sigalsax
commented
4 years ago A couple of issues I faced along the way and how they were fixed:
-
I was getting the following unknown authority error:
oc login -s https://openshift-311.itci.conjur.net:8443/console/catalog The server uses a certificate signed by an unknown authority. You can bypass the certificate check, but any data you send to the server could be intercepted by others. Use insecure connections? (y/n):and had to add the following to my
~/zrshrcin order to switch between oc clusters because ci oc clusters don't have real certs https://conjurhq.slack.com/archives/CBTETAE20/p1560528004464300 -
With gke and openshift, I needed to specify what I wanted K8s to communicate with. If you run
kubectl cluster-infoand see openshift, runkubectl config use-context gke_conjur-gke-dev_us-central1-a-test-cluster1and runkubectl cluster-infoagain to ensure K8s is pointing to gke
The following is a design in order run OSS/DAP testing for Secrets provider for K8s in GKE. This design will be changing with the progression of the task and definitely open for feedback and insights
oss-by-default-oss-by-defaulttag from thekubernetes-conjur-deployrepo and use that tagged commit to run the testsk8s-conjur-demoas an example of how to configure the repo to extend configuration to GKEv1->rbac.authorization.k8s.io/v1for example)Current obstacles Problem: During the Configuring Master pod stage, the container is terminated with a code 137. I am not sure what changed between the deployment from yesterday and today except for the reverting of the commit Solution: In response to this error:
oss-by-default-oss-by-defaulttag, I will trymaster