Skip to content
This repository has been archived by the owner. It is now read-only.

Investigate SSL support in DCOS with k8sm, especially the admin router #555

Closed
sttts opened this issue Oct 13, 2015 · 6 comments
Closed

Investigate SSL support in DCOS with k8sm, especially the admin router #555

sttts opened this issue Oct 13, 2015 · 6 comments

Comments

@sttts
Copy link

@sttts sttts commented Oct 13, 2015

Blocks #535

@sttts sttts added this to the EPIC: refresh k8s/DCOS service, round 2 milestone Oct 13, 2015
@jdef jdef removed this from the EPIC: refresh k8s/DCOS service, round 2 milestone Oct 23, 2015
@karlkfi karlkfi added this to the Minimum Viable Product (MVP) milestone Oct 23, 2015
@sttts sttts added priority/P1 and removed priority/soon labels Nov 3, 2015
@sttts sttts self-assigned this Nov 3, 2015
@sttts sttts changed the title Investigate SSL support in Mesos with k8sm Investigate SSL support in DCOS with k8sm, especially the admin router Nov 3, 2015
@jdef jdef modified the milestones: Release v0.7.1, Minimum Viable Product (MVP) - v0.8.0? Nov 17, 2015
@sttts sttts added priority/P1 and removed priority/soon labels Nov 24, 2015
@jdef

This comment has been minimized.

Copy link

@jdef jdef commented Nov 30, 2015

related, annoying errors in apiserver.log from k8s/dcos package:

E1130 18:34:39.134343     467 server.go:600] Unable to generate self signed cert: open /var/run/kubernetes/apiserver.crt: permission denied
I1130 18:34:39.134387     467 server.go:632] Serving insecurely on 10.0.0.82:25503
E1130 18:34:39.134454     467 server.go:614] Unable to listen for secure (open /var/run/kubernetes/apiserver.crt: no such file or directory); will try again.
E1130 18:34:54.134714     467 server.go:614] Unable to listen for secure (open /var/run/kubernetes/apiserver.crt: no such file or directory); will try again.
E1130 18:35:09.135008     467 server.go:614] Unable to listen for secure (open /var/run/kubernetes/apiserver.crt: no such file or directory); will try again.
E1130 18:35:24.135251     467 server.go:614] Unable to listen for secure (open /var/run/kubernetes/apiserver.crt: no such file or directory); will try again.
@sttts sttts added WIP and removed priority/P1 labels Dec 2, 2015
@sttts

This comment has been minimized.

Copy link
Author

@sttts sttts commented Dec 2, 2015

/xref kubernetes/kubernetes#7452: SPDY deprecated, HTTP/2 not available go lib yet

@sttts

This comment has been minimized.

Copy link
Author

@sttts sttts commented Dec 8, 2015

Removing the milestone. I am working on this. But does not block the release.

@sttts sttts removed this from the v0.7.1 milestone Dec 8, 2015
@jdef

This comment has been minimized.

Copy link

@jdef jdef commented Dec 8, 2015

bump to v0.7.2?

On Tue, Dec 8, 2015 at 11:32 AM, Dr. Stefan Schimanski <
notifications@github.com> wrote:

Removing the milestone. I am working on this. But does not block the
release.


Reply to this email directly or view it on GitHub
#555 (comment)
.

@sttts

This comment has been minimized.

Copy link
Author

@sttts sttts commented Dec 8, 2015

Fine with me.

@sttts sttts added this to the v0.7.2 milestone Dec 8, 2015
@sttts

This comment has been minimized.

Copy link
Author

@sttts sttts commented Dec 17, 2015

Kind of good news, non-HTTP connections can be upgrade to SPDY:

kubectl --v=9 --server http://192.168.65.48:8888 exec --namespace=kube-system -c skydns kube-dns-v10-2n364 -- /bin/true

Probably the OpenResty in the admin router does not support this though.

@sttts sttts added MVP MVP/HighRisk MVP/Big LGTM and removed WIP labels Dec 17, 2015
@sttts sttts closed this Dec 22, 2015
@sttts sttts removed the LGTM label Dec 22, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.