Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(chart): add extraVolumes + extraVolumeMounts #67

Merged
merged 1 commit into from
Oct 24, 2023
Merged

feat(chart): add extraVolumes + extraVolumeMounts #67

merged 1 commit into from
Oct 24, 2023

Conversation

tamcore
Copy link
Contributor

@tamcore tamcore commented Oct 24, 2023

Pull Request

What? (description)

Adds extraVolumes / extraVolumeMounts parameters to the Helm chart.

Why? (reasoning)

Allows to, for example, mount a custom CA to /etc/ssl/certs/ca-certificates.crt, to avoid having to use insecure: true.

Fixes #65.

Acceptance

Please use the following checklist:

  • you linked an issue (if applicable)
  • you included tests (if applicable)
  • you linted your code (make lint)
  • you linted your code (make unit)

See make help for a description of the available targets.

@tamcore
feat(chart): add extraVolumes + extraVolumeMounts
fd80570 
Adds extraVolumes / extraVolumeMounts to the Helm chart. Allows to, for example, mount a custom CA to `/etc/ssl/certs/ca-certificates.crt`, to avoid having to use `insecure: true`.

Fixes sergelogvinov#65.

Signed-off-by: Philipp Born <git@pborn.eu>
@sergelogvinov sergelogvinov merged commit d54368e into sergelogvinov:main Oct 24, 2023
3 checks passed
@sergelogvinov
Copy link
Owner

Thank you!

@mlinares1998 mlinares1998 mentioned this pull request Jan 20, 2024
Merged
4 tasks
@konstantin-kornienko
Copy link

konstantin-kornienko commented Jun 19, 2024
edited
Loading

@tamcore , @sergelogvinov , maybe you guys can help with some adivce?
Trying to inject custom CA with helm:

extraVolumes:
  - name: ca
    secret:
      secretName: secret

extraVolumeMounts:
  - mountPath: /etc/ssl/certs/ca-certificates.crt
    name: ca
    subPath: ca.crt

got 1 pod (controller) failed:

 Error: failed to create containerd task: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/var/lib/kubelet/pods/9638f0cf-2012-4f64-a880-33 │
│ 5a785c7ad5/volume-subpaths/ca/proxmox-csi-plugin-controller/2" to rootfs at "/etc/ssl/certs/ca-certificates.crt": mount /var/lib/kubelet/pods/9638f0cf-2012-4f64-a880-335a785c7ad5/volume-subpaths/ca/proxmox-csi-plugin-controller/2:/etc/ssl/certs/ca-certificates.crt (via /proc/self/fd/6), flags: 0x5001: not a directory: unknown

my config:

config:
  clusters:
    - url: https://proxmox.example.com:443/api2/json
      insecure: false
      token_id: "id"
      token_secret: "secret"
      region: main

extraVolumes:
  - name: ca
    secret:
      secretName: secret

extraVolumeMounts:
  - mountPath: /etc/ssl/certs/ca-certificates.crt
    name: ca
    subPath: ca.crt

storageClass:
  - name: proxmox-data-xfs
    storage: data
    reclaimPolicy: Delete
    fstype: xfs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow a root CA to be passed as part of the cluster config
3 participants
@tamcore @sergelogvinov @konstantin-kornienko