search

ai4os / ai4-ansible

Ansible roles to deploy the federated nomad cluster
Apache License 2.0
0 stars 0 forks source link

Incorrect "hostname" in nomad client and server certificates #40

Open micafer opened 2 months ago

micafer commented 2 months ago

In the nomad client and server certificate:

https://github.com/ai4os/ai4-ansible/blob/8872cccc2ccf8303b02a535b008d20724af5607c/roles/nomad/tasks/generate_certificates.yml#L30-L36

There is an error. We are only generating one server/client certificate used in all the servers/clients, which is generated in the nomad_master node. So the "ansible_hostname" (or the IP address) always refers to the nomad_master node in all of them, and it may raise some SSL errors in applications accessing the nomad API.

Currently it is not a major issue, but we have to keep an eye.

Sftobias commented 2 months ago

Hi Miguel, i will check this as soon as i can.