You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request. Searching for pre-existing feature requests helps us consolidate datapoints for identical requirements into a single place, thank you!
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.
Overview of the Issue
When i run the helm install hashicorp/consul with a name dc1 and the global.gossipEncryption.autoGenerate set to true. The job dc1-consul-create-federation-secret can't be completed. Because this job needs a secret with the name consul-gossip-encryption-key, but the secret with the name dc1-consul-gossip-encryption-key was created instead.
Warning FailedMount 113s kubelet Unable to attach or mount volumes: unmounted volumes=[gossip-encryption-key], unattached volumes=[kube-api-access-g6nz6 consul-ca-key gossip-encryption-key consul-ca-cert consul-auto-encrypt-ca-cert]: timed out waiting for the condition
Warning FailedMount 42s (x14 over 13m) kubelet MountVolume.SetUp failed for volume "gossip-encryption-key" : secret "consul-gossip-encryption-key" not found
Expected behavior
The consul create federation secret job can be done.
Environment details
consul-k8s: v0.41.1
consul: v1.11.5
The text was updated successfully, but these errors were encountered:
mntforever
changed the title
Gossip encryption key secret name mismat
Gossip encryption key secret name mismatched when set autoGenerate=true with a custom chart name
Apr 25, 2022
kschoche
added
waiting-reply
Waiting on the issue creator for a response before taking further action
and removed
waiting-reply
Waiting on the issue creator for a response before taking further action
labels
Apr 28, 2022
Thank you for bringing this to our attention. I was able to recreate the issue with your description and have opened a pull request with the fix. This issue will be fixed in the 0.44.0 release of Consul on Kubernetes. For now, you can bypass the issue by installing Consul on Kubernetes with the dc1 release name omitted so long as that is acceptable to you.
The command would be
helm install -f values.yaml hashicorp/consul --version "0.41.1" -n consul
Community Note
Overview of the Issue
When i run the helm install hashicorp/consul with a name dc1 and the global.gossipEncryption.autoGenerate set to true. The job dc1-consul-create-federation-secret can't be completed. Because this job needs a secret with the name consul-gossip-encryption-key, but the secret with the name dc1-consul-gossip-encryption-key was created instead.
In the helm chart template, we can see that:
Reproduction Steps
Logs
Expected behavior
The consul create federation secret job can be done.
Environment details
consul-k8s: v0.41.1
consul: v1.11.5
The text was updated successfully, but these errors were encountered: