-
Notifications
You must be signed in to change notification settings - Fork 0
How I installed an old version of Operator Locally
- Use old kubernetes version by installing old kubectl binary 1.23 for example
- Use old kubernetes version by installing old kind binary 1.21 for example
Please look at these general personal notes for further details:
# JWTOperator Viejo
```sh
SA_TOKEN=$(kubectl -n minio-operator get secret $(kubectl -n minio-operator get serviceaccount console-sa -o jsonpath="{.secrets[0].name}") -o jsonpath="{.data.token}" | base64 --decode)
echo $SA_TOKEN
commit d9ef222e1bf0096bdb9155cba06631771bac180f (tag: v4.0.9)
Author: Harshavardhana <[email protected]>
Date: Fri Apr 30 10:05:29 2021 -0700
update to v4.0.9
kubectl apply -k github.com/minio/operator/resources/?ref=v4.0.9 Lo curioso es que no hay secretos, entonces como saco el token?
# OLD WAY NO LONGER WORK:
#SA_TOKEN=$(kubectl -n minio-operator get secret $(kubectl -n minio-operator get serviceaccount console-sa -o jsonpath="{.secrets[0].name}") -o jsonpath="{.data.token}" | base64 --decode)
eyJhbGciOiJSUzI1NiIsImtpZCI6IlZIU01ZR3Rqb0hqaC1xTkVKWFpZRHJ5c2pQZ05tTGFaaUQ4djRUYjNubVUifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJtaW5pby1vcGVyYXRvciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJjb25zb2xlLXNhLXNlY3JldCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJjb25zb2xlLXNhIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiYjA5NzRkMjAtNjgyMS00YTRlLWI0ZTQtYWVkNzEyNjFhM2RjIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Om1pbmlvLW9wZXJhdG9yOmNvbnNvbGUtc2EifQ.gR25nhSlGzz0JRfIZzn070SYGd282t1KuvLGBS8vUwBZ0WpS_HrropUJ_0mN5PrS5XAUOqvgXzagpeMghvWp2VvZc74ZDmWEwY-waS5z-DeOb8ydvbwZyR9YNkvZx1YIuNq8uFJ6HGrDnqzgdLOBMtPRF7yEd_fojDBtrLX4rUre_NfLIiwdpUsfF_AxGGIZfPkFaKpraucjWTFdU1SXLea1Ye938AY_HK-bKM0gqE-Qus9eGjsPBREuzbCAXvFNIpOuYyDsmm-7JIi1F9GNk4Os-GgdHJF5slOqMQRRcqdRaO4yg39LL-js692OmYkv6bS5i49kUd1lvKqZU9aWjlBbHNyG3ejDzlaeL0ph0OTR1GKwGCt3LsVEJpU2QK3SjieRoTsa7rRKKyipUJ4HvNK2Pd0fCKOyWzxkwcw-wP4zHAKf7V-RJ6JKQClnOt7u-SWOddPWC4oJUlAlEMhnHtreB2VFIurVj662aUTRqVPtj1HewFuRl6qKHCGXCcgfgxFGyxzGG99-UcBwiKJR2wwvDk_3It3c6XpvN-DyTv5p_DSPhrpKCMdRjsE8XXXhSaiNvAgjyth8dyJ4Pf0h0AqO35Ubl1598KmX-GrL8SMCyI2Y4ja9emvwB5G1aAX5V11YItnvOraMeuQux7qVP9J0P6SlJE6nh95rFn1QU4M
Cesars-MacBook-Pro:operator cniackz$ grep -R 'login' . ./examples/tenant-with-autocert-and-ldap.yaml: loginShell: /bin/bash ./kubectl-minio/cmd/proxy.go: fmt.Println("Current JWT to login:", string(jwtToken))
Que herramientas se actualizaron, cual fue la razon que dejo de funcionar kubectl version?... Ya logre ver como obtener el token viejo, pero mis herramientas ya son muy nuevas para ese codigo viejo, si realmente quiero reproducir el escenario viejo del usuario, debo recordar, encontrar la razon por la que cambiamos la forma de obtener el token...
Beginning Kubernetes 1.24
----> Service Account Token Secrets are not automatically generated
to generate them manually, users must manually create the secret
for our examples where we lead people to get the JWT from the console-sa service account, they additionally need to manually generate the secret via
kubectl apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
name: console-sa-secret
namespace: minio-operator
annotations:
kubernetes.io/service-account.name: console-sa
type: kubernetes.io/service-account-token
EOF
- La pregunta del millon, deberia retroceder mi version de kubernetes para poder reproducir el old environment?...
