Avoid restoring system cluster resources

Question

Avoid restoring system cluster resources

rverchere opened this issue a year ago · 4 comments

Rancher Server Setup

Rancher version: 2.6.10
Installation option (Docker install/Helm Chart): Helm
Kubernetes Version and Engine: 1.23.14, managed

Describe the bug
When restoring a rancher to a cluster which has not the same underlying components (i.e. from rke1 to managed one - gcp, aws, whatever), the restoring tool restores a LOT of resources, including ClusterRoles system:* which should not be modified.

This leads to some unexpected behaviour on my side : metric-server does not work anymore, default SA cannot resolve DNS, ...

To Reproduce
Steps to reproduce the behavior:

Restore a cluster
Check system:* ClusterRoles, they are modified

Expected behavior

Restore a cluster
Check system:* ClusterRoles, they should not be modified

Workaround

Get system: ressources from another "clean" cluster, and apply them

Answer 1 · 2023-04-06T09:27:45.000Z

Totally agree with @rverchere ! Modifying cluster system roles is usually not a good idea.

Answer 2 · 2023-04-06T11:03:51.000Z

Or at least should be an option IMHO

Answer 3 · 2023-04-13T18:02:56.000Z

I will have to check whether or not this use case is supported. For now I am marking it as a feature request.