does not work with azure container service

mkokho / kubemrr

For blazingly fast kubernets ops

Apache License 2.0

143 stars 6 forks source link

does not work with azure container service #6

Open jimmystridh opened 7 years ago

jimmystridh commented 7 years ago

when trying against a cluster provisioned with azure container service, when I run kubemrr watch <my_cluster_name>

it starts flooding the console with certificate signing errors:

{"error":"Get https://my_cluster_name.westus.cloudapp.azure.com/api/v1/pods?watch=true: x509: certificate signed by unknown authority","kind":"pod","level":"info","msg":"watch connection was closed, retrying","server":"https://my_cluster_name.westus.cloudapp.azure.com","time":"2017-02-16T09:34:54.285"} {"kind":"pod","level":"info","msg":"started to watch","server":"https://my_cluster_name.westus.cloudapp.azure.com","time":"2017-02-16T09:34:54.285"}

mkokho commented 7 years ago

Hm... could you try to add insecure-skip-tls-verify: true to the cluster definition, like in the example below?

clusters:
- name: cluster_2
  cluster:
    server: https://bar.com
    certificate-authority: ca2
    insecure-skip-tls-verify: true

There was a similar issue: #3, with the same output x509: certificate signed by unknown authority

mkokho commented 7 years ago

Also, I will make it less flooding in such kind of errors

mkokho commented 7 years ago

hi @jimmystridh I have fixed flooding in the version v1.2.1: https://github.com/mkokho/kubemrr/releases Do you still have problems with x509: certificate signed by unknown authority?

jimmystridh commented 7 years ago

Setting insecure-skip-tls-verify: true did unfortunately not work, I'm getting

Error: failed to ping server: Get https://fdcsmgmt.westus.cloudapp.azure.com/: x509: certificate signed by unknown authority

and running kubectl with that enabled gives me

error: specifying a root certificates file with the insecure flag is not allowed