This repository has been archived by the owner on Sep 30, 2020. It is now read-only.
Change API endpoint ELB health check to SSL:443 #604
Merged
+1
−1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The API endpoint ELB health check is set to "TCP:443". This causes "TLS handshake error" in apiserver logs. Changing it to "SSL:443" will perform the proper SSL handshake and make the error disappear from the log.
Codecov Report
@@ Coverage Diff @@
## master #604 +/- ##
=======================================
Coverage 37.99% 37.99%
=======================================
Files 50 50
Lines 3277 3277
=======================================
Hits 1245 1245
Misses 1830 1830
Partials 202 202Continue to review full report at Codecov.
|
k8s-ci-robot
added
the
cncf-cla: yes
|
This resolves #295 |
|
@cheungpat Wow, good to know ELB supports |
|
Cool @cheungpat @mumoshu I didn't realise SSL health checks without the client certificate would work. I'll have to try this myself on the next deployment. |
k8s-github-robot
pushed a commit
to kubernetes/kops
that referenced
this pull request
Aug 11, 2017
Automatic merge from submit-queue Use SSL in ELB API server health check This switch causes the ELB to perform a SSL handshake and makes the `I0427 03:57:55.059255 1 logs.go:41] http: TLS handshake error from IP:PORT: EOF` disappear from the apiserver logs. Tested manually and everything looks :white_check_mark: Inspiration from kubernetes-retired/kube-aws#604
pearj
pushed a commit
to pearj/openshift-ansible-contrib
that referenced
this pull request
Oct 26, 2017
pearj
pushed a commit
to pearj/openshift-ansible-contrib
that referenced
this pull request
Nov 3, 2017
pearj
pushed a commit
to pearj/openshift-ansible-contrib
that referenced
this pull request
Jan 11, 2018
One of the patches kubernetes-retired/kube-aws#604 Add no proxy
pearj
pushed a commit
to pearj/openshift-ansible-contrib
that referenced
this pull request
Jan 31, 2018
One of the patches kubernetes-retired/kube-aws#604 Add no proxy
kylehodgetts
pushed a commit
to HotelsDotCom/kube-aws
that referenced
this pull request
Mar 27, 2018
Change API endpoint ELB health check to SSL:443
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The API endpoint ELB health check is set to "TCP:443". This causes
"TLS handshake error" in apiserver logs. Changing it to "SSL:443" will
perform the proper SSL handshake and make the error disappear from the log.