<@UHC2MBSCE> I suspect that's a problem with the u...
# general
@adamant-intern-63433 I suspect that's a problem with the underlying chart. Can you show us the snippet of code where
is referenced in the chart?
Thanks @orange-policeman-59119 I was actually trying and comparing the charts just now. This happens with istio chart which comes from
and the config belongs to certmanager (`https://github.com/jetstack/cert-manager/blob/release-0.7/deploy/charts/cert-manager/templates/deployment.yaml#L119`). I was trying to compare the one that istio has and the original one and it seems OK individually. There could be a clash with another part of the result yaml. My full istio chart values are something like this
Copy code
const istioChartValues = {
            prometheus: { enabled: true },
            grafana: { enabled: true },
            tracing: { enabled: true },
            certmanager: {
                enabled: true,
                email: "<mailto:xt@x.com|xt@x.com>",
                podDnsPolicy: "None",
                podDnsConfig: {
                    nameservers: ["", ""]

            gateways: {
                    serviceAnnotations: { "<http://service.beta.kubernetes.io/azure-load-balancer-internal|service.beta.kubernetes.io/azure-load-balancer-internal>": true }, //<https://docs.microsoft.com/en-us/azure/aks/internal-lb#create-an-internal-load-balancer>
According to the documents, setting the
of cert-manager looks like
Copy code
helm install --name cert-manager \
    --namespace cert-manager \
    --set "podDnsPolicy"="None" \
    --set "podDnsConfig.nameservers[1]"="" \
    --set "podDnsConfig.nameservers[2]"="" \
which matches with my config, I believe
No, that's different, in a weird way
Unless it uses 1 based indexing?
uh, oh
How can I make it match in TS?
That's a good question. I think the docs are wrong here and I wonder if the chart is broken
Helm uses 0 based indexing with array
, I just checked my own configs
Here's a question for you, why are you trying to set nameservers?
There is an internal / private domain clashing on Let's Encrypt challenge
I'll try to set and escape the values. Thanks much
Yeah, worse comes to worse you can just edit the chart directly. Helm get it, commit the chart to your repo, and use the chart with a relative path and manually set the template how you want.
I was avoiding that but could be the last resort. Thanks for helping me finding a new angle.
I confirm that certmanager chart of istio has problem on this issue. This is what it produces
Copy code
dnsPolicy: None