sgburtsev
commented
1 week ago Also, one should keep in mind that working with HTTPS also requires the appropriate CA certs to be passed to the Job pod.
Open sgburtsev opened 1 week ago
sgburtsev
commented
1 week ago Also, one should keep in mind that working with HTTPS also requires the appropriate CA certs to be passed to the Job pod.
I want all traffic within cluster to be encrypted. And I want to forbid non-TLS on http-proxies. Fortunately, there is the needed option:
As I see, cluster works fine with this option. The problem is with the operator Jobs: they ignore this option and try to connect to a closed 80 port.
At the first glance, I didn't find a decent quick solution. I assume that the operator should have some shared logic for yt client creation. At the moment, each component has its own which makes it difficult to fix in a single place.