我正在 AKS 集群上安装 Flux,并将其与我的私人 GitHub 存储库同步,未附加到组织,以明确缩小是否是证书问题的范围。
我首先执行的第一件事是通量引导!效果很好。不幸的是,当我尝试创建一个到 GitHub 存储库的 Flux 绑定来安装 Helm Chart 时,没有什么乐趣。
flux bootstrap github --owner=$GITHUB_USER --repository=container-label-webhook --path=dev-cluster
✔ Kustomization reconciled successfully
► confirming components are healthy
✔ helm-controller: deployment ready
✔ kustomize-controller: deployment ready
✔ notification-controller: deployment ready
✔ source-controller: deployment ready
✔ all components are healthy
现在,我尝试通过告诉 Flux 我的舵图的位置来部署我的应用程序,如下所示:
flux create source helm label-webhook --url https://github.com/ameyaagashe/container-label-webhook/tree/main/chart --namespace label-webhook
✚ generating HelmRepository source
► applying HelmRepository source
✔ source created
◎ waiting for HelmRepository source reconciliation
✗ failed to fetch Helm repository index: failed to cache index to temporary file: failed to fetch https://github.com/ameyaagashe/container-label-webhook/tree/main/chart/index.yaml : 404 Not Found
看到上述失败,我试图获取更多信息。但我无法理解错误消息的确切问题是什么,存储中没有资源的工件
k get helmrepository -A
NAMESPACE NAME URL AGE READY STATUS
label-webhook label-webhook https://github.com/ameyaagashe/container-label-webhook/tree/main/chart 4m11s False failed to fetch Helm repository index: failed to cache index to temporary file: failed to fetch https://github.com/ameyaagashe/container-label-webhook/tree/main/chart/index.yaml : 404 Not Found
kubectl describe helmrepository label-webhook -nlabel-webhook
Manager: flux
Operation: Update
Time: 2022-08-06T13:44:29Z
API Version: source.toolkit.fluxcd.io/v1beta2
Fields Type: FieldsV1
fieldsV1:
f:metadata:
f:finalizers:
.:
v:"finalizers.fluxcd.io":
Manager: source-controller
Operation: Update
Time: 2022-08-06T13:44:29Z
API Version: source.toolkit.fluxcd.io/v1beta2
Fields Type: FieldsV1
fieldsV1:
f:status:
f:conditions:
Manager: source-controller
Operation: Update
Subresource: status
Time: 2022-08-06T13:44:30Z
Resource Version: 765159
UID: bae98a22-7608-4af2-8ff5-5bf05ce98ba4
Spec:
Interval: 1m0s
Timeout: 60s
URL: https://github.com/ameyaagashe/container-label-webhook/tree/main/chart
Status:
Conditions:
Last Transition Time: 2022-08-06T13:44:30Z
Message: no artifact for resource in storage
Observed Generation: 1
Reason: NoArtifact
Status: True
Type: Reconciling
Last Transition Time: 2022-08-06T13:44:30Z
Message: failed to fetch Helm repository index: failed to cache index to temporary file: failed to fetch https://github.com/ameyaagashe/container-label-webhook/tree/main/chart/index.yaml : 404 Not Found
Observed Generation: 1
Reason: Failed
Status: False
Type: Ready
Last Transition Time: 2022-08-06T13:44:30Z
Message: failed to fetch Helm repository index: failed to cache index to temporary file: failed to fetch https://github.com/ameyaagashe/container-label-webhook/tree/main/chart/index.yaml : 404 Not Found
Observed Generation: 1
Reason: Failed
Status: True
Type: FetchFailed
Observed Generation: -1
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning Failed 2m1s (x8 over 5m12s) source-controller failed to fetch Helm repository index: failed to cache index to temporary file: failed to fetch https://github.com/ameyaagashe/container-label-webhook/tree/main/chart/index.yaml : 404 Not Found
我很欣赏我尝试部署的应用程序需要 ca 证书、密钥文件和 ca 捆绑包,因此我尝试了所有这些选项,如下所示:即使使用普通 Github.com 而不是 Enterprise,我也会收到相同的 X509 证书错误,这太疯狂了....
