Skip to content

linkerd multicluster link --ha generates invalid deployment spec #11603

New issue
New issue
Closed
#11642
#11609
Closed
linkerd multicluster link --ha generates invalid deployment spec#11603
#11642
#11609
Assignees
mateiidavid
Labels
bug
@Hexcles

Description

@Hexcles
Hexcles
opened on Nov 10, 2023

What is the issue?

I was trying out the new HA mode with linkerd multicluster --ha and couldn't apply the generated specs with kubectl.

How can it be reproduced?

linkerd --context=foo multicluster link --cluster-name foo --ha | kubectl --context=bar apply -f -

Logs, error output, etc

error: error validating "STDIN": error validating data: ValidationError(Deployment.spec.template.spec): unknown field "podAntiAffinity" in io.k8s.api.core.v1.PodSpec; if you choose to ignore these errors, turn validation off with --validate=false

The relevant part of the spec is

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    linkerd.io/extension: multicluster
    component: service-mirror
    mirror.linkerd.io/cluster-name: foo
  name: linkerd-service-mirror-foo
  namespace: linkerd-multicluster
spec:
  replicas: 3
  selector:
    matchLabels:
      component: linkerd-service-mirror
      mirror.linkerd.io/cluster-name: foo
  strategy:
    rollingUpdate:
      maxUnavailable: 1
  template:
    metadata:
      annotations:
        linkerd.io/inject: enabled
        cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
        config.alpha.linkerd.io/proxy-wait-before-exit-seconds: "0"
      labels:
        linkerd.io/extension: multicluster
        component: linkerd-service-mirror
        mirror.linkerd.io/cluster-name: foo
    spec:
      podAntiAffinity:
        preferredDuringSchedulingIgnoredDuringExecution:
        - podAffinityTerm:
            labelSelector:
              matchExpressions:
              - key: mirror.linkerd.io/cluster-name
                operator: In
                values:
                - foo
            topologyKey: topology.kubernetes.io/zone
          weight: 100
        requiredDuringSchedulingIgnoredDuringExecution:
        - labelSelector:
            matchExpressions:
            - key: mirror.linkerd.io/cluster-name
              operator: In
              values:
              - foo
          topologyKey: kubernetes.io/hostname
...

output of linkerd check -o short

Status check results are √

Environment

  • Kubernetes 1.24
  • EKS
  • Linux
  • Linkerd 2.14.3

Possible solution

Looking at https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#podspec-v1-core, podAntiAffinity only exists under spec.affinity, so there might be something wrong with this helm chart:

linkerd2/multicluster/charts/linkerd-multicluster-link/templates/service-mirror.yaml

Lines 123 to 126 in 4018b2f

{{- if .Values.enablePodAntiAffinity -}}
{{- $local := dict "label" "mirror.linkerd.io/cluster-name" "component" .Values.targetClusterName -}}
{{- include "linkerd.pod-affinity" $local | nindent 6 -}}
{{- end }}

Additional context

No response

Would you like to work on fixing this bug?

None

Metadata

Metadata

Assignees

Labels

bug

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions