Comments (7)
undera
commented on May 30, 2024
Thanks for reporting.
I'm on it!
from komoplane.
undera
commented on May 30, 2024
I tried creating a XRD with no claim pointing onto it, and it worked well. Can you guide me a bit more precisely on how to reproduce your issue?
from komoplane.
oblogic7
commented on May 30, 2024
This is a brand new crossplane install. I only have the following resources applied to the cluster...
Definition:
apiVersion: apiextensions.crossplane.io/v1
kind: CompositeResourceDefinition
metadata:
name: xeks.aws.repay.io
spec:
connectionSecretKeys:
- kubeconfig
group: aws.repay.io
names:
kind: XEKS
plural: xeks
versions:
- name: v1alpha1
served: true
referenceable: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
id:
type: string
description: ID of this Cluster that other objects will use to refer to it.
parameters:
type: object
description: EKS configuration parameters.
properties:
subnetIds:
type: array
items:
type: string
securityGroupIds:
type: array
items:
type: string
nodes:
type: object
description: EKS node configuration parameters.
properties:
count:
type: integer
description: Desired node count, from 1 to 100.
size:
type: string
description: Size of node.
enum:
- small
- medium
- large
required:
- count
- size
required:
- nodes
- subnetIds
- securityGroupIds
required:
- parameters
status:
description: A Status represents the observed state
properties:
eks:
description: Freeform field containing status information for eks
type: object
x-kubernetes-preserve-unknown-fields: true
type: objectComposition:
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: xeks.aws.repay.io
labels:
provider: aws
spec:
writeConnectionSecretsToNamespace: crossplane-system
compositeTypeRef:
apiVersion: aws.repay.io/v1alpha1
kind: XEKS
resources:
- base:
apiVersion: iam.aws.upbound.io/v1beta1
kind: Role
metadata:
labels:
role: controlplane
spec:
forProvider:
assumeRolePolicy: |
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"eks.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
}
name: controlplaneRole
- base:
apiVersion: iam.aws.upbound.io/v1beta1
kind: RolePolicyAttachment
spec:
forProvider:
policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
roleSelector:
matchControllerRef: true
matchLabels:
role: controlplane
name: clusterRolePolicyAttachment
- base:
apiVersion: eks.aws.upbound.io/v1beta1
kind: Cluster
spec:
forProvider:
region: us-west-2
roleArnSelector:
matchControllerRef: true
matchLabels:
role: controlplane
vpcConfig:
- endpointPrivateAccess: true
endpointPublicAccess: true
version: "1.23"
name: kubernetesCluster
patches:
# Change to spec id
- fromFieldPath: spec.parameters.securityGroupIds
toFieldPath: spec.forProvider.vpcConfig[0].securityGroupIds
- fromFieldPath: spec.parameters.subnetIds
toFieldPath: spec.forProvider.vpcConfig[0].subnetIds
- type: ToCompositeFieldPath
fromFieldPath: status.atProvider.identity[0].oidc[0].issuer
toFieldPath: status.eks.oidc
policy:
fromFieldPath: Optional
- base:
apiVersion: eks.aws.upbound.io/v1beta1
kind: ClusterAuth
spec:
forProvider:
region: us-west-2
clusterNameSelector:
matchControllerRef: true
name: kubernetesClusterAuth
patches:
- fromFieldPath: spec.writeConnectionSecretToRef.namespace
toFieldPath: spec.writeConnectionSecretToRef.namespace
- fromFieldPath: metadata.uid
toFieldPath: spec.writeConnectionSecretToRef.name
transforms:
- type: string
string:
fmt: "%s-ekscluster"
connectionDetails:
- fromConnectionSecretKey: kubeconfig
- base:
apiVersion: iam.aws.upbound.io/v1beta1
kind: Role
metadata:
labels:
role: nodegroup
spec:
forProvider:
assumeRolePolicy: |
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"ec2.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
