Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

prometheus-kube-prometheus-stack-prometheus-0 & alertmanager-kube-prometheus-stack-alertmanager-0 fails because CA is not trusted #1187

Closed
mpiscaer opened this issue May 6, 2024 · 1 comment · Fixed by #1329
Closed

prometheus-kube-prometheus-stack-prometheus-0 & alertmanager-kube-prometheus-stack-alertmanager-0 fails because CA is not trusted #1187

mpiscaer opened this issue May 6, 2024 · 1 comment · Fixed by #1329

Comments

@mpiscaer
Copy link
Contributor

mpiscaer commented May 6, 2024

The pods for alertmanager-kube-prometheus-stack-alertmanager-0 & alertmanager-kube-prometheus-stack-alertmanager-0 get into CrashLoopBackOff because of that the CA is not trusted. This CA is selfsigned.

[2024/05/06 12:37:56] [main.go:58] ERROR: Failed to initialise OAuth2 Proxy: error initialising provider: could not create provider data: error building OIDC ProviderVerifier: could not get verifier builder: error while discovery OIDC configuration: failed to discover OIDC configuration: error performing request: Get "https://keycloak.infra.cluster6.DOMAIN.TLD/realms/atmosphere/.well-known/openid-configuration": tls: failed to verify certificate: x509: certificate signed by unknown authority
mpiscaer added a commit to mpiscaer/atmosphere that referenced this issue May 6, 2024
@mpiscaer
fix: set Prometheus oauth2-proxy and openstack CLI to skip tls valida…
12e5984 
…tion

fixes: vexxhost#1187 & vexxhost#1185
mpiscaer added a commit to mpiscaer/atmosphere that referenced this issue May 7, 2024
@mpiscaer
fix: set Prometheus oauth2-proxy and openstack CLI to skip tls valida…
24b82e7 
…tion

fixes: vexxhost#1187 & vexxhost#1185
mpiscaer added a commit to mpiscaer/atmosphere that referenced this issue May 9, 2024
@mpiscaer
fix: set Prometheus oauth2-proxy to skip tls validation
eab9159 
fixes: vexxhost#1187
mpiscaer added a commit to mpiscaer/atmosphere that referenced this issue May 14, 2024
@mpiscaer
fix: set Prometheus oauth2-proxy to skip tls validation
c8c7b8f 
fixes: vexxhost#1187
mpiscaer added a commit to mpiscaer/atmosphere that referenced this issue May 14, 2024
@mpiscaer
fix: set Prometheus oauth2-proxy to skip tls validation
9154065 
fixes: vexxhost#1187
mpiscaer added a commit to mpiscaer/atmosphere that referenced this issue May 14, 2024
@mpiscaer
fix: set Prometheus oauth2-proxy to skip tls validation
dc0d4ce 
fixes: vexxhost#1187
mpiscaer added a commit to mpiscaer/atmosphere that referenced this issue May 21, 2024
@mpiscaer
fix: set Prometheus oauth2-proxy to skip tls validation
a8c75d7 
fixes: vexxhost#1187
@mpiscaer
Copy link
Contributor Author

mpiscaer commented Jun 3, 2024

@mnaser Can you also take this into account when you work at the framework for ACME. mpiscaer@a8c75d7 just skips the validation. I would be great if it is able to use the private signed CA to validate.

@mpiscaer mpiscaer changed the title alertmanager-kube-prometheus-stack-alertmanager-0 & alertmanager-kube-prometheus-stack-alertmanager-0 fails because CA is not trusted prometheus-kube-prometheus-stack-prometheus-0 & alertmanager-kube-prometheus-stack-alertmanager-0 fails because CA is not trusted Jun 8, 2024
mpiscaer added a commit to mpiscaer/atmosphere that referenced this issue Jun 8, 2024
@mpiscaer
fix: add CA mounts in the Prometheus and Alertmanager oauth2 container
63fba75 
fixes: vexxhost#1187
@mpiscaer mpiscaer mentioned this issue Jun 8, 2024
Merged
atmosphere-ci bot pushed a commit that referenced this issue Jun 11, 2024
@mpiscaer
fix: add CA mounts in the Prometheus oauth2 container (#1329)
f0836c2 
This issue fixes #1187
vexxhost-bot pushed a commit to vexxhost-bot/atmosphere that referenced this issue Jun 11, 2024
@mpiscaer
fix: add CA mounts in the Prometheus and Alertmanager oauth2 container
40f05db 
…fixes: vexxhost#1187
vexxhost-bot pushed a commit to vexxhost-bot/atmosphere that referenced this issue Jun 11, 2024
@mpiscaer
fix: add CA mounts in the Prometheus and Alertmanager oauth2 container
1bb3235 
…fixes: vexxhost#1187
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: add CA mounts in the Prometheus oauth2 container mpiscaer/atmosphere
1 participant
@mpiscaer