster

We setup a rancher cluster with 3 nodes for testing and I would like to apply for k8s conformance using this rancher cluster. However, while running sonobuoy it returns error
ERRO[0000] could not create sonobuoy client: failed to get rest config: invalid configuration: no configuration has been provided
It seems like Rancher does not have any kubernates binaries built-in (Kubectl, kubeadm etc). May I know if it is possible to be k8s conformance on a rancher cluster?
You should have kubeernetes cluster kubeconfig localy where you are running sonobuoy.
from Rancher documentation: How to Manage Kubernetes With Kubectl:
RKE:
When you create a Kubernetes cluster with RKE, RKE creates a
kube_config_rancher-cluster.yml file in the local directory that
contains credentials to connect to your new cluster with tools like
kubectl.
You can copy this file to $HOME/.kube/config or, if you are working
with multiple Kubernetes clusters
Rancher-Managed Kubernetes Clusters:
Within Rancher, you can download a kubeconfig file through the web UI
and use it to connect to your Kubernetes environment with kubectl.
From the Rancher UI, click on the cluster you would like to connect to
via kubectl. On the top right-hand side of the page, click the
Kubeconfig File button: Click on the button for a detailed look at
your config file as well as directions to place in ~/.kube/config.
Upon copying your configuration to ~/.kube/config, you will be able to
run kubectl commands without having to specify the –-kube-config file
location:
Check First launch with sonobuoy requests for a configuration - maybe it will be useful for you.
Also, look here - just for you: Conformance tests for Rancher 2.x Kubernetes
Run Conformance Test
Once you Rancher Kubernetes cluster is active, Fetch it's kubeconfig.yml file and save it locally.
Download a sonobuoy binary release of the CLI, or build it yourself by running:
$ go get -u -v github.com/heptio/sonobuoy
Configure your kubeconfig file by running:
$ export KUBECONFIG="/path/to/your/cluster/kubeconfig.yml"
Run sonobuoy:
$ sonobuoy run
Watch the logs:
$ sonobuoy logs
Check the status:
$ sonobuoy status
Once the status commands shows the run as completed, you can download the results tar.gz file:
$ sonobuoy retrieve

Error when installing Spinnaker on Kubernetes on prem cluster

I'm trying to install Spinnaker on a Kubernetes setup onprem.
Following instructions from https://www.spinnaker.io/setup/
Install and run Halyard as Docker on the Kubernetes master.
Run everything as root
mkdir ~/.hal on Kubemaster. Created the service account as instrcuted in the site.
Copied the kubeconfig file from ./kube/config into ~/.hal/kubeconfig as it didnt work with docker -v option, there was some permission issue, so made it work this way
docker run halyard command -- all up and running fine.
Ran Bash and Inside halyard.
Now when I do these two things inside halyard
Point kubectl to the kubeconfig by export KUBECONFIG command
Enable kubernetes provider "hal config provider kubernetes enable"
The command gets executed sometimes successfully or it fails with this warning after timeout error
Getting object contents of versions.yml
Unexpected error comparing versions: com.netflix.spinnaker.halyard.core.error.v1.HalException: Could not load "versions.yml" from config bucket: www.googleapis.com.*
Even if it somehow manages to run successfully. When I run these,
CONTEXT=$(kubectl config current-context)
hal config provider kubernetes account add my-k8s-account --context $CONTEXT
It fails with the same error as above.
Total weird stuff. Its intermittent. Does it have something to do with the kubeconfig file? Any pointers or help would be greatly appreciated.
Thanks.
As noted in comments these kind of errors could result when there lack of network connectivity from inside the container.
As Vikram mentioned in his comment:
Yes, that was the problem. Azure support recommended installing a CNI plugin and it resolved the issue. So, it seems like inside of Azure VM without a Public IP, the CNI plugin is needed for a VM To connect to internet.
To configure CNI plugin on Azure platform use this guide.
Hope it helps.

Updating Grafana configuration file to configure custom SMTP settings

I used HELM to install the Prometheus operator and kube-prometheus into my kubernetes cluster using the following commands:
helm install coreos/prometheus-operator --name prometheus-operator --namespace monitoring --set rbacEnable=false
helm install coreos/kube-prometheus --name kube-prometheus --set global.rbacEnable=false --namespace monitoring
Everything is running fine, however, I want to set up email alerts and in order to do so I must configure the SMTP settings in "custom.ini" file according to the grafana website. I am fairly new to Kuberenetes and using HELM charts, therefore I have no idea which command I would use to access this file or make updates to it? Is it possible to do so without having to redeploy?
Can anyone provide me with a command to update custom values?
You could pass grafana.env value to add SMTP-related settings:
GF_SMTP_ENABLED=true,GF_SMTP_HOST,GF_SMTP_USER and GF_SMTP_PASSWORD
should do the trick. The prometheus-operator chart relies on the upstream stable/grafana chart (although, still using the 1.25 version)

Helm prevent from adding the default chart repo on helm init

I want to use Helm with Gitlab to deploy my services to OpenShift.
I have a Gitlab Runner deployed in OpenShift.
I already have Tiller installed in Openshift under the tiller namespace and am using the docker image docker.greater.com.au/platform/images/dtzar/helm-kubectl:latest
My system is also behind a proxy which I won't be able to get past.
As part of one of my Gitlab CI build steps I have the following:
$ helm init --client-only
Creating /root/.helm
Creating /root/.helm/repository
Creating /root/.helm/repository/cache
Creating /root/.helm/repository/local
Creating /root/.helm/plugins
Creating /root/.helm/starters
Creating /root/.helm/cache/archive
Creating /root/.helm/repository/repositories.yaml
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com
Error: Looks like "https://kubernetes-charts.storage.googleapis.com" is not a valid chart repository or cannot be reached: Get https://kubernetes-charts.storage.googleapis.com/index.yaml: Proxy Authorization Required
My main question is I am wondering if it's possible to disable Helm from trying to add https://kubernetes-charts.storage.googleapis.com as a repostiory as part of helm init?
It might be worth noting that I do not know if helm init --client-only is a required step in using helm with this setup.
I have also tried a simple helm version and the server is responding with a Proxy Authorization Required error.
Client: &version.Version{SemVer:"v2.12.1",
GitCommit:"02a47c7249b1fc6d8fd3b94e6b4babf9d818144e", GitTreeState:"clean"}
Error: Get https://---.---.---.---:---/api/v1/namespaces/tiller/pods?labelSelector=app%3Dhelm%2Cname%3Dtiller: Proxy Authorization Required
I've removed the IP address but it's trying to resolve the Tiller server from the wrong IP address when running this helm version command.
You can define which stable repository you would like to use with option -o --stable-repo-url url.
Example: helm init --client-only --stable-repo-url https://path.to.my.repo
You could found more info here