Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove cert-manager controller from default serving.yaml install #4120

Closed
RichieEscarez opened this issue May 16, 2019 · 4 comments
Closed

Remove cert-manager controller from default serving.yaml install #4120

RichieEscarez opened this issue May 16, 2019 · 4 comments
Assignees
@ZhiminXiang
Labels
area/networking kind/feature Well-understood/specified features, ready for coding.
Milestone
0.8.x

Comments

@RichieEscarez
Copy link
Contributor

In what area(s)?

/area API
/area autoscale
/area build
/area monitoring
/area networking
/area test-and-release

What version of Knative?

HEAD

Expected Behavior

No new user blockers and optimal "first-touch" experience. Less "notes" and extra install related steps/info that are unnecessary for new users or others just wanting to "kick the tires"

Actual Behavior

The Knative Serving installation requires a --selector flag during install to prevent the
cert-manager controller from being installed by default.

https://github.com/knative/serving/releases/download/v0.5.2/serving.yaml --selector networking.knative.dev/certificate-provider!=cert-manager

Issue: If you do not immediately install cert-manager feature and CRDs, the cluster complains to your logs (not sure what issues that causes, ie is there a max log file size, and when the user becomes aware if they choose not to include the flag during install).

Example: https://github.com/knative/docs/blob/master/docs/install/Knative-custom-install.md

Due to the fact that HTTPS requires several prerequisite steps (ie. a domain, configuring that custom domain, install cert-manager, obtaining a TLS certificate, turning on HTTPS), it is unrealistic for users to perform this step immediately after a clean install, let alone a new user.

Since enabling HTTPS is an advanced steps, the cert-manager controller should not be installed by default, nor should our installation throw errors unnecessarily.

Steps to Reproduce the Problem

Run:

kubectl apply https://github.com/knative/serving/releases/download/v0.5.2/serving.yaml

Get: errors in logs
@RichieEscarez RichieEscarez added the kind/bug Categorizes issue or PR as related to a bug. label May 16, 2019
@RichieEscarez
Copy link
Contributor Author

/assign @tcnghia

@tcnghia tcnghia assigned ZhiminXiang and unassigned tcnghia Jun 4, 2019
@mattmoor mattmoor added this to the Serving 0.8 milestone Jun 26, 2019
@mattmoor
Copy link
Member

With ko-build/ko#46 we should be able to tease apart the release yamls so that we don't need to use the selector in our docs.

@jonjohnsonjr
Copy link
Contributor

Pinging this since that PR got merged into ko.

@ZhiminXiang ZhiminXiang mentioned this issue Jul 18, 2019
Merged
@mattmoor mattmoor added kind/feature Well-understood/specified features, ready for coding. and removed kind/bug Categorizes issue or PR as related to a bug. labels Jul 19, 2019
@ZhiminXiang
Copy link

I created a tracking issue in knative/doc to track the work of updating installation instructions accordingly. knative/docs#1614

@RichieEscarez RichieEscarez mentioned this issue Aug 13, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ZhiminXiang ZhiminXiang

Labels
area/networking kind/feature Well-understood/specified features, ready for coding.
Projects
None yet
Milestone
0.8.x
Development

No branches or pull requests
6 participants
@tcnghia @mattmoor @ZhiminXiang @RichieEscarez @jonjohnsonjr @knative-prow-robot