jboyd01
commented
6 years ago Let's hold on this, needs some work to properly register the broker with the TLS CA info.
Closed jboyd01 closed 6 years ago
jboyd01
commented
6 years ago Let's hold on this, needs some work to properly register the broker with the TLS CA info.
jboyd01
commented
6 years ago Added insecureSkipTLSVerify for now. Also disabled bearer token as the TLS token can't be found - see https://github.com/pmorie/osb-starter-pack/issues/95
Ok to merge, I'll follow up with a fix for the CA Bundle.
jboyd01
commented
6 years ago worked with @shawn-hurley and addressed the issues in issue #95
closes https://github.com/pmorie/osb-starter-pack/issues/87 closes https://github.com/pmorie/osb-starter-pack/issues/73 closes https://github.com/pmorie/osb-starter-pack/issues/95
follow on to https://github.com/pmorie/osb-starter-pack/pull/90. This too requires picking up 0.0.8 of broker lib.
Helm will create kubernetes secret with SSL cert & key for the broker service and these will be unpacked and used by broker service for serving over HTTPS.
I see that the broker server pod is logging errors from health/readiness checks:
TLS handshake error from 172.17.0.1:44734: EOFWe should change readiness & health from tcpSocket to httpGet where you can specify scheme to be HTTPS.