0

I have a repository set up on Github that is linked to my Kubernetes cluster with FluxCD. I have then written a Kustomization that "should" install LinkerD to my cluster. However here is where things have taken a bad turn... I have followed the documentation for installing LinkerD with helm and successfully managed to install linkerd-crds but when it comes to the linkerd-control-plane the reconciliation gets stuck on InProgress.

My LinkerD kustomization consists of the following files:

apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
  name: linkerd
  namespace: linkerd
spec:
  interval: 2m
  url: https://helm.linkerd.io/stable


kind: Secret
apiVersion: v1
metadata:
  name: linkerd-certs
  namespace: linkerd
data:
  ca.crt: ****
  issuer.crt: ****
  issuer.key: ****


apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: linkerd-crds
  namespace: linkerd
spec:
  timeout: 3m
  interval: 10m
  releaseName: linkerd
  targetNamespace: linkerd
  storageNamespace: linkerd
  chart:
    spec:
      chart: linkerd-crds
      version: 1.4.0
      sourceRef:
        kind: HelmRepository
        name: linkerd
        namespace: linkerd
      interval: 40m
  values:
    installNamespace: false
  install:
    crds: CreateReplace
  upgrade:
    crds: CreateReplace
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: linkerd-control-plane
  namespace: linkerd
spec:
  timeout: 3m
  interval: 10m
  releaseName: linkerd
  targetNamespace: linkerd
  storageNamespace: linkerd
  chart:
    spec:
      chart: linkerd-control-plane
      version: 1.9.5
      sourceRef:
        kind: HelmRepository
        name: linkerd
        namespace: linkerd
      interval: 40m
      valuesFiles:
        - values.yaml
        - values-ha.yaml
  valuesFrom:
    - kind: Secret
      name: linkerd-certs
      valuesKey: ca.crt
      targetPath: identityTrustAnchorsPEM
    - kind: Secret
      name: linkerd-certs
      valuesKey: issuer.crt
      targetPath: identity.issuer.tls.crtPEM
    - kind: Secret
      name: linkerd-certs
      valuesKey: issuer.key
      targetPath: identity.issuer.tls.keyPEM
  install:
    crds: CreateReplace
  upgrade:
    crds: CreateReplace     


kind: Namespace
apiVersion: v1
metadata:
  name: linkerd
  annotations:
    linkerd.io/inject: disabled
  labels:
    linkerd.io/is-control-plane: "true"
    config.linkerd.io/admission-webhooks: disabled
    linkerd.io/control-plane-ns: linkerd

I also found that the helm-controller deployment logs the following error every time it tries to reconcile:

Helm install failed: YAML parse error on linkerd-control-plane/templates/identity.yaml: error converting YAML to JSON: yaml: control characters are not allowed

Johan Ekman
  • 3
  • 1

0 Answers0