As a workaround for https://github.com/brndnmtthws/vault-dcos/issues/7, I ended up creating my own mything/vault-dcos docker image with /key.pem and /cert.pem and referred to those in the config.hcl.
I'm now to the point where I get a 502 bad gateway from marathon-lb.
I'm guessing it's because marathon-lb is trying to connect http to port 8200, or because the cert is for a *.mycompany.com host and the service internally is .marathon.mesos, or using the self-signed certs they don't have a valid bundle. ... or something else entirely.
Has anyone got vault running in dcos exposed via marathon-lb working?
I think I can get it going by disabling TLS, but I'd rather not do that.
As a workaround for https://github.com/brndnmtthws/vault-dcos/issues/7, I ended up creating my own mything/vault-dcos docker image with /key.pem and /cert.pem and referred to those in the config.hcl. I'm now to the point where I get a 502 bad gateway from marathon-lb.
I'm guessing it's because marathon-lb is trying to connect http to port 8200, or because the cert is for a *.mycompany.com host and the service internally is .marathon.mesos, or using the self-signed certs they don't have a valid bundle. ... or something else entirely. Has anyone got vault running in dcos exposed via marathon-lb working? I think I can get it going by disabling TLS, but I'd rather not do that.