Skip to content

kro gcp cloudsql example fails to deploy #369

New issue
New issue
Open
#383
Open
kro gcp cloudsql example fails to deploy#369
#383
Assignees
barney-s
Labels
kind/bugSomething isn't working
@lucstjean-ssc

Description

@lucstjean-ssc
lucstjean-ssc
opened on Mar 10, 2025

Description

Issue 1
Observed Behaviors:

CloudSQL instance fails to deploy with error "Update call failed: error applying desired state: summary: Error waiting for Create Instance: Insufficient permission to use KMS key."

The iam policy member resources are failing to deploy:

iampolicymember.iam.cnrm.cloud.google.com/sql-kms-us-central1-policybinding 12m False DependencyNotFound
iampolicymember.iam.cnrm.cloud.google.com/sql-kms-us-west1-policybinding 12m False DependencyNotFound

reference KMSCryptoKey my-apps/demo00020-primary-primary is not found
reference KMSCryptoKey my-apps/demo00020-replica-replica is not found

Expected Behavior:
Resouce deployment should succeed.
Reproduction Steps (Please include ResourceGraphDefinition and Instances files):

https://github.com/kro-run/kro/blob/main/examples/gcp/cloud-sql/rgd.yaml

This issue is resolvable:

Remove -primary from

kro/examples/gcp/cloud-sql/rgd.yaml

Line 142 in ef2a21c

name: ${kmskeyPrimary.metadata.name}-primary

Remove -replica from

kro/examples/gcp/cloud-sql/rgd.yaml

Line 157 in ef2a21c

name: ${kmskeyReplica.metadata.name}-replica

The issue occurs because -primary and -replica are already contained in ${schema.spec.name} on lines:

kro/examples/gcp/cloud-sql/rgd.yaml

Line 80 in ef2a21c

name: ${schema.spec.name}-primary

kro/examples/gcp/cloud-sql/rgd.yaml

Line 90 in ef2a21c

name: ${schema.spec.name}-replica

Versions:

  • kro version: 0.2.1
  • Kubernetes Version (kubectl version):
    Client Version: v1.31.6-dispatcher
    Kustomize Version: v5.4.2
    Server Version: v1.31.5-gke.1233000

Involved Controllers:

  • Controller URLs and Versions (if applicable):

Error Logs (if applicable)**:

CloudSQL instance fails to deploy with error "Update call failed: error applying desired state: summary: Error waiting for Create Instance: Insufficient permission to use KMS key."

The iam policy member resources are failing to deploy:

iampolicymember.iam.cnrm.cloud.google.com/sql-kms-us-central1-policybinding   12m   False   DependencyNotFound
iampolicymember.iam.cnrm.cloud.google.com/sql-kms-us-west1-policybinding      12m   False   DependencyNotFound
reference KMSCryptoKey my-apps/demo00020-primary-primary is not found
reference KMSCryptoKey my-apps/demo00020-replica-replica is not found

Issue 2
Observed Behaviors:

sqlPrimary and sqlReplica template misconfigurations.

The SQL instance is not replicable given the current resource configuration for sqlPrimary and sqlReplica:

NAME                                                      AGE     READY   STATUS         STATUS AGE
sqlinstance.sql.cnrm.cloud.google.com/demo00031-primary   4m59s   True    UpToDate       97s
sqlinstance.sql.cnrm.cloud.google.com/demo00031-replica   73s     False   UpdateFailed
sqlinstance-controller  Update call failed: error creating: creating SQLInstance demo00031-replica failed: googleapi: Error 400: A Cloud SQL instance that is not a replica can't have an associated master instance name., errorInvalidInstanceTypeCloudSql

Expected Behavior:
Replica deployment should succeed.
Reproduction Steps (Please include ResourceGraphDefinition and Instances files):

https://github.com/kro-run/kro/blob/main/examples/gcp/cloud-sql/rgd.yaml

This issue is resolvable:

  • Adding edition: ENTERPRISE in both sql resources (primary and replica)
  • Changing settings.availabilityType: REGIONAL to settings.availabilityType: ZONAL
  • AddinginstanceType: READ_REPLICA_INSTANCE on the replica resource.
NAME                                                      AGE     READY   STATUS     STATUS AGE
sqlinstance.sql.cnrm.cloud.google.com/demo00033-primary   12m     True    UpToDate   6m35s
sqlinstance.sql.cnrm.cloud.google.com/demo00033-replica   6m26s   True    UpToDate   73s

Versions:

  • kro version: 0.2.1
  • Kubernetes Version (kubectl version):
    Client Version: v1.31.6-dispatcher
    Kustomize Version: v5.4.2
    Server Version: v1.31.5-gke.1233000

Involved Controllers:

  • Controller URLs and Versions (if applicable):

Error Logs (if applicable)**:

sqlinstance-controller  Update call failed: error creating: creating SQLInstance demo00031-replica failed: googleapi: Error 400: A Cloud SQL instance that is not a replica can't have an associated master instance name., errorInvalidInstanceTypeCloudSql
  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Which option describes the most your issue?

No response

Metadata

Metadata

Assignees

Labels

kind/bugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions