search

stolostron / multicluster-global-hub

the main repository for the multicluster global hub
Apache License 2.0
20 stars 32 forks source link

remote error: tls: bad certificate in manager logs #949

Open clyang82 opened 4 months ago

clyang82 commented 4 months ago

May need to do investigation what is the error for. Does it impact on any features?

2024-06-03T09:27:01.867Z INFO   setup Go Version: go1.21.10
2024-06-03T09:27:01.867Z INFO   setup Go OS/Arch: linux/amd64
set max connection==============: 10
[GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached.
[GIN-debug] [WARNING] Running in "debug" mode. Switch to "release" mode in production.
- using env: export GIN_MODE=release
- using code: gin.SetMode(gin.ReleaseMode)
[GIN-debug] GET /global-hub-api/v1/managedclusters --> github.com/stolostron/multicluster-global-hub/manager/pkg/nonk8sapi/managedclusters.ListManagedClusters.func1 (4 handlers)
[GIN-debug] PATCH /global-hub-api/v1/managedcluster/:clusterID --> github.com/stolostron/multicluster-global-hub/manager/pkg/nonk8sapi.SetupRouter.PatchManagedCluster.func2 (4 handlers)
[GIN-debug] GET /global-hub-api/v1/policies --> github.com/stolostron/multicluster-global-hub/manager/pkg/nonk8sapi.SetupRouter.ListPolicies.func3 (4 handlers)
[GIN-debug] GET /global-hub-api/v1/policy/:policyID/status --> github.com/stolostron/multicluster-global-hub/manager/pkg/nonk8sapi.SetupRouter.GetPolicyStatus.func4 (4 handlers)
[GIN-debug] GET /global-hub-api/v1/subscriptions --> github.com/stolostron/multicluster-global-hub/manager/pkg/nonk8sapi.SetupRouter.ListSubscriptions.func5 (4 handlers)
[GIN-debug] GET /global-hub-api/v1/subscriptionreport/:subscriptionID --> github.com/stolostron/multicluster-global-hub/manager/pkg/nonk8sapi.SetupRouter.GetSubscriptionReport.func6 (4 handlers)
2024-06-03T09:27:01.912Z INFO   kafka-consumer transport consumer with cloudevents-kafka receiver
2024-06-03T09:27:01.913Z INFO   cronjob-scheduler set SyncLocalCompliance job {"scheduleAt": "00:00"}
2024-06-03T09:27:01.913Z INFO   cronjob-scheduler set DataRetention job {"scheduleAt": "00:00"}
2024-06-03T09:27:01.914Z INFO   setup registering webhooks to the webhook server
2024-06-03T09:27:01.914Z INFO   controller-runtime.webhook Registering webhook {"path": "/mutating"}
2024-06-03T09:27:01.914Z INFO   setup Starting the Manager
2024-06-03T09:27:01.914Z INFO   controller-runtime.metrics Starting metrics server
2024-06-03T09:27:01.914Z INFO   controller-runtime.webhook Starting webhook server
2024-06-03T09:27:01.915Z INFO   controller-runtime.metrics Serving metrics server {"bindAddress": "0.0.0.0:8384", "secure": false}
I0603 09:27:01.915119 1 leaderelection.go:250] attempting to acquire leader lease multicluster-global-hub/multicluster-global-hub-manager-lock...
2024-06-03T09:27:01.915Z INFO   controller-runtime.certwatcher Updated current TLS certificate
2024-06-03T09:27:01.915Z INFO   controller-runtime.webhook Serving webhook server {"host": "", "port": 9443}
2024-06-03T09:27:01.915Z INFO   controller-runtime.certwatcher Starting certificate watcher
2024/06/03 09:27:10 http: TLS handshake error from 10.128.0.127:43312: remote error: tls: bad certificate

/assign @yanmxa

yanmxa commented 2 months ago

I am not sure whether this is an occasional issue or a frequent one. I will continue to observe some environments and troubleshoot when it occurs.