Skip to content

DataPlane with custom volume in podTemplateSpec fails to reconcile #2420

New issue
New issue
Open
Bug
#2425
Open
DataPlane with custom volume in podTemplateSpec fails to reconcile#2420
Bug
#2425
Assignees
pmalek
Labels
bugSomething isn't working
Milestone
KO v2.0.x
@sandromodarelli

Description

@sandromodarelli
sandromodarelli
opened on Oct 9, 2025

Current Behavior

Setting up a DataPlane with KonnectExtension and a custom volume leads to a reconciliation error:

{"level":"error","ts":"2025-10-09T14:26:27Z","msg":"Reconciler error","controller":"dataplane","controllerGroup":"gateway-operator.konghq.com","controllerKind":"DataPlane","DataPlane":{"name":"dataplane-example","namespace":"default"},"namespace":"default","name":"dataplane-example","reconcileID":"3d84b3c8-2f6c-4d5b-a275-1c6d991b7418","error":"could not build Deployment for DataPlane default/dataplane-example: failed patching Deployment dataplane-dataplane-example-m5pxn: Deployment.apps \"dataplane-dataplane-example-m5pxn\" is invalid: [spec.template.spec.volumes[0].secret: Forbidden: may not specify more than 1 volume type, spec.template.spec.containers[0].volumeMounts[0].name: Not found: \"kongsaxon-vol\", spec.template.spec.initContainers[0].volumeMounts[0].name: Not found: \"kongsaxon-vol\"]","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:353\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:300\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.1\n\t/home/runner/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:202"}

Expected Behavior

Reconciliation happens successfully and DataPlane deployment receives the custom volume alongside other volumes (cluster certificates' secrets)

Steps To Reproduce

---
kind: KonnectExtension
apiVersion: konnect.konghq.com/v1alpha2
metadata:
  name: my-konnect-config
  namespace: kong
spec:
  clientAuth:
    certificateSecret:
      provisioning: Automatic
  konnect:
    controlPlane:
      ref:
        type: konnectNamespacedRef
        konnectNamespacedRef:
          name: cp-operator
---
apiVersion: gateway-operator.konghq.com/v1beta1
kind: DataPlane
metadata:
  name: dataplane-prod
  namespace: kong
spec:
  extensions:
  - kind: KonnectExtension
    name: my-konnect-config
    group: konnect.konghq.com
  deployment:
    podTemplateSpec:
      spec:
        containers:
        - name: proxy
          image: kong/kong-gateway:3.11.0.2
          env:
          - name: KONG_NGINX_WORKER_PROCESSES
            value: "1"
          volumeMounts:
          - name: custom-vol
            mountPath: /usr/local/lib/custom
        volumes:
        - name: custom-vol
          emptyDir: {}

Operator Version

v2.0.4

kubectl version

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

Bug

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions