You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am currently using the redis-operator in a development environment (trying to make development machines mirror production). In doing this I like to ensure that all services are using TLS just as they do in production. The main difference here is that we have replace certificates with self-signed equivalents (from a development issuer). This means the certificates used are not externally trusted but for the purposes of TLS connections on development envrionments it gets the job done.
When configuring redis (in my case redis-replication) with the correct certificate they work fine but the redis-operator is unable to connect.
{
"level": "error",
"ts": 1686245388.6633198,
"logger": "controller_redis",
"msg": "Failed to Get the role Info of the",
"R equest.RedisManager.Namespace": "platform",
"Request.RedisManager.Name": "example-redis-replication",
"red is pod": "example-redis-replication-2",
"error": "x509: certificate is valid for example.plat form.svc, not example-redis-replication-2",
"stacktrace": "github.com/OT-CONTAINER-KIT/redis-operator/k8 sutils.GetRedisNodesByRole/workspace/k8sutils/redis.go:464 github.com/OT-CONTAINER-KIT/redis-operator/control lers.(*RedisReplicationReconciler).Reconcile/workspace/controllers/redisreplication_controller.go:81 sigs.k8s .io/controller-runtime/pkg/internal/controller.(*Controller).Reconcile/go/pkg/mod/sigs.k8s.io/controller-runti me@v0.11.0/pkg/internal/controller/controller.go:114 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Con troller).reconcileHandler/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.11.0/pkg/internal/controller/controller .go:311 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem/go/pkg/mod/s igs.k8s.io/controller-runtime@v0.11.0/pkg/internal/controller/controller.go:266 sigs.k8s.io/controller-runtime/pk g/internal/controller.(*Controller).Start.func2.2/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.11.0/pkg/intern al/controller/controller.go:227"
}
It would be great if the operator itself could support additional certificates without requiring an entirely new image.
The text was updated successfully, but these errors were encountered:
I am currently using the
redis-operatorin a development environment (trying to make development machines mirror production). In doing this I like to ensure that all services are using TLS just as they do in production. The main difference here is that we have replace certificates with self-signed equivalents (from a development issuer). This means the certificates used are not externally trusted but for the purposes of TLS connections on development envrionments it gets the job done.When configuring redis (in my case
redis-replication) with the correct certificate they work fine but theredis-operatoris unable to connect.{ "level": "error", "ts": 1686245388.6633198, "logger": "controller_redis", "msg": "Failed to Get the role Info of the", "R equest.RedisManager.Namespace": "platform", "Request.RedisManager.Name": "example-redis-replication", "red is pod": "example-redis-replication-2", "error": "x509: certificate is valid for example.plat form.svc, not example-redis-replication-2", "stacktrace": "github.com/OT-CONTAINER-KIT/redis-operator/k8 sutils.GetRedisNodesByRole/workspace/k8sutils/redis.go:464 github.com/OT-CONTAINER-KIT/redis-operator/control lers.(*RedisReplicationReconciler).Reconcile/workspace/controllers/redisreplication_controller.go:81 sigs.k8s .io/controller-runtime/pkg/internal/controller.(*Controller).Reconcile/go/pkg/mod/sigs.k8s.io/controller-runti me@v0.11.0/pkg/internal/controller/controller.go:114 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Con troller).reconcileHandler/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.11.0/pkg/internal/controller/controller .go:311 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem/go/pkg/mod/s igs.k8s.io/controller-runtime@v0.11.0/pkg/internal/controller/controller.go:266 sigs.k8s.io/controller-runtime/pk g/internal/controller.(*Controller).Start.func2.2/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.11.0/pkg/intern al/controller/controller.go:227" }It would be great if the operator itself could support additional certificates without requiring an entirely new image.
The text was updated successfully, but these errors were encountered: