does not work with azure container service

[jimmystridh]

when trying against a cluster provisioned with azure container service, when I run
kubemrr watch <my_cluster_name>

it starts flooding the console with certificate signing errors:

{"error":"Get https://my_cluster_name.westus.cloudapp.azure.com/api/v1/pods?watch=true: x509: certificate signed by unknown authority","kind":"pod","level":"info","msg":"watch connection was closed, retrying","server":"https://my_cluster_name.westus.cloudapp.azure.com","time":"2017-02-16T09:34:54.285"}
{"kind":"pod","level":"info","msg":"started to watch","server":"https://my_cluster_name.westus.cloudapp.azure.com","time":"2017-02-16T09:34:54.285"}

[mkokho]

Hm... could you try to add insecure-skip-tls-verify: true to the cluster definition, like in the example below?

clusters:
- name: cluster_2
  cluster:
    server: https://bar.com
    certificate-authority: ca2
    insecure-skip-tls-verify: true

There was a similar issue: #3, with the same output x509: certificate signed by unknown authority

[mkokho]

Also, I will make it less flooding in such kind of errors

[mkokho]

hi @jimmystridh
I have fixed flooding in the version v1.2.1: https://github.com/mkokho/kubemrr/releases
Do you still have problems with x509: certificate signed by unknown authority?

[jimmystridh]

Setting insecure-skip-tls-verify: true did unfortunately not work, I'm getting

Error: failed to ping server: Get https://fdcsmgmt.westus.cloudapp.azure.com/: x509: certificate signed by unknown authority

and running kubectl with that enabled gives me

error: specifying a root certificates file with the insecure flag is not allowed