famous-bear-66383
06/19/2020, 11:58 AMcert-manager
chart deployment keeps failing ?
A bit of context.
I install cert-manager
using his helm chart like the following.
const certmanager = new k8s.helm.v2.Chart("cert-manager", {
repo: "jetstack",
chart: "cert-manager",
version: "v0.10.0",
namespace: "cert-manager",
values: {
ingressShim: {
enabled: true,
extraArgs: [
"--default-issuer-name=letsencrypt-dev",
"--default-issuer-kind=ClusterIssuer",
"--dns01-recursive-nameservers-only=true"
]
}
}
},{dependsOn:[certmanagerSecret]);
The first pulumi up
was successful, but as soon as I change other resources on the file not related to certmanager it always throws those errors
error: resource cert-manager-controller-certificates was not successfully created by the Kubernetes API server : <http://clusterroles.rbac.authorization.k8s.io|clusterroles.rbac.authorization.k8s.io> "cert-manager-controller-certificates" already exists
13:55:21.102[cert-manager-control] failed create kubernetes:<http://rbac.authorization.k8s.io/v1beta1:ClusterRole|rbac.authorization.k8s.io/v1beta1:ClusterRole>
13:55:26.990[cert-manager-cainjec] Retry #0; creation failed: <http://clusterrolebindings.rbac.authorization.k8s.io|clusterrolebindings.rbac.authorization.k8s.io> "cert-manager-cainjector" already exists
13:55:26.990[cert-manager-cainjec] error: resource cert-manager-cainjector was not successfully created by the Kubernetes API server : <http://clusterrolebindings.rbac.authorization.k8s.io|clusterrolebindings.rbac.authorization.k8s.io> "cert-manager-cainjector" already exists
13:55:26.990[cert-manager-cainjec] failed create kubernetes:<http://rbac.authorization.k8s.io/v1beta1:ClusterRoleBinding|rbac.authorization.k8s.io/v1beta1:ClusterRoleBinding>
13:55:29.808[cert-manager-control] Retry #0; creation failed: <http://clusterroles.rbac.authorization.k8s.io|clusterroles.rbac.authorization.k8s.io> "cert-manager-controller-orders" already exists
13:55:29.808[cert-manager-control] error: resource cert-manager-controller-orders was not successfully created by the Kubernetes API server : <http://clusterroles.rbac.authorization.k8s.io|clusterroles.rbac.authorization.k8s.io> "cert-manager-controller-orders" already exists
13:55:29.809[cert-manager-control] failed create kubernetes:<http://rbac.authorization.k8s.io/v1beta1|rbac.authorization.k8s.io/v1beta1>:
The resources are installed but pulumi detects as new or something and want to install them.
is there a way to make this idempotent ?