}
name: nodegroupRole
- base:
apiVersion: iam.aws.upbound.io/v1beta1
kind: RolePolicyAttachment
spec:
forProvider:
policyArn: arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
roleSelector:
matchControllerRef: true
matchLabels:
role: nodegroup
name: workerNodeRolePolicyAttachment
- base:
apiVersion: iam.aws.upbound.io/v1beta1
kind: RolePolicyAttachment
spec:
forProvider:
policyArn: arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
roleSelector:
matchControllerRef: true
matchLabels:
role: nodegroup
name: cniRolePolicyAttachment
- base:
apiVersion: iam.aws.upbound.io/v1beta1
kind: RolePolicyAttachment
spec:
forProvider:
policyArn: arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
roleSelector:
matchControllerRef: true
matchLabels:
role: nodegroup
name: containerRegistryRolePolicyAttachment
- base:
apiVersion: eks.aws.upbound.io/v1beta1
kind: NodeGroup
spec:
forProvider:
region: us-west-2
clusterNameSelector:
matchControllerRef: true
nodeRoleArnSelector:
matchControllerRef: true
matchLabels:
role: nodegroup
subnetIdSelector:
matchLabels:
access: public
scalingConfig:
- minSize: 1
maxSize: 100
desiredSize: 1
instanceTypes:
- t3.medium
name: nodeGroupPublic
patches:
- fromFieldPath: spec.parameters.nodes.count
toFieldPath: spec.forProvider.scalingConfig[0].desiredSize
- fromFieldPath: spec.parameters.nodes.size
toFieldPath: spec.forProvider.instanceTypes[0]
transforms:
- type: map
map:
small: t3.small
medium: t3.medium
large: t3.large
- fromFieldPath: spec.id
toFieldPath: spec.forProvider.subnetIdSelector.matchLabels[aws.net.starter.org/network-id]
- base:
apiVersion: iam.aws.upbound.io/v1beta1
kind: OpenIDConnectProvider
spec:
forProvider:
clientIdList:
- sts.amazonaws.com
thumbprintList:
- "9e99a48a9960b14926bb7f3b02e22da2b0ab7280"
name: oidcProvider
patches:
- fromFieldPath: status.eks.oidc
toFieldPath: spec.forProvider.url
policy:
fromFieldPath: Requiredfrom komoplane.
oblogic7
commented on May 30, 2024
Komoplane is a vanilla installation via helm chart. Everything is pretty simple, so I'm not sure what exactly would trigger the error. I figured it was due to claim names since the JS error showed failure on claimNames object key.
from komoplane.
undera
commented on May 30, 2024
So the root cause was the omitted "claimNames" field. I did not know it is allowed by Crossplane.
I have committed the fix and will do release in few minutes.
from komoplane.
undera
commented on May 30, 2024
@oblogic7 it's ready. Please upgrade and try again.
from komoplane.
oblogic7
commented on May 30, 2024
Confirmed working. Thanks!
from komoplane.
Related Issues (20)
- Can someone push the release image of komoplane in docker.io? HOT 1
- Add help buttons in page headers HOT 3
- Make event type be aligned better in event list
- Make left main menu items highlight current item
- Display useful message in case of error occured
- Consider using a table format HOT 3
- Fix graph nodes alignment HOT 1
- Write a tutorial on configuring authentication proxy HOT 3
- Add graph for Composition and XRD
- Can the baseURL of the UI be configured? HOT 4
- Helm chart index.yaml for v>=1.3 points to GitHub URL HOT 1
- Adding k8s APIGroup to components in the graph view HOT 1
- Managed resource filtering POC
- Slack workspace seems closed to joiners? HOT 2
- [helm-chart] Unable to set annotations and labels for various resources
- [feature] Use the "status" indicator element to filter resources on status HOT 1
- [feature] Add Composite function visualization
- no Auth Provider found for name "oidc"
- Does komoplane supports AD and LDAP HOT 5
- Cannot handle multiple deployed versions of composite resources HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from komoplane.