I am trying to upgrade helm package with the following configuration:
ingress:
hostName: jenkins.mydomain.com
enabled: true
tls:
- secretName: mydomain-tls
hosts:
- jenkins.mydomain.comI am getting error:
UPGRADE FAILED
ROLLING BACK
Error: no Ingress with the name "jenkins" found
Error: UPGRADE FAILED: no Ingress with the name "jenkins" foundWhen I run kubectl get ing -n infrastructure, I can see
NAME HOSTS ADDRESS PORTS AGE
jenkins jenkins.mydomain.com 80, 443 3h
My ingress looks config like this:
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
creationTimestamp: 2021-02-05T15:22:34Z
generation: 2
name: jenkins
namespace: infrastructure
resourceVersion: "201126655"
selfLink: /apis/extensions/v1beta1/namespaces/infrastructure/ingresses/jenkins
uid: f8f2438a-67c5-11eb-83f4-02dd174aaaa7
spec:
rules:
- host: jenkins.mydomain.com
http:
paths:
- backend:
serviceName: jenkins
servicePort: 80
tls:
- hosts:
- jenkins.mydomain.com
secretName: mydomain-tls
status:
loadBalancer:
ingress:
- {}
Upgrading release=jenkins, chart=myapp/jenkins
UPGRADE FAILED
ROLLING BACK
Error: no Ingress with the name "jenkins" found
FAILED RELEASES:
NAME
jenkins
in ./helmfile.yaml: failed processing release jenkins: command "/usr/local/bin/helm" exited with non-zero status:
PATH:
/usr/local/bin/helm
ARGS:
0: /usr/local/bin/helm (19 bytes)
1: upgrade (7 bytes)
2: --install (9 bytes)
3: --reset-values (14 bytes)
4: jenkins (7 bytes)
5: myapp/jenkins (15 bytes)
6: --version (9 bytes)
7: 0.35.17 (7 bytes)
8: --namespace (11 bytes)
9: infrastructure (14 bytes)
10: --values (8 bytes)
11: /var/folders/ht/h_5qbgyx1w9c_fwd5hrg0mhr0000gn/T/helmfile840999588/infrastructure-jenkins-values-6998bfbb68 (107 bytes)
12: --values (8 bytes)
13: /var/folders/ht/h_5qbgyx1w9c_fwd5hrg0mhr0000gn/T/helmfile406900659/infrastructure-jenkins-values-55c4c47467 (107 bytes)
14: --values (8 bytes)
15: /var/folders/ht/h_5qbgyx1w9c_fwd5hrg0mhr0000gn/T/secret465583478 (64 bytes)
16: --values (8 bytes)
17: /var/folders/ht/h_5qbgyx1w9c_fwd5hrg0mhr0000gn/T/secret417700445 (64 bytes)
18: --values (8 bytes)
19: /var/folders/ht/h_5qbgyx1w9c_fwd5hrg0mhr0000gn/T/secret246274072 (64 bytes)
ERROR:
exit status 1
EXIT STATUS
1I am running the command helmfile --namespace=infrastructure --helm-binary=/usr/local/bin/helm --selector name=jenkins sync --skip-deps
This is what I can see if I describe ingress
kubectl describe ingress jenkins -n infrastructure
Name: jenkins
Namespace: infrastructure
Address:
Default backend: default-http-backend:80 (<none>)
TLS:
mydomain-tls terminates jenkins.myapp.com
Rules:
Host Path Backends
---- ---- --------
jenkins.myapp.com
myapp:8080 (<none>)
Annotations:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal UPDATE 6m (x2 over 1d) nginx-ingress-controller Ingress infrastructure/jenkins
Normal UPDATE 6m (x2 over 1d) nginx-ingress-controller Ingress infrastructure/jenkins
My helm chart:
jenkins:
Master:
UseSecurity: true
HostNetworking: false
AdminUser: gruba
AdminPassword: baba
ImageTag: "lts"
resources:
requests:
cpu: "50m"
memory: "256Mi"
limits:
cpu: "2000m"
memory: "2048Mi"
ingress:
hostName: jenkins.myapp.com
enabled: true
tls:
- secretName: myappcom-tls
hosts:
- jenkins.myapp.com
AdditionalConfig: {}
# ServiceType: ClusterIP
NodePort: 32331
# Enable Kubernetes Liveness and Readiness Probes
# ~ 2 minutes to allow Jenkins to restart when upgrading plugins. Set ReadinessTimeout to be shorter than LivenessTimeout.
