Uploaded image for project: 'OpenShift Logging'
  1. OpenShift Logging
  2. LOG-3511

[release-5.5] TLS errors on Loki controller pod due to bad certificate

XMLWordPrintable

    • False
    • None
    • False
    • NEW
    • VERIFIED
    • Hide
      Before this update, the Loki Operator Webhook server caused TLS errors under the following condition namly the kube-apiserver-opertor cheking the webhook validity. With this update, the Loki Operator Webhook PKI is managed by the Operator Lifecycle Manager's dynamic webhook management resolves the issue and the kube-apiserver-operator can perform webhook checks without errors.
      Show
      Before this update, the Loki Operator Webhook server caused TLS errors under the following condition namly the kube-apiserver-opertor cheking the webhook validity. With this update, the Loki Operator Webhook PKI is managed by the Operator Lifecycle Manager's dynamic webhook management resolves the issue and the kube-apiserver-operator can perform webhook checks without errors.
    • Log Storage - Sprint 230, Log Storage - Sprint 231

      Description of problem:
      TLS handshake error on controller pod with bad certificate error

      2022-12-15 00:46:33.534220 I | http: TLS handshake error from 10.129.0.2:44864: remote error: tls: bad certificate63962022-12-15 00:46:34.289701 I | http: TLS handshake error from 10.130.0.2:44292: remote error: tls: bad certificate63972022-12-15 00:46:34.340468 I | http: TLS handshake error from 10.128.0.34:48842: remote error: tls: bad certificate

      LokiStack CR: http://pastebin.test.redhat.com/1085306

      Controller logs: http://pastebin.test.redhat.com/1085305

      CSV: loki-operator.v5.6.0, loki-operator.5.5.6  

      Steps to Reproduce:
      1) Deploy LokiOperator.

      2) Create secret and provision LokiStack CR

      3) Check controller logs.

      Actual results: LokiStack will provision without errors under controller pod.

      Expected results: TLS handshake error on controller pods. Loki components are running.

              ptsiraki@redhat.com Periklis Tsirakidis
              rhn-support-kbharti Kabir Bharti
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: