Open elaurensx opened 2 months ago
Same issue. Hubble UI certs are not generated when using hubble.tls.auto.method: cronJob
.
Is cronJob certgen meant to be used only when Hubble UI is installed in stand alone mode? And then it is to mount the client-cert that was created?
Was able to work around this by setting:
ui:
standalone:
enabled: true
tls:
certsVolume:
projected:
defaultMode: 0400
sources:
- secret:
name: hubble-relay-client-certs
items:
- key: tls.crt
path: client.crt
- key: tls.key
path: client.key
- key: ca.crt
path: hubble-relay-ca.crt
Have not fully tested, just an observation that this will allow hubble ui to start up - and I do see flows in the UI.
Hubble-ui deployed through official Helm chart along with all other Cilium components.. ui.enabled: true ui.standalone: false hubble.tls.auto.enabled: true hubble.tls.auto.method: cronJob
kubectl describe cronjob hubble-generate-certs -n kube-system doesn't mention anything related to hubble-ui-client-certs..