No, solo debiste esperar un momento para poder verlo...
operator TLS secret not found%!(EXTRA string=secrets "operator-tls" not found)
https://github.com/kubernetes-sigs/kubespray/issues/5417 https://stackoverflow.com/questions/68610565/minio-tenant-stucked-with-waiting-for-minio-tls-certificate https://stackoverflow.com/questions/68598069/how-can-i-start-kube-controller-manager-with-config-file
brew uninstall minikube
brew uninstall kubectl
https://stackoverflow.com/questions/46610180/downgrade-kubectl-version-to-match-minikube-k8s-version
https://kubernetes.io/docs/tasks/tools/install-kubectl-macos/
curl -LO "https://dl.k8s.io/release/v1.23.0/bin/darwin/amd64/kubectl"
curl -LO "https://dl.k8s.io/release/v1.23.0/bin/darwin/arm64/kubectl"
curl -LO "https://dl.k8s.io/release/v1.23.0/bin/darwin/arm64/kubectl.sha256"
echo "$(cat kubectl.sha256) kubectl" | shasum -a 256 --check
Ya le instale el binario viejo de kubectl y ando creando el cluster para deployar el operador viejo y ver si los secretos se crean automaticamente:
kubectl apply -k /Users/cniackz/operator/resources/\?ref\=v4.0.9
No basto, retrocedi de version, y los secretos no se crean, hay otra herramienta envuelta?...
$ kind version
kind v0.13.0 go1.18.2 darwin/arm64
La razon es que kind tiene su version de kubectl tambien retrocedela.
https://kind.sigs.k8s.io/docs/user/quick-start/#installing-from-release-binaries
[ $(uname -m) = arm64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.17.0/kind-darwin-arm64 chmod +x ./kind mv ./kind /some-dir-in-your-PATH/kind Yo quiero 1.23 v0.13.0 de kind -> v1.24.0 v0.12.0 de kind -> v1.23.4 v0.11.1 de kind -> ? <---------------- Calemos con esta. <--- Server Version: version.Info{Major:"1", Minor:"21" ./kind-darwin-arm64 create cluster --config ~/minio/kind-config.yaml <---------- Baje la version vieja 0.11.1 y vere que version tiene...
Cesars-MacBook-Pro:resources cniackz$ kubectl apply -k
Cesars-MacBook-Pro:resources cniackz$ pwd
/Users/cniackz/operator/resources
Cesars-MacBook-Pro:resources cniackz$ cd ..
Cesars-MacBook-Pro:operator cniackz$ kubectl apply -k resources/
namespace/minio-operator created
customresourcedefinition.apiextensions.k8s.io/tenants.minio.min.io created
serviceaccount/console-sa created
serviceaccount/minio-operator created
clusterrole.rbac.authorization.k8s.io/console-sa-role created
clusterrole.rbac.authorization.k8s.io/minio-operator-role created
clusterrolebinding.rbac.authorization.k8s.io/console-sa-binding created
clusterrolebinding.rbac.authorization.k8s.io/minio-operator-binding created
configmap/console-env created
service/console created
service/operator created
deployment.apps/console created
deployment.apps/minio-operator created
Arriba con versiones viejas de 1.21 y 1.23 en mi mac, instale operador, se ven los secretos? Y ya veo los secretos, lo logre. Ando deployando el tenant Waiting for minio tls... para esto cree el tenant desde la UI con todo por default... avanzo y veo waiting for console tls certificate... avanzo y veo initialized I1114 16:00:01.075878 1 main-controller.go:737] Successfully synced 'default/cesar' ahora el siguiente paso es descubrir como ingresar al tenant...
kubectl port-forward storage-tiny-pool-0-0 9443 -n tenant-tiny
kubectl port-forward cesar-pool-0-0 9443 -n default
kubectl port-forward svc/donnot-delete-hl -n donnot-delete 50571:9000
kubectl port-forward svc/cesar-hl -n default 9000:9000 <---------- https://localhost:9000/minio/login MinIO Console.
{"console":{"access_key":"ZZQTCMPNC0KJAW0C","secret_key":"C0K0TTDD1MEXP1QYMOAEEI1SMRP3J4EF"}} ya pude crear un bucket llamado cesar y le subi un archivo, ahora haz el upgrade.