Comments (3)
sudermanjr
commented on September 26, 2024
1
Nova should definitely work in-cluster. We actually do this as part of our commercial software that utilizes nova reports. You can reference how we do this in our chart - https://github.com/FairwindsOps/charts/tree/master/stable/insights-agent. Here's an example of a templated cronjob from that chart.
apiVersion: batch/v1
kind: CronJob
metadata:
annotations:
linkerd.io/inject: disabled
polaris.fairwinds.com/cpuLimitsMissing-exempt: "true"
polaris.fairwinds.com/memoryLimitsMissing-exempt: "true"
sidecar.istio.io/inject: "false"
labels:
app: insights-agent
name: nova
spec:
concurrencyPolicy: Forbid
failedJobsHistoryLimit: 1
jobTemplate:
spec:
activeDeadlineSeconds: 300
backoffLimit: 1
template:
metadata:
annotations:
cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
labels:
app.kubernetes.io/name: nova
app.kubernetes.io/part-of: insights-agent
spec:
containers:
- command:
- /nova
- find
- --helm
- --containers
- --config=/config/nova.yaml
- -v3
env: null
image: quay.io/fairwinds/nova:v3.6
imagePullPolicy: Always
name: nova
resources:
requests:
cpu: 100m
memory: 128Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsGroup: 10324
runAsNonRoot: true
runAsUser: 10324
volumeMounts:
- mountPath: /output
name: output
- mountPath: /config
name: config
- mountPath: /tmp
name: tmp
- command:
- ./uploader.sh
- --datatype
- nova
- --timeout
- "300"
- --organization
- research-and-development
- --cluster
- sandbox
- --host
- https://insights.fairwinds.com
- --version
- v3.6
- --file
- /output/nova.json
env:
- name: FAIRWINDS_TOKEN
valueFrom:
secretKeyRef:
key: token
name: insights-agent-token
- name: FAIRWINDS_AGENT_CHART_VERSION
value: 2.23.2
- name: SEND_FAILURES
value: "true"
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
image: quay.io/fairwinds/insights-uploader:0.5.1
imagePullPolicy: Always
name: insights-uploader
resources:
limits:
cpu: 250m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
volumeMounts:
- mountPath: /output
name: output
restartPolicy: Never
serviceAccountName: insights-agent-nova
volumes:
- emptyDir: {}
name: output
- configMap:
name: insights-agent-nova-config
name: config
- emptyDir: {}
name: tmp
schedule: 27 * * * *
successfulJobsHistoryLimit: 1
from nova.
evandam
commented on September 26, 2024
1
@sudermanjr you're 100% right, user error as usual 😂
Appreciate the quick response!
from nova.
sudermanjr
commented on September 26, 2024
Also, is it possible you're not automounting the serviceAccountToken for that service account? Nova definitely needs that to access the kube api
from nova.
Related Issues (20)
- Kustomize Helm support - detect outdated helmCharts in kustomization.yaml HOT 7
- Doesn't work with public helm charts due to request throttling from artifacthub HOT 3
- Find containers - timeout HOT 1
- Find always outputs in json HOT 2
- Release name pattern change causes dynamic downloads to fail
- Ability to scan helm charts located in local file system HOT 2
- Allow to configure an ignore list of charts that don't need checking HOT 5
- Sometimes Nova fails to complete running because of not finding private Charts in ArtifactHub HOT 3
- Add a sort option to Nova, so that we would --include-all and sort all outdated packages to the start or end HOT 2
- Artifact Hub API rate limit HOT 33
- Can't scan private Helm registries and it completely fails HOT 6
- Nova gets wrong service account HOT 3
- Nova times out when fetching ridiculous number of tags HOT 3
- Expose kubeVersion in Chart.yaml
- New release? HOT 2
- Incorrect Nova Version Output for Latest Helm Chart Version HOT 1
- Add name of the repo from which the chart is installed to nova find Output
- Support OCI chart repositories HOT 2
- Nova showing a dev version of teleport-kube-agent as an update
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nova.