Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to use custom cniConfig.fileContents via Helm chart because of the base64 encoding misuse. #2551

Closed
VLZZZ opened this issue Sep 7, 2023 · 2 comments
Closed

Unable to use custom cniConfig.fileContents via Helm chart because of the base64 encoding misuse. #2551

VLZZZ opened this issue Sep 7, 2023 · 2 comments
Labels
bug

Comments

@VLZZZ
Copy link
Contributor

VLZZZ commented Sep 7, 2023
edited
Loading

What happened:

Unable to use custom cniConfig.fileContents via Helm chart because of the base64 encoding misuse.

Attach logs

Defaulted container "aws-node" out of: aws-node, aws-vpc-cni-init (init)
Installed /host/opt/cni/bin/aws-cni
Installed /host/opt/cni/bin/egress-v4-cni
time="2023-09-07T12:55:41Z" level=info msg="Starting IPAM daemon... "
time="2023-09-07T12:55:41Z" level=info msg="Checking for IPAM connectivity... "
time="2023-09-07T12:55:42Z" level=info msg="Copying config file... "
time="2023-09-07T12:55:42Z" level=fatal msg="ewogICJjbmlWZXJzaW9uIjogIjAuNC4wIiwKICAibmFtZSI6ICJhd3MtY25pIiwKICAiZGlzYWJsZUNoZWNrIjogdHJ1ZSwKICAicGx1Z2lucyI6IFsKICAgIHsKICAgICAgIm5hbWUiOiAiYXdzLWNuaSIsCiAgICAgICJ0eXBlIjogImF3cy1jbmkiLAogICAgICAidmV0aFByZWZpeCI6ICJfX1ZFVEhQUkVGSVhfXyIsCiAgICAgICJtdHUiOiAiX19NVFVfXyIsCiAgICAgICJwb2RTR0VuZm9yY2luZ01vZGUiOiAiX19QT0RTR0VORk9SQ0lOR01PREVfXyIsCiAgICAgICJwbHVnaW5Mb2dGaWxlIjogIl9fUExVR0lOTE9HRklMRV9fIiwKICAgICAgInBsdWdpbkxvZ0xldmVsIjogIl9fUExVR0lOTE9HTEVWRUxfXyIKICAgIH0sCiAgICB7CiAgICAgICJuYW1lIjogImVncmVzcy1jbmkiLAogICAgICAidHlwZSI6ICJlZ3Jlc3MtY25pIiwKICAgICAgIm10dSI6ICI5MDAxIiwKICAgICAgImVuYWJsZWQiOiAiX19FR1JFU1NQTFVHSU5FTkFCTEVEX18iLAogICAgICAicmFuZG9taXplU05BVCI6ICJfX1JBTkRPTUlaRVNOQVRfXyIsCiAgICAgICJub2RlSVAiOiAiX19OT0RFSVBfXyIsCiAgICAgICJpcGFtIjogewogICAgICAgICJ0eXBlIjogImhvc3QtbG9jYWwiLAogICAgICAgICJyYW5nZXMiOiBbW3sic3VibmV0IjogIl9fRUdSRVNTUExVR0lOSVBBTVNVQk5FVF9fIn1dXSwKICAgICAgICAicm91dGVzIjogW3siZHN0IjogIl9fRUdSRVNTUExVR0lOSVBBTURTVF9fIn1dLAogICAgICAgICJkYXRhRGlyIjogIl9fRUdSRVNTUExVR0lOSVBBTURBVEFESVJfXyIKICAgICAgfSwKICAgICAgInBsdWdpbkxvZ0ZpbGUiOiAiX19FR1JFU1NQTFVHSU5MT0dGSUxFX18iLAogICAgICAicGx1Z2luTG9nTGV2ZWwiOiAiX19QTFVHSU5MT0dMRVZFTF9fIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAicG9ydG1hcCIsCiAgICAgICJjYXBhYmlsaXRpZXMiOiB7InBvcnRNYXBwaW5ncyI6IHRydWV9LAogICAgICAic25hdCI6IHRydWUKICAgIH0sCiAgICB7CiAgICAgICJ0eXBlIjogInR1bmluZyIsCiAgICAgICJzeXNjdGwiOiB7CiAgICAgICAgIm5ldC5pcHY2LmNvbmYuYWxsLmRpc2FibGVfaXB2NiI6ICIxIiwKICAgICAgICAibmV0LmlwdjYuY29uZi5kZWZhdWx0LmRpc2FibGVfaXB2NiI6ICIxIiwKICAgICAgICAibmV0LmlwdjYuY29uZi5sby5kaXNhYmxlX2lwdjYiOiAiMSIKICAgICAgfQogICAgfQogIF0KfQ== is not a valid json object, error: invalid character 'e' looking for beginning of value"

What you expected to happen:
I expect to have custom config copied and loaded successfully.
How to reproduce it (as minimally and precisely as possible):
Helm chart values with custom cniConfig

cniConfig:
  enabled: true
  fileContents: |
    {
      "cniVersion": "0.4.0",
      "name": "aws-cni",
      "disableCheck": true,
      "plugins": [
        {
          "name": "aws-cni",
          "type": "aws-cni",
          "vethPrefix": "__VETHPREFIX__",
          "mtu": "__MTU__",
          "podSGEnforcingMode": "__PODSGENFORCINGMODE__",
          "pluginLogFile": "__PLUGINLOGFILE__",
          "pluginLogLevel": "__PLUGINLOGLEVEL__"
        },
        {
          "name": "egress-cni",
          "type": "egress-cni",
          "mtu": "9001",
          "enabled": "__EGRESSPLUGINENABLED__",
          "randomizeSNAT": "__RANDOMIZESNAT__",
          "nodeIP": "__NODEIP__",
          "ipam": {
            "type": "host-local",
            "ranges": [[{"subnet": "__EGRESSPLUGINIPAMSUBNET__"}]],
            "routes": [{"dst": "__EGRESSPLUGINIPAMDST__"}],
            "dataDir": "__EGRESSPLUGINIPAMDATADIR__"
          },
          "pluginLogFile": "__EGRESSPLUGINLOGFILE__",
          "pluginLogLevel": "__PLUGINLOGLEVEL__"
        },
        {
          "type": "portmap",
          "capabilities": {"portMappings": true},
          "snat": true
        },
        {
          "type": "tuning",
          "sysctl": {
            "net.ipv6.conf.all.disable_ipv6": "1",
            "net.ipv6.conf.default.disable_ipv6": "1",
            "net.ipv6.conf.lo.disable_ipv6": "1"
          }
        }
      ]
    }

Anything else we need to know?:
I'm trying to mitigate the #2483 untill v1.15.0 will be released.
Environment:

  • Kubernetes version (use kubectl version): Server Version: v1.23.17-eks-2d98532
  • CNI Version: v1.14.0
  • OS (e.g: cat /etc/os-release):
NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2"
HOME_URL="https://amazonlinux.com/"
  • Kernel (e.g. uname -a): Linux ip-10-102-131-140.us-west-2.compute.internal 5.4.249-163.359.amzn2.x86_64 #1 SMP Wed Jul 12 18:58:58 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
@VLZZZ VLZZZ added the bug label Sep 7, 2023
This was referenced Sep 7, 2023
Merged
Closed
@jdn5126
Copy link
Contributor

jdn5126 commented Sep 12, 2023

Closing this as fixed, thanks @VLZZZ !

@jdn5126 jdn5126 closed this as completed Sep 12, 2023
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@jdn5126 jdn5126 mentioned this issue Sep 20, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@VLZZZ @jdn5126