Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

server side apply failed #4020

Closed
longkai opened this issue May 18, 2021 · 1 comment · Fixed by #4050
Closed

server side apply failed #4020

longkai opened this issue May 18, 2021 · 1 comment · Fixed by #4050
Labels
kind/bug Categorizes issue or PR as related to a bug. priority/backlog Higher priority than priority/awaiting-more-evidence.

Comments

@longkai
Copy link
Contributor

longkai commented May 18, 2021
edited

Hi, I am running the following command to install cert-manger but failed.

$ kubectl apply --server-side -f https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml
customresourcedefinition.apiextensions.k8s.io/certificaterequests.cert-manager.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/certificates.cert-manager.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/challenges.acme.cert-manager.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/clusterissuers.cert-manager.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/issuers.cert-manager.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/orders.acme.cert-manager.io serverside-applied
namespace/cert-manager serverside-applied
serviceaccount/cert-manager-cainjector serverside-applied
serviceaccount/cert-manager serverside-applied
serviceaccount/cert-manager-webhook serverside-applied
clusterrole.rbac.authorization.k8s.io/cert-manager-cainjector serverside-applied
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-issuers serverside-applied
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-clusterissuers serverside-applied
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-certificates serverside-applied
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-orders serverside-applied
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-challenges serverside-applied
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-ingress-shim serverside-applied
clusterrole.rbac.authorization.k8s.io/cert-manager-view serverside-applied
clusterrole.rbac.authorization.k8s.io/cert-manager-edit serverside-applied
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-approve:cert-manager-io serverside-applied
clusterrole.rbac.authorization.k8s.io/cert-manager-webhook:subjectaccessreviews serverside-applied
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-cainjector serverside-applied
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-issuers serverside-applied
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-clusterissuers serverside-applied
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-certificates serverside-applied
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-orders serverside-applied
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-challenges serverside-applied
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-ingress-shim serverside-applied
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-approve:cert-manager-io serverside-applied
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-webhook:subjectaccessreviews serverside-applied
role.rbac.authorization.k8s.io/cert-manager-cainjector:leaderelection serverside-applied
role.rbac.authorization.k8s.io/cert-manager:leaderelection serverside-applied
role.rbac.authorization.k8s.io/cert-manager-webhook:dynamic-serving serverside-applied
rolebinding.rbac.authorization.k8s.io/cert-manager-cainjector:leaderelection serverside-applied
rolebinding.rbac.authorization.k8s.io/cert-manager:leaderelection serverside-applied
rolebinding.rbac.authorization.k8s.io/cert-manager-webhook:dynamic-serving serverside-applied
service/cert-manager serverside-applied
deployment.apps/cert-manager-cainjector serverside-applied
deployment.apps/cert-manager serverside-applied
mutatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook serverside-applied
validatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook serverside-applied
Error from server: failed to create typed patch object: .spec.ports: element 0: associative list with keys has an element that omits key field "protocol"
Error from server: failed to create typed patch object: .spec.template.spec.containers[name="cert-manager"].ports: element 0: associative list with keys has an element that omits key field "protocol"

The reason why I use the --server-side flag because I want to install the manifest in code using client-go library.

The error message indicates that the port protocol field in yaml manifest should not be omitted since before kubernetes 1.20.

Hopefully I could make a contribution via fix this if you think it's rational.

Expected behaviour:
It works via server side apply.

Steps to reproduce the bug:
Run kubectl apply with --server-side flag.

Anything else we need to know?:

Environment details::

  • Kubernetes version: 1.19
  • Cloud-provider/provisioner: Tencent Kubernetes Engine and docker Kubernetes
  • cert-manager version: 1.3.1
  • Install method: static manifests

/kind bug
@jetstack-bot jetstack-bot added the kind/bug Categorizes issue or PR as related to a bug. label May 18, 2021
@munnerz
Copy link
Member

munnerz commented May 20, 2021

I think it makes sense for us to explicitly specify this :) that said, following the issue you have linked to it seems like this is considered a bug in Kubernetes, as server side apply should be able to consider default values for fields (and it is fixed here: kubernetes/kubernetes#98576, or more specifically kubernetes/kubernetes@dab5112)

@longkai longkai mentioned this issue May 22, 2021
Merged
@SgtCoDFish SgtCoDFish added the priority/backlog Higher priority than priority/awaiting-more-evidence. label May 27, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. priority/backlog Higher priority than priority/awaiting-more-evidence.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

explicitly specify port protocol field to allow server side apply longkai/cert-manager
4 participants
@munnerz @longkai @SgtCoDFish @jetstack-bot