I'm trying to deploy ping devops on my local machine but get the following error message when I try to set up the server profiles:
error validating "lab05-local-profile-deploy.yaml": error validating data: ValidationError(PersistentVolume): unknown field "nodeAffinity" in io.k8s.api.core.v1.PersistentVolume; if you choose to ignore these errors, turn validation off with --validate=false Error from server (Invalid): error when applying patch:
{"metadata":{"annotations":{"kubectl.kubernetes.io/last-applied-configuration":"{"apiVersion":"v1","kind":"PersistentVolume","metadata":{"annotations":{},"name":"pd-profile-volume"},"spec":{"accessModes":["ReadOnlyMany"],"capacity":{"storage":"10Gi"},"local":{"path":"/home/alice/projects/devops/lab05/pingidentity-server-profiles/getting-started/pingdirectory"},"nodeAffinity":{"required":{"nodeSelectorTerms":[{"matchExpressions":[{"key":"kubernetes.io/hostname","operator":"In","values":["docker-desktop"]}]}]}},"storageClassName":"pd-local-in-storage","volumeMode":"Filesystem"}}\n"}},"spec":{"local":{"path":"/home/alice/projects/devops/lab05/pingidentity-server-profiles/getting-started/pingdirectory"}}}
to: Resource: "/v1, Resource=persistentvolumes", GroupVersionKind: "/v1, Kind=PersistentVolume" Name: "pd-profile-volume", Namespace: "" for: "lab05-local-profile-deploy.yaml": PersistentVolume "pd-profile-volume" is invalid: spec.persistentvolumesource: Forbidden: is immutable after creation
Does anyone know how to resolve this issue?
The yaml file looks like this:
apiVersion: v1
data:
PING_IDENTITY_ACCEPT_EULA: "YES"
kind: ConfigMap
metadata:
labels:
role: pingdirectory
name: pingdirectory-environment-variables
---
apiVersion: v1
data:
PING_IDENTITY_ACCEPT_EULA: "YES"
kind: ConfigMap
metadata:
labels:
role: pingfederate
name: pingfederate-environment-variables
---
apiVersion: v1
kind: Service
metadata:
labels:
role: pingdataconsole
name: pingdataconsole
spec:
ports:
- name: https
port: 8443
selector:
role: pingdataconsole
type: NodePort
---
apiVersion: v1
kind: Service
metadata:
labels:
role: pingdirectory
name: pingdirectory
spec:
ports:
- name: ldaps
port: 636
- name: ssl
port: 443
- name: ldap
port: 389
selector:
role: pingdirectory
type: NodePort
---
apiVersion: v1
kind: Service
metadata:
labels:
role: pingfederate
name: pingfederate
spec:
ports:
- name: pf-console
port: 9999
- name: pf-runtime
port: 9031
selector:
role: pingfederate
type: NodePort
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: pd-profile-volume
spec:
accessModes:
- ReadOnlyMany
capacity:
storage: 10Gi
local:
path: /home/alice/projects/devops/lab05/pingidentity-server-profiles/getting-started/pingdirectory
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- docker-desktop
storageClassName: pd-local-in-storage
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: pf-profile-volume
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- docker-desktop
spec:
accessModes:
- ReadOnlyMany
capacity:
storage: 10Gi
local:
path: /home/alice/projects/devops/lab05/pingidentity-server-profiles/getting-started/pingfederate
storageClassName: pf-local-in-storage
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pd-profile-claim
spec:
accessModes:
- ReadOnlyMany
resources:
requests:
storage: 10Gi
storageClassName: pd-local-in-storage
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pf-profile-claim
spec:
accessModes:
- ReadOnlyMany
resources:
requests:
storage: 10Gi
storageClassName: pf-local-in-storage
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
role: pingdataconsole
name: pingdataconsole
spec:
replicas: 1
selector:
matchLabels:
role: pingdataconsole
template:
metadata:
labels:
role: pingdataconsole
name: pingdataconsole
spec:
containers:
- image: pingidentity/pingdataconsole:edge
name: pingdataconsole
ports:
- containerPort: 8443
resources:
limits:
cpu: 200m
memory: 1.5Gi
requests:
cpu: 200m
memory: 1.5Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
role: pingfederate
name: pingfederate
spec:
replicas: 1
selector:
matchLabels:
role: pingfederate
template:
metadata:
labels:
role: pingfederate
name: pingfederate
spec:
containers:
- envFrom:
- configMapRef:
name: pingfederate-environment-variables
- secretRef:
name: devops-secret
optional: true
image: pingidentity/pingfederate:edge
imagePullPolicy: Always
livenessProbe:
failureThreshold: 1
httpGet:
path: /pingfederate/app
port: 9999
scheme: HTTPS
initialDelaySeconds: 100
periodSeconds: 1
name: pingfederate
ports:
- containerPort: 9999
- containerPort: 9031
readinessProbe:
httpGet:
path: /pingfederate/app
port: 9999
scheme: HTTPS
periodSeconds: 10
resources:
limits:
cpu: "1"
memory: 1.5Gi
requests:
cpu: "1"
memory: 1.5Gi
volumeMounts:
- mountPath: /opt/in
name: pf-profile-storage
volumes:
- name: pf-profile-storage
persistentVolumeClaim:
claimName: pf-profile-claim
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
labels:
role: pingdirectory
name: pingdirectory
spec:
replicas: 1
selector:
matchLabels:
role: pingdirectory
serviceName: pingdirectory
template:
metadata:
labels:
role: pingdirectory
name: pingdirectory
spec:
containers:
- envFrom:
- configMapRef:
name: pingdirectory-environment-variables
- secretRef:
name: devops-secret
optional: true
image: pingidentity/pingdirectory:edge
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- /preStop.sh
livenessProbe:
exec:
command:
- /bin/sh
- -c
- /opt/liveness.sh
initialDelaySeconds: 300
periodSeconds: 30
name: pingdirectory
ports:
- containerPort: 636
- containerPort: 443
- containerPort: 389
readinessProbe:
exec:
command:
- /bin/sh
- -c
- /opt/liveness.sh
resources:
limits:
cpu: "2"
memory: 2Gi
requests:
cpu: "2"
memory: 2Gi
volumeMounts:
- mountPath: /opt/in
name: pd-profile-storage
terminationGracePeriodSeconds: 300
volumes:
- name: pd-profile-storage
persistentVolumeClaim:
claimName: pd-profile-claim
You might need to check what you have deployed previously. Do a kubectl get pv and pvc and check if there are any existing resources with the same name. If so delete them from your namespace and try deploying again.