-
Notifications
You must be signed in to change notification settings - Fork 269
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CDI import from HTTP source gives certificate errors. #3443
Comments
Do you have an http proxy between you and server? I just tried here with the latest from main and it imported just fine. |
I have listed all the resources running in my k8s cluster. I don't seem to run any proxy services in the cluster. datavolume-import-controller Unable to connect to http data source: HTTP request errored: Get "https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img": tls: failed to verify certificate: x509: certificate is valid for df18656602a54d1a81f437bf661f244e.c276ae934b166edd23d6f5f105f00f17.traefik.default, not cloud-images.ubuntu.com I see a lot of TLS errors from 'cd-apiserver' pod.
|
This bit here suggests there's a proxy in the way (in the default namespace), maybe there's a way to opt out of it? |
Traefik is running as a container in a kubevirt VM in my k8's cluster. It's one of the many kubevirt VM's, but im unsure why the traefik container gets the request when i try to import the datavolume using https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img.
This is from the CDI importer pod.
|
That is what it looks like to us. Somehow traefik is intercepting the request and acting like a proxy for it. This is what is causing the certificate failure in the importer pod. We don't know anything about how traefik works, but that looks like the culprit here. |
Thank you so much your help! I will look more into traefik configuration and try to solve it! |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with /lifecycle stale |
I'm trying to import ubuntu cloud image using CDI datavolumes. I get the following certificate error.
It's been working fine, but not now. I have updated CDI operator and cdi-cr from v1.59.0 to v1.60.1 but no luck.
Warning Error 2m41s (x5 over 5m44s) datavolume-import-controller Unable to connect to http data source: HTTP request errored: Get "https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img": tls: failed to verify certificate: x509:
Below is my VM template, I'm using hostpath volumes. I have tried different URL's to pull the cloud image, but i get the same error message.
+++++++++++++++++++++++++++++
The text was updated successfully, but these errors were encountered: