CODEWITHSUNDEEP
kuberneteskubernetes-helmtelepresence
user2490003
user2490003

Reputation: 11890

Installing the traffic manager Ambassador Agent on multiple namespaces

I have a large cluster with several namespaces -

+------------------------ test-cluster ---------------------+
|                                                           |
| +---------+    +---------+    +---------+    +---------+  |
| | default |    |  alpha  |    |  beta   |    | ...     |  |
| +---------+    +---------+    +---------+    +---------+  |
|                                                           |
+-----------------------------------------------------------+

I'm trying to install the telepresence helm chart for each individual namespace.

I can install it on the first namespace (alpha) -

$ helm install traffic-manager datawire/telepresence -n alpha -f values.yml

And I can confirm the release is successful and installed:

$ helm list -n alpha | grep traffic | awk '{ print $1 }'
traffic-manager

However, when I try to install it on the second namespace (beta), I get -

$ helm install traffic-manager datawire/telepresence -n beta -f values.yml
Error: INSTALLATION FAILED: Unable to continue with install: ClusterRole "traffic-manager-ambassador-agent" in namespace "" exists and cannot be imported into the current release: invalid ownership metadata; annotation validation error: key "meta.helm.sh/release-namespace" must equal "beta": current value is "alpha"

It seems that the ClusterRole is not created per namespace and is instead shared. It is "owned" by alpha since it was installed there first.

The values.yml file looks like -

clientRbac:
  create: true
  namespaced: true
  namespaces:
    - beta
  subjects:
    - kind: Group
      name: eks-user
      apiGroup: rbac.authorization.k8s.io
managerRbac:
  create: true
  namespaced: true
  namespaces:
    - beta

Upvotes: 0

Views: 311

Answers (0)

Related Questions