Trying to install django-defectDojo helm chart and running into StatefulSet version error

1/17/2020

I am trying to follow the installation of helm chart for django-defectDojo on my CentOS machine given here https://github.com/DefectDojo/django-DefectDojo/blob/master/KUBERNETES.md

But on running the helm install command I am running into this issue -

Error: validation failed: [unable to recognize "": no matches for kind "Deployment" in version "extensions/v1beta1", unable to recognize "": no matches for kind "StatefulSet" in version "apps/v1beta2"]

On further inspection, I believe this has to do with the postgresql chart but I am unable to resolve the issue.

My kubectl version is

kubectl version

GitVersion:"v1.17.1", GitCommit:"d224476cd0730baca2b6e357d144171ed74192d6", GitTreeState:"clean", BuildDate:"2020-01-14T21:04:32Z", GoVersion:"go1.13.5", Compiler:"gc", Platform:"linux/amd64"} Server Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.1", GitCommit:"d224476cd0730baca2b6e357d144171ed74192d6", GitTreeState:"clean", BuildDate:"2020-01-14T20:56:50Z", GoVersion:"go1.13.5", Compiler:"gc", Platform:"linux/amd64"}Client Version: version.Info{Major:"1", Minor:"17",

Any help on this will be appreciated.

-- Pranav Bhatia
helmfile
kubeadm
kubectl
kubernetes-helm

1 Answer

1/17/2020

Apparently there is a problem with this chart and it won't work with newer versions of Kubernetes (1.16 and higher) without additional modification. I found this issue on django-DefectDojo github page. Here same problem as yours is reported.

The problem is related with some major changes in Kubernetes APIs in version 1.16.

In Changelog since v1.15.0 you can read the following:

The following APIs are no longer served by default: (#70672, @liggitt) * All resources under apps/v1beta1 and apps/v1beta2 - use apps/v1 instead * daemonsets, deployments, replicasets resources under extensions/v1beta1 - use apps/v1 instead * networkpolicies resources under extensions/v1beta1 - use networking.k8s.io/v1 instead * podsecuritypolicies resources under extensions/v1beta1 - use policy/v1beta1 instead

And further there is even temporary solution provided:

  • Serving these resources can be temporarily re-enabled using the --runtime-config apiserver flag.
  • apps/v1beta1=true
  • apps/v1beta2=true
  • extensions/v1beta1/daemonsets=true,extensions/v1beta1/deployments=true,extensions/v1beta1/replicasets=true,extensions/v1beta1/networkpolicies=true,extensions/v1beta1/podsecuritypolicies=true

  • The ability to serve these resources will be completely removed in v1.18.

As your Kubernetes version is 1.17, you can still use this workaround.

Alternatively you can use older Kubernetes version as suggested here or modify appropriate yaml manifests from django-DefectDojo project manually by yourself so they match current Kubernetes APIs structure.

-- mario
Source: StackOverflow