https://rancher.com/ logo
Title
s

steep-furniture-72588

12/01/2022, 5:11 AM
we are running rancher 2.6.9 and that is fleet 0.4.0 and we are trying to deploy helm charts via fleet. We have a web server (nexus sonatype repository ) that is hosting the tgz files for the helm chart ....traefik. We are getting errors talking about x509 certificate error because the cert on the web server has a custom CA. In the README it gives instruction on how to add secrets. We added the CAcert as a secret create secret -n fleet-default generic helm --from-file="\path to cert\cacerts" , and added the helmSecret directive in the gitrepo object under spec. However I still get the error x509 error. I tried naming the file cacerts, cacert.pem , but fleet still doesnt accept the certificate and therefore does not pull the file. Any help will be appreciated.
b

bulky-appointment-8113

12/01/2022, 10:43 AM
Hey, that is a known bug in 0.4.0. We have an in-official release https://github.com/rancher/fleet/releases/tag/v0.4.1 which should fix it, but it’s untested. The fix will be in the next Rancher version (with Fleet 0.4.x). Also Rancher 2.7 is not affected.
s

steep-furniture-72588

12/01/2022, 5:10 PM
Thank you. So we wait till 2.6.10+ . How do we upgrade to 0.41 on fleet?
b

bulky-appointment-8113

12/02/2022, 11:11 AM
Rancher 2.6.10 will update Fleet automatically. If you want to test this, for example on a test cluster you could just upgrade fleet via helm. We don’t have well tested instructions on how to do that, but it basically would work like this:
url_crd="<https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-0.4.1.tgz>"
helm upgrade fleet-crd "$url_crd" --wait -n cattle-fleet-system

url="<https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-0.4.1.tgz>"
version="v0.4.1"
helm upgrade fleet "$url" \
  --wait -n cattle-fleet-system \
  --set image.tag="$version" \
  --set agentImage.tag="$version" \
  --reuse-values