General measures
To gain insight into the cause of the failing helm test
, perform the following checks:
- Check the status of the Microgateway CNI DaemonSet to find out whether it is running as expected.
- Check the status of the Microgateway CNI plugin Pod.
- Additionally, check the log messages of the Microgateway CNI plugin Pod.
Further steps, based on the information gathered from the checks
- If the cause of the failing
helm test
seems to lie in your system resources, capacities, and/or permissions, adapt your system such that it meets the requirements.
For more information, go to Requirements and limitations and Basic requirements. - One specific reason for the
helm test
to fail could be concurrent CNI plugins of other products that run in your environment. These plugins may interfere with the Airlock Microgateway CNI plugin and overwrite its values/settings. Ensure that the installation meets the basic requirements. - If the cause of the failing
helm test
seems to lie in configuration issues, check the Helm chart values for Airlock Microgateway CNI. Check that your setup resembles the Helm chart values. If this is not the case, adjust either your setup or the Helm chart values. Some typical error cases are described below. - The folder structure may not match the defaults for the storage of the CNI plugin binaries and the config files (Helm chart values
config.cniBinDir
and config.cniNetDir
, respectively). If required, either adapt the defaults or the folder structure. - The repository from which to pull the Airlock Microgateway CNI image may not have been set correctly. The corresponding value in the Helm chart is
image.repository
.
Alternatively, you may have used a custom image registry, for which you must copy the Microgateway CNI image and adjust the corresponding default Helm chart values. Check the correctness of your settings as this (manual) process can easily lead to errors or typos. For more information, go to Using a custom image registry. - It is possible to deploy the Microgateway CNI plugin on dedicated nodes in your Kubernetes cluster, by specifying the values
nodeSelector
and/or node affinity
in the Helm chart. By default, these values are not set. If you did specify the values, check for correctness. - To use Airlock Microgateway in an OpenShift cluster or via the Google Kubernetes Engine (GKE) service, some default values in the Helm chart must be adapted. For this, Airlock Microgateway provides specific preset value files (
openshift-values.yaml
and gke-values.yaml
, respectively).
Check for the correct preset value file for your cluster type. Note that the setup may require the preset values to be adapted to meet your demands. - Links to the preset value files:
- https://github.com/airlock/microgateway/blob/4.3.0/deploy/charts/airlock-microgateway-cni/openshift-values.yaml
- https://github.com/airlock/microgateway/blob/4.3.0/deploy/charts/airlock-microgateway-cni/gke-values.yaml
For more information on network routing issues, go to Troubleshooting for network routing issues in the application pod.