fleetdm
Helm Chart - Bug in deployment YAML
Fleet version: fleetctl - version 4.16.0 branch: HEAD revision: https://github.com/fleetdm/fleet/commit/865ab32d03c37e8a74e811bc5ac697202f14e455 build date: 2022-06-21 build user: runner go version: go1.17.8
Operating system: Kubernetes
Web browser: N/A
🧑💻 Expected behavior
When turning on TLS on the server by setting tls: enabled: true in the values values.yaml: fleet: tls: enabled: true
the expected behavior would be to set the protocol of the readiness and the liveliness probes in the deployment to use the scheme: HTTPS instead of HTTP
readinessProbe: failureThreshold: 3 httpGet: path: /healthz port: 8080 scheme: HTTPS periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1
💥 Actual behavior
readinessProbe: failureThreshold: 3 httpGet: path: /healthz port: 8080 scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1
This leads to the fleet pods crashlooping because the readiness and liveliness probes fail, once the tls is enabled.
More info
Preproduce: set tls: enabled: false in the values: fleet starts up and the UI is accessible for the setup. Enable tls and the pods fail to come up. The log does not show any errors, only the message that the server terminated.
Thanks for the submission as well as the detailed description, @ololdach! The engineering team may follow up with some additional questions.
