-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
remove decprecation warning from logs #119
Comments
@subhamkrai can you please point me to the Rook job here? |
it will not be in the job, but it will be artifacts of the job. currently job is running I'll share the job. |
@leelavg are you also seeing this error in operator logs? |
well, I didn't look at kube-rbac-proxy container logs. |
@Madhu-1 @subhamkrai We will need to live with that deprecation warning for some time because we are targeting older k8s releases |
What K8s version is needed to avoid that warning? Rook just updated the min version supported to v1.26. For running the CSI operator we could easily set the min supported version to v1.27, since that will be our min version for the next Rook release v1.16 where csi operator will no longer be experimental. |
It doesn't look like kubernetes version problem but it's like container image problem, let me check this and see what is the exact problem |
This is not related to kubernetes version, its related to kube-proxy brancz/kube-rbac-proxy#187 |
Looked into this for a bit and here are my thoughts kube-rbac-proxy now wants tls cert & private key file, for d/s there are 2 solutions, https://docs.openshift.com/container-platform/4.17/security/certificates/service-serving-certificate.html or https://github.com/openshift/service-ca-operator but for u/s we need user to deploy https://cert-manager.io/docs/installation/helm/ or provide certificates manually. however, iirc this dependency is being added by kubebuilder w/ the assumption that non-resource urls (for ex: metrics) also need authentication but csi-op doesn't export any metrics and this dep could be dropped altogether. if we infact choose to continue, I don't see the seriousness in continuing to use the proxy w/o certs. |
If not required, lets drop the container from the deployment. Lets discuss in the team meeting |
operator logs start with the below warning in Rook CI, raising the issue for awarness
The text was updated successfully, but these errors were encountered: