Comments (14)
I also encountered the same phenomenon by following stable, installed v2.11.0 and rolled back.
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.11.0/manifests/install.yaml
from argo-cd.
Hi,
The issue is that Argocd tries to create a secret for Redis via Kubernetes API.
the current network policy does not allow Argocd Redis sever to even contact the Kubernetes API.
as a workaround we temporarily changed the network policy for redis: argocd-redis-network-policy:
and changed to pod selector:
podSelector:
matchLabels:
app.kubernetes.io/name: argocd-redis
change the selector to something like app.kubernetes.io/name: argocd-redis-tmp
after that delete the Redis pod, it will now be able to create the secret and the system will start running.
once everything is running, revert the network policy selector (remove "-tmp").
from argo-cd.
Download install.yaml and add Kubernetes API port (in my case 16443) to network policy:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: argocd-redis-network-policy
spec:
egress:
- ports:
- port: 53
protocol: UDP
- port: 53
protocol: TCP
- port: 16443
protocol: TCP
from argo-cd.
issue persist in helm install
from argo-cd.
issue persist in helm install
@sirTangale Can you raise an issue in argo-helm, please? 😃
Also I'd like to mention that the helm chart is handling it slightly different (via a helm hook). Before Helm will deploy the core components of Argo CD (server / repo-server / ...), Helm will wait until the Secret is generated (the Job runs to completion without errors).
I highly appreciate detailed steps to reproduce.
from argo-cd.
Same here, also rolled back to 2.11.0
from argo-cd.
Same here
from argo-cd.
same here, fixed by #18358
from argo-cd.
I have same issue with argocd-redis-ha-haproxy
from argo-cd.
We faced the same problem and also patched the argocd-redis-ha-proxy-network-policy
NetworkPolicy as workaround:
- ports:
- port: 443
protocol: TCP
from argo-cd.
In my case I had to use v2.11.0 and also update NetworkPolicy as above mentioned.
from argo-cd.
i had the same issue and patched the argocd-redis-network-policy
Networkpolicy as @Tomasz-Marciniak suggested.
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: argocd-redis-network-policy
spec:
egress:
- ports:
- port: 53
protocol: UDP
- port: 53
protocol: TCP
- port: 6443 # your kubernetes api port
protocol: TCP
ingress:
- from:
- podSelector:
matchLabels:
app.kubernetes.io/name: argocd-server
- podSelector:
matchLabels:
app.kubernetes.io/name: argocd-repo-server
- podSelector:
matchLabels:
app.kubernetes.io/name: argocd-application-controller
ports:
- port: 6379
protocol: TCP
podSelector:
matchLabels:
app.kubernetes.io/name: argocd-redis
policyTypes:
- Ingress
- Egress
from argo-cd.
I think I had the same issue on 2.11.1
(after an upgrade from 2.10
) and the upgrade to 2.11.2
fixed it for me.
from argo-cd.
Fixed in 2.11.2
from argo-cd.
Related Issues (20)
- Adding Health Checks for cluster api MachinePool HOT 1
- nil pointer dereference when user provides invalid cron schedule
- Applicationset controller does not record progressing status in applicationset status conditions
- couldn't find cmp-server plugin with name "helmchart-ytt" supporting the given repository HOT 2
- Multiple sources, with same name yaml property in parameters (different level) causes the UI to crash
- Add more information for enabling the Terminal in Argo CD HOT 2
- Deeplink `url` evaluated before `if` condition HOT 1
- Allow connecting from the Notification Controller to the Repo Server without TLS
- argo missing parameters for helm after loading a single values file HOT 2
- Can not sync application with some securityContext HOT 5
- `argocd login --core` is using local cli instead the API server
- Improve logic on cache set
- unclear warning about deprecated plugins "spec.plugin.name is set"
- Issue with adding Repo-Creds for Azure DevOps Collection Projects HOT 1
- Push test results to codecov even when a test fails
- Push e2e test results to codecov
- Use `grpc.NewClient` instead of `grpc.Dial` HOT 3
- Repo Server EOF errors when accessing cache HOT 1
- status.summary.images not updated on upgrading an image in Application
- labels in managedNamespaceMetadata not being added to namespace HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from argo-cd.