HealthProbes: true
HealthProbesLivenessTimeout: 90
HealthProbesReadinessTimeout: 60
HealthProbeLivenessFailureThreshold: 12
SlaveListenerPort: 50000
DisabledAgentProtocols:
- JNLP-connect
- JNLP2-connect
CSRF:
DefaultCrumbIssuer:
Enabled: true
ProxyCompatability: true
CLI: false
# Kubernetes service type for the JNLP slave service
# SETTING THIS TO "LoadBalancer" IS A HUGE SECURITY RISK: https://github.com/kubernetes/charts/issues/1341
SlaveListenerServiceType: ClusterIP
SlaveListenerServiceAnnotations: {}
LoadBalancerSourceRanges:
- 0.0.0.0/0
OverwritePlugins: true
InstallPlugins:
- workflow-cps-global-lib:2.17
- blueocean-config:1.24.3
- blueocean-git-pipeline:1.24.3
- blueocean-bitbucket-pipeline:1.24.3
- cloudbees-bitbucket-branch-source:2.9.4
- jaxb:2.3.0.1
- blueocean-display-url:2.4.0
- aws-java-sdk:1.11.854
- workflow-cps:2.84
- sse-gateway:1.24
- role-strategy:3.1
- structs:1.20
- git:4.4.5
- blueocean-executor-info:1.24.3
- pipeline-stage-tags-metadata:1.7.2
- checks-api:1.1.0
- kubernetes-client-api:4.11.1
- blueocean-jira:1.24.3
- bootstrap4-api:4.5.3-1
- plugin-util-api:1.4.0
- github-branch-source:2.9.1
- workflow-api:2.40
- antisamy-markup-formatter:2.1
- blueocean-web:1.24.3
- kubernetes:1.27.3
- pubsub-light:1.13
- echarts-api:4.9.0-2
- aws-credentials:1.28
- junit:1.43
- workflow-basic-steps:2.21
- mailer:1.32.1
- pipeline-milestone-step:1.3.1
- job-dsl:1.77
- aws-secrets-manager-credentials-provider:0.5.0
- pipeline-model-definition:1.7.2
- pipeline-model-extensions:1.7.2
- bouncycastle-api:2.18
- authentication-tokens:1.4
- pipeline-graph-analysis:1.10
- timestamper:1.11.8
- blueocean:1.24.3
- ws-cleanup:0.38
- pipeline-stage-step:2.5
- blueocean-pipeline-api-impl:1.24.3
- ssh-credentials:1.18.1
- pipeline-input-step:2.12
- pipeline-rest-api:2.18
- pipeline-model-api:1.7.2
- blueocean-personalization:1.24.3
- ghprb:1.42.1
- durable-task:1.35
- github-oauth:0.33
- mapdb-api:1.0.9.0
- handy-uri-templates-2-api:2.1.8-1.0
- workflow-aggregator:2.6
- blueocean-jwt:1.24.3
- docker-workflow:1.24
- blueocean-events:1.24.3
- jdk-tool:1.4
- blueocean-i18n:1.24.3
- branch-api:2.6.1
- ant:1.11
- ssh-slaves:1.31.2
- font-awesome-api:5.15.1-1
- blueocean-rest:1.24.3
- matrix-auth:2.6.4
- matrix-project:1.18
- conditional-buildstep:1.3.6
- jsch:0.1.55.2
- jenkins-design-language:1.24.3
- jira:3.1.1
- pam-auth:1.6
- pipeline-build-step:2.13
- blueocean-rest-impl:1.24.3
- git-client:3.5.1
- ssh-agent:1.20
- simple-theme-plugin:0.6
- parameterized-trigger:2.39
- docker-java-api:3.1.5.2
- git-server:1.9
- resource-disposer:0.14
- blueocean-dashboard:1.24.3
- slack:2.43
- script-security:1.75
- ldap:1.26
- github-api:1.116
- handlebars:1.1.1
- blueocean-commons:1.24.3
- configuration-as-code:1.45
- workflow-durable-task-step:2.35
- variant:1.3
- maven-plugin:3.8
- token-macro:2.12
- aws-bucket-credentials:1.0.0
- subversion:2.13.1
- run-condition:1.3
- popper-api:1.16.0-7
- apache-httpcomponents-client-4-api:4.5.10-2.0
- favorite:2.3.2
- workflow-step-api:2.23
- plain-credentials:1.7
- email-ext:2.78
- blueocean-pipeline-editor:1.24.3
- blueocean-pipeline-scm-api:1.24.3
- docker-commons:1.17
- cloudbees-folder:6.14
- lockable-resources:2.10
- javadoc:1.6
- pipeline-stage-view:2.18
- kubernetes-credentials:0.7.0
- github:1.32.0
- scm-api:2.6.4
- mercurial:2.11
- jquery3-api:3.5.1-2
- workflow-job:2.40
- docker-plugin:1.2.1
- workflow-multibranch:2.22
- okhttp-api:3.14.9
- ansicolor:0.7.3
- snakeyaml-api:1.27.0
- trilead-api:1.0.12
- jackson2-api:2.11.3
- command-launcher:1.5
- gradle:1.36
- jquery-detached:1.2.1
- blueocean-github-pipeline:1.24.3
- workflow-scm-step:2.11
- momentjs:1.1.1
- blueocean-core-js:1.24.3
- credentials-binding:1.24
- htmlpublisher:1.23
- credentials:2.3.13
- pipeline-github-lib:1.0
- display-url-api:2.3.3
- build-timeout:1.20
- workflow-support:3.5
- blueocean-autofavorite:1.2.4
- ace-editor:1.1
- pipeline-aws:1.42
- job-import-plugin:3.4
JCasC:
enabled: true
PluginVersion: 1.36
# SupportPluginVersion: 1.33
ConfigScripts:
# moved to casc.yaml file
# List of groovy init scripts to be executed during Jenkins master start
InitScripts:
- |
import javaposse.jobdsl.dsl.DslScriptLoader
import javaposse.jobdsl.plugin.JenkinsJobManagement
def jobScript = new File('/usr/share/jenkins/seed-job.groovy')
def jobManagement = new JenkinsJobManagement(System.out, [:], new File('.'))
