Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: imagePullSecrets is not set for agent DaemonSet #2210

Closed
oschira opened this issue Apr 21, 2023 · 9 comments · Fixed by #2563
Closed

[Bug]: imagePullSecrets is not set for agent DaemonSet #2210

oschira opened this issue Apr 21, 2023 · 9 comments · Fixed by #2563
Assignees
@antoniomerlin
Labels
bug Something isn't working good first issue Good for newcomers help wanted Extra attention is needed

Comments

@oschira
Copy link

oschira commented Apr 21, 2023

What happened?

When I try to set a custom imagePullSecrets in the agent config, running as DaemonSet, the generated DaemonSet does not include the imagePullSecrets.

Steps to reproduce

  1. Install the operator (tested on 1.44.0)
  2. Create a Jaeger instance with custom imagePullSecrets:
kubectl apply -n observability -f - <<EOF
apiVersion: jaegertracing.io/v1
kind: Jaeger
metadata:
  name: test
spec:
  ingress:
    enabled: false
  agent:
    strategy: DaemonSet
    imagePullSecrets:
    - name: custom-registry

Expected behavior

The DaemonSet created by the operator should contain the custom imagePullSecrets.

Relevant log output

$ kubectl get daemonset -n observability test-agent-daemonset -o yaml

apiVersion: apps/v1
kind: DaemonSet
metadata:
  annotations:
    deprecated.daemonset.template.generation: "1"
  creationTimestamp: "2023-04-21T12:55:12Z"
  generation: 1
  labels:
    app: jaeger
    app.kubernetes.io/component: agent
    app.kubernetes.io/instance: test
    app.kubernetes.io/managed-by: jaeger-operator
    app.kubernetes.io/name: test-agent
    app.kubernetes.io/part-of: jaeger
  name: test-agent-daemonset
  namespace: observability
  ownerReferences:
  - apiVersion: jaegertracing.io/v1
    controller: true
    kind: Jaeger
    name: test
    uid: 5f0fc911-2017-4209-a7b3-f00c4ceaa058
  resourceVersion: "1571"
  uid: f27bef42-72ad-4ef8-88e8-9a84b5b6f74a
spec:
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: jaeger
      app.kubernetes.io/component: agent
      app.kubernetes.io/instance: test
      app.kubernetes.io/managed-by: jaeger-operator
      app.kubernetes.io/name: test-agent
      app.kubernetes.io/part-of: jaeger
  template:
    metadata:
      annotations:
        linkerd.io/inject: disabled
        prometheus.io/port: "14271"
        prometheus.io/scrape: "true"
        sidecar.istio.io/inject: "false"
      creationTimestamp: null
      labels:
        app: jaeger
        app.kubernetes.io/component: agent
        app.kubernetes.io/instance: test
        app.kubernetes.io/managed-by: jaeger-operator
        app.kubernetes.io/name: test-agent
        app.kubernetes.io/part-of: jaeger
    spec:
      containers:
      - args:
        - --reporter.grpc.host-port=dns:///test-collector-headless.observability:14250
        image: jaegertracing/jaeger-agent:1.44.0
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /
            port: 14271
            scheme: HTTP
          initialDelaySeconds: 5
          periodSeconds: 15
          successThreshold: 1
          timeoutSeconds: 1
        name: jaeger-agent-daemonset
        ports:
        - containerPort: 5775
          hostPort: 5775
          name: zk-compact-trft
          protocol: UDP
        - containerPort: 5778
          hostPort: 5778
          name: config-rest
          protocol: TCP
        - containerPort: 6831
          hostPort: 6831
          name: jg-compact-trft
          protocol: UDP
        - containerPort: 6832
          hostPort: 6832
          name: jg-binary-trft
          protocol: UDP
        - containerPort: 14271
          hostPort: 14271
          name: admin-http
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /
            port: 14271
            scheme: HTTP
          initialDelaySeconds: 1
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      enableServiceLinks: false
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      serviceAccount: test
      serviceAccountName: test
      terminationGracePeriodSeconds: 30
  updateStrategy:
    rollingUpdate:
      maxSurge: 0
      maxUnavailable: 1
    type: RollingUpdate
status:
  currentNumberScheduled: 1
  desiredNumberScheduled: 1
  numberAvailable: 1
  numberMisscheduled: 0
  numberReady: 1
  observedGeneration: 1
  updatedNumberScheduled: 1

