While attempting to install the default version (i.e. without specifying any overrides or changing the values*.yaml files) of the stable/redis chart, I'm noticing that the Redis master pod goes into a Started -> Terminating -> Started loop. This happens because the master statefulset keeps getting revised. The reason why this is happening for the Redis chart is that it contains the following pod annotation in a StatefulSet spec (this is part of the redis-master-statefulset.yaml file in the chart):
checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}The secret itself is randomly generated thanks to this:
data:
{{- if .Values.password }}
redis-password: {{ .Values.password | b64enc | quote }}
{{- else }}
redis-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- end -}}
In other words, if the values.yaml file doesn't specify a value for the password, the pod annotation will be randomly generated.
This results in a continuous release update loop when the helm-app-operator tries to install the release. As far as I can tell from the code, this is the sequence of events:
- the chart is installed for the first time.
reconcile.go::Reconcile is invoked and after the installation finishes, the reconciler creates a work request to do a resync because of return reconcile.Result{RequeueAfter: r.ResyncPeriod}, err
- the resync is triggered. This time, we fall through to
if manager.IsUpdateRequired() {, which returns true. The reason is that the way the operator checks if an update to a chart has happened is by doing a dry run installation of the chart. Naturally, each dry run will produce a manifest with a different value for the password field.
- the update process begins, leading to a new revision of the
statefulset (leading to the old pod being terminated and replaced) being created.
- Repeat 2 and 3. (edited)
I understand that this problem is avoided by providing an override for generated values. However, for my project, it would be great if charts could work as-is, without having to provide overridden values.
While attempting to install the default version (i.e. without specifying any overrides or changing the
values*.yamlfiles) of thestable/redischart, I'm noticing that the Redis master pod goes into aStarted->Terminating->Startedloop. This happens because the master statefulset keeps getting revised. The reason why this is happening for the Redis chart is that it contains the following pod annotation in a StatefulSet spec (this is part of theredis-master-statefulset.yamlfile in the chart):The secret itself is randomly generated thanks to this:
In other words, if the
values.yamlfile doesn't specify a value for the password, the pod annotation will be randomly generated.This results in a continuous release update loop when the helm-app-operator tries to install the release. As far as I can tell from the code, this is the sequence of events:
reconcile.go::Reconcileis invoked and after the installation finishes, the reconciler creates a work request to do a resync because ofreturn reconcile.Result{RequeueAfter: r.ResyncPeriod}, errif manager.IsUpdateRequired() {, which returns true. The reason is that the way the operator checks if an update to a chart has happened is by doing a dry run installation of the chart. Naturally, each dry run will produce a manifest with a different value for the password field.statefulset(leading to the old pod being terminated and replaced) being created.I understand that this problem is avoided by providing an override for generated values. However, for my project, it would be great if charts could work as-is, without having to provide overridden values.