https://pulumi.com logo
Join Slack
Powered by
I have some helm charts that won't install in EKS ...
# kubernetes
s
I have some helm charts that won't install in EKS no matter what I try.
Copy code
kubernetes:helm.sh/v3:Release (cert-manager):
    error: release cert-manager-ffc7b588 failed, and has been uninstalled due to atomic being set: 2 errors occurred:
    	* the server could not find the requested resource

  kubernetes:helm.sh/v3:Release (elastic-operator):
    error: rendered manifests contain a resource that already exists. Unable to continue with install: CustomResourceDefinition "agents.agent.k8s.elastic.co" in namespace "" exists and cannot be imported into the current release: invalid ownership metadata; annotation validation error: key "meta.helm.sh/release-name" must equal "elastic-operator-e12afb27": current value is "elastic-operator-crd-d1482f89"

  kubernetes:helm.sh/v3:Release (datadog):
    error: another operation (install/upgrade/rollback) is in progress

  kubernetes:helm.sh/v3:Release (elastic-operator-crd):
    error: release elastic-operator-crd-d1482f89 failed, and has been uninstalled due to atomic being set: 1 error occurred:
    	* the server could not find the requested resource

  kubernetes:helm.sh/v3:Release (kafka):
    error: another operation (install/upgrade/rollback) is in progress
of these 1) cert-manager I have no idea what the issue is, 2) elastic operator is fialing due to a prior install attempt being detected but it shouldn't be since I am using rollback and atomic installs, 3) datadog is lying, there is no other release and prior charts and crds were uninstalled completely, 4) kafka I think is also lying.
Copy code
const datadogNamespace = new k8s.core.v1.Namespace(
  'datadog',
  { metadata: { name: 'datadog' } },
  { provider: k8sProvider },
)

export const datadogReleaseCrds = new helm.v3.Release(
  'datadog-crds',
  {
    namespace: datadogNamespace.metadata.name,
    chart: 'datadog-crds',
    repositoryOpts: { repo: '<https://helm.datadoghq.com>' },
    version: '1.2.0',
    atomic: true,
    cleanupOnFail: true,
    disableOpenapiValidation: false,
  },
  { provider: k8sProvider },
)

export const datadogRelease = new helm.v3.Release(
  'datadog',
  {
    namespace: datadogNamespace.metadata.name,
    chart: 'datadog-operator',
    repositoryOpts: { repo: '<https://helm.datadoghq.com>' },
    version: '1.3.0',
    atomic: true,
    cleanupOnFail: true,
    disableOpenapiValidation: false,
  },
  { provider: k8sProvider },
)
I started adding atomic, cleanuponfail, and disableOpenapiValidation after trying to find anything that give me better error messages but I am coming up short even with v3 of debug output.
installing the Cert-Manager CRD before the helm chart is a requirement per https://artifacthub.io/packages/helm/cert-manager/cert-manager
Copy code
// Install Cert-Manager prior to Ingress. Install CRD prior to CM.

const certManagerNamespace = new k8s.core.v1.Namespace(
  'cert-manager',
  { metadata: { name: 'cert-manager' } },
  { provider: k8sProvider },
)

const certManager = new k8s.yaml.ConfigFile('certManager', {
  file: '<https://github.com/cert-manager/cert-manager/releases/download/v1.13.2/cert-manager.crds.yaml>',
})

export const certManagerRelease = new helm.v3.Release(
  'cert-manager',
  {
    namespace: certManagerNamespace.metadata.name,
    chart: 'cert-manager',
    repositoryOpts: { repo: '<https://charts.jetstack.io>' },
    version: '1.13.2',
    atomic: true,
    cleanupOnFail: true,
    disableOpenapiValidation: false,
    values: parseYamlFromFile('charts/cert-manager/cert-manager-op-dev.yml'),
  },
  { provider: k8sProvider, dependsOn: certManager },
)
Copy code
Updating (dev-charts-system)

View in Browser (Ctrl+O): <https://app.pulumi.com/openphone/dev-eks/dev-charts-system/updates/20>

     Type                              Name                       Status                  Info
     pulumi:pulumi:Stack               dev-eks-dev-charts-system  **failed**              1 error
 +   ├─ kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release>  cert-manager               **creating failed**     1 error

Diagnostics:
  pulumi:pulumi:Stack (dev-eks-dev-charts-system):
    error: update failed

  kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release> (cert-manager):
    error: rendered manifests contain a resource that already exists. Unable to continue with install: CustomResourceDefinition "<http://certificaterequests.cert-manager.io|certificaterequests.cert-manager.io>" in namespace "" exists and cannot be imported into the current release: invalid ownership metadata; label validation error: missing key "<http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>": must be set to "Helm"; annotation validation error: missing key "<http://meta.helm.sh/release-name|meta.helm.sh/release-name>": must be set to "cert-manager-c95039d8"; annotation validation error: missing key "<http://meta.helm.sh/release-namespace|meta.helm.sh/release-namespace>": must be set to "cert-manager"
Open in Slack
PreviousNext
Powered by