This repository has been archived by the owner on Oct 10, 2023. It is now read-only.
This repository has been archived by the owner on Oct 10, 2023. It is now read-only.
The ClusterBootstrap validation webhook causes Velero restore of mgmt cluster failed #3785
Open
Description
Create a backup for the mgmt cluster with Velero and the backup contains ClusterBootstrap
and its referenced resources KappControllerConfig
, VSphereCSIConfig
, etc.
If ClusterBootstrap
is restored before its referenced resources, the restore will fail with following error:
error restoring clusterbootstraps.run.tanzu.vmware.com/default/tkg-vc-antrea: admission webhook "clusterbootstrap.validating.vmware.com" denied the request: ClusterBootstrap.run.tanzu.vmware.com "tkg-vc-antrea" is invalid: [spec.kapp.valuesFrom.ProviderRef: Invalid value: v1.TypedLocalObjectReference{APIGroup:(*string)(0xc001d7a010), Kind:"KappControllerConfig", Name:"tkg-vc-antrea-kapp-controller-package"}: kappcontrollerconfigs.run.tanzu.vmware.com "tkg-vc-antrea-kapp-controller-package" not found, spec.cpi.valuesFrom.ProviderRef: Invalid value: v1.TypedLocalObjectReference{APIGroup:(*string)(0xc001ac7ff0), Kind:"VSphereCPIConfig", Name:"tkg-vc-antrea"}: vspherecpiconfigs.cpi.tanzu.vmware.com "tkg-vc-antrea" not found]
As ClusterBootstrap
is extensible, it can reference any kind of resources, Velero cannot gurantee all its refereced resources be restored first, the validation for the references should be removed and the controller should be responsible for reconcile the resource in the next loop of reconciling if its references don't exist.
Activity