flux create source helm label-webhook --url https://github.com/ameyaagashe/container-label-webhook/tree/main/chart --namespace label-webhook --cert-file=./tls/label-webhook.pem --key-file=./tls/label-webhook-key.pem --ca-file=./tls/ca.pem
✚ generating HelmRepository source
► applying secret with repository credentials
✔ authentication configured
► applying HelmRepository source
✔ source updated
◎ waiting for HelmRepository source reconciliation
✗ failed to fetch Helm repository index: failed to cache index to temporary file: Get "https://github.com/ameyaagashe/container-label-webhook/tree/main/chart/index.yaml": x509: certificate signed by unknown authority
尝试从 kubectl describe helrmepository 命令获取日志:
azureuser@devvm:~/ameyaagashe/container-label-webhook$ k get helmrepository -A
NAMESPACE NAME URL AGE READY STATUS
label-webhook label-webhook https://github.com/ameyaagashe/container-label-webhook/tree/main/chart 58m False failed to fetch Helm repository index: failed to cache index to temporary file: failed to fetch https://github.com/ameyaagashe/container-label-webhook/tree/main/chart/index.yaml : 404 Not Found
azureuser@devvm:~/ameyaagashe/container-label-webhook$ kubectl describe helmrepository label-webhook -nlabel-webhook
Manager: source-controller
Operation: Update
Subresource: status
Time: 2022-08-06T13:44:30Z
API Version: source.toolkit.fluxcd.io/v1beta2
Fields Type: FieldsV1
fieldsV1:
f:spec:
.:
f:interval:
f:timeout:
f:url:
Manager: flux
Operation: Update
Time: 2022-08-06T14:06:16Z
Resource Version: 773506
UID: bae98a22-7608-4af2-8ff5-5bf05ce98ba4
Spec:
Interval: 1m0s
Timeout: 60s
URL: https://github.com/ameyaagashe/container-label-webhook/tree/main/chart
Status:
Conditions:
Last Transition Time: 2022-08-06T13:44:30Z
Message: no artifact for resource in storage
Observed Generation: 3
Reason: NoArtifact
Status: True
Type: Reconciling
Last Transition Time: 2022-08-06T14:06:58Z
Message: failed to fetch Helm repository index: failed to cache index to temporary file: failed to fetch https://github.com/ameyaagashe/container-label-webhook/tree/main/chart/index.yaml : 404 Not Found
Observed Generation: 3
Reason: Failed
Status: False
Type: Ready
Last Transition Time: 2022-08-06T14:06:58Z
Message: failed to fetch Helm repository index: failed to cache index to temporary file: failed to fetch https://github.com/ameyaagashe/container-label-webhook/tree/main/chart/index.yaml : 404 Not Found
Observed Generation: 3
Reason: Failed
Status: True
Type: FetchFailed
Observed Generation: -1
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning Failed 37m source-controller failed to fetch Helm repository index: failed to cache index to temporary file: Get "https://github.com/ameyaagashe/container-label-webhook/tree/main/chart/index.yaml": x509: certificate signed by unknown authority
Warning Failed 3m14s (x14 over 58m) source-controller failed to fetch Helm repository index: failed to cache index to temporary file: failed to fetch https://github.com/ameyaagashe/container-label-webhook/tree/main/chart/index.yaml : 404 Not Found
有人之前通过他们的私人 Github 存储库部署过应用程序吗?
我认为您正在使用 CRD 种类:HelmRepository,这是为了使用 helm artefact 存储库。
如果您直接在存储库中使用 Helm Chart,则应该使用 kind: GitRepository
我有,没问题。按照此处的说明进行操作 https://www.opcito.com/blogs/creating-helm-repository-using-github-pages。您需要创建索引文件并获取 helm 存储库的正确 url。