Screenshot

No response

Additional context

No response

Jaeger backend version

v1.44.0

SDK

No response

Pipeline

No response

Stogage backend

No response

Operating system

No response

Deployment model

Kubernetes

Deployment configs

# instructions to reproduce my full test setup using a kind cluster
kind create cluster
kubectl cluster-info --context kind-kind
# wait for cluster to be up
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.yaml
# wait for cert manager to be up and running
kubectl create namespace observability
kubectl create -f https://github.com/jaegertracing/jaeger-operator/releases/download/v1.44.0/jaeger-operator.yaml -n observability
# wait for jaeger-operator to be up and running
kubectl apply -n observability -f - <<EOF
apiVersion: jaegertracing.io/v1
kind: Jaeger
metadata:
  name: test
spec:
  ingress:
    enabled: false
  agent:
    strategy: DaemonSet
    imagePullSecrets:
    - name: custom-registry
EOF
# wait for the DaemonSet to be created
kubectl get daemonset -n observability test-agent-daemonset -o yaml
@oschira oschira added the bug Something isn't working label Apr 21, 2023
@oschira oschira changed the title [Bug]: imagePullSecrets is not set for agents DaemonSet [Bug]: imagePullSecrets is not set for agent DaemonSet Apr 21, 2023
@catherinetcai
Copy link

I'm encountering this issue as well in 1.46.0 for both the agent and the AIO.

@iblancasa
Copy link
Collaborator

@oschira or @catherinetcai are you interested in sending a PR fixing the problem?

@hiteshwani29
Copy link
Contributor

If someone is not working on this, should I start working and create PR for this?

@iblancasa
Copy link
Collaborator

iblancasa commented Jul 17, 2023
edited

@hiteshwani29 I think no one is working on this. Go ahead :)

@iohenkies
Copy link

iohenkies commented Aug 14, 2023
edited

Could this also be the case for the securityContext? We've set resources and securityContext for the agent, collector and query. The resources are being picked up OK, the securityContext remain emtpy in the live manifest.

   agent:
    resources:
      requests:
        memory: 24Mi
        cpu: 10m
      limits:
        memory: 24Mi
        cpu: 20m
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        drop:
        - ALL

@iblancasa
Copy link
Collaborator

Could this also be the case for the securityContext? We've set resources and securityContext for the agent, collector and query. The resources are being picked up OK, the securityContext remain emtpy in the live manifest.

   agent:
    resources:
      requests:
        memory: 24Mi
        cpu: 10m
      limits:
        memory: 24Mi
        cpu: 20m
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        drop:
        - ALL

@iohenkies

Could you open a new issue for that?

@antoniomerlin
Copy link
Contributor

Hi, just a query is this issue is resolved or any changes required.

@frzifus frzifus added good first issue Good for newcomers help wanted Extra attention is needed labels Mar 22, 2024
@antoniomerlin
Copy link
Contributor

Hi @iblancasa if no one is assigned can i look into it.

@iblancasa
Copy link
Collaborator

@antoniomerlin go for it :)

antoniomerlin added a commit to antoniomerlin/jaeger-operator that referenced this issue May 8, 2024
@antoniomerlin
Signed-off-by: amerlin <antoniomerlindev@gmail.com>
97afe37 
fixes jaegertracing#2210
@antoniomerlin antoniomerlin mentioned this issue May 8, 2024
Merged
4 tasks
frzifus pushed a commit that referenced this issue May 12, 2024
@antoniomerlin
Signed-off-by: amerlin <antoniomerlindev@gmail.com> (#2563)
d439226 
fixes #2210
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@antoniomerlin antoniomerlin

Labels
bug Something isn't working good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fixes [Bug]: imagePullSecrets is not set for agent DaemonSet #2210 antoniomerlin/jaeger-operator
7 participants
@catherinetcai @antoniomerlin @iblancasa @oschira @frzifus @iohenkies @hiteshwani29