println "Creating the seed job"
new DslScriptLoader(jobManagement).with {
runScript(jobScript.text)
}
# - |
# print 'adding global pipeline libraries, register properties, bootstrap jobs...'
# Kubernetes secret that contains a 'credentials.xml' for Jenkins
# CredentialsXmlSecret: jenkins-credentials
# Kubernetes secret that contains files to be put in the Jenkins 'secrets' directory,
# useful to manage encryption keys used for credentials.xml for instance (such as
# master.key and hudson.util.Secret)
SecretsFilesSecret: jenkins-secrets
# Jenkins XML job configs to provision
# Jobs: |-
# test: |-
# <<xml here>>
CustomConfigMap: false
# By default, the configMap is only used to set the initial config the first time
# that the chart is installed. Setting `OverwriteConfig` to `true` will overwrite
# the jenkins config with the contents of the configMap every time the pod starts.
OverwriteConfig: false
# Node labels and tolerations for pod assignment
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
NodeSelector:
nodePool: infrastructure
Tolerations: {}
PodAnnotations: {}
Agent:
Enabled: true
Image: jenkins/jnlp-slave
ImageTag: 3.35-5
CustomJenkinsLabels: []
# ImagePullSecret: jenkins
Component: "jenkins-slave"
Privileged: false
resources:
requests:
cpu: "200m"
memory: "256Mi"
limits:
cpu: "200m"
memory: "256Mi"
# You may want to change this to true while testing a new image
AlwaysPullImage: false
# Controls how slave pods are retained after the Jenkins build completes
# Possible values: Always, Never, OnFailure
PodRetention: Never
# You can define the volumes that you want to mount for this container
# Allowed types are: ConfigMap, EmptyDir, HostPath, Nfs, Pod, Secret
# Configure the attributes as they appear in the corresponding Java class for that type
# https://github.com/jenkinsci/kubernetes-plugin/tree/master/src/main/java/org/csanchez/jenkins/plugins/kubernetes/volumes
volumes:
# - type: Secret
# secretName: mysecret
# mountPath: /var/myapp/mysecret
NodeSelector: {}
# Key Value selectors. Ex:
# jenkins-agent: v1
Persistence:
Enabled: true
## A manually managed Persistent Volume and Claim
## Requires Persistence.Enabled: true
## If defined, PVC must be created manually before volume will be bound
# ExistingClaim:
## jenkins data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
StorageClass: aws-efs
Annotations: {}
AccessMode: ReadWriteOnce
Size: 4Gi
volumes:
- name: secrets
secret:
secretName: jenkins-secrets
items:
- key: github_ssh_key
path: github_ssh_key
- name: configs
configMap:
name: jenkins-configs
items:
- key: seed-job.groovy
path: seed-job.groovy
mounts:
- mountPath: /run/secrets/github_ssh_key
name: secrets
subPath: github_ssh_key
- mountPath: /usr/share/jenkins/seed-job.groovy
name: configs
subPath: seed-job.groovy
NetworkPolicy:
# Enable creation of NetworkPolicy resources.
Enabled: false
# For Kubernetes v1.4, v1.5 and v1.6, use 'extensions/v1beta1'
# For Kubernetes v1.7, use 'networking.k8s.io/v1'
ApiVersion: networking.k8s.io/v1
## Install Default RBAC roles and bindings
rbac:
install: true
serviceAccountName: jenkins
# Role reference
roleRef: cluster-admin
# Role kind (RoleBinding or ClusterRoleBinding)
roleBindingKind: ClusterRoleBindingI am not sure what is wrong with this ingress. Any idea what can be wrong here?