Che-operator uses domain-name in spec.tls.hosts in all ingresses generated by che-operator's che-operator-cr-yaml file instead of fqdn of che-server

[Yukesh4791]

Description:

Hi, I was trying to deploy Eclipse-Che using che-operator manifests from https://github.com/eclipse-che/che-operator/tree/main/deploy. The deployment of che-server and rest is fine but the ingress is not properly generated. In Ingress generated by the operator, spec.rules.hosts and spec.tls.hosts are not matching/same. I guess both these value should match in order to be able to access che-dashbaord url else we will encounter 502 nginx error. I tried even patching the ingress but no luck since those fields are managed by the operator.

In the below example, you can find that spec.rules.hosts is the fqdn hostname which is correctly generated by the operator and in spec.tls.hosts it is the domain name which should be the fqdn of che.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "3600"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
  creationTimestamp: "2021-06-03T13:44:42Z"
  generation: 1
  labels:
    app.kubernetes.io/component: che
    app.kubernetes.io/instance: che
    app.kubernetes.io/managed-by: che-operator
    app.kubernetes.io/name: che
  name: che
  namespace: eclipse-che
spec:
  rules:
  - host: che-eclipse-che.example.com     //domain name is changed for example purpose
    http:
      paths:
      - backend:
          serviceName: che-host
          servicePort: 8080
        path: /
  tls:
  - hosts:
    - example.com
    secretName: che-tls

This is the case for all the ingress (che, che-dashboard, keycloak, devfile-registry, plugin-registry) where the value in rules and tls is not matching.

Also, che operator doesn't respect the customCheProperties specified in https://github.com/eclipse-che/che-operator/blob/main/deploy/crds/org_v1_che_cr.yaml. Where I tried to add some annotations like below snippet, the change is not reflecting in the ingress.

server:
  customCheProperties:
    CHE_INFRA_KUBERNETES_INGRESS_ANNOTATIONS__JSON: '{"external-dns.alpha.kubernetes.io/target": "xxxxxxxxxxxx.elb.eu-east-1.amazonaws.com"}'

Environment:

• che-version: both in 7.31.0 and 7.31.1
• kubernetes version: v1.17

Installation method:

• Using che-operator manifest.

[tolusha]

@Yukesh4791
It is not clear from the description if you used chectl or OperatorHub to deploy Eclipse Che.
Could you specify platform as well (Google Clould, Minikube etc ?)

[Yukesh4791]

@tolusha , I used the OperatorHub to deploy in the AWS EKS cluster.
Installation method: Eclipse-che Operator
Platform: AWS EKS

[l0rd]

@tolusha does eclipse-che/che-operator#856 fix this issue?

[tolusha]

@l0rd I guess so,
But I would like to update doc, allow user to test it and then close the issue

[tolusha]

@Yukesh4791
Could you try with the nightly Eclipse Che if it fixed?

1. Install chectl from the next channel: bash <(curl -sL https://www.eclipse.org/che/chectl/) --channel=next
2. chectl server:deploy --platform k8s --domain <example.com> --installer operator
3. Configure annotations for ingresses if needed following the doc https://www.eclipse.org/che/docs/che-7/installation-guide/configuring-ingresses/

Thank you

[tolusha]

@Yukesh4791
I would like to close this issue. Feel free to reopen if needed.

[Yukesh4791]

@tolusha , Sorry for the delayed response. I checked in release 7.32.0 and the issue is fixed. Now the host is properly updated in the ingress. Thanks for the quick fix!

[tolusha]

Cool. Thank you for your feedback.