Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira Helm Chart deployment authentication

Brian Murray
Brian Murray September 23, 2024

Hi, I'm using terraform to deploy helm charts to AWS EKS for data center products in general, JIRA as the first application specifically. During deployment receiving Error: Kubernetes cluster unreachable: the server has asked for the client to provide credentials. My authentication mode for EKS is EKS API and ConfigMap, and have serviceAccount.create: true. There is an additional setting serviceAccount.eksIsra.roleArn which I think may provide the client credentials but I'm unable to locate any documentation as to the role permissions needed for JIRA service in a standard deployment. Can you please provide information on how to properly associate the needed role permissions, or how to set up the values.yaml to allow JIRA to complete a deployment to EKS.

Thanks

 

Answer
Watch
Like # people like this
372 views

2 answers

0 votes
Brian Murray
Brian Murray September 23, 2024

Hi @Yevhen ,

I understand what you are suggesting, I neglected to mention that jira does deploy, a pod is created in the cluster. This error is received after the pod creation. The deploying account has cluster administrator privileges and terraform helm provider is fully authenticated. The jira pod remains in pending status post deployment and never initializes. 

Thanks

Brian 

View More Comments
Yevhen
Yevhen
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 23, 2024

You need to get pod events to see why scheduler in your EKS cluster can't find a suitable node for jira pod.

Like
Brian Murray
Brian Murray September 24, 2024

Hi @Yevhen ,

Thank you for putting me on the right path. It was on a suitable node, but when I went through the configuration itself I noticed that I had been deploying my secrets to the default namespace. That was the issue, once I moved both pod and secrets to the same namespace we are now up and running!

Thank you for your support and patience. 

Brian

Like
Reply
0 votes
Yevhen
Yevhen
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 23, 2024

@Brian Murray Jira serviceAccount has nothing to do with how you authenticate to a Kubernetes cluster in your Terraform. You need to properly configure your kubernetes provider in Terraform.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events