Closed drnic closed 7 years ago
cf-gitbot
commented
7 years ago We have created an issue in Pivotal Tracker to manage this:
https://www.pivotaltracker.com/story/show/142021513
The labels on this github issue will be updated when the story is started.
christianang
commented
7 years ago You will need to provide the certs and key to talk to etcd. Try:
cd /var/vcap/jobs/etcd/config/certs
curl --cacert server-ca.crt --cert server.crt --key server.key https://etcd.service.cf.internal:4001/v2/keysI assume the above worked for, but reopen if you need to.
drnic
commented
7 years ago I haven't spent a lot of time with etcd with certs; so sorry if I've made mistakes in my PRs.
christianang
commented
7 years ago No worries. We are actually doing some feature stories that require bosh links so this was a very well timed PR. We also looked over the PR and it looks like it does get us pretty close to where we need to be, so we pulled it in and will probably make some corrections to make sure it passes our acceptance tests.
drnic
commented
7 years ago Thanks. I wasn't sure how to setup the acceptance tests.
I deployed the
with-ssl.yml, albeit I'm working on a modified release to support links and I converted the manifest to links; but it deployed ok and consul looks happy with the etcd service.When I try to access etcd via https + its consul hostname I get an sslv3 error:
Is this something I did wrong; or are the demo creds really old or something else?
The WIP release with links + manifests are at https://github.com/dingotiles/etcd2-boshrelease/tree/master/manifests/bosh-lite
When it works, I'll backport to this